Docs
PackagesCloudflare v5.26.0 published on Wednesday, Apr 17, 2024 by Pulumi
cloudflare.DevicePostureRule
Explore with Pulumi AI
Provides a Cloudflare Device Posture Rule resource. Device posture rules configure security policies for device posture checks.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";
const eaxmple = new cloudflare.DevicePostureRule("eaxmple", {
accountId: "f037e56e89293a057740de681ac9abbe",
name: "Corporate devices posture rule",
type: "os_version",
description: "Device posture rule for corporate devices.",
schedule: "24h",
expiration: "24h",
matches: [{
platform: "linux",
}],
inputs: [{
id: cloudflare_teams_list.corporate_devices.id,
version: "1.0.0",
operator: "<",
osDistroName: "ubuntu",
osDistroRevision: "1.0.0",
}],
});
import pulumi
import pulumi_cloudflare as cloudflare
eaxmple = cloudflare.DevicePostureRule("eaxmple",
account_id="f037e56e89293a057740de681ac9abbe",
name="Corporate devices posture rule",
type="os_version",
description="Device posture rule for corporate devices.",
schedule="24h",
expiration="24h",
matches=[cloudflare.DevicePostureRuleMatchArgs(
platform="linux",
)],
inputs=[cloudflare.DevicePostureRuleInputArgs(
id=cloudflare_teams_list["corporate_devices"]["id"],
version="1.0.0",
operator="<",
os_distro_name="ubuntu",
os_distro_revision="1.0.0",
)])
package main
import (
"github.com/pulumi/pulumi-cloudflare/sdk/v5/go/cloudflare"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cloudflare.NewDevicePostureRule(ctx, "eaxmple", &cloudflare.DevicePostureRuleArgs{
AccountId: pulumi.String("f037e56e89293a057740de681ac9abbe"),
Name: pulumi.String("Corporate devices posture rule"),
Type: pulumi.String("os_version"),
Description: pulumi.String("Device posture rule for corporate devices."),
Schedule: pulumi.String("24h"),
Expiration: pulumi.String("24h"),
Matches: cloudflare.DevicePostureRuleMatchArray{
&cloudflare.DevicePostureRuleMatchArgs{
Platform: pulumi.String("linux"),
},
},
Inputs: cloudflare.DevicePostureRuleInputTypeArray{
&cloudflare.DevicePostureRuleInputTypeArgs{
Id: pulumi.Any(cloudflare_teams_list.Corporate_devices.Id),
Version: pulumi.String("1.0.0"),
Operator: pulumi.String("<"),
OsDistroName: pulumi.String("ubuntu"),
OsDistroRevision: pulumi.String("1.0.0"),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;
return await Deployment.RunAsync(() =>
{
var eaxmple = new Cloudflare.DevicePostureRule("eaxmple", new()
{
AccountId = "f037e56e89293a057740de681ac9abbe",
Name = "Corporate devices posture rule",
Type = "os_version",
Description = "Device posture rule for corporate devices.",
Schedule = "24h",
Expiration = "24h",
Matches = new[]
{
new Cloudflare.Inputs.DevicePostureRuleMatchArgs
{
Platform = "linux",
},
},
Inputs = new[]
{
new Cloudflare.Inputs.DevicePostureRuleInputArgs
{
Id = cloudflare_teams_list.Corporate_devices.Id,
Version = "1.0.0",
Operator = "<",
OsDistroName = "ubuntu",
OsDistroRevision = "1.0.0",
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudflare.DevicePostureRule;
import com.pulumi.cloudflare.DevicePostureRuleArgs;
import com.pulumi.cloudflare.inputs.DevicePostureRuleMatchArgs;
import com.pulumi.cloudflare.inputs.DevicePostureRuleInputArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var eaxmple = new DevicePostureRule("eaxmple", DevicePostureRuleArgs.builder()
.accountId("f037e56e89293a057740de681ac9abbe")
.name("Corporate devices posture rule")
.type("os_version")
.description("Device posture rule for corporate devices.")
.schedule("24h")
.expiration("24h")
.matches(DevicePostureRuleMatchArgs.builder()
.platform("linux")
.build())
.inputs(DevicePostureRuleInputArgs.builder()
.id(cloudflare_teams_list.corporate_devices().id())
.version("1.0.0")
.operator("<")
.osDistroName("ubuntu")
.osDistroRevision("1.0.0")
.build())
.build());
}
}
resources:
eaxmple:
type: cloudflare:DevicePostureRule
properties:
accountId: f037e56e89293a057740de681ac9abbe
name: Corporate devices posture rule
type: os_version
description: Device posture rule for corporate devices.
schedule: 24h
expiration: 24h
matches:
- platform: linux
inputs:
- id: ${cloudflare_teams_list.corporate_devices.id}
version: 1.0.0
operator: <
osDistroName: ubuntu
osDistroRevision: 1.0.0
Create DevicePostureRule Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new DevicePostureRule(name: string, args: DevicePostureRuleArgs, opts?: CustomResourceOptions);@overload
def DevicePostureRule(resource_name: str,
args: DevicePostureRuleArgs,
opts: Optional[ResourceOptions] = None)
@overload
def DevicePostureRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
type: Optional[str] = None,
description: Optional[str] = None,
expiration: Optional[str] = None,
inputs: Optional[Sequence[DevicePostureRuleInputArgs]] = None,
matches: Optional[Sequence[DevicePostureRuleMatchArgs]] = None,
name: Optional[str] = None,
schedule: Optional[str] = None)func NewDevicePostureRule(ctx *Context, name string, args DevicePostureRuleArgs, opts ...ResourceOption) (*DevicePostureRule, error)public DevicePostureRule(string name, DevicePostureRuleArgs args, CustomResourceOptions? opts = null)
public DevicePostureRule(String name, DevicePostureRuleArgs args)
public DevicePostureRule(String name, DevicePostureRuleArgs args, CustomResourceOptions options)
type: cloudflare:DevicePostureRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args DevicePostureRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args DevicePostureRuleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args DevicePostureRuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args DevicePostureRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args DevicePostureRuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Example
The following reference example uses placeholder values for all input properties.
var devicePostureRuleResource = new Cloudflare.DevicePostureRule("devicePostureRuleResource", new()
{
AccountId = "string",
Type = "string",
Description = "string",
Expiration = "string",
Inputs = new[]
{
new Cloudflare.Inputs.DevicePostureRuleInputArgs
{
ActiveThreats = 0,
CertificateId = "string",
CheckDisks = new[]
{
"string",
},
Cn = "string",
ComplianceStatus = "string",
ConnectionId = "string",
CountOperator = "string",
Domain = "string",
EidLastSeen = "string",
Enabled = false,
Exists = false,
Id = "string",
Infected = false,
IsActive = false,
IssueCount = "string",
LastSeen = "string",
NetworkStatus = "string",
Operator = "string",
Os = "string",
OsDistroName = "string",
OsDistroRevision = "string",
Overall = "string",
Path = "string",
RequireAll = false,
RiskLevel = "string",
Running = false,
SensorConfig = "string",
Sha256 = "string",
State = "string",
Thumbprint = "string",
TotalScore = 0,
Version = "string",
VersionOperator = "string",
},
},
Matches = new[]
{
new Cloudflare.Inputs.DevicePostureRuleMatchArgs
{
Platform = "string",
},
},
Name = "string",
Schedule = "string",
});
example, err := cloudflare.NewDevicePostureRule(ctx, "devicePostureRuleResource", &cloudflare.DevicePostureRuleArgs{
AccountId: pulumi.String("string"),
Type: pulumi.String("string"),
Description: pulumi.String("string"),
Expiration: pulumi.String("string"),
Inputs: cloudflare.DevicePostureRuleInputTypeArray{
&cloudflare.DevicePostureRuleInputTypeArgs{
ActiveThreats: pulumi.Int(0),
CertificateId: pulumi.String("string"),
CheckDisks: pulumi.StringArray{
pulumi.String("string"),
},
Cn: pulumi.String("string"),
ComplianceStatus: pulumi.String("string"),
ConnectionId: pulumi.String("string"),
CountOperator: pulumi.String("string"),
Domain: pulumi.String("string"),
EidLastSeen: pulumi.String("string"),
Enabled: pulumi.Bool(false),
Exists: pulumi.Bool(false),
Id: pulumi.String("string"),
Infected: pulumi.Bool(false),
IsActive: pulumi.Bool(false),
IssueCount: pulumi.String("string"),
LastSeen: pulumi.String("string"),
NetworkStatus: pulumi.String("string"),
Operator: pulumi.String("string"),
Os: pulumi.String("string"),
OsDistroName: pulumi.String("string"),
OsDistroRevision: pulumi.String("string"),
Overall: pulumi.String("string"),
Path: pulumi.String("string"),
RequireAll: pulumi.Bool(false),
RiskLevel: pulumi.String("string"),
Running: pulumi.Bool(false),
SensorConfig: pulumi.String("string"),
Sha256: pulumi.String("string"),
State: pulumi.String("string"),
Thumbprint: pulumi.String("string"),
TotalScore: pulumi.Int(0),
Version: pulumi.String("string"),
VersionOperator: pulumi.String("string"),
},
},
Matches: cloudflare.DevicePostureRuleMatchArray{
&cloudflare.DevicePostureRuleMatchArgs{
Platform: pulumi.String("string"),
},
},
Name: pulumi.String("string"),
Schedule: pulumi.String("string"),
})
var devicePostureRuleResource = new DevicePostureRule("devicePostureRuleResource", DevicePostureRuleArgs.builder()
.accountId("string")
.type("string")
.description("string")
.expiration("string")
.inputs(DevicePostureRuleInputArgs.builder()
.activeThreats(0)
.certificateId("string")
.checkDisks("string")
.cn("string")
.complianceStatus("string")
.connectionId("string")
.countOperator("string")
.domain("string")
.eidLastSeen("string")
.enabled(false)
.exists(false)
.id("string")
.infected(false)
.isActive(false)
.issueCount("string")
.lastSeen("string")
.networkStatus("string")
.operator("string")
.os("string")
.osDistroName("string")
.osDistroRevision("string")
.overall("string")
.path("string")
.requireAll(false)
.riskLevel("string")
.running(false)
.sensorConfig("string")
.sha256("string")
.state("string")
.thumbprint("string")
.totalScore(0)
.version("string")
.versionOperator("string")
.build())
.matches(DevicePostureRuleMatchArgs.builder()
.platform("string")
.build())
.name("string")
.schedule("string")
.build());
device_posture_rule_resource = cloudflare.DevicePostureRule("devicePostureRuleResource",
account_id="string",
type="string",
description="string",
expiration="string",
inputs=[cloudflare.DevicePostureRuleInputArgs(
active_threats=0,
certificate_id="string",
check_disks=["string"],
cn="string",
compliance_status="string",
connection_id="string",
count_operator="string",
domain="string",
eid_last_seen="string",
enabled=False,
exists=False,
id="string",
infected=False,
is_active=False,
issue_count="string",
last_seen="string",
network_status="string",
operator="string",
os="string",
os_distro_name="string",
os_distro_revision="string",
overall="string",
path="string",
require_all=False,
risk_level="string",
running=False,
sensor_config="string",
sha256="string",
state="string",
thumbprint="string",
total_score=0,
version="string",
version_operator="string",
)],
matches=[cloudflare.DevicePostureRuleMatchArgs(
platform="string",
)],
name="string",
schedule="string")
const devicePostureRuleResource = new cloudflare.DevicePostureRule("devicePostureRuleResource", {
accountId: "string",
type: "string",
description: "string",
expiration: "string",
inputs: [{
activeThreats: 0,
certificateId: "string",
checkDisks: ["string"],
cn: "string",
complianceStatus: "string",
connectionId: "string",
countOperator: "string",
domain: "string",
eidLastSeen: "string",
enabled: false,
exists: false,
id: "string",
infected: false,
isActive: false,
issueCount: "string",
lastSeen: "string",
networkStatus: "string",
operator: "string",
os: "string",
osDistroName: "string",
osDistroRevision: "string",
overall: "string",
path: "string",
requireAll: false,
riskLevel: "string",
running: false,
sensorConfig: "string",
sha256: "string",
state: "string",
thumbprint: "string",
totalScore: 0,
version: "string",
versionOperator: "string",
}],
matches: [{
platform: "string",
}],
name: "string",
schedule: "string",
});
type: cloudflare:DevicePostureRule
properties:
accountId: string
description: string
expiration: string
inputs:
- activeThreats: 0
certificateId: string
checkDisks:
- string
cn: string
complianceStatus: string
connectionId: string
countOperator: string
domain: string
eidLastSeen: string
enabled: false
exists: false
id: string
infected: false
isActive: false
issueCount: string
lastSeen: string
networkStatus: string
operator: string
os: string
osDistroName: string
osDistroRevision: string
overall: string
path: string
requireAll: false
riskLevel: string
running: false
sensorConfig: string
sha256: string
state: string
thumbprint: string
totalScore: 0
version: string
versionOperator: string
matches:
- platform: string
name: string
schedule: string
type: string
DevicePostureRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The DevicePostureRule resource accepts the following input properties:
- Account
Id string - The account identifier to target for the resource.
- Type string
- The device posture rule type. Available values:
serial_number,file,application,gateway,warp,domain_joined,os_version,disk_encryption,firewall,client_certificate,workspace_one,unique_client_id,crowdstrike_s2s,sentinelone,kolide,tanium_s2s,intune,sentinelone_s2s. - Description string
- Expiration string
- Expire posture results after the specified amount of time. Must be in the format
1hor30m. Valid units arehandm. - Inputs
List<Device
Posture Rule Input> - Required for all rule types except
warp,gateway, andtanium. - Matches
List<Device
Posture Rule Match> - The conditions that the client must match to run the rule.
- Name string
- Name of the device posture rule.
- Schedule string
- Tells the client when to run the device posture check. Must be in the format
1hor30m. Valid units arehandm.
- Account
Id string - The account identifier to target for the resource.
- Type string
- The device posture rule type. Available values:
serial_number,file,application,gateway,warp,domain_joined,os_version,disk_encryption,firewall,client_certificate,workspace_one,unique_client_id,crowdstrike_s2s,sentinelone,kolide,tanium_s2s,intune,sentinelone_s2s. - Description string
- Expiration string
- Expire posture results after the specified amount of time. Must be in the format
1hor30m. Valid units arehandm. - Inputs
[]Device
Posture Rule Input Type Args - Required for all rule types except
warp,gateway, andtanium. - Matches
[]Device
Posture Rule Match Args - The conditions that the client must match to run the rule.
- Name string
- Name of the device posture rule.
- Schedule string
- Tells the client when to run the device posture check. Must be in the format
1hor30m. Valid units arehandm.
- account
Id String - The account identifier to target for the resource.
- type String
- The device posture rule type. Available values:
serial_number,file,application,gateway,warp,domain_joined,os_version,disk_encryption,firewall,client_certificate,workspace_one,unique_client_id,crowdstrike_s2s,sentinelone,kolide,tanium_s2s,intune,sentinelone_s2s. - description String
- expiration String
- Expire posture results after the specified amount of time. Must be in the format
1hor30m. Valid units arehandm. - inputs
List<Device
Posture Rule Input> - Required for all rule types except
warp,gateway, andtanium. - matches
List<Device
Posture Rule Match> - The conditions that the client must match to run the rule.
- name String
- Name of the device posture rule.
- schedule String
- Tells the client when to run the device posture check. Must be in the format
1hor30m. Valid units arehandm.
- account
Id string - The account identifier to target for the resource.
- type string
- The device posture rule type. Available values:
serial_number,file,application,gateway,warp,domain_joined,os_version,disk_encryption,firewall,client_certificate,workspace_one,unique_client_id,crowdstrike_s2s,sentinelone,kolide,tanium_s2s,intune,sentinelone_s2s. - description string
- expiration string
- Expire posture results after the specified amount of time. Must be in the format
1hor30m. Valid units arehandm. - inputs
Device
Posture Rule Input[] - Required for all rule types except
warp,gateway, andtanium. - matches
Device
Posture Rule Match[] - The conditions that the client must match to run the rule.
- name string
- Name of the device posture rule.
- schedule string
- Tells the client when to run the device posture check. Must be in the format
1hor30m. Valid units arehandm.
- account_
id str - The account identifier to target for the resource.
- type str
- The device posture rule type. Available values:
serial_number,file,application,gateway,warp,domain_joined,os_version,disk_encryption,firewall,client_certificate,workspace_one,unique_client_id,crowdstrike_s2s,sentinelone,kolide,tanium_s2s,intune,sentinelone_s2s. - description str
- expiration str
- Expire posture results after the specified amount of time. Must be in the format
1hor30m. Valid units arehandm. - inputs
Sequence[Device
Posture Rule Input Args] - Required for all rule types except
warp,gateway, andtanium. - matches
Sequence[Device
Posture Rule Match Args] - The conditions that the client must match to run the rule.
- name str
- Name of the device posture rule.
- schedule str
- Tells the client when to run the device posture check. Must be in the format
1hor30m. Valid units arehandm.
- account
Id String - The account identifier to target for the resource.
- type String
- The device posture rule type. Available values:
serial_number,file,application,gateway,warp,domain_joined,os_version,disk_encryption,firewall,client_certificate,workspace_one,unique_client_id,crowdstrike_s2s,sentinelone,kolide,tanium_s2s,intune,sentinelone_s2s. - description String
- expiration String
- Expire posture results after the specified amount of time. Must be in the format
1hor30m. Valid units arehandm. - inputs List<Property Map>
- Required for all rule types except
warp,gateway, andtanium. - matches List<Property Map>
- The conditions that the client must match to run the rule.
- name String
- Name of the device posture rule.
- schedule String
- Tells the client when to run the device posture check. Must be in the format
1hor30m. Valid units arehandm.
Outputs
All input properties are implicitly available as output properties. Additionally, the DevicePostureRule resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing DevicePostureRule Resource
Get an existing DevicePostureRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: DevicePostureRuleState, opts?: CustomResourceOptions): DevicePostureRule@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
description: Optional[str] = None,
expiration: Optional[str] = None,
inputs: Optional[Sequence[DevicePostureRuleInputArgs]] = None,
matches: Optional[Sequence[DevicePostureRuleMatchArgs]] = None,
name: Optional[str] = None,
schedule: Optional[str] = None,
type: Optional[str] = None) -> DevicePostureRulefunc GetDevicePostureRule(ctx *Context, name string, id IDInput, state *DevicePostureRuleState, opts ...ResourceOption) (*DevicePostureRule, error)public static DevicePostureRule Get(string name, Input<string> id, DevicePostureRuleState? state, CustomResourceOptions? opts = null)public static DevicePostureRule get(String name, Output<String> id, DevicePostureRuleState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Account
Id string - The account identifier to target for the resource.
- Description string
- Expiration string
- Expire posture results after the specified amount of time. Must be in the format
1hor30m. Valid units arehandm. - Inputs
List<Device
Posture Rule Input> - Required for all rule types except
warp,gateway, andtanium. - Matches
List<Device
Posture Rule Match> - The conditions that the client must match to run the rule.
- Name string
- Name of the device posture rule.
- Schedule string
- Tells the client when to run the device posture check. Must be in the format
1hor30m. Valid units arehandm. - Type string
- The device posture rule type. Available values:
serial_number,file,application,gateway,warp,domain_joined,os_version,disk_encryption,firewall,client_certificate,workspace_one,unique_client_id,crowdstrike_s2s,sentinelone,kolide,tanium_s2s,intune,sentinelone_s2s.
- Account
Id string - The account identifier to target for the resource.
- Description string
- Expiration string
- Expire posture results after the specified amount of time. Must be in the format
1hor30m. Valid units arehandm. - Inputs
[]Device
Posture Rule Input Type Args - Required for all rule types except
warp,gateway, andtanium. - Matches
[]Device
Posture Rule Match Args - The conditions that the client must match to run the rule.
- Name string
- Name of the device posture rule.
- Schedule string
- Tells the client when to run the device posture check. Must be in the format
1hor30m. Valid units arehandm. - Type string
- The device posture rule type. Available values:
serial_number,file,application,gateway,warp,domain_joined,os_version,disk_encryption,firewall,client_certificate,workspace_one,unique_client_id,crowdstrike_s2s,sentinelone,kolide,tanium_s2s,intune,sentinelone_s2s.
- account
Id String - The account identifier to target for the resource.
- description String
- expiration String
- Expire posture results after the specified amount of time. Must be in the format
1hor30m. Valid units arehandm. - inputs
List<Device
Posture Rule Input> - Required for all rule types except
warp,gateway, andtanium. - matches
List<Device
Posture Rule Match> - The conditions that the client must match to run the rule.
- name String
- Name of the device posture rule.
- schedule String
- Tells the client when to run the device posture check. Must be in the format
1hor30m. Valid units arehandm. - type String
- The device posture rule type. Available values:
serial_number,file,application,gateway,warp,domain_joined,os_version,disk_encryption,firewall,client_certificate,workspace_one,unique_client_id,crowdstrike_s2s,sentinelone,kolide,tanium_s2s,intune,sentinelone_s2s.
- account
Id string - The account identifier to target for the resource.
- description string
- expiration string
- Expire posture results after the specified amount of time. Must be in the format
1hor30m. Valid units arehandm. - inputs
Device
Posture Rule Input[] - Required for all rule types except
warp,gateway, andtanium. - matches
Device
Posture Rule Match[] - The conditions that the client must match to run the rule.
- name string
- Name of the device posture rule.
- schedule string
- Tells the client when to run the device posture check. Must be in the format
1hor30m. Valid units arehandm. - type string
- The device posture rule type. Available values:
serial_number,file,application,gateway,warp,domain_joined,os_version,disk_encryption,firewall,client_certificate,workspace_one,unique_client_id,crowdstrike_s2s,sentinelone,kolide,tanium_s2s,intune,sentinelone_s2s.
- account_
id str - The account identifier to target for the resource.
- description str
- expiration str
- Expire posture results after the specified amount of time. Must be in the format
1hor30m. Valid units arehandm. - inputs
Sequence[Device
Posture Rule Input Args] - Required for all rule types except
warp,gateway, andtanium. - matches
Sequence[Device
Posture Rule Match Args] - The conditions that the client must match to run the rule.
- name str
- Name of the device posture rule.
- schedule str
- Tells the client when to run the device posture check. Must be in the format
1hor30m. Valid units arehandm. - type str
- The device posture rule type. Available values:
serial_number,file,application,gateway,warp,domain_joined,os_version,disk_encryption,firewall,client_certificate,workspace_one,unique_client_id,crowdstrike_s2s,sentinelone,kolide,tanium_s2s,intune,sentinelone_s2s.
- account
Id String - The account identifier to target for the resource.
- description String
- expiration String
- Expire posture results after the specified amount of time. Must be in the format
1hor30m. Valid units arehandm. - inputs List<Property Map>
- Required for all rule types except
warp,gateway, andtanium. - matches List<Property Map>
- The conditions that the client must match to run the rule.
- name String
- Name of the device posture rule.
- schedule String
- Tells the client when to run the device posture check. Must be in the format
1hor30m. Valid units arehandm. - type String
- The device posture rule type. Available values:
serial_number,file,application,gateway,warp,domain_joined,os_version,disk_encryption,firewall,client_certificate,workspace_one,unique_client_id,crowdstrike_s2s,sentinelone,kolide,tanium_s2s,intune,sentinelone_s2s.
Supporting Types
DevicePostureRuleInput, DevicePostureRuleInputArgs
- Active
Threats int - The number of active threats from SentinelOne.
- Certificate
Id string - The UUID of a Cloudflare managed certificate.
- Check
Disks List<string> - Specific volume(s) to check for encryption.
- Cn string
- The common name for a certificate.
- Compliance
Status string - The workspace one device compliance status. Available values:
compliant,noncompliant. - Connection
Id string - The workspace one connection id.
- Count
Operator string - The count comparison operator for kolide. Available values:
>,>=,<,<=,==. - Domain string
- The domain that the client must join.
- Eid
Last stringSeen - The datetime a device last seen in RFC 3339 format from Tanium.
- Enabled bool
- True if the firewall must be enabled.
- Exists bool
- Checks if the file should exist.
- Id string
- The Teams List id. Required for
serial_numberandunique_client_idrule types. - Infected bool
- True if SentinelOne device is infected.
- Is
Active bool - True if SentinelOne device is active.
- Issue
Count string - The number of issues for kolide.
- Last
Seen string - The duration of time that the host was last seen from Crowdstrike. Must be in the format
1hor30m. Valid units ared,handm. - Network
Status string - The network status from SentinelOne. Available values:
connected,disconnected,disconnecting,connecting. - Operator string
- The version comparison operator. Available values:
>,>=,<,<=,==. - Os string
- OS signal score from Crowdstrike. Value must be between 1 and 100.
- Os
Distro stringName - The operating system excluding version information.
- Os
Distro stringRevision - The operating system version excluding OS name information or release name.
- Overall string
- Overall ZTA score from Crowdstrike. Value must be between 1 and 100.
- Path string
- The path to the file.
- Require
All bool - True if all drives must be encrypted.
- Risk
Level string - The risk level from Tanium. Available values:
low,medium,high,critical. - Running bool
- Checks if the application should be running.
- Sensor
Config string - Sensor signal score from Crowdstrike. Value must be between 1 and 100.
- Sha256 string
- The sha256 hash of the file.
- State string
- The host’s current online status from Crowdstrike. Available values:
online,offline,unknown. - Thumbprint string
- The thumbprint of the file certificate.
- Total
Score int - The total score from Tanium.
- Version string
- The operating system semantic version.
- Version
Operator string - The version comparison operator for crowdstrike. Available values:
>,>=,<,<=,==.
- Active
Threats int - The number of active threats from SentinelOne.
- Certificate
Id string - The UUID of a Cloudflare managed certificate.
- Check
Disks []string - Specific volume(s) to check for encryption.
- Cn string
- The common name for a certificate.
- Compliance
Status string - The workspace one device compliance status. Available values:
compliant,noncompliant. - Connection
Id string - The workspace one connection id.
- Count
Operator string - The count comparison operator for kolide. Available values:
>,>=,<,<=,==. - Domain string
- The domain that the client must join.
- Eid
Last stringSeen - The datetime a device last seen in RFC 3339 format from Tanium.
- Enabled bool
- True if the firewall must be enabled.
- Exists bool
- Checks if the file should exist.
- Id string
- The Teams List id. Required for
serial_numberandunique_client_idrule types. - Infected bool
- True if SentinelOne device is infected.
- Is
Active bool - True if SentinelOne device is active.
- Issue
Count string - The number of issues for kolide.
- Last
Seen string - The duration of time that the host was last seen from Crowdstrike. Must be in the format
1hor30m. Valid units ared,handm. - Network
Status string - The network status from SentinelOne. Available values:
connected,disconnected,disconnecting,connecting. - Operator string
- The version comparison operator. Available values:
>,>=,<,<=,==. - Os string
- OS signal score from Crowdstrike. Value must be between 1 and 100.
- Os
Distro stringName - The operating system excluding version information.
- Os
Distro stringRevision - The operating system version excluding OS name information or release name.
- Overall string
- Overall ZTA score from Crowdstrike. Value must be between 1 and 100.
- Path string
- The path to the file.
- Require
All bool - True if all drives must be encrypted.
- Risk
Level string - The risk level from Tanium. Available values:
low,medium,high,critical. - Running bool
- Checks if the application should be running.
- Sensor
Config string - Sensor signal score from Crowdstrike. Value must be between 1 and 100.
- Sha256 string
- The sha256 hash of the file.
- State string
- The host’s current online status from Crowdstrike. Available values:
online,offline,unknown. - Thumbprint string
- The thumbprint of the file certificate.
- Total
Score int - The total score from Tanium.
- Version string
- The operating system semantic version.
- Version
Operator string - The version comparison operator for crowdstrike. Available values:
>,>=,<,<=,==.
- active
Threats Integer - The number of active threats from SentinelOne.
- certificate
Id String - The UUID of a Cloudflare managed certificate.
- check
Disks List<String> - Specific volume(s) to check for encryption.
- cn String
- The common name for a certificate.
- compliance
Status String - The workspace one device compliance status. Available values:
compliant,noncompliant. - connection
Id String - The workspace one connection id.
- count
Operator String - The count comparison operator for kolide. Available values:
>,>=,<,<=,==. - domain String
- The domain that the client must join.
- eid
Last StringSeen - The datetime a device last seen in RFC 3339 format from Tanium.
- enabled Boolean
- True if the firewall must be enabled.
- exists Boolean
- Checks if the file should exist.
- id String
- The Teams List id. Required for
serial_numberandunique_client_idrule types. - infected Boolean
- True if SentinelOne device is infected.
- is
Active Boolean - True if SentinelOne device is active.
- issue
Count String - The number of issues for kolide.
- last
Seen String - The duration of time that the host was last seen from Crowdstrike. Must be in the format
1hor30m. Valid units ared,handm. - network
Status String - The network status from SentinelOne. Available values:
connected,disconnected,disconnecting,connecting. - operator String
- The version comparison operator. Available values:
>,>=,<,<=,==. - os String
- OS signal score from Crowdstrike. Value must be between 1 and 100.
- os
Distro StringName - The operating system excluding version information.
- os
Distro StringRevision - The operating system version excluding OS name information or release name.
- overall String
- Overall ZTA score from Crowdstrike. Value must be between 1 and 100.
- path String
- The path to the file.
- require
All Boolean - True if all drives must be encrypted.
- risk
Level String - The risk level from Tanium. Available values:
low,medium,high,critical. - running Boolean
- Checks if the application should be running.
- sensor
Config String - Sensor signal score from Crowdstrike. Value must be between 1 and 100.
- sha256 String
- The sha256 hash of the file.
- state String
- The host’s current online status from Crowdstrike. Available values:
online,offline,unknown. - thumbprint String
- The thumbprint of the file certificate.
- total
Score Integer - The total score from Tanium.
- version String
- The operating system semantic version.
- version
Operator String - The version comparison operator for crowdstrike. Available values:
>,>=,<,<=,==.
- active
Threats number - The number of active threats from SentinelOne.
- certificate
Id string - The UUID of a Cloudflare managed certificate.
- check
Disks string[] - Specific volume(s) to check for encryption.
- cn string
- The common name for a certificate.
- compliance
Status string - The workspace one device compliance status. Available values:
compliant,noncompliant. - connection
Id string - The workspace one connection id.
- count
Operator string - The count comparison operator for kolide. Available values:
>,>=,<,<=,==. - domain string
- The domain that the client must join.
- eid
Last stringSeen - The datetime a device last seen in RFC 3339 format from Tanium.
- enabled boolean
- True if the firewall must be enabled.
- exists boolean
- Checks if the file should exist.
- id string
- The Teams List id. Required for
serial_numberandunique_client_idrule types. - infected boolean
- True if SentinelOne device is infected.
- is
Active boolean - True if SentinelOne device is active.
- issue
Count string - The number of issues for kolide.
- last
Seen string - The duration of time that the host was last seen from Crowdstrike. Must be in the format
1hor30m. Valid units ared,handm. - network
Status string - The network status from SentinelOne. Available values:
connected,disconnected,disconnecting,connecting. - operator string
- The version comparison operator. Available values:
>,>=,<,<=,==. - os string
- OS signal score from Crowdstrike. Value must be between 1 and 100.
- os
Distro stringName - The operating system excluding version information.
- os
Distro stringRevision - The operating system version excluding OS name information or release name.
- overall string
- Overall ZTA score from Crowdstrike. Value must be between 1 and 100.
- path string
- The path to the file.
- require
All boolean - True if all drives must be encrypted.
- risk
Level string - The risk level from Tanium. Available values:
low,medium,high,critical. - running boolean
- Checks if the application should be running.
- sensor
Config string - Sensor signal score from Crowdstrike. Value must be between 1 and 100.
- sha256 string
- The sha256 hash of the file.
- state string
- The host’s current online status from Crowdstrike. Available values:
online,offline,unknown. - thumbprint string
- The thumbprint of the file certificate.
- total
Score number - The total score from Tanium.
- version string
- The operating system semantic version.
- version
Operator string - The version comparison operator for crowdstrike. Available values:
>,>=,<,<=,==.
- active_
threats int - The number of active threats from SentinelOne.
- certificate_
id str - The UUID of a Cloudflare managed certificate.
- check_
disks Sequence[str] - Specific volume(s) to check for encryption.
- cn str
- The common name for a certificate.
- compliance_
status str - The workspace one device compliance status. Available values:
compliant,noncompliant. - connection_
id str - The workspace one connection id.
- count_
operator str - The count comparison operator for kolide. Available values:
>,>=,<,<=,==. - domain str
- The domain that the client must join.
- eid_
last_ strseen - The datetime a device last seen in RFC 3339 format from Tanium.
- enabled bool
- True if the firewall must be enabled.
- exists bool
- Checks if the file should exist.
- id str
- The Teams List id. Required for
serial_numberandunique_client_idrule types. - infected bool
- True if SentinelOne device is infected.
- is_
active bool - True if SentinelOne device is active.
- issue_
count str - The number of issues for kolide.
- last_
seen str - The duration of time that the host was last seen from Crowdstrike. Must be in the format
1hor30m. Valid units ared,handm. - network_
status str - The network status from SentinelOne. Available values:
connected,disconnected,disconnecting,connecting. - operator str
- The version comparison operator. Available values:
>,>=,<,<=,==. - os str
- OS signal score from Crowdstrike. Value must be between 1 and 100.
- os_
distro_ strname - The operating system excluding version information.
- os_
distro_ strrevision - The operating system version excluding OS name information or release name.
- overall str
- Overall ZTA score from Crowdstrike. Value must be between 1 and 100.
- path str
- The path to the file.
- require_
all bool - True if all drives must be encrypted.
- risk_
level str - The risk level from Tanium. Available values:
low,medium,high,critical. - running bool
- Checks if the application should be running.
- sensor_
config str - Sensor signal score from Crowdstrike. Value must be between 1 and 100.
- sha256 str
- The sha256 hash of the file.
- state str
- The host’s current online status from Crowdstrike. Available values:
online,offline,unknown. - thumbprint str
- The thumbprint of the file certificate.
- total_
score int - The total score from Tanium.
- version str
- The operating system semantic version.
- version_
operator str - The version comparison operator for crowdstrike. Available values:
>,>=,<,<=,==.
- active
Threats Number - The number of active threats from SentinelOne.
- certificate
Id String - The UUID of a Cloudflare managed certificate.
- check
Disks List<String> - Specific volume(s) to check for encryption.
- cn String
- The common name for a certificate.
- compliance
Status String - The workspace one device compliance status. Available values:
compliant,noncompliant. - connection
Id String - The workspace one connection id.
- count
Operator String - The count comparison operator for kolide. Available values:
>,>=,<,<=,==. - domain String
- The domain that the client must join.
- eid
Last StringSeen - The datetime a device last seen in RFC 3339 format from Tanium.
- enabled Boolean
- True if the firewall must be enabled.
- exists Boolean
- Checks if the file should exist.
- id String
- The Teams List id. Required for
serial_numberandunique_client_idrule types. - infected Boolean
- True if SentinelOne device is infected.
- is
Active Boolean - True if SentinelOne device is active.
- issue
Count String - The number of issues for kolide.
- last
Seen String - The duration of time that the host was last seen from Crowdstrike. Must be in the format
1hor30m. Valid units ared,handm. - network
Status String - The network status from SentinelOne. Available values:
connected,disconnected,disconnecting,connecting. - operator String
- The version comparison operator. Available values:
>,>=,<,<=,==. - os String
- OS signal score from Crowdstrike. Value must be between 1 and 100.
- os
Distro StringName - The operating system excluding version information.
- os
Distro StringRevision - The operating system version excluding OS name information or release name.
- overall String
- Overall ZTA score from Crowdstrike. Value must be between 1 and 100.
- path String
- The path to the file.
- require
All Boolean - True if all drives must be encrypted.
- risk
Level String - The risk level from Tanium. Available values:
low,medium,high,critical. - running Boolean
- Checks if the application should be running.
- sensor
Config String - Sensor signal score from Crowdstrike. Value must be between 1 and 100.
- sha256 String
- The sha256 hash of the file.
- state String
- The host’s current online status from Crowdstrike. Available values:
online,offline,unknown. - thumbprint String
- The thumbprint of the file certificate.
- total
Score Number - The total score from Tanium.
- version String
- The operating system semantic version.
- version
Operator String - The version comparison operator for crowdstrike. Available values:
>,>=,<,<=,==.
DevicePostureRuleMatch, DevicePostureRuleMatchArgs
- Platform string
- The platform of the device. Available values:
windows,mac,linux,android,ios,chromeos.
- Platform string
- The platform of the device. Available values:
windows,mac,linux,android,ios,chromeos.
- platform String
- The platform of the device. Available values:
windows,mac,linux,android,ios,chromeos.
- platform string
- The platform of the device. Available values:
windows,mac,linux,android,ios,chromeos.
- platform str
- The platform of the device. Available values:
windows,mac,linux,android,ios,chromeos.
- platform String
- The platform of the device. Available values:
windows,mac,linux,android,ios,chromeos.
Import
$ pulumi import cloudflare:index/devicePostureRule:DevicePostureRule example <account_id>/<device_posture_rule_id>
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Cloudflare pulumi/pulumi-cloudflare
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
cloudflareTerraform Provider.