cloudflare.AccessOrganization
Explore with Pulumi AI
A Zero Trust organization defines the user login experience.
Example Usage
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;
return await Deployment.RunAsync(() =>
{
var example = new Cloudflare.AccessOrganization("example", new()
{
AccountId = "f037e56e89293a057740de681ac9abbe",
AuthDomain = "example.cloudflareaccess.com",
AutoRedirectToIdentity = false,
IsUiReadOnly = false,
LoginDesigns = new[]
{
new Cloudflare.Inputs.AccessOrganizationLoginDesignArgs
{
BackgroundColor = "#ffffff",
FooterText = "My footer text",
HeaderText = "My header text",
LogoPath = "https://example.com/logo.png",
TextColor = "#000000",
},
},
Name = "example.cloudflareaccess.com",
UserSeatExpirationInactiveTime = "720h",
});
});
package main
import (
"github.com/pulumi/pulumi-cloudflare/sdk/v5/go/cloudflare"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cloudflare.NewAccessOrganization(ctx, "example", &cloudflare.AccessOrganizationArgs{
AccountId: pulumi.String("f037e56e89293a057740de681ac9abbe"),
AuthDomain: pulumi.String("example.cloudflareaccess.com"),
AutoRedirectToIdentity: pulumi.Bool(false),
IsUiReadOnly: pulumi.Bool(false),
LoginDesigns: cloudflare.AccessOrganizationLoginDesignArray{
&cloudflare.AccessOrganizationLoginDesignArgs{
BackgroundColor: pulumi.String("#ffffff"),
FooterText: pulumi.String("My footer text"),
HeaderText: pulumi.String("My header text"),
LogoPath: pulumi.String("https://example.com/logo.png"),
TextColor: pulumi.String("#000000"),
},
},
Name: pulumi.String("example.cloudflareaccess.com"),
UserSeatExpirationInactiveTime: pulumi.String("720h"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudflare.AccessOrganization;
import com.pulumi.cloudflare.AccessOrganizationArgs;
import com.pulumi.cloudflare.inputs.AccessOrganizationLoginDesignArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new AccessOrganization("example", AccessOrganizationArgs.builder()
.accountId("f037e56e89293a057740de681ac9abbe")
.authDomain("example.cloudflareaccess.com")
.autoRedirectToIdentity(false)
.isUiReadOnly(false)
.loginDesigns(AccessOrganizationLoginDesignArgs.builder()
.backgroundColor("#ffffff")
.footerText("My footer text")
.headerText("My header text")
.logoPath("https://example.com/logo.png")
.textColor("#000000")
.build())
.name("example.cloudflareaccess.com")
.userSeatExpirationInactiveTime("720h")
.build());
}
}
import pulumi
import pulumi_cloudflare as cloudflare
example = cloudflare.AccessOrganization("example",
account_id="f037e56e89293a057740de681ac9abbe",
auth_domain="example.cloudflareaccess.com",
auto_redirect_to_identity=False,
is_ui_read_only=False,
login_designs=[cloudflare.AccessOrganizationLoginDesignArgs(
background_color="#ffffff",
footer_text="My footer text",
header_text="My header text",
logo_path="https://example.com/logo.png",
text_color="#000000",
)],
name="example.cloudflareaccess.com",
user_seat_expiration_inactive_time="720h")
import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";
const example = new cloudflare.AccessOrganization("example", {
accountId: "f037e56e89293a057740de681ac9abbe",
authDomain: "example.cloudflareaccess.com",
autoRedirectToIdentity: false,
isUiReadOnly: false,
loginDesigns: [{
backgroundColor: "#ffffff",
footerText: "My footer text",
headerText: "My header text",
logoPath: "https://example.com/logo.png",
textColor: "#000000",
}],
name: "example.cloudflareaccess.com",
userSeatExpirationInactiveTime: "720h",
});
resources:
example:
type: cloudflare:AccessOrganization
properties:
accountId: f037e56e89293a057740de681ac9abbe
authDomain: example.cloudflareaccess.com
autoRedirectToIdentity: false
isUiReadOnly: false
loginDesigns:
- backgroundColor: '#ffffff'
footerText: My footer text
headerText: My header text
logoPath: https://example.com/logo.png
textColor: '#000000'
name: example.cloudflareaccess.com
userSeatExpirationInactiveTime: 720h
Create AccessOrganization Resource
new AccessOrganization(name: string, args: AccessOrganizationArgs, opts?: CustomResourceOptions);
@overload
def AccessOrganization(resource_name: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
auth_domain: Optional[str] = None,
auto_redirect_to_identity: Optional[bool] = None,
custom_pages: Optional[Sequence[AccessOrganizationCustomPageArgs]] = None,
is_ui_read_only: Optional[bool] = None,
login_designs: Optional[Sequence[AccessOrganizationLoginDesignArgs]] = None,
name: Optional[str] = None,
ui_read_only_toggle_reason: Optional[str] = None,
user_seat_expiration_inactive_time: Optional[str] = None,
zone_id: Optional[str] = None)
@overload
def AccessOrganization(resource_name: str,
args: AccessOrganizationArgs,
opts: Optional[ResourceOptions] = None)
func NewAccessOrganization(ctx *Context, name string, args AccessOrganizationArgs, opts ...ResourceOption) (*AccessOrganization, error)
public AccessOrganization(string name, AccessOrganizationArgs args, CustomResourceOptions? opts = null)
public AccessOrganization(String name, AccessOrganizationArgs args)
public AccessOrganization(String name, AccessOrganizationArgs args, CustomResourceOptions options)
type: cloudflare:AccessOrganization
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AccessOrganizationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AccessOrganizationArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AccessOrganizationArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AccessOrganizationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AccessOrganizationArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
AccessOrganization Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The AccessOrganization resource accepts the following input properties:
- Auth
Domain string The unique subdomain assigned to your Zero Trust organization.
- Account
Id string The account identifier to target for the resource. Conflicts with
zone_id
.- Auto
Redirect boolTo Identity When set to true, users skip the identity provider selection step during login.
- Custom
Pages List<AccessOrganization Custom Page> Custom pages for your Zero Trust organization.
- Is
Ui boolRead Only When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- Login
Designs List<AccessOrganization Login Design> - Name string
The name of your Zero Trust organization.
- Ui
Read stringOnly Toggle Reason A description of the reason why the UI read only field is being toggled.
- User
Seat stringExpiration Inactive Time The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300ms
or2h45m
.- Zone
Id string The zone identifier to target for the resource. Conflicts with
account_id
.
- Auth
Domain string The unique subdomain assigned to your Zero Trust organization.
- Account
Id string The account identifier to target for the resource. Conflicts with
zone_id
.- Auto
Redirect boolTo Identity When set to true, users skip the identity provider selection step during login.
- Custom
Pages []AccessOrganization Custom Page Args Custom pages for your Zero Trust organization.
- Is
Ui boolRead Only When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- Login
Designs []AccessOrganization Login Design Args - Name string
The name of your Zero Trust organization.
- Ui
Read stringOnly Toggle Reason A description of the reason why the UI read only field is being toggled.
- User
Seat stringExpiration Inactive Time The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300ms
or2h45m
.- Zone
Id string The zone identifier to target for the resource. Conflicts with
account_id
.
- auth
Domain String The unique subdomain assigned to your Zero Trust organization.
- account
Id String The account identifier to target for the resource. Conflicts with
zone_id
.- auto
Redirect BooleanTo Identity When set to true, users skip the identity provider selection step during login.
- custom
Pages List<AccessOrganization Custom Page> Custom pages for your Zero Trust organization.
- is
Ui BooleanRead Only When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- login
Designs List<AccessOrganization Login Design> - name String
The name of your Zero Trust organization.
- ui
Read StringOnly Toggle Reason A description of the reason why the UI read only field is being toggled.
- user
Seat StringExpiration Inactive Time The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300ms
or2h45m
.- zone
Id String The zone identifier to target for the resource. Conflicts with
account_id
.
- auth
Domain string The unique subdomain assigned to your Zero Trust organization.
- account
Id string The account identifier to target for the resource. Conflicts with
zone_id
.- auto
Redirect booleanTo Identity When set to true, users skip the identity provider selection step during login.
- custom
Pages AccessOrganization Custom Page[] Custom pages for your Zero Trust organization.
- is
Ui booleanRead Only When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- login
Designs AccessOrganization Login Design[] - name string
The name of your Zero Trust organization.
- ui
Read stringOnly Toggle Reason A description of the reason why the UI read only field is being toggled.
- user
Seat stringExpiration Inactive Time The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300ms
or2h45m
.- zone
Id string The zone identifier to target for the resource. Conflicts with
account_id
.
- auth_
domain str The unique subdomain assigned to your Zero Trust organization.
- account_
id str The account identifier to target for the resource. Conflicts with
zone_id
.- auto_
redirect_ boolto_ identity When set to true, users skip the identity provider selection step during login.
- custom_
pages Sequence[AccessOrganization Custom Page Args] Custom pages for your Zero Trust organization.
- is_
ui_ boolread_ only When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- login_
designs Sequence[AccessOrganization Login Design Args] - name str
The name of your Zero Trust organization.
- ui_
read_ stronly_ toggle_ reason A description of the reason why the UI read only field is being toggled.
- user_
seat_ strexpiration_ inactive_ time The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300ms
or2h45m
.- zone_
id str The zone identifier to target for the resource. Conflicts with
account_id
.
- auth
Domain String The unique subdomain assigned to your Zero Trust organization.
- account
Id String The account identifier to target for the resource. Conflicts with
zone_id
.- auto
Redirect BooleanTo Identity When set to true, users skip the identity provider selection step during login.
- custom
Pages List<Property Map> Custom pages for your Zero Trust organization.
- is
Ui BooleanRead Only When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- login
Designs List<Property Map> - name String
The name of your Zero Trust organization.
- ui
Read StringOnly Toggle Reason A description of the reason why the UI read only field is being toggled.
- user
Seat StringExpiration Inactive Time The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300ms
or2h45m
.- zone
Id String The zone identifier to target for the resource. Conflicts with
account_id
.
Outputs
All input properties are implicitly available as output properties. Additionally, the AccessOrganization resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Id string
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
- id string
The provider-assigned unique ID for this managed resource.
- id str
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
Look up Existing AccessOrganization Resource
Get an existing AccessOrganization resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AccessOrganizationState, opts?: CustomResourceOptions): AccessOrganization
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
auth_domain: Optional[str] = None,
auto_redirect_to_identity: Optional[bool] = None,
custom_pages: Optional[Sequence[AccessOrganizationCustomPageArgs]] = None,
is_ui_read_only: Optional[bool] = None,
login_designs: Optional[Sequence[AccessOrganizationLoginDesignArgs]] = None,
name: Optional[str] = None,
ui_read_only_toggle_reason: Optional[str] = None,
user_seat_expiration_inactive_time: Optional[str] = None,
zone_id: Optional[str] = None) -> AccessOrganization
func GetAccessOrganization(ctx *Context, name string, id IDInput, state *AccessOrganizationState, opts ...ResourceOption) (*AccessOrganization, error)
public static AccessOrganization Get(string name, Input<string> id, AccessOrganizationState? state, CustomResourceOptions? opts = null)
public static AccessOrganization get(String name, Output<String> id, AccessOrganizationState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Account
Id string The account identifier to target for the resource. Conflicts with
zone_id
.- Auth
Domain string The unique subdomain assigned to your Zero Trust organization.
- Auto
Redirect boolTo Identity When set to true, users skip the identity provider selection step during login.
- Custom
Pages List<AccessOrganization Custom Page> Custom pages for your Zero Trust organization.
- Is
Ui boolRead Only When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- Login
Designs List<AccessOrganization Login Design> - Name string
The name of your Zero Trust organization.
- Ui
Read stringOnly Toggle Reason A description of the reason why the UI read only field is being toggled.
- User
Seat stringExpiration Inactive Time The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300ms
or2h45m
.- Zone
Id string The zone identifier to target for the resource. Conflicts with
account_id
.
- Account
Id string The account identifier to target for the resource. Conflicts with
zone_id
.- Auth
Domain string The unique subdomain assigned to your Zero Trust organization.
- Auto
Redirect boolTo Identity When set to true, users skip the identity provider selection step during login.
- Custom
Pages []AccessOrganization Custom Page Args Custom pages for your Zero Trust organization.
- Is
Ui boolRead Only When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- Login
Designs []AccessOrganization Login Design Args - Name string
The name of your Zero Trust organization.
- Ui
Read stringOnly Toggle Reason A description of the reason why the UI read only field is being toggled.
- User
Seat stringExpiration Inactive Time The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300ms
or2h45m
.- Zone
Id string The zone identifier to target for the resource. Conflicts with
account_id
.
- account
Id String The account identifier to target for the resource. Conflicts with
zone_id
.- auth
Domain String The unique subdomain assigned to your Zero Trust organization.
- auto
Redirect BooleanTo Identity When set to true, users skip the identity provider selection step during login.
- custom
Pages List<AccessOrganization Custom Page> Custom pages for your Zero Trust organization.
- is
Ui BooleanRead Only When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- login
Designs List<AccessOrganization Login Design> - name String
The name of your Zero Trust organization.
- ui
Read StringOnly Toggle Reason A description of the reason why the UI read only field is being toggled.
- user
Seat StringExpiration Inactive Time The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300ms
or2h45m
.- zone
Id String The zone identifier to target for the resource. Conflicts with
account_id
.
- account
Id string The account identifier to target for the resource. Conflicts with
zone_id
.- auth
Domain string The unique subdomain assigned to your Zero Trust organization.
- auto
Redirect booleanTo Identity When set to true, users skip the identity provider selection step during login.
- custom
Pages AccessOrganization Custom Page[] Custom pages for your Zero Trust organization.
- is
Ui booleanRead Only When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- login
Designs AccessOrganization Login Design[] - name string
The name of your Zero Trust organization.
- ui
Read stringOnly Toggle Reason A description of the reason why the UI read only field is being toggled.
- user
Seat stringExpiration Inactive Time The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300ms
or2h45m
.- zone
Id string The zone identifier to target for the resource. Conflicts with
account_id
.
- account_
id str The account identifier to target for the resource. Conflicts with
zone_id
.- auth_
domain str The unique subdomain assigned to your Zero Trust organization.
- auto_
redirect_ boolto_ identity When set to true, users skip the identity provider selection step during login.
- custom_
pages Sequence[AccessOrganization Custom Page Args] Custom pages for your Zero Trust organization.
- is_
ui_ boolread_ only When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- login_
designs Sequence[AccessOrganization Login Design Args] - name str
The name of your Zero Trust organization.
- ui_
read_ stronly_ toggle_ reason A description of the reason why the UI read only field is being toggled.
- user_
seat_ strexpiration_ inactive_ time The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300ms
or2h45m
.- zone_
id str The zone identifier to target for the resource. Conflicts with
account_id
.
- account
Id String The account identifier to target for the resource. Conflicts with
zone_id
.- auth
Domain String The unique subdomain assigned to your Zero Trust organization.
- auto
Redirect BooleanTo Identity When set to true, users skip the identity provider selection step during login.
- custom
Pages List<Property Map> Custom pages for your Zero Trust organization.
- is
Ui BooleanRead Only When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- login
Designs List<Property Map> - name String
The name of your Zero Trust organization.
- ui
Read StringOnly Toggle Reason A description of the reason why the UI read only field is being toggled.
- user
Seat StringExpiration Inactive Time The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300ms
or2h45m
.- zone
Id String The zone identifier to target for the resource. Conflicts with
account_id
.
Supporting Types
AccessOrganizationCustomPage, AccessOrganizationCustomPageArgs
- Forbidden string
The id of the forbidden page.
- Identity
Denied string The id of the identity denied page.
- Forbidden string
The id of the forbidden page.
- Identity
Denied string The id of the identity denied page.
- forbidden String
The id of the forbidden page.
- identity
Denied String The id of the identity denied page.
- forbidden string
The id of the forbidden page.
- identity
Denied string The id of the identity denied page.
- forbidden str
The id of the forbidden page.
- identity_
denied str The id of the identity denied page.
- forbidden String
The id of the forbidden page.
- identity
Denied String The id of the identity denied page.
AccessOrganizationLoginDesign, AccessOrganizationLoginDesignArgs
- Background
Color string The background color on the login page.
- string
The text at the bottom of the login page.
- Header
Text string The text at the top of the login page.
- Logo
Path string The URL of the logo on the login page.
- Text
Color string The text color on the login page.
- Background
Color string The background color on the login page.
- string
The text at the bottom of the login page.
- Header
Text string The text at the top of the login page.
- Logo
Path string The URL of the logo on the login page.
- Text
Color string The text color on the login page.
- background
Color String The background color on the login page.
- String
The text at the bottom of the login page.
- header
Text String The text at the top of the login page.
- logo
Path String The URL of the logo on the login page.
- text
Color String The text color on the login page.
- background
Color string The background color on the login page.
- string
The text at the bottom of the login page.
- header
Text string The text at the top of the login page.
- logo
Path string The URL of the logo on the login page.
- text
Color string The text color on the login page.
- background_
color str The background color on the login page.
- str
The text at the bottom of the login page.
- header_
text str The text at the top of the login page.
- logo_
path str The URL of the logo on the login page.
- text_
color str The text color on the login page.
- background
Color String The background color on the login page.
- String
The text at the bottom of the login page.
- header
Text String The text at the top of the login page.
- logo
Path String The URL of the logo on the login page.
- text
Color String The text color on the login page.
Import
$ pulumi import cloudflare:index/accessOrganization:AccessOrganization example <account_id>
Package Details
- Repository
- Cloudflare pulumi/pulumi-cloudflare
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
cloudflare
Terraform Provider.