1. Packages
  2. Cloudflare
  3. API Docs
  4. AccessApplication
Cloudflare v5.23.0 published on Monday, Mar 25, 2024 by Pulumi

cloudflare.AccessApplication

Explore with Pulumi AI

cloudflare logo
Cloudflare v5.23.0 published on Monday, Mar 25, 2024 by Pulumi

    Provides a Cloudflare Access Application resource. Access Applications are used to restrict access to a whole application using an authorisation gateway managed by Cloudflare.

    It’s required that an account_id or zone_id is provided and in most cases using either is fine. However, if you’re using a scoped access token, you must provide the argument that matches the token’s scope. For example, an access token that is scoped to the “example.com” zone needs to use the zone_id argument.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as cloudflare from "@pulumi/cloudflare";
    
    // With CORS configuration
    const stagingApp = new cloudflare.AccessApplication("stagingApp", {
        corsHeaders: [{
            allowCredentials: true,
            allowedMethods: [
                "GET",
                "POST",
                "OPTIONS",
            ],
            allowedOrigins: ["https://example.com"],
            maxAge: 10,
        }],
        domain: "staging.example.com",
        name: "staging application",
        sessionDuration: "24h",
        type: "self_hosted",
        zoneId: "0da42c8d2132a9ddaf714f9e7c920711",
    });
    
    import pulumi
    import pulumi_cloudflare as cloudflare
    
    # With CORS configuration
    staging_app = cloudflare.AccessApplication("stagingApp",
        cors_headers=[cloudflare.AccessApplicationCorsHeaderArgs(
            allow_credentials=True,
            allowed_methods=[
                "GET",
                "POST",
                "OPTIONS",
            ],
            allowed_origins=["https://example.com"],
            max_age=10,
        )],
        domain="staging.example.com",
        name="staging application",
        session_duration="24h",
        type="self_hosted",
        zone_id="0da42c8d2132a9ddaf714f9e7c920711")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-cloudflare/sdk/v5/go/cloudflare"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		// With CORS configuration
    		_, err := cloudflare.NewAccessApplication(ctx, "stagingApp", &cloudflare.AccessApplicationArgs{
    			CorsHeaders: cloudflare.AccessApplicationCorsHeaderArray{
    				&cloudflare.AccessApplicationCorsHeaderArgs{
    					AllowCredentials: pulumi.Bool(true),
    					AllowedMethods: pulumi.StringArray{
    						pulumi.String("GET"),
    						pulumi.String("POST"),
    						pulumi.String("OPTIONS"),
    					},
    					AllowedOrigins: pulumi.StringArray{
    						pulumi.String("https://example.com"),
    					},
    					MaxAge: pulumi.Int(10),
    				},
    			},
    			Domain:          pulumi.String("staging.example.com"),
    			Name:            pulumi.String("staging application"),
    			SessionDuration: pulumi.String("24h"),
    			Type:            pulumi.String("self_hosted"),
    			ZoneId:          pulumi.String("0da42c8d2132a9ddaf714f9e7c920711"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Cloudflare = Pulumi.Cloudflare;
    
    return await Deployment.RunAsync(() => 
    {
        // With CORS configuration
        var stagingApp = new Cloudflare.AccessApplication("stagingApp", new()
        {
            CorsHeaders = new[]
            {
                new Cloudflare.Inputs.AccessApplicationCorsHeaderArgs
                {
                    AllowCredentials = true,
                    AllowedMethods = new[]
                    {
                        "GET",
                        "POST",
                        "OPTIONS",
                    },
                    AllowedOrigins = new[]
                    {
                        "https://example.com",
                    },
                    MaxAge = 10,
                },
            },
            Domain = "staging.example.com",
            Name = "staging application",
            SessionDuration = "24h",
            Type = "self_hosted",
            ZoneId = "0da42c8d2132a9ddaf714f9e7c920711",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.cloudflare.AccessApplication;
    import com.pulumi.cloudflare.AccessApplicationArgs;
    import com.pulumi.cloudflare.inputs.AccessApplicationCorsHeaderArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var stagingApp = new AccessApplication("stagingApp", AccessApplicationArgs.builder()        
                .corsHeaders(AccessApplicationCorsHeaderArgs.builder()
                    .allowCredentials(true)
                    .allowedMethods(                
                        "GET",
                        "POST",
                        "OPTIONS")
                    .allowedOrigins("https://example.com")
                    .maxAge(10)
                    .build())
                .domain("staging.example.com")
                .name("staging application")
                .sessionDuration("24h")
                .type("self_hosted")
                .zoneId("0da42c8d2132a9ddaf714f9e7c920711")
                .build());
    
        }
    }
    
    resources:
      # With CORS configuration
      stagingApp:
        type: cloudflare:AccessApplication
        properties:
          corsHeaders:
            - allowCredentials: true
              allowedMethods:
                - GET
                - POST
                - OPTIONS
              allowedOrigins:
                - https://example.com
              maxAge: 10
          domain: staging.example.com
          name: staging application
          sessionDuration: 24h
          type: self_hosted
          zoneId: 0da42c8d2132a9ddaf714f9e7c920711
    

    Create AccessApplication Resource

    new AccessApplication(name: string, args?: AccessApplicationArgs, opts?: CustomResourceOptions);
    @overload
    def AccessApplication(resource_name: str,
                          opts: Optional[ResourceOptions] = None,
                          account_id: Optional[str] = None,
                          allow_authenticate_via_warp: Optional[bool] = None,
                          allowed_idps: Optional[Sequence[str]] = None,
                          app_launcher_logo_url: Optional[str] = None,
                          app_launcher_visible: Optional[bool] = None,
                          auto_redirect_to_identity: Optional[bool] = None,
                          bg_color: Optional[str] = None,
                          cors_headers: Optional[Sequence[AccessApplicationCorsHeaderArgs]] = None,
                          custom_deny_message: Optional[str] = None,
                          custom_deny_url: Optional[str] = None,
                          custom_non_identity_deny_url: Optional[str] = None,
                          custom_pages: Optional[Sequence[str]] = None,
                          domain: Optional[str] = None,
                          enable_binding_cookie: Optional[bool] = None,
                          footer_links: Optional[Sequence[AccessApplicationFooterLinkArgs]] = None,
                          header_bg_color: Optional[str] = None,
                          http_only_cookie_attribute: Optional[bool] = None,
                          landing_page_design: Optional[AccessApplicationLandingPageDesignArgs] = None,
                          logo_url: Optional[str] = None,
                          name: Optional[str] = None,
                          saas_app: Optional[AccessApplicationSaasAppArgs] = None,
                          same_site_cookie_attribute: Optional[str] = None,
                          self_hosted_domains: Optional[Sequence[str]] = None,
                          service_auth401_redirect: Optional[bool] = None,
                          session_duration: Optional[str] = None,
                          skip_interstitial: Optional[bool] = None,
                          tags: Optional[Sequence[str]] = None,
                          type: Optional[str] = None,
                          zone_id: Optional[str] = None)
    @overload
    def AccessApplication(resource_name: str,
                          args: Optional[AccessApplicationArgs] = None,
                          opts: Optional[ResourceOptions] = None)
    func NewAccessApplication(ctx *Context, name string, args *AccessApplicationArgs, opts ...ResourceOption) (*AccessApplication, error)
    public AccessApplication(string name, AccessApplicationArgs? args = null, CustomResourceOptions? opts = null)
    public AccessApplication(String name, AccessApplicationArgs args)
    public AccessApplication(String name, AccessApplicationArgs args, CustomResourceOptions options)
    
    type: cloudflare:AccessApplication
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args AccessApplicationArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args AccessApplicationArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args AccessApplicationArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args AccessApplicationArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args AccessApplicationArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    AccessApplication Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The AccessApplication resource accepts the following input properties:

    AccountId string
    The account identifier to target for the resource. Conflicts with zone_id.
    AllowAuthenticateViaWarp bool
    When set to true, users can authenticate to this application using their WARP session. When set to false this application will always require direct IdP authentication. This setting always overrides the organization setting for WARP authentication.
    AllowedIdps List<string>
    The identity providers selected for the application.
    AppLauncherLogoUrl string
    The logo URL of the app launcher.
    AppLauncherVisible bool
    Option to show/hide applications in App Launcher. Defaults to true.
    AutoRedirectToIdentity bool
    Option to skip identity provider selection if only one is configured in allowed_idps. Defaults to false.
    BgColor string
    The background color of the app launcher.
    CorsHeaders List<AccessApplicationCorsHeader>
    CORS configuration for the Access Application. See below for reference structure.
    CustomDenyMessage string
    Option that returns a custom error message when a user is denied access to the application.
    CustomDenyUrl string
    Option that redirects to a custom URL when a user is denied access to the application via identity based rules.
    CustomNonIdentityDenyUrl string
    Option that redirects to a custom URL when a user is denied access to the application via non identity rules.
    CustomPages List<string>
    The custom pages selected for the application.
    Domain string
    The primary hostname and path that Access will secure. If the app is visible in the App Launcher dashboard, this is the domain that will be displayed.
    EnableBindingCookie bool
    Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an additional "binding" cookie on requests. Defaults to false.
    FooterLinks List<AccessApplicationFooterLink>
    The footer links of the app launcher.
    HeaderBgColor string
    The background color of the header bar in the app launcher.
    HttpOnlyCookieAttribute bool
    Option to add the HttpOnly cookie flag to access tokens.
    LandingPageDesign AccessApplicationLandingPageDesign
    The landing page design of the app launcher.
    LogoUrl string
    Image URL for the logo shown in the app launcher dashboard.
    Name string
    The name of the footer link.
    SaasApp AccessApplicationSaasApp
    SaaS configuration for the Access Application.
    SameSiteCookieAttribute string
    Defines the same-site cookie setting for access tokens. Available values: none, lax, strict.
    SelfHostedDomains List<string>
    List of domains that access will secure. Only present for self_hosted, vnc, and ssh applications. Always includes the value set as domain.
    ServiceAuth401Redirect bool
    Option to return a 401 status code in service authentication rules on failed requests. Defaults to false.
    SessionDuration string
    How often a user will be forced to re-authorise. Must be in the format 48h or 2h45m. Defaults to 24h.
    SkipInterstitial bool
    Option to skip the authorization interstitial when using the CLI. Defaults to false.
    Tags List<string>
    The itags associated with the application.
    Type string
    The application type. Available values: app_launcher, bookmark, biso, dash_sso, saas, self_hosted, ssh, vnc, warp. Defaults to self_hosted.
    ZoneId string
    The zone identifier to target for the resource. Conflicts with account_id.
    AccountId string
    The account identifier to target for the resource. Conflicts with zone_id.
    AllowAuthenticateViaWarp bool
    When set to true, users can authenticate to this application using their WARP session. When set to false this application will always require direct IdP authentication. This setting always overrides the organization setting for WARP authentication.
    AllowedIdps []string
    The identity providers selected for the application.
    AppLauncherLogoUrl string
    The logo URL of the app launcher.
    AppLauncherVisible bool
    Option to show/hide applications in App Launcher. Defaults to true.
    AutoRedirectToIdentity bool
    Option to skip identity provider selection if only one is configured in allowed_idps. Defaults to false.
    BgColor string
    The background color of the app launcher.
    CorsHeaders []AccessApplicationCorsHeaderArgs
    CORS configuration for the Access Application. See below for reference structure.
    CustomDenyMessage string
    Option that returns a custom error message when a user is denied access to the application.
    CustomDenyUrl string
    Option that redirects to a custom URL when a user is denied access to the application via identity based rules.
    CustomNonIdentityDenyUrl string
    Option that redirects to a custom URL when a user is denied access to the application via non identity rules.
    CustomPages []string
    The custom pages selected for the application.
    Domain string
    The primary hostname and path that Access will secure. If the app is visible in the App Launcher dashboard, this is the domain that will be displayed.
    EnableBindingCookie bool
    Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an additional "binding" cookie on requests. Defaults to false.
    FooterLinks []AccessApplicationFooterLinkArgs
    The footer links of the app launcher.
    HeaderBgColor string
    The background color of the header bar in the app launcher.
    HttpOnlyCookieAttribute bool
    Option to add the HttpOnly cookie flag to access tokens.
    LandingPageDesign AccessApplicationLandingPageDesignArgs
    The landing page design of the app launcher.
    LogoUrl string
    Image URL for the logo shown in the app launcher dashboard.
    Name string
    The name of the footer link.
    SaasApp AccessApplicationSaasAppArgs
    SaaS configuration for the Access Application.
    SameSiteCookieAttribute string
    Defines the same-site cookie setting for access tokens. Available values: none, lax, strict.
    SelfHostedDomains []string
    List of domains that access will secure. Only present for self_hosted, vnc, and ssh applications. Always includes the value set as domain.
    ServiceAuth401Redirect bool
    Option to return a 401 status code in service authentication rules on failed requests. Defaults to false.
    SessionDuration string
    How often a user will be forced to re-authorise. Must be in the format 48h or 2h45m. Defaults to 24h.
    SkipInterstitial bool
    Option to skip the authorization interstitial when using the CLI. Defaults to false.
    Tags []string
    The itags associated with the application.
    Type string
    The application type. Available values: app_launcher, bookmark, biso, dash_sso, saas, self_hosted, ssh, vnc, warp. Defaults to self_hosted.
    ZoneId string
    The zone identifier to target for the resource. Conflicts with account_id.
    accountId String
    The account identifier to target for the resource. Conflicts with zone_id.
    allowAuthenticateViaWarp Boolean
    When set to true, users can authenticate to this application using their WARP session. When set to false this application will always require direct IdP authentication. This setting always overrides the organization setting for WARP authentication.
    allowedIdps List<String>
    The identity providers selected for the application.
    appLauncherLogoUrl String
    The logo URL of the app launcher.
    appLauncherVisible Boolean
    Option to show/hide applications in App Launcher. Defaults to true.
    autoRedirectToIdentity Boolean
    Option to skip identity provider selection if only one is configured in allowed_idps. Defaults to false.
    bgColor String
    The background color of the app launcher.
    corsHeaders List<AccessApplicationCorsHeader>
    CORS configuration for the Access Application. See below for reference structure.
    customDenyMessage String
    Option that returns a custom error message when a user is denied access to the application.
    customDenyUrl String
    Option that redirects to a custom URL when a user is denied access to the application via identity based rules.
    customNonIdentityDenyUrl String
    Option that redirects to a custom URL when a user is denied access to the application via non identity rules.
    customPages List<String>
    The custom pages selected for the application.
    domain String
    The primary hostname and path that Access will secure. If the app is visible in the App Launcher dashboard, this is the domain that will be displayed.
    enableBindingCookie Boolean
    Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an additional "binding" cookie on requests. Defaults to false.
    footerLinks List<AccessApplicationFooterLink>
    The footer links of the app launcher.
    headerBgColor String
    The background color of the header bar in the app launcher.
    httpOnlyCookieAttribute Boolean
    Option to add the HttpOnly cookie flag to access tokens.
    landingPageDesign AccessApplicationLandingPageDesign
    The landing page design of the app launcher.
    logoUrl String
    Image URL for the logo shown in the app launcher dashboard.
    name String
    The name of the footer link.
    saasApp AccessApplicationSaasApp
    SaaS configuration for the Access Application.
    sameSiteCookieAttribute String
    Defines the same-site cookie setting for access tokens. Available values: none, lax, strict.
    selfHostedDomains List<String>
    List of domains that access will secure. Only present for self_hosted, vnc, and ssh applications. Always includes the value set as domain.
    serviceAuth401Redirect Boolean
    Option to return a 401 status code in service authentication rules on failed requests. Defaults to false.
    sessionDuration String
    How often a user will be forced to re-authorise. Must be in the format 48h or 2h45m. Defaults to 24h.
    skipInterstitial Boolean
    Option to skip the authorization interstitial when using the CLI. Defaults to false.
    tags List<String>
    The itags associated with the application.
    type String
    The application type. Available values: app_launcher, bookmark, biso, dash_sso, saas, self_hosted, ssh, vnc, warp. Defaults to self_hosted.
    zoneId String
    The zone identifier to target for the resource. Conflicts with account_id.
    accountId string
    The account identifier to target for the resource. Conflicts with zone_id.
    allowAuthenticateViaWarp boolean
    When set to true, users can authenticate to this application using their WARP session. When set to false this application will always require direct IdP authentication. This setting always overrides the organization setting for WARP authentication.
    allowedIdps string[]
    The identity providers selected for the application.
    appLauncherLogoUrl string
    The logo URL of the app launcher.
    appLauncherVisible boolean
    Option to show/hide applications in App Launcher. Defaults to true.
    autoRedirectToIdentity boolean
    Option to skip identity provider selection if only one is configured in allowed_idps. Defaults to false.
    bgColor string
    The background color of the app launcher.
    corsHeaders AccessApplicationCorsHeader[]
    CORS configuration for the Access Application. See below for reference structure.
    customDenyMessage string
    Option that returns a custom error message when a user is denied access to the application.
    customDenyUrl string
    Option that redirects to a custom URL when a user is denied access to the application via identity based rules.
    customNonIdentityDenyUrl string
    Option that redirects to a custom URL when a user is denied access to the application via non identity rules.
    customPages string[]
    The custom pages selected for the application.
    domain string
    The primary hostname and path that Access will secure. If the app is visible in the App Launcher dashboard, this is the domain that will be displayed.
    enableBindingCookie boolean
    Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an additional "binding" cookie on requests. Defaults to false.
    footerLinks AccessApplicationFooterLink[]
    The footer links of the app launcher.
    headerBgColor string
    The background color of the header bar in the app launcher.
    httpOnlyCookieAttribute boolean
    Option to add the HttpOnly cookie flag to access tokens.
    landingPageDesign AccessApplicationLandingPageDesign
    The landing page design of the app launcher.
    logoUrl string
    Image URL for the logo shown in the app launcher dashboard.
    name string
    The name of the footer link.
    saasApp AccessApplicationSaasApp
    SaaS configuration for the Access Application.
    sameSiteCookieAttribute string
    Defines the same-site cookie setting for access tokens. Available values: none, lax, strict.
    selfHostedDomains string[]
    List of domains that access will secure. Only present for self_hosted, vnc, and ssh applications. Always includes the value set as domain.
    serviceAuth401Redirect boolean
    Option to return a 401 status code in service authentication rules on failed requests. Defaults to false.
    sessionDuration string
    How often a user will be forced to re-authorise. Must be in the format 48h or 2h45m. Defaults to 24h.
    skipInterstitial boolean
    Option to skip the authorization interstitial when using the CLI. Defaults to false.
    tags string[]
    The itags associated with the application.
    type string
    The application type. Available values: app_launcher, bookmark, biso, dash_sso, saas, self_hosted, ssh, vnc, warp. Defaults to self_hosted.
    zoneId string
    The zone identifier to target for the resource. Conflicts with account_id.
    account_id str
    The account identifier to target for the resource. Conflicts with zone_id.
    allow_authenticate_via_warp bool
    When set to true, users can authenticate to this application using their WARP session. When set to false this application will always require direct IdP authentication. This setting always overrides the organization setting for WARP authentication.
    allowed_idps Sequence[str]
    The identity providers selected for the application.
    app_launcher_logo_url str
    The logo URL of the app launcher.
    app_launcher_visible bool
    Option to show/hide applications in App Launcher. Defaults to true.
    auto_redirect_to_identity bool
    Option to skip identity provider selection if only one is configured in allowed_idps. Defaults to false.
    bg_color str
    The background color of the app launcher.
    cors_headers Sequence[AccessApplicationCorsHeaderArgs]
    CORS configuration for the Access Application. See below for reference structure.
    custom_deny_message str
    Option that returns a custom error message when a user is denied access to the application.
    custom_deny_url str
    Option that redirects to a custom URL when a user is denied access to the application via identity based rules.
    custom_non_identity_deny_url str
    Option that redirects to a custom URL when a user is denied access to the application via non identity rules.
    custom_pages Sequence[str]
    The custom pages selected for the application.
    domain str
    The primary hostname and path that Access will secure. If the app is visible in the App Launcher dashboard, this is the domain that will be displayed.
    enable_binding_cookie bool
    Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an additional "binding" cookie on requests. Defaults to false.
    footer_links Sequence[AccessApplicationFooterLinkArgs]
    The footer links of the app launcher.
    header_bg_color str
    The background color of the header bar in the app launcher.
    http_only_cookie_attribute bool
    Option to add the HttpOnly cookie flag to access tokens.
    landing_page_design AccessApplicationLandingPageDesignArgs
    The landing page design of the app launcher.
    logo_url str
    Image URL for the logo shown in the app launcher dashboard.
    name str
    The name of the footer link.
    saas_app AccessApplicationSaasAppArgs
    SaaS configuration for the Access Application.
    same_site_cookie_attribute str
    Defines the same-site cookie setting for access tokens. Available values: none, lax, strict.
    self_hosted_domains Sequence[str]
    List of domains that access will secure. Only present for self_hosted, vnc, and ssh applications. Always includes the value set as domain.
    service_auth401_redirect bool
    Option to return a 401 status code in service authentication rules on failed requests. Defaults to false.
    session_duration str
    How often a user will be forced to re-authorise. Must be in the format 48h or 2h45m. Defaults to 24h.
    skip_interstitial bool
    Option to skip the authorization interstitial when using the CLI. Defaults to false.
    tags Sequence[str]
    The itags associated with the application.
    type str
    The application type. Available values: app_launcher, bookmark, biso, dash_sso, saas, self_hosted, ssh, vnc, warp. Defaults to self_hosted.
    zone_id str
    The zone identifier to target for the resource. Conflicts with account_id.
    accountId String
    The account identifier to target for the resource. Conflicts with zone_id.
    allowAuthenticateViaWarp Boolean
    When set to true, users can authenticate to this application using their WARP session. When set to false this application will always require direct IdP authentication. This setting always overrides the organization setting for WARP authentication.
    allowedIdps List<String>
    The identity providers selected for the application.
    appLauncherLogoUrl String
    The logo URL of the app launcher.
    appLauncherVisible Boolean
    Option to show/hide applications in App Launcher. Defaults to true.
    autoRedirectToIdentity Boolean
    Option to skip identity provider selection if only one is configured in allowed_idps. Defaults to false.
    bgColor String
    The background color of the app launcher.
    corsHeaders List<Property Map>
    CORS configuration for the Access Application. See below for reference structure.
    customDenyMessage String
    Option that returns a custom error message when a user is denied access to the application.
    customDenyUrl String
    Option that redirects to a custom URL when a user is denied access to the application via identity based rules.
    customNonIdentityDenyUrl String
    Option that redirects to a custom URL when a user is denied access to the application via non identity rules.
    customPages List<String>
    The custom pages selected for the application.
    domain String
    The primary hostname and path that Access will secure. If the app is visible in the App Launcher dashboard, this is the domain that will be displayed.
    enableBindingCookie Boolean
    Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an additional "binding" cookie on requests. Defaults to false.
    footerLinks List<Property Map>
    The footer links of the app launcher.
    headerBgColor String
    The background color of the header bar in the app launcher.
    httpOnlyCookieAttribute Boolean
    Option to add the HttpOnly cookie flag to access tokens.
    landingPageDesign Property Map
    The landing page design of the app launcher.
    logoUrl String
    Image URL for the logo shown in the app launcher dashboard.
    name String
    The name of the footer link.
    saasApp Property Map
    SaaS configuration for the Access Application.
    sameSiteCookieAttribute String
    Defines the same-site cookie setting for access tokens. Available values: none, lax, strict.
    selfHostedDomains List<String>
    List of domains that access will secure. Only present for self_hosted, vnc, and ssh applications. Always includes the value set as domain.
    serviceAuth401Redirect Boolean
    Option to return a 401 status code in service authentication rules on failed requests. Defaults to false.
    sessionDuration String
    How often a user will be forced to re-authorise. Must be in the format 48h or 2h45m. Defaults to 24h.
    skipInterstitial Boolean
    Option to skip the authorization interstitial when using the CLI. Defaults to false.
    tags List<String>
    The itags associated with the application.
    type String
    The application type. Available values: app_launcher, bookmark, biso, dash_sso, saas, self_hosted, ssh, vnc, warp. Defaults to self_hosted.
    zoneId String
    The zone identifier to target for the resource. Conflicts with account_id.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the AccessApplication resource produces the following output properties:

    Aud string
    Application Audience (AUD) Tag of the application.
    Id string
    The provider-assigned unique ID for this managed resource.
    Aud string
    Application Audience (AUD) Tag of the application.
    Id string
    The provider-assigned unique ID for this managed resource.
    aud String
    Application Audience (AUD) Tag of the application.
    id String
    The provider-assigned unique ID for this managed resource.
    aud string
    Application Audience (AUD) Tag of the application.
    id string
    The provider-assigned unique ID for this managed resource.
    aud str
    Application Audience (AUD) Tag of the application.
    id str
    The provider-assigned unique ID for this managed resource.
    aud String
    Application Audience (AUD) Tag of the application.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing AccessApplication Resource

    Get an existing AccessApplication resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: AccessApplicationState, opts?: CustomResourceOptions): AccessApplication
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            account_id: Optional[str] = None,
            allow_authenticate_via_warp: Optional[bool] = None,
            allowed_idps: Optional[Sequence[str]] = None,
            app_launcher_logo_url: Optional[str] = None,
            app_launcher_visible: Optional[bool] = None,
            aud: Optional[str] = None,
            auto_redirect_to_identity: Optional[bool] = None,
            bg_color: Optional[str] = None,
            cors_headers: Optional[Sequence[AccessApplicationCorsHeaderArgs]] = None,
            custom_deny_message: Optional[str] = None,
            custom_deny_url: Optional[str] = None,
            custom_non_identity_deny_url: Optional[str] = None,
            custom_pages: Optional[Sequence[str]] = None,
            domain: Optional[str] = None,
            enable_binding_cookie: Optional[bool] = None,
            footer_links: Optional[Sequence[AccessApplicationFooterLinkArgs]] = None,
            header_bg_color: Optional[str] = None,
            http_only_cookie_attribute: Optional[bool] = None,
            landing_page_design: Optional[AccessApplicationLandingPageDesignArgs] = None,
            logo_url: Optional[str] = None,
            name: Optional[str] = None,
            saas_app: Optional[AccessApplicationSaasAppArgs] = None,
            same_site_cookie_attribute: Optional[str] = None,
            self_hosted_domains: Optional[Sequence[str]] = None,
            service_auth401_redirect: Optional[bool] = None,
            session_duration: Optional[str] = None,
            skip_interstitial: Optional[bool] = None,
            tags: Optional[Sequence[str]] = None,
            type: Optional[str] = None,
            zone_id: Optional[str] = None) -> AccessApplication
    func GetAccessApplication(ctx *Context, name string, id IDInput, state *AccessApplicationState, opts ...ResourceOption) (*AccessApplication, error)
    public static AccessApplication Get(string name, Input<string> id, AccessApplicationState? state, CustomResourceOptions? opts = null)
    public static AccessApplication get(String name, Output<String> id, AccessApplicationState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AccountId string
    The account identifier to target for the resource. Conflicts with zone_id.
    AllowAuthenticateViaWarp bool
    When set to true, users can authenticate to this application using their WARP session. When set to false this application will always require direct IdP authentication. This setting always overrides the organization setting for WARP authentication.
    AllowedIdps List<string>
    The identity providers selected for the application.
    AppLauncherLogoUrl string
    The logo URL of the app launcher.
    AppLauncherVisible bool
    Option to show/hide applications in App Launcher. Defaults to true.
    Aud string
    Application Audience (AUD) Tag of the application.
    AutoRedirectToIdentity bool
    Option to skip identity provider selection if only one is configured in allowed_idps. Defaults to false.
    BgColor string
    The background color of the app launcher.
    CorsHeaders List<AccessApplicationCorsHeader>
    CORS configuration for the Access Application. See below for reference structure.
    CustomDenyMessage string
    Option that returns a custom error message when a user is denied access to the application.
    CustomDenyUrl string
    Option that redirects to a custom URL when a user is denied access to the application via identity based rules.
    CustomNonIdentityDenyUrl string
    Option that redirects to a custom URL when a user is denied access to the application via non identity rules.
    CustomPages List<string>
    The custom pages selected for the application.
    Domain string
    The primary hostname and path that Access will secure. If the app is visible in the App Launcher dashboard, this is the domain that will be displayed.
    EnableBindingCookie bool
    Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an additional "binding" cookie on requests. Defaults to false.
    FooterLinks List<AccessApplicationFooterLink>
    The footer links of the app launcher.
    HeaderBgColor string
    The background color of the header bar in the app launcher.
    HttpOnlyCookieAttribute bool
    Option to add the HttpOnly cookie flag to access tokens.
    LandingPageDesign AccessApplicationLandingPageDesign
    The landing page design of the app launcher.
    LogoUrl string
    Image URL for the logo shown in the app launcher dashboard.
    Name string
    The name of the footer link.
    SaasApp AccessApplicationSaasApp
    SaaS configuration for the Access Application.
    SameSiteCookieAttribute string
    Defines the same-site cookie setting for access tokens. Available values: none, lax, strict.
    SelfHostedDomains List<string>
    List of domains that access will secure. Only present for self_hosted, vnc, and ssh applications. Always includes the value set as domain.
    ServiceAuth401Redirect bool
    Option to return a 401 status code in service authentication rules on failed requests. Defaults to false.
    SessionDuration string
    How often a user will be forced to re-authorise. Must be in the format 48h or 2h45m. Defaults to 24h.
    SkipInterstitial bool
    Option to skip the authorization interstitial when using the CLI. Defaults to false.
    Tags List<string>
    The itags associated with the application.
    Type string
    The application type. Available values: app_launcher, bookmark, biso, dash_sso, saas, self_hosted, ssh, vnc, warp. Defaults to self_hosted.
    ZoneId string
    The zone identifier to target for the resource. Conflicts with account_id.
    AccountId string
    The account identifier to target for the resource. Conflicts with zone_id.
    AllowAuthenticateViaWarp bool
    When set to true, users can authenticate to this application using their WARP session. When set to false this application will always require direct IdP authentication. This setting always overrides the organization setting for WARP authentication.
    AllowedIdps []string
    The identity providers selected for the application.
    AppLauncherLogoUrl string
    The logo URL of the app launcher.
    AppLauncherVisible bool
    Option to show/hide applications in App Launcher. Defaults to true.
    Aud string
    Application Audience (AUD) Tag of the application.
    AutoRedirectToIdentity bool
    Option to skip identity provider selection if only one is configured in allowed_idps. Defaults to false.
    BgColor string
    The background color of the app launcher.
    CorsHeaders []AccessApplicationCorsHeaderArgs
    CORS configuration for the Access Application. See below for reference structure.
    CustomDenyMessage string
    Option that returns a custom error message when a user is denied access to the application.
    CustomDenyUrl string
    Option that redirects to a custom URL when a user is denied access to the application via identity based rules.
    CustomNonIdentityDenyUrl string
    Option that redirects to a custom URL when a user is denied access to the application via non identity rules.
    CustomPages []string
    The custom pages selected for the application.
    Domain string
    The primary hostname and path that Access will secure. If the app is visible in the App Launcher dashboard, this is the domain that will be displayed.
    EnableBindingCookie bool
    Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an additional "binding" cookie on requests. Defaults to false.
    FooterLinks []AccessApplicationFooterLinkArgs
    The footer links of the app launcher.
    HeaderBgColor string
    The background color of the header bar in the app launcher.
    HttpOnlyCookieAttribute bool
    Option to add the HttpOnly cookie flag to access tokens.
    LandingPageDesign AccessApplicationLandingPageDesignArgs
    The landing page design of the app launcher.
    LogoUrl string
    Image URL for the logo shown in the app launcher dashboard.
    Name string
    The name of the footer link.
    SaasApp AccessApplicationSaasAppArgs
    SaaS configuration for the Access Application.
    SameSiteCookieAttribute string
    Defines the same-site cookie setting for access tokens. Available values: none, lax, strict.
    SelfHostedDomains []string
    List of domains that access will secure. Only present for self_hosted, vnc, and ssh applications. Always includes the value set as domain.
    ServiceAuth401Redirect bool
    Option to return a 401 status code in service authentication rules on failed requests. Defaults to false.
    SessionDuration string
    How often a user will be forced to re-authorise. Must be in the format 48h or 2h45m. Defaults to 24h.
    SkipInterstitial bool
    Option to skip the authorization interstitial when using the CLI. Defaults to false.
    Tags []string
    The itags associated with the application.
    Type string
    The application type. Available values: app_launcher, bookmark, biso, dash_sso, saas, self_hosted, ssh, vnc, warp. Defaults to self_hosted.
    ZoneId string
    The zone identifier to target for the resource. Conflicts with account_id.
    accountId String
    The account identifier to target for the resource. Conflicts with zone_id.
    allowAuthenticateViaWarp Boolean
    When set to true, users can authenticate to this application using their WARP session. When set to false this application will always require direct IdP authentication. This setting always overrides the organization setting for WARP authentication.
    allowedIdps List<String>
    The identity providers selected for the application.
    appLauncherLogoUrl String
    The logo URL of the app launcher.
    appLauncherVisible Boolean
    Option to show/hide applications in App Launcher. Defaults to true.
    aud String
    Application Audience (AUD) Tag of the application.
    autoRedirectToIdentity Boolean
    Option to skip identity provider selection if only one is configured in allowed_idps. Defaults to false.
    bgColor String
    The background color of the app launcher.
    corsHeaders List<AccessApplicationCorsHeader>
    CORS configuration for the Access Application. See below for reference structure.
    customDenyMessage String
    Option that returns a custom error message when a user is denied access to the application.
    customDenyUrl String
    Option that redirects to a custom URL when a user is denied access to the application via identity based rules.
    customNonIdentityDenyUrl String
    Option that redirects to a custom URL when a user is denied access to the application via non identity rules.
    customPages List<String>
    The custom pages selected for the application.
    domain String
    The primary hostname and path that Access will secure. If the app is visible in the App Launcher dashboard, this is the domain that will be displayed.
    enableBindingCookie Boolean
    Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an additional "binding" cookie on requests. Defaults to false.
    footerLinks List<AccessApplicationFooterLink>
    The footer links of the app launcher.
    headerBgColor String
    The background color of the header bar in the app launcher.
    httpOnlyCookieAttribute Boolean
    Option to add the HttpOnly cookie flag to access tokens.
    landingPageDesign AccessApplicationLandingPageDesign
    The landing page design of the app launcher.
    logoUrl String
    Image URL for the logo shown in the app launcher dashboard.
    name String
    The name of the footer link.
    saasApp AccessApplicationSaasApp
    SaaS configuration for the Access Application.
    sameSiteCookieAttribute String
    Defines the same-site cookie setting for access tokens. Available values: none, lax, strict.
    selfHostedDomains List<String>
    List of domains that access will secure. Only present for self_hosted, vnc, and ssh applications. Always includes the value set as domain.
    serviceAuth401Redirect Boolean
    Option to return a 401 status code in service authentication rules on failed requests. Defaults to false.
    sessionDuration String
    How often a user will be forced to re-authorise. Must be in the format 48h or 2h45m. Defaults to 24h.
    skipInterstitial Boolean
    Option to skip the authorization interstitial when using the CLI. Defaults to false.
    tags List<String>
    The itags associated with the application.
    type String
    The application type. Available values: app_launcher, bookmark, biso, dash_sso, saas, self_hosted, ssh, vnc, warp. Defaults to self_hosted.
    zoneId String
    The zone identifier to target for the resource. Conflicts with account_id.
    accountId string
    The account identifier to target for the resource. Conflicts with zone_id.
    allowAuthenticateViaWarp boolean
    When set to true, users can authenticate to this application using their WARP session. When set to false this application will always require direct IdP authentication. This setting always overrides the organization setting for WARP authentication.
    allowedIdps string[]
    The identity providers selected for the application.
    appLauncherLogoUrl string
    The logo URL of the app launcher.
    appLauncherVisible boolean
    Option to show/hide applications in App Launcher. Defaults to true.
    aud string
    Application Audience (AUD) Tag of the application.
    autoRedirectToIdentity boolean
    Option to skip identity provider selection if only one is configured in allowed_idps. Defaults to false.
    bgColor string
    The background color of the app launcher.
    corsHeaders AccessApplicationCorsHeader[]
    CORS configuration for the Access Application. See below for reference structure.
    customDenyMessage string
    Option that returns a custom error message when a user is denied access to the application.
    customDenyUrl string
    Option that redirects to a custom URL when a user is denied access to the application via identity based rules.
    customNonIdentityDenyUrl string
    Option that redirects to a custom URL when a user is denied access to the application via non identity rules.
    customPages string[]
    The custom pages selected for the application.
    domain string
    The primary hostname and path that Access will secure. If the app is visible in the App Launcher dashboard, this is the domain that will be displayed.
    enableBindingCookie boolean
    Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an additional "binding" cookie on requests. Defaults to false.
    footerLinks AccessApplicationFooterLink[]
    The footer links of the app launcher.
    headerBgColor string
    The background color of the header bar in the app launcher.
    httpOnlyCookieAttribute boolean
    Option to add the HttpOnly cookie flag to access tokens.
    landingPageDesign AccessApplicationLandingPageDesign
    The landing page design of the app launcher.
    logoUrl string
    Image URL for the logo shown in the app launcher dashboard.
    name string
    The name of the footer link.
    saasApp AccessApplicationSaasApp
    SaaS configuration for the Access Application.
    sameSiteCookieAttribute string
    Defines the same-site cookie setting for access tokens. Available values: none, lax, strict.
    selfHostedDomains string[]
    List of domains that access will secure. Only present for self_hosted, vnc, and ssh applications. Always includes the value set as domain.
    serviceAuth401Redirect boolean
    Option to return a 401 status code in service authentication rules on failed requests. Defaults to false.
    sessionDuration string
    How often a user will be forced to re-authorise. Must be in the format 48h or 2h45m. Defaults to 24h.
    skipInterstitial boolean
    Option to skip the authorization interstitial when using the CLI. Defaults to false.
    tags string[]
    The itags associated with the application.
    type string
    The application type. Available values: app_launcher, bookmark, biso, dash_sso, saas, self_hosted, ssh, vnc, warp. Defaults to self_hosted.
    zoneId string
    The zone identifier to target for the resource. Conflicts with account_id.
    account_id str
    The account identifier to target for the resource. Conflicts with zone_id.
    allow_authenticate_via_warp bool
    When set to true, users can authenticate to this application using their WARP session. When set to false this application will always require direct IdP authentication. This setting always overrides the organization setting for WARP authentication.
    allowed_idps Sequence[str]
    The identity providers selected for the application.
    app_launcher_logo_url str
    The logo URL of the app launcher.
    app_launcher_visible bool
    Option to show/hide applications in App Launcher. Defaults to true.
    aud str
    Application Audience (AUD) Tag of the application.
    auto_redirect_to_identity bool
    Option to skip identity provider selection if only one is configured in allowed_idps. Defaults to false.
    bg_color str
    The background color of the app launcher.
    cors_headers Sequence[AccessApplicationCorsHeaderArgs]
    CORS configuration for the Access Application. See below for reference structure.
    custom_deny_message str
    Option that returns a custom error message when a user is denied access to the application.
    custom_deny_url str
    Option that redirects to a custom URL when a user is denied access to the application via identity based rules.
    custom_non_identity_deny_url str
    Option that redirects to a custom URL when a user is denied access to the application via non identity rules.
    custom_pages Sequence[str]
    The custom pages selected for the application.
    domain str
    The primary hostname and path that Access will secure. If the app is visible in the App Launcher dashboard, this is the domain that will be displayed.
    enable_binding_cookie bool
    Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an additional "binding" cookie on requests. Defaults to false.
    footer_links Sequence[AccessApplicationFooterLinkArgs]
    The footer links of the app launcher.
    header_bg_color str
    The background color of the header bar in the app launcher.
    http_only_cookie_attribute bool
    Option to add the HttpOnly cookie flag to access tokens.
    landing_page_design AccessApplicationLandingPageDesignArgs
    The landing page design of the app launcher.
    logo_url str
    Image URL for the logo shown in the app launcher dashboard.
    name str
    The name of the footer link.
    saas_app AccessApplicationSaasAppArgs
    SaaS configuration for the Access Application.
    same_site_cookie_attribute str
    Defines the same-site cookie setting for access tokens. Available values: none, lax, strict.
    self_hosted_domains Sequence[str]
    List of domains that access will secure. Only present for self_hosted, vnc, and ssh applications. Always includes the value set as domain.
    service_auth401_redirect bool
    Option to return a 401 status code in service authentication rules on failed requests. Defaults to false.
    session_duration str
    How often a user will be forced to re-authorise. Must be in the format 48h or 2h45m. Defaults to 24h.
    skip_interstitial bool
    Option to skip the authorization interstitial when using the CLI. Defaults to false.
    tags Sequence[str]
    The itags associated with the application.
    type str
    The application type. Available values: app_launcher, bookmark, biso, dash_sso, saas, self_hosted, ssh, vnc, warp. Defaults to self_hosted.
    zone_id str
    The zone identifier to target for the resource. Conflicts with account_id.
    accountId String
    The account identifier to target for the resource. Conflicts with zone_id.
    allowAuthenticateViaWarp Boolean
    When set to true, users can authenticate to this application using their WARP session. When set to false this application will always require direct IdP authentication. This setting always overrides the organization setting for WARP authentication.
    allowedIdps List<String>
    The identity providers selected for the application.
    appLauncherLogoUrl String
    The logo URL of the app launcher.
    appLauncherVisible Boolean
    Option to show/hide applications in App Launcher. Defaults to true.
    aud String
    Application Audience (AUD) Tag of the application.
    autoRedirectToIdentity Boolean
    Option to skip identity provider selection if only one is configured in allowed_idps. Defaults to false.
    bgColor String
    The background color of the app launcher.
    corsHeaders List<Property Map>
    CORS configuration for the Access Application. See below for reference structure.
    customDenyMessage String
    Option that returns a custom error message when a user is denied access to the application.
    customDenyUrl String
    Option that redirects to a custom URL when a user is denied access to the application via identity based rules.
    customNonIdentityDenyUrl String
    Option that redirects to a custom URL when a user is denied access to the application via non identity rules.
    customPages List<String>
    The custom pages selected for the application.
    domain String
    The primary hostname and path that Access will secure. If the app is visible in the App Launcher dashboard, this is the domain that will be displayed.
    enableBindingCookie Boolean
    Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an additional "binding" cookie on requests. Defaults to false.
    footerLinks List<Property Map>
    The footer links of the app launcher.
    headerBgColor String
    The background color of the header bar in the app launcher.
    httpOnlyCookieAttribute Boolean
    Option to add the HttpOnly cookie flag to access tokens.
    landingPageDesign Property Map
    The landing page design of the app launcher.
    logoUrl String
    Image URL for the logo shown in the app launcher dashboard.
    name String
    The name of the footer link.
    saasApp Property Map
    SaaS configuration for the Access Application.
    sameSiteCookieAttribute String
    Defines the same-site cookie setting for access tokens. Available values: none, lax, strict.
    selfHostedDomains List<String>
    List of domains that access will secure. Only present for self_hosted, vnc, and ssh applications. Always includes the value set as domain.
    serviceAuth401Redirect Boolean
    Option to return a 401 status code in service authentication rules on failed requests. Defaults to false.
    sessionDuration String
    How often a user will be forced to re-authorise. Must be in the format 48h or 2h45m. Defaults to 24h.
    skipInterstitial Boolean
    Option to skip the authorization interstitial when using the CLI. Defaults to false.
    tags List<String>
    The itags associated with the application.
    type String
    The application type. Available values: app_launcher, bookmark, biso, dash_sso, saas, self_hosted, ssh, vnc, warp. Defaults to self_hosted.
    zoneId String
    The zone identifier to target for the resource. Conflicts with account_id.

    Supporting Types

    AccessApplicationCorsHeader, AccessApplicationCorsHeaderArgs

    AllowAllHeaders bool
    Value to determine whether all HTTP headers are exposed.
    AllowAllMethods bool
    Value to determine whether all methods are exposed.
    AllowAllOrigins bool
    Value to determine whether all origins are permitted to make CORS requests.
    AllowCredentials bool
    Value to determine if credentials (cookies, authorization headers, or TLS client certificates) are included with requests.
    AllowedHeaders List<string>
    List of HTTP headers to expose via CORS.
    AllowedMethods List<string>
    List of methods to expose via CORS.
    AllowedOrigins List<string>
    List of origins permitted to make CORS requests.
    MaxAge int
    The maximum time a preflight request will be cached.
    AllowAllHeaders bool
    Value to determine whether all HTTP headers are exposed.
    AllowAllMethods bool
    Value to determine whether all methods are exposed.
    AllowAllOrigins bool
    Value to determine whether all origins are permitted to make CORS requests.
    AllowCredentials bool
    Value to determine if credentials (cookies, authorization headers, or TLS client certificates) are included with requests.
    AllowedHeaders []string
    List of HTTP headers to expose via CORS.
    AllowedMethods []string
    List of methods to expose via CORS.
    AllowedOrigins []string
    List of origins permitted to make CORS requests.
    MaxAge int
    The maximum time a preflight request will be cached.
    allowAllHeaders Boolean
    Value to determine whether all HTTP headers are exposed.
    allowAllMethods Boolean
    Value to determine whether all methods are exposed.
    allowAllOrigins Boolean
    Value to determine whether all origins are permitted to make CORS requests.
    allowCredentials Boolean
    Value to determine if credentials (cookies, authorization headers, or TLS client certificates) are included with requests.
    allowedHeaders List<String>
    List of HTTP headers to expose via CORS.
    allowedMethods List<String>
    List of methods to expose via CORS.
    allowedOrigins List<String>
    List of origins permitted to make CORS requests.
    maxAge Integer
    The maximum time a preflight request will be cached.
    allowAllHeaders boolean
    Value to determine whether all HTTP headers are exposed.
    allowAllMethods boolean
    Value to determine whether all methods are exposed.
    allowAllOrigins boolean
    Value to determine whether all origins are permitted to make CORS requests.
    allowCredentials boolean
    Value to determine if credentials (cookies, authorization headers, or TLS client certificates) are included with requests.
    allowedHeaders string[]
    List of HTTP headers to expose via CORS.
    allowedMethods string[]
    List of methods to expose via CORS.
    allowedOrigins string[]
    List of origins permitted to make CORS requests.
    maxAge number
    The maximum time a preflight request will be cached.
    allow_all_headers bool
    Value to determine whether all HTTP headers are exposed.
    allow_all_methods bool
    Value to determine whether all methods are exposed.
    allow_all_origins bool
    Value to determine whether all origins are permitted to make CORS requests.
    allow_credentials bool
    Value to determine if credentials (cookies, authorization headers, or TLS client certificates) are included with requests.
    allowed_headers Sequence[str]
    List of HTTP headers to expose via CORS.
    allowed_methods Sequence[str]
    List of methods to expose via CORS.
    allowed_origins Sequence[str]
    List of origins permitted to make CORS requests.
    max_age int
    The maximum time a preflight request will be cached.
    allowAllHeaders Boolean
    Value to determine whether all HTTP headers are exposed.
    allowAllMethods Boolean
    Value to determine whether all methods are exposed.
    allowAllOrigins Boolean
    Value to determine whether all origins are permitted to make CORS requests.
    allowCredentials Boolean
    Value to determine if credentials (cookies, authorization headers, or TLS client certificates) are included with requests.
    allowedHeaders List<String>
    List of HTTP headers to expose via CORS.
    allowedMethods List<String>
    List of methods to expose via CORS.
    allowedOrigins List<String>
    List of origins permitted to make CORS requests.
    maxAge Number
    The maximum time a preflight request will be cached.
    Name string
    The name of the footer link.
    Url string
    The URL of the footer link.
    Name string
    The name of the footer link.
    Url string
    The URL of the footer link.
    name String
    The name of the footer link.
    url String
    The URL of the footer link.
    name string
    The name of the footer link.
    url string
    The URL of the footer link.
    name str
    The name of the footer link.
    url str
    The URL of the footer link.
    name String
    The name of the footer link.
    url String
    The URL of the footer link.

    AccessApplicationLandingPageDesign, AccessApplicationLandingPageDesignArgs

    ButtonColor string
    The button color of the landing page.
    ButtonTextColor string
    The button text color of the landing page.
    ImageUrl string
    The URL of the image to be displayed in the landing page.
    Message string
    The message of the landing page.
    Title string
    The title of the landing page.
    ButtonColor string
    The button color of the landing page.
    ButtonTextColor string
    The button text color of the landing page.
    ImageUrl string
    The URL of the image to be displayed in the landing page.
    Message string
    The message of the landing page.
    Title string
    The title of the landing page.
    buttonColor String
    The button color of the landing page.
    buttonTextColor String
    The button text color of the landing page.
    imageUrl String
    The URL of the image to be displayed in the landing page.
    message String
    The message of the landing page.
    title String
    The title of the landing page.
    buttonColor string
    The button color of the landing page.
    buttonTextColor string
    The button text color of the landing page.
    imageUrl string
    The URL of the image to be displayed in the landing page.
    message string
    The message of the landing page.
    title string
    The title of the landing page.
    button_color str
    The button color of the landing page.
    button_text_color str
    The button text color of the landing page.
    image_url str
    The URL of the image to be displayed in the landing page.
    message str
    The message of the landing page.
    title str
    The title of the landing page.
    buttonColor String
    The button color of the landing page.
    buttonTextColor String
    The button text color of the landing page.
    imageUrl String
    The URL of the image to be displayed in the landing page.
    message String
    The message of the landing page.
    title String
    The title of the landing page.

    AccessApplicationSaasApp, AccessApplicationSaasAppArgs

    AppLauncherUrl string
    The URL where this applications tile redirects users.
    AuthType string
    ClientId string
    The application client id.
    ClientSecret string
    The application client secret, only returned on initial apply.
    ConsumerServiceUrl string
    The service provider's endpoint that is responsible for receiving and parsing a SAML assertion.
    CustomAttributes List<AccessApplicationSaasAppCustomAttribute>
    Custom attribute mapped from IDPs.
    DefaultRelayState string
    The relay state used if not provided by the identity provider.
    GrantTypes List<string>
    The OIDC flows supported by this application.
    GroupFilterRegex string
    A regex to filter Cloudflare groups returned in ID token and userinfo endpoint.
    IdpEntityId string
    The unique identifier for the SaaS application.
    NameIdFormat string
    The format of the name identifier sent to the SaaS application.
    NameIdTransformJsonata string
    A JSONata expression that transforms an application's user identities into a NameID value for its SAML assertion. This expression should evaluate to a singular string. The output of this expression can override the name_id_format setting.
    PublicKey string
    The public certificate that will be used to verify identities.
    RedirectUris List<string>
    The permitted URL's for Cloudflare to return Authorization codes and Access/ID tokens.
    Scopes List<string>
    Define the user information shared with access.
    SpEntityId string
    A globally unique name for an identity or service provider.
    SsoEndpoint string
    The endpoint where the SaaS application will send login requests.
    AppLauncherUrl string
    The URL where this applications tile redirects users.
    AuthType string
    ClientId string
    The application client id.
    ClientSecret string
    The application client secret, only returned on initial apply.
    ConsumerServiceUrl string
    The service provider's endpoint that is responsible for receiving and parsing a SAML assertion.
    CustomAttributes []AccessApplicationSaasAppCustomAttribute
    Custom attribute mapped from IDPs.
    DefaultRelayState string
    The relay state used if not provided by the identity provider.
    GrantTypes []string
    The OIDC flows supported by this application.
    GroupFilterRegex string
    A regex to filter Cloudflare groups returned in ID token and userinfo endpoint.
    IdpEntityId string
    The unique identifier for the SaaS application.
    NameIdFormat string
    The format of the name identifier sent to the SaaS application.
    NameIdTransformJsonata string
    A JSONata expression that transforms an application's user identities into a NameID value for its SAML assertion. This expression should evaluate to a singular string. The output of this expression can override the name_id_format setting.
    PublicKey string
    The public certificate that will be used to verify identities.
    RedirectUris []string
    The permitted URL's for Cloudflare to return Authorization codes and Access/ID tokens.
    Scopes []string
    Define the user information shared with access.
    SpEntityId string
    A globally unique name for an identity or service provider.
    SsoEndpoint string
    The endpoint where the SaaS application will send login requests.
    appLauncherUrl String
    The URL where this applications tile redirects users.
    authType String
    clientId String
    The application client id.
    clientSecret String
    The application client secret, only returned on initial apply.
    consumerServiceUrl String
    The service provider's endpoint that is responsible for receiving and parsing a SAML assertion.
    customAttributes List<AccessApplicationSaasAppCustomAttribute>
    Custom attribute mapped from IDPs.
    defaultRelayState String
    The relay state used if not provided by the identity provider.
    grantTypes List<String>
    The OIDC flows supported by this application.
    groupFilterRegex String
    A regex to filter Cloudflare groups returned in ID token and userinfo endpoint.
    idpEntityId String
    The unique identifier for the SaaS application.
    nameIdFormat String
    The format of the name identifier sent to the SaaS application.
    nameIdTransformJsonata String
    A JSONata expression that transforms an application's user identities into a NameID value for its SAML assertion. This expression should evaluate to a singular string. The output of this expression can override the name_id_format setting.
    publicKey String
    The public certificate that will be used to verify identities.
    redirectUris List<String>
    The permitted URL's for Cloudflare to return Authorization codes and Access/ID tokens.
    scopes List<String>
    Define the user information shared with access.
    spEntityId String
    A globally unique name for an identity or service provider.
    ssoEndpoint String
    The endpoint where the SaaS application will send login requests.
    appLauncherUrl string
    The URL where this applications tile redirects users.
    authType string
    clientId string
    The application client id.
    clientSecret string
    The application client secret, only returned on initial apply.
    consumerServiceUrl string
    The service provider's endpoint that is responsible for receiving and parsing a SAML assertion.
    customAttributes AccessApplicationSaasAppCustomAttribute[]
    Custom attribute mapped from IDPs.
    defaultRelayState string
    The relay state used if not provided by the identity provider.
    grantTypes string[]
    The OIDC flows supported by this application.
    groupFilterRegex string
    A regex to filter Cloudflare groups returned in ID token and userinfo endpoint.
    idpEntityId string
    The unique identifier for the SaaS application.
    nameIdFormat string
    The format of the name identifier sent to the SaaS application.
    nameIdTransformJsonata string
    A JSONata expression that transforms an application's user identities into a NameID value for its SAML assertion. This expression should evaluate to a singular string. The output of this expression can override the name_id_format setting.
    publicKey string
    The public certificate that will be used to verify identities.
    redirectUris string[]
    The permitted URL's for Cloudflare to return Authorization codes and Access/ID tokens.
    scopes string[]
    Define the user information shared with access.
    spEntityId string
    A globally unique name for an identity or service provider.
    ssoEndpoint string
    The endpoint where the SaaS application will send login requests.
    app_launcher_url str
    The URL where this applications tile redirects users.
    auth_type str
    client_id str
    The application client id.
    client_secret str
    The application client secret, only returned on initial apply.
    consumer_service_url str
    The service provider's endpoint that is responsible for receiving and parsing a SAML assertion.
    custom_attributes Sequence[AccessApplicationSaasAppCustomAttribute]
    Custom attribute mapped from IDPs.
    default_relay_state str
    The relay state used if not provided by the identity provider.
    grant_types Sequence[str]
    The OIDC flows supported by this application.
    group_filter_regex str
    A regex to filter Cloudflare groups returned in ID token and userinfo endpoint.
    idp_entity_id str
    The unique identifier for the SaaS application.
    name_id_format str
    The format of the name identifier sent to the SaaS application.
    name_id_transform_jsonata str
    A JSONata expression that transforms an application's user identities into a NameID value for its SAML assertion. This expression should evaluate to a singular string. The output of this expression can override the name_id_format setting.
    public_key str
    The public certificate that will be used to verify identities.
    redirect_uris Sequence[str]
    The permitted URL's for Cloudflare to return Authorization codes and Access/ID tokens.
    scopes Sequence[str]
    Define the user information shared with access.
    sp_entity_id str
    A globally unique name for an identity or service provider.
    sso_endpoint str
    The endpoint where the SaaS application will send login requests.
    appLauncherUrl String
    The URL where this applications tile redirects users.
    authType String
    clientId String
    The application client id.
    clientSecret String
    The application client secret, only returned on initial apply.
    consumerServiceUrl String
    The service provider's endpoint that is responsible for receiving and parsing a SAML assertion.
    customAttributes List<Property Map>
    Custom attribute mapped from IDPs.
    defaultRelayState String
    The relay state used if not provided by the identity provider.
    grantTypes List<String>
    The OIDC flows supported by this application.
    groupFilterRegex String
    A regex to filter Cloudflare groups returned in ID token and userinfo endpoint.
    idpEntityId String
    The unique identifier for the SaaS application.
    nameIdFormat String
    The format of the name identifier sent to the SaaS application.
    nameIdTransformJsonata String
    A JSONata expression that transforms an application's user identities into a NameID value for its SAML assertion. This expression should evaluate to a singular string. The output of this expression can override the name_id_format setting.
    publicKey String
    The public certificate that will be used to verify identities.
    redirectUris List<String>
    The permitted URL's for Cloudflare to return Authorization codes and Access/ID tokens.
    scopes List<String>
    Define the user information shared with access.
    spEntityId String
    A globally unique name for an identity or service provider.
    ssoEndpoint String
    The endpoint where the SaaS application will send login requests.

    AccessApplicationSaasAppCustomAttribute, AccessApplicationSaasAppCustomAttributeArgs

    Source AccessApplicationSaasAppCustomAttributeSource
    FriendlyName string
    A friendly name for the attribute as provided to the SaaS app.
    Name string
    The name of the footer link.
    NameFormat string
    A globally unique name for an identity or service provider.
    Required bool
    True if the attribute must be always present.
    Source AccessApplicationSaasAppCustomAttributeSource
    FriendlyName string
    A friendly name for the attribute as provided to the SaaS app.
    Name string
    The name of the footer link.
    NameFormat string
    A globally unique name for an identity or service provider.
    Required bool
    True if the attribute must be always present.
    source AccessApplicationSaasAppCustomAttributeSource
    friendlyName String
    A friendly name for the attribute as provided to the SaaS app.
    name String
    The name of the footer link.
    nameFormat String
    A globally unique name for an identity or service provider.
    required Boolean
    True if the attribute must be always present.
    source AccessApplicationSaasAppCustomAttributeSource
    friendlyName string
    A friendly name for the attribute as provided to the SaaS app.
    name string
    The name of the footer link.
    nameFormat string
    A globally unique name for an identity or service provider.
    required boolean
    True if the attribute must be always present.
    source AccessApplicationSaasAppCustomAttributeSource
    friendly_name str
    A friendly name for the attribute as provided to the SaaS app.
    name str
    The name of the footer link.
    name_format str
    A globally unique name for an identity or service provider.
    required bool
    True if the attribute must be always present.
    source Property Map
    friendlyName String
    A friendly name for the attribute as provided to the SaaS app.
    name String
    The name of the footer link.
    nameFormat String
    A globally unique name for an identity or service provider.
    required Boolean
    True if the attribute must be always present.

    AccessApplicationSaasAppCustomAttributeSource, AccessApplicationSaasAppCustomAttributeSourceArgs

    Name string
    The name of the footer link.
    Name string
    The name of the footer link.
    name String
    The name of the footer link.
    name string
    The name of the footer link.
    name str
    The name of the footer link.
    name String
    The name of the footer link.

    Import

    $ pulumi import cloudflare:index/accessApplication:AccessApplication example <account_id>/<application_id>
    

    Package Details

    Repository
    Cloudflare pulumi/pulumi-cloudflare
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the cloudflare Terraform Provider.
    cloudflare logo
    Cloudflare v5.23.0 published on Monday, Mar 25, 2024 by Pulumi