Cloudflare v6.2.0, May 13 25

Cloudflare v6.2.0 published on Tuesday, May 13, 2025 by Pulumi

cloudflare.AccessPolicy

Explore with Pulumi AI

Cloudflare v6.2.0 published on Tuesday, May 13, 2025 by Pulumi

If ‘application_id’ is omitted, the policy created can be reused by multiple access applications. Any cloudflare.ZeroTrustAccessApplication resource can reference reusable policies through its policies argument. To destroy a reusable policy and remove it from all applications’ policies lists on the same apply, preemptively set the lifecycle option create_before_destroy to true on the ‘cloudflare_zero_trust_access_policy’ resource.

Example Usage

Coming soon!

Coming soon!

Coming soon!

Coming soon!

Coming soon!

resources:
  exampleZeroTrustAccessPolicy:
    type: cloudflare:ZeroTrustAccessPolicy
    name: example_zero_trust_access_policy
    properties:
      accountId: 023e105f4ecef8ad9ca31a8372d0c353
      decision: allow
      includes:
        - group:
            id: aa0a4aab-672b-4bdb-bc33-a59f1130a11f
      name: Allow devs
      approvalGroups:
        - approvals_needed: 1
          email_addresses:
            - test1@cloudflare.com
            - test2@cloudflare.com
          email_list_uuid: email_list_uuid
        - approvals_needed: 3
          email_addresses:
            - test@cloudflare.com
            - test2@cloudflare.com
          email_list_uuid: 597147a1-976b-4ef2-9af0-81d5d007fc34
      approvalRequired: true
      excludes:
        - group:
            id: aa0a4aab-672b-4bdb-bc33-a59f1130a11f
      isolationRequired: false
      purposeJustificationPrompt: Please enter a justification for entering this protected domain.
      purposeJustificationRequired: true
      requires:
        - group:
            id: aa0a4aab-672b-4bdb-bc33-a59f1130a11f
      sessionDuration: 24h

Create AccessPolicy Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new AccessPolicy(name: string, args: AccessPolicyArgs, opts?: CustomResourceOptions);

@overload
def AccessPolicy(resource_name: str,
                 args: AccessPolicyArgs,
                 opts: Optional[ResourceOptions] = None)

@overload
def AccessPolicy(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 account_id: Optional[str] = None,
                 approval_groups: Optional[Sequence[AccessPolicyApprovalGroupArgs]] = None,
                 approval_required: Optional[bool] = None,
                 decision: Optional[str] = None,
                 excludes: Optional[Sequence[AccessPolicyExcludeArgs]] = None,
                 includes: Optional[Sequence[AccessPolicyIncludeArgs]] = None,
                 isolation_required: Optional[bool] = None,
                 name: Optional[str] = None,
                 purpose_justification_prompt: Optional[str] = None,
                 purpose_justification_required: Optional[bool] = None,
                 requires: Optional[Sequence[AccessPolicyRequireArgs]] = None,
                 session_duration: Optional[str] = None)

func NewAccessPolicy(ctx *Context, name string, args AccessPolicyArgs, opts ...ResourceOption) (*AccessPolicy, error)

public AccessPolicy(string name, AccessPolicyArgs args, CustomResourceOptions? opts = null)

public AccessPolicy(String name, AccessPolicyArgs args)
public AccessPolicy(String name, AccessPolicyArgs args, CustomResourceOptions options)

type: cloudflare:AccessPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args AccessPolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args AccessPolicyArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args AccessPolicyArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args AccessPolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args AccessPolicyArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

AccessPolicy Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The AccessPolicy resource accepts the following input properties:

AccountId string: Identifier.
Decision string: The action Access will take if a user matches this policy. Infrastructure application policies can only use the Allow action. Available values: "allow", "deny", "non_identity", "bypass".
Includes List<AccessPolicyInclude>: Rules evaluated with an OR logical operator. A user needs to meet only one of the Include rules.
Name string: The name of the Access policy.
ApprovalGroups List<AccessPolicyApprovalGroup>: Administrators who can approve a temporary authentication request.
ApprovalRequired bool: Requires the user to request access from an administrator at the start of each session.
Excludes List<AccessPolicyExclude>: Rules evaluated with a NOT logical operator. To match the policy, a user cannot meet any of the Exclude rules.
IsolationRequired bool: Require this application to be served in an isolated browser for users matching this policy. 'Client Web Isolation' must be on for the account in order to use this feature.
PurposeJustificationPrompt string: A custom message that will appear on the purpose justification screen.
PurposeJustificationRequired bool: Require users to enter a justification when they log in to the application.
Requires List<AccessPolicyRequire>: Rules evaluated with an AND logical operator. To match the policy, a user must meet all of the Require rules.
SessionDuration string: The amount of time that tokens issued for the application will be valid. Must be in the format 300ms or 2h45m. Valid time units are: ns, us (or µs), ms, s, m, h.

AccountId string: Identifier.
Decision string: The action Access will take if a user matches this policy. Infrastructure application policies can only use the Allow action. Available values: "allow", "deny", "non_identity", "bypass".
Includes []AccessPolicyIncludeArgs: Rules evaluated with an OR logical operator. A user needs to meet only one of the Include rules.
Name string: The name of the Access policy.
ApprovalGroups []AccessPolicyApprovalGroupArgs: Administrators who can approve a temporary authentication request.
ApprovalRequired bool: Requires the user to request access from an administrator at the start of each session.
Excludes []AccessPolicyExcludeArgs: Rules evaluated with a NOT logical operator. To match the policy, a user cannot meet any of the Exclude rules.
IsolationRequired bool: Require this application to be served in an isolated browser for users matching this policy. 'Client Web Isolation' must be on for the account in order to use this feature.
PurposeJustificationPrompt string: A custom message that will appear on the purpose justification screen.
PurposeJustificationRequired bool: Require users to enter a justification when they log in to the application.
Requires []AccessPolicyRequireArgs: Rules evaluated with an AND logical operator. To match the policy, a user must meet all of the Require rules.
SessionDuration string: The amount of time that tokens issued for the application will be valid. Must be in the format 300ms or 2h45m. Valid time units are: ns, us (or µs), ms, s, m, h.

accountId String: Identifier.
decision String: The action Access will take if a user matches this policy. Infrastructure application policies can only use the Allow action. Available values: "allow", "deny", "non_identity", "bypass".
includes List<AccessPolicyInclude>: Rules evaluated with an OR logical operator. A user needs to meet only one of the Include rules.
name String: The name of the Access policy.
approvalGroups List<AccessPolicyApprovalGroup>: Administrators who can approve a temporary authentication request.
approvalRequired Boolean: Requires the user to request access from an administrator at the start of each session.
excludes List<AccessPolicyExclude>: Rules evaluated with a NOT logical operator. To match the policy, a user cannot meet any of the Exclude rules.
isolationRequired Boolean: Require this application to be served in an isolated browser for users matching this policy. 'Client Web Isolation' must be on for the account in order to use this feature.
purposeJustificationPrompt String: A custom message that will appear on the purpose justification screen.
purposeJustificationRequired Boolean: Require users to enter a justification when they log in to the application.
requires List<AccessPolicyRequire>: Rules evaluated with an AND logical operator. To match the policy, a user must meet all of the Require rules.
sessionDuration String: The amount of time that tokens issued for the application will be valid. Must be in the format 300ms or 2h45m. Valid time units are: ns, us (or µs), ms, s, m, h.

accountId string: Identifier.
decision string: The action Access will take if a user matches this policy. Infrastructure application policies can only use the Allow action. Available values: "allow", "deny", "non_identity", "bypass".
includes AccessPolicyInclude[]: Rules evaluated with an OR logical operator. A user needs to meet only one of the Include rules.
name string: The name of the Access policy.
approvalGroups AccessPolicyApprovalGroup[]: Administrators who can approve a temporary authentication request.
approvalRequired boolean: Requires the user to request access from an administrator at the start of each session.
excludes AccessPolicyExclude[]: Rules evaluated with a NOT logical operator. To match the policy, a user cannot meet any of the Exclude rules.
isolationRequired boolean: Require this application to be served in an isolated browser for users matching this policy. 'Client Web Isolation' must be on for the account in order to use this feature.
purposeJustificationPrompt string: A custom message that will appear on the purpose justification screen.
purposeJustificationRequired boolean: Require users to enter a justification when they log in to the application.
requires AccessPolicyRequire[]: Rules evaluated with an AND logical operator. To match the policy, a user must meet all of the Require rules.
sessionDuration string: The amount of time that tokens issued for the application will be valid. Must be in the format 300ms or 2h45m. Valid time units are: ns, us (or µs), ms, s, m, h.

account_id str: Identifier.
decision str: The action Access will take if a user matches this policy. Infrastructure application policies can only use the Allow action. Available values: "allow", "deny", "non_identity", "bypass".
includes Sequence[AccessPolicyIncludeArgs]: Rules evaluated with an OR logical operator. A user needs to meet only one of the Include rules.
name str: The name of the Access policy.
approval_groups Sequence[AccessPolicyApprovalGroupArgs]: Administrators who can approve a temporary authentication request.
approval_required bool: Requires the user to request access from an administrator at the start of each session.
excludes Sequence[AccessPolicyExcludeArgs]: Rules evaluated with a NOT logical operator. To match the policy, a user cannot meet any of the Exclude rules.
isolation_required bool: Require this application to be served in an isolated browser for users matching this policy. 'Client Web Isolation' must be on for the account in order to use this feature.
purpose_justification_prompt str: A custom message that will appear on the purpose justification screen.
purpose_justification_required bool: Require users to enter a justification when they log in to the application.
requires Sequence[AccessPolicyRequireArgs]: Rules evaluated with an AND logical operator. To match the policy, a user must meet all of the Require rules.
session_duration str: The amount of time that tokens issued for the application will be valid. Must be in the format 300ms or 2h45m. Valid time units are: ns, us (or µs), ms, s, m, h.

accountId String: Identifier.
decision String: The action Access will take if a user matches this policy. Infrastructure application policies can only use the Allow action. Available values: "allow", "deny", "non_identity", "bypass".
includes List<Property Map>: Rules evaluated with an OR logical operator. A user needs to meet only one of the Include rules.
name String: The name of the Access policy.
approvalGroups List<Property Map>: Administrators who can approve a temporary authentication request.
approvalRequired Boolean: Requires the user to request access from an administrator at the start of each session.
excludes List<Property Map>: Rules evaluated with a NOT logical operator. To match the policy, a user cannot meet any of the Exclude rules.
isolationRequired Boolean: Require this application to be served in an isolated browser for users matching this policy. 'Client Web Isolation' must be on for the account in order to use this feature.
purposeJustificationPrompt String: A custom message that will appear on the purpose justification screen.
purposeJustificationRequired Boolean: Require users to enter a justification when they log in to the application.
requires List<Property Map>: Rules evaluated with an AND logical operator. To match the policy, a user must meet all of the Require rules.
sessionDuration String: The amount of time that tokens issued for the application will be valid. Must be in the format 300ms or 2h45m. Valid time units are: ns, us (or µs), ms, s, m, h.

Outputs

All input properties are implicitly available as output properties. Additionally, the AccessPolicy resource produces the following output properties:

AppCount int: Number of access applications currently using this policy.
CreatedAt string
Id string: The provider-assigned unique ID for this managed resource.
Reusable bool
UpdatedAt string

AppCount int: Number of access applications currently using this policy.
CreatedAt string
Id string: The provider-assigned unique ID for this managed resource.
Reusable bool
UpdatedAt string

appCount Integer: Number of access applications currently using this policy.
createdAt String
id String: The provider-assigned unique ID for this managed resource.
reusable Boolean
updatedAt String

appCount number: Number of access applications currently using this policy.
createdAt string
id string: The provider-assigned unique ID for this managed resource.
reusable boolean
updatedAt string

app_count int: Number of access applications currently using this policy.
created_at str
id str: The provider-assigned unique ID for this managed resource.
reusable bool
updated_at str

appCount Number: Number of access applications currently using this policy.
createdAt String
id String: The provider-assigned unique ID for this managed resource.
reusable Boolean
updatedAt String

Look up Existing AccessPolicy Resource

Get an existing AccessPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: AccessPolicyState, opts?: CustomResourceOptions): AccessPolicy

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        account_id: Optional[str] = None,
        app_count: Optional[int] = None,
        approval_groups: Optional[Sequence[AccessPolicyApprovalGroupArgs]] = None,
        approval_required: Optional[bool] = None,
        created_at: Optional[str] = None,
        decision: Optional[str] = None,
        excludes: Optional[Sequence[AccessPolicyExcludeArgs]] = None,
        includes: Optional[Sequence[AccessPolicyIncludeArgs]] = None,
        isolation_required: Optional[bool] = None,
        name: Optional[str] = None,
        purpose_justification_prompt: Optional[str] = None,
        purpose_justification_required: Optional[bool] = None,
        requires: Optional[Sequence[AccessPolicyRequireArgs]] = None,
        reusable: Optional[bool] = None,
        session_duration: Optional[str] = None,
        updated_at: Optional[str] = None) -> AccessPolicy

func GetAccessPolicy(ctx *Context, name string, id IDInput, state *AccessPolicyState, opts ...ResourceOption) (*AccessPolicy, error)

public static AccessPolicy Get(string name, Input<string> id, AccessPolicyState? state, CustomResourceOptions? opts = null)

public static AccessPolicy get(String name, Output<String> id, AccessPolicyState state, CustomResourceOptions options)

resources:  _:    type: cloudflare:AccessPolicy    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AccountId string: Identifier.
AppCount int: Number of access applications currently using this policy.
ApprovalGroups List<AccessPolicyApprovalGroup>: Administrators who can approve a temporary authentication request.
ApprovalRequired bool: Requires the user to request access from an administrator at the start of each session.
CreatedAt string
Decision string: The action Access will take if a user matches this policy. Infrastructure application policies can only use the Allow action. Available values: "allow", "deny", "non_identity", "bypass".
Excludes List<AccessPolicyExclude>: Rules evaluated with a NOT logical operator. To match the policy, a user cannot meet any of the Exclude rules.
Includes List<AccessPolicyInclude>: Rules evaluated with an OR logical operator. A user needs to meet only one of the Include rules.
IsolationRequired bool: Require this application to be served in an isolated browser for users matching this policy. 'Client Web Isolation' must be on for the account in order to use this feature.
Name string: The name of the Access policy.
PurposeJustificationPrompt string: A custom message that will appear on the purpose justification screen.
PurposeJustificationRequired bool: Require users to enter a justification when they log in to the application.
Requires List<AccessPolicyRequire>: Rules evaluated with an AND logical operator. To match the policy, a user must meet all of the Require rules.
Reusable bool
SessionDuration string: The amount of time that tokens issued for the application will be valid. Must be in the format 300ms or 2h45m. Valid time units are: ns, us (or µs), ms, s, m, h.
UpdatedAt string

AccountId string: Identifier.
AppCount int: Number of access applications currently using this policy.
ApprovalGroups []AccessPolicyApprovalGroupArgs: Administrators who can approve a temporary authentication request.
ApprovalRequired bool: Requires the user to request access from an administrator at the start of each session.
CreatedAt string
Decision string: The action Access will take if a user matches this policy. Infrastructure application policies can only use the Allow action. Available values: "allow", "deny", "non_identity", "bypass".
Excludes []AccessPolicyExcludeArgs: Rules evaluated with a NOT logical operator. To match the policy, a user cannot meet any of the Exclude rules.
Includes []AccessPolicyIncludeArgs: Rules evaluated with an OR logical operator. A user needs to meet only one of the Include rules.
IsolationRequired bool: Require this application to be served in an isolated browser for users matching this policy. 'Client Web Isolation' must be on for the account in order to use this feature.
Name string: The name of the Access policy.
PurposeJustificationPrompt string: A custom message that will appear on the purpose justification screen.
PurposeJustificationRequired bool: Require users to enter a justification when they log in to the application.
Requires []AccessPolicyRequireArgs: Rules evaluated with an AND logical operator. To match the policy, a user must meet all of the Require rules.
Reusable bool
SessionDuration string: The amount of time that tokens issued for the application will be valid. Must be in the format 300ms or 2h45m. Valid time units are: ns, us (or µs), ms, s, m, h.
UpdatedAt string

accountId String: Identifier.
appCount Integer: Number of access applications currently using this policy.
approvalGroups List<AccessPolicyApprovalGroup>: Administrators who can approve a temporary authentication request.
approvalRequired Boolean: Requires the user to request access from an administrator at the start of each session.
createdAt String
decision String: The action Access will take if a user matches this policy. Infrastructure application policies can only use the Allow action. Available values: "allow", "deny", "non_identity", "bypass".
excludes List<AccessPolicyExclude>: Rules evaluated with a NOT logical operator. To match the policy, a user cannot meet any of the Exclude rules.
includes List<AccessPolicyInclude>: Rules evaluated with an OR logical operator. A user needs to meet only one of the Include rules.
isolationRequired Boolean: Require this application to be served in an isolated browser for users matching this policy. 'Client Web Isolation' must be on for the account in order to use this feature.
name String: The name of the Access policy.
purposeJustificationPrompt String: A custom message that will appear on the purpose justification screen.
purposeJustificationRequired Boolean: Require users to enter a justification when they log in to the application.
requires List<AccessPolicyRequire>: Rules evaluated with an AND logical operator. To match the policy, a user must meet all of the Require rules.
reusable Boolean
sessionDuration String: The amount of time that tokens issued for the application will be valid. Must be in the format 300ms or 2h45m. Valid time units are: ns, us (or µs), ms, s, m, h.
updatedAt String

accountId string: Identifier.
appCount number: Number of access applications currently using this policy.
approvalGroups AccessPolicyApprovalGroup[]: Administrators who can approve a temporary authentication request.
approvalRequired boolean: Requires the user to request access from an administrator at the start of each session.
createdAt string
decision string: The action Access will take if a user matches this policy. Infrastructure application policies can only use the Allow action. Available values: "allow", "deny", "non_identity", "bypass".
excludes AccessPolicyExclude[]: Rules evaluated with a NOT logical operator. To match the policy, a user cannot meet any of the Exclude rules.
includes AccessPolicyInclude[]: Rules evaluated with an OR logical operator. A user needs to meet only one of the Include rules.
isolationRequired boolean: Require this application to be served in an isolated browser for users matching this policy. 'Client Web Isolation' must be on for the account in order to use this feature.
name string: The name of the Access policy.
purposeJustificationPrompt string: A custom message that will appear on the purpose justification screen.
purposeJustificationRequired boolean: Require users to enter a justification when they log in to the application.
requires AccessPolicyRequire[]: Rules evaluated with an AND logical operator. To match the policy, a user must meet all of the Require rules.
reusable boolean
sessionDuration string: The amount of time that tokens issued for the application will be valid. Must be in the format 300ms or 2h45m. Valid time units are: ns, us (or µs), ms, s, m, h.
updatedAt string

account_id str: Identifier.
app_count int: Number of access applications currently using this policy.
approval_groups Sequence[AccessPolicyApprovalGroupArgs]: Administrators who can approve a temporary authentication request.
approval_required bool: Requires the user to request access from an administrator at the start of each session.
created_at str
decision str: The action Access will take if a user matches this policy. Infrastructure application policies can only use the Allow action. Available values: "allow", "deny", "non_identity", "bypass".
excludes Sequence[AccessPolicyExcludeArgs]: Rules evaluated with a NOT logical operator. To match the policy, a user cannot meet any of the Exclude rules.
includes Sequence[AccessPolicyIncludeArgs]: Rules evaluated with an OR logical operator. A user needs to meet only one of the Include rules.
isolation_required bool: Require this application to be served in an isolated browser for users matching this policy. 'Client Web Isolation' must be on for the account in order to use this feature.
name str: The name of the Access policy.
purpose_justification_prompt str: A custom message that will appear on the purpose justification screen.
purpose_justification_required bool: Require users to enter a justification when they log in to the application.
requires Sequence[AccessPolicyRequireArgs]: Rules evaluated with an AND logical operator. To match the policy, a user must meet all of the Require rules.
reusable bool
session_duration str: The amount of time that tokens issued for the application will be valid. Must be in the format 300ms or 2h45m. Valid time units are: ns, us (or µs), ms, s, m, h.
updated_at str

accountId String: Identifier.
appCount Number: Number of access applications currently using this policy.
approvalGroups List<Property Map>: Administrators who can approve a temporary authentication request.
approvalRequired Boolean: Requires the user to request access from an administrator at the start of each session.
createdAt String
decision String: The action Access will take if a user matches this policy. Infrastructure application policies can only use the Allow action. Available values: "allow", "deny", "non_identity", "bypass".
excludes List<Property Map>: Rules evaluated with a NOT logical operator. To match the policy, a user cannot meet any of the Exclude rules.
includes List<Property Map>: Rules evaluated with an OR logical operator. A user needs to meet only one of the Include rules.
isolationRequired Boolean: Require this application to be served in an isolated browser for users matching this policy. 'Client Web Isolation' must be on for the account in order to use this feature.
name String: The name of the Access policy.
purposeJustificationPrompt String: A custom message that will appear on the purpose justification screen.
purposeJustificationRequired Boolean: Require users to enter a justification when they log in to the application.
requires List<Property Map>: Rules evaluated with an AND logical operator. To match the policy, a user must meet all of the Require rules.
reusable Boolean
sessionDuration String: The amount of time that tokens issued for the application will be valid. Must be in the format 300ms or 2h45m. Valid time units are: ns, us (or µs), ms, s, m, h.
updatedAt String

Supporting Types

AccessPolicyApprovalGroup, AccessPolicyApprovalGroupArgs

ApprovalsNeeded double: The number of approvals needed to obtain access.
EmailAddresses List<string>: A list of emails that can approve the access request.
EmailListUuid string: The UUID of an re-usable email list.

ApprovalsNeeded float64: The number of approvals needed to obtain access.
EmailAddresses []string: A list of emails that can approve the access request.
EmailListUuid string: The UUID of an re-usable email list.

approvalsNeeded Double: The number of approvals needed to obtain access.
emailAddresses List<String>: A list of emails that can approve the access request.
emailListUuid String: The UUID of an re-usable email list.

approvalsNeeded number: The number of approvals needed to obtain access.
emailAddresses string[]: A list of emails that can approve the access request.
emailListUuid string: The UUID of an re-usable email list.

approvals_needed float: The number of approvals needed to obtain access.
email_addresses Sequence[str]: A list of emails that can approve the access request.
email_list_uuid str: The UUID of an re-usable email list.

approvalsNeeded Number: The number of approvals needed to obtain access.
emailAddresses List<String>: A list of emails that can approve the access request.
emailListUuid String: The UUID of an re-usable email list.

AccessPolicyExclude, AccessPolicyExcludeArgs

AnyValidServiceToken AccessPolicyExcludeAnyValidServiceToken: An empty object which matches on all service tokens.
AuthContext AccessPolicyExcludeAuthContext
AuthMethod AccessPolicyExcludeAuthMethod
AzureAd AccessPolicyExcludeAzureAd
Certificate AccessPolicyExcludeCertificate
CommonName AccessPolicyExcludeCommonName
DevicePosture AccessPolicyExcludeDevicePosture
Email AccessPolicyExcludeEmail
EmailDomain AccessPolicyExcludeEmailDomain
EmailList AccessPolicyExcludeEmailList
Everyone AccessPolicyExcludeEveryone: An empty object which matches on all users.
ExternalEvaluation AccessPolicyExcludeExternalEvaluation
Geo AccessPolicyExcludeGeo
GithubOrganization AccessPolicyExcludeGithubOrganization
Group AccessPolicyExcludeGroup
Gsuite AccessPolicyExcludeGsuite
Ip AccessPolicyExcludeIp
IpList AccessPolicyExcludeIpList
LoginMethod AccessPolicyExcludeLoginMethod
Okta AccessPolicyExcludeOkta
Saml AccessPolicyExcludeSaml
ServiceToken AccessPolicyExcludeServiceToken

AnyValidServiceToken AccessPolicyExcludeAnyValidServiceToken: An empty object which matches on all service tokens.
AuthContext AccessPolicyExcludeAuthContext
AuthMethod AccessPolicyExcludeAuthMethod
AzureAd AccessPolicyExcludeAzureAd
Certificate AccessPolicyExcludeCertificate
CommonName AccessPolicyExcludeCommonName
DevicePosture AccessPolicyExcludeDevicePosture
Email AccessPolicyExcludeEmail
EmailDomain AccessPolicyExcludeEmailDomain
EmailList AccessPolicyExcludeEmailList
Everyone AccessPolicyExcludeEveryone: An empty object which matches on all users.
ExternalEvaluation AccessPolicyExcludeExternalEvaluation
Geo AccessPolicyExcludeGeo
GithubOrganization AccessPolicyExcludeGithubOrganization
Group AccessPolicyExcludeGroup
Gsuite AccessPolicyExcludeGsuite
Ip AccessPolicyExcludeIp
IpList AccessPolicyExcludeIpList
LoginMethod AccessPolicyExcludeLoginMethod
Okta AccessPolicyExcludeOkta
Saml AccessPolicyExcludeSaml
ServiceToken AccessPolicyExcludeServiceToken

anyValidServiceToken AccessPolicyExcludeAnyValidServiceToken: An empty object which matches on all service tokens.
authContext AccessPolicyExcludeAuthContext
authMethod AccessPolicyExcludeAuthMethod
azureAd AccessPolicyExcludeAzureAd
certificate AccessPolicyExcludeCertificate
commonName AccessPolicyExcludeCommonName
devicePosture AccessPolicyExcludeDevicePosture
email AccessPolicyExcludeEmail
emailDomain AccessPolicyExcludeEmailDomain
emailList AccessPolicyExcludeEmailList
everyone AccessPolicyExcludeEveryone: An empty object which matches on all users.
externalEvaluation AccessPolicyExcludeExternalEvaluation
geo AccessPolicyExcludeGeo
githubOrganization AccessPolicyExcludeGithubOrganization
group AccessPolicyExcludeGroup
gsuite AccessPolicyExcludeGsuite
ip AccessPolicyExcludeIp
ipList AccessPolicyExcludeIpList
loginMethod AccessPolicyExcludeLoginMethod
okta AccessPolicyExcludeOkta
saml AccessPolicyExcludeSaml
serviceToken AccessPolicyExcludeServiceToken

anyValidServiceToken AccessPolicyExcludeAnyValidServiceToken: An empty object which matches on all service tokens.
authContext AccessPolicyExcludeAuthContext
authMethod AccessPolicyExcludeAuthMethod
azureAd AccessPolicyExcludeAzureAd
certificate AccessPolicyExcludeCertificate
commonName AccessPolicyExcludeCommonName
devicePosture AccessPolicyExcludeDevicePosture
email AccessPolicyExcludeEmail
emailDomain AccessPolicyExcludeEmailDomain
emailList AccessPolicyExcludeEmailList
everyone AccessPolicyExcludeEveryone: An empty object which matches on all users.
externalEvaluation AccessPolicyExcludeExternalEvaluation
geo AccessPolicyExcludeGeo
githubOrganization AccessPolicyExcludeGithubOrganization
group AccessPolicyExcludeGroup
gsuite AccessPolicyExcludeGsuite
ip AccessPolicyExcludeIp
ipList AccessPolicyExcludeIpList
loginMethod AccessPolicyExcludeLoginMethod
okta AccessPolicyExcludeOkta
saml AccessPolicyExcludeSaml
serviceToken AccessPolicyExcludeServiceToken

any_valid_service_token AccessPolicyExcludeAnyValidServiceToken: An empty object which matches on all service tokens.
auth_context AccessPolicyExcludeAuthContext
auth_method AccessPolicyExcludeAuthMethod
azure_ad AccessPolicyExcludeAzureAd
certificate AccessPolicyExcludeCertificate
common_name AccessPolicyExcludeCommonName
device_posture AccessPolicyExcludeDevicePosture
email AccessPolicyExcludeEmail
email_domain AccessPolicyExcludeEmailDomain
email_list AccessPolicyExcludeEmailList
everyone AccessPolicyExcludeEveryone: An empty object which matches on all users.
external_evaluation AccessPolicyExcludeExternalEvaluation
geo AccessPolicyExcludeGeo
github_organization AccessPolicyExcludeGithubOrganization
group AccessPolicyExcludeGroup
gsuite AccessPolicyExcludeGsuite
ip AccessPolicyExcludeIp
ip_list AccessPolicyExcludeIpList
login_method AccessPolicyExcludeLoginMethod
okta AccessPolicyExcludeOkta
saml AccessPolicyExcludeSaml
service_token AccessPolicyExcludeServiceToken

anyValidServiceToken Property Map: An empty object which matches on all service tokens.
authContext Property Map
authMethod Property Map
azureAd Property Map
certificate Property Map
commonName Property Map
devicePosture Property Map
email Property Map
emailDomain Property Map
emailList Property Map
everyone Property Map: An empty object which matches on all users.
externalEvaluation Property Map
geo Property Map
githubOrganization Property Map
group Property Map
gsuite Property Map
ip Property Map
ipList Property Map
loginMethod Property Map
okta Property Map
saml Property Map
serviceToken Property Map

AccessPolicyExcludeAuthContext, AccessPolicyExcludeAuthContextArgs

AcId string: The ACID of an Authentication context.
Id string: The ID of an Authentication context.
IdentityProviderId string: The ID of your Azure identity provider.

AcId string: The ACID of an Authentication context.
Id string: The ID of an Authentication context.
IdentityProviderId string: The ID of your Azure identity provider.

acId String: The ACID of an Authentication context.
id String: The ID of an Authentication context.
identityProviderId String: The ID of your Azure identity provider.

acId string: The ACID of an Authentication context.
id string: The ID of an Authentication context.
identityProviderId string: The ID of your Azure identity provider.

ac_id str: The ACID of an Authentication context.
id str: The ID of an Authentication context.
identity_provider_id str: The ID of your Azure identity provider.

acId String: The ACID of an Authentication context.
id String: The ID of an Authentication context.
identityProviderId String: The ID of your Azure identity provider.

AccessPolicyExcludeAuthMethod, AccessPolicyExcludeAuthMethodArgs

AuthMethod string: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

AuthMethod string: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

authMethod String: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

authMethod string: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

auth_method str: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

authMethod String: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

AccessPolicyExcludeAzureAd, AccessPolicyExcludeAzureAdArgs

Id string: The ID of an Azure group.
IdentityProviderId string: The ID of your Azure identity provider.

Id string: The ID of an Azure group.
IdentityProviderId string: The ID of your Azure identity provider.

id String: The ID of an Azure group.
identityProviderId String: The ID of your Azure identity provider.

id string: The ID of an Azure group.
identityProviderId string: The ID of your Azure identity provider.

id str: The ID of an Azure group.
identity_provider_id str: The ID of your Azure identity provider.

id String: The ID of an Azure group.
identityProviderId String: The ID of your Azure identity provider.

AccessPolicyExcludeCommonName, AccessPolicyExcludeCommonNameArgs

CommonName string: The common name to match.

CommonName string: The common name to match.

commonName String: The common name to match.

commonName string: The common name to match.

common_name str: The common name to match.

commonName String: The common name to match.

AccessPolicyExcludeDevicePosture, AccessPolicyExcludeDevicePostureArgs

IntegrationUid string: The ID of a device posture integration.

IntegrationUid string: The ID of a device posture integration.

integrationUid String: The ID of a device posture integration.

integrationUid string: The ID of a device posture integration.

integration_uid str: The ID of a device posture integration.

integrationUid String: The ID of a device posture integration.

AccessPolicyExcludeEmail, AccessPolicyExcludeEmailArgs

Email string: The email of the user.

Email string: The email of the user.

email String: The email of the user.

email string: The email of the user.

email str: The email of the user.

email String: The email of the user.

AccessPolicyExcludeEmailDomain, AccessPolicyExcludeEmailDomainArgs

Domain string: The email domain to match.

Domain string: The email domain to match.

domain String: The email domain to match.

domain string: The email domain to match.

domain str: The email domain to match.

domain String: The email domain to match.

AccessPolicyExcludeEmailList, AccessPolicyExcludeEmailListArgs

Id string: The ID of a previously created email list.

Id string: The ID of a previously created email list.

id String: The ID of a previously created email list.

id string: The ID of a previously created email list.

id str: The ID of a previously created email list.

id String: The ID of a previously created email list.

AccessPolicyExcludeExternalEvaluation, AccessPolicyExcludeExternalEvaluationArgs

EvaluateUrl string: The API endpoint containing your business logic.
KeysUrl string: The API endpoint containing the key that Access uses to verify that the response came from your API.

EvaluateUrl string: The API endpoint containing your business logic.
KeysUrl string: The API endpoint containing the key that Access uses to verify that the response came from your API.

evaluateUrl String: The API endpoint containing your business logic.
keysUrl String: The API endpoint containing the key that Access uses to verify that the response came from your API.

evaluateUrl string: The API endpoint containing your business logic.
keysUrl string: The API endpoint containing the key that Access uses to verify that the response came from your API.

evaluate_url str: The API endpoint containing your business logic.
keys_url str: The API endpoint containing the key that Access uses to verify that the response came from your API.

evaluateUrl String: The API endpoint containing your business logic.
keysUrl String: The API endpoint containing the key that Access uses to verify that the response came from your API.

AccessPolicyExcludeGeo, AccessPolicyExcludeGeoArgs

CountryCode string: The country code that should be matched.

CountryCode string: The country code that should be matched.

countryCode String: The country code that should be matched.

countryCode string: The country code that should be matched.

country_code str: The country code that should be matched.

countryCode String: The country code that should be matched.

AccessPolicyExcludeGithubOrganization, AccessPolicyExcludeGithubOrganizationArgs

IdentityProviderId string: The ID of your Github identity provider.
Name string: The name of the organization.
Team string: The name of the team

IdentityProviderId string: The ID of your Github identity provider.
Name string: The name of the organization.
Team string: The name of the team

identityProviderId String: The ID of your Github identity provider.
name String: The name of the organization.
team String: The name of the team

identityProviderId string: The ID of your Github identity provider.
name string: The name of the organization.
team string: The name of the team

identity_provider_id str: The ID of your Github identity provider.
name str: The name of the organization.
team str: The name of the team

identityProviderId String: The ID of your Github identity provider.
name String: The name of the organization.
team String: The name of the team

AccessPolicyExcludeGroup, AccessPolicyExcludeGroupArgs

Id string: The ID of a previously created Access group.

Id string: The ID of a previously created Access group.

id String: The ID of a previously created Access group.

id string: The ID of a previously created Access group.

id str: The ID of a previously created Access group.

id String: The ID of a previously created Access group.

AccessPolicyExcludeGsuite, AccessPolicyExcludeGsuiteArgs

Email string: The email of the Google Workspace group.
IdentityProviderId string: The ID of your Google Workspace identity provider.

Email string: The email of the Google Workspace group.
IdentityProviderId string: The ID of your Google Workspace identity provider.

email String: The email of the Google Workspace group.
identityProviderId String: The ID of your Google Workspace identity provider.

email string: The email of the Google Workspace group.
identityProviderId string: The ID of your Google Workspace identity provider.

email str: The email of the Google Workspace group.
identity_provider_id str: The ID of your Google Workspace identity provider.

email String: The email of the Google Workspace group.
identityProviderId String: The ID of your Google Workspace identity provider.

AccessPolicyExcludeIp, AccessPolicyExcludeIpArgs

Ip string: An IPv4 or IPv6 CIDR block.

Ip string: An IPv4 or IPv6 CIDR block.

ip String: An IPv4 or IPv6 CIDR block.

ip string: An IPv4 or IPv6 CIDR block.

ip str: An IPv4 or IPv6 CIDR block.

ip String: An IPv4 or IPv6 CIDR block.

AccessPolicyExcludeIpList, AccessPolicyExcludeIpListArgs

Id string: The ID of a previously created IP list.

Id string: The ID of a previously created IP list.

id String: The ID of a previously created IP list.

id string: The ID of a previously created IP list.

id str: The ID of a previously created IP list.

id String: The ID of a previously created IP list.

AccessPolicyExcludeLoginMethod, AccessPolicyExcludeLoginMethodArgs

Id string: The ID of an identity provider.

Id string: The ID of an identity provider.

id String: The ID of an identity provider.

id string: The ID of an identity provider.

id str: The ID of an identity provider.

id String: The ID of an identity provider.

AccessPolicyExcludeOkta, AccessPolicyExcludeOktaArgs

IdentityProviderId string: The ID of your Okta identity provider.
Name string: The name of the Okta group.

IdentityProviderId string: The ID of your Okta identity provider.
Name string: The name of the Okta group.

identityProviderId String: The ID of your Okta identity provider.
name String: The name of the Okta group.

identityProviderId string: The ID of your Okta identity provider.
name string: The name of the Okta group.

identity_provider_id str: The ID of your Okta identity provider.
name str: The name of the Okta group.

identityProviderId String: The ID of your Okta identity provider.
name String: The name of the Okta group.

AccessPolicyExcludeSaml, AccessPolicyExcludeSamlArgs

AttributeName string: The name of the SAML attribute.
AttributeValue string: The SAML attribute value to look for.
IdentityProviderId string: The ID of your SAML identity provider.

AttributeName string: The name of the SAML attribute.
AttributeValue string: The SAML attribute value to look for.
IdentityProviderId string: The ID of your SAML identity provider.

attributeName String: The name of the SAML attribute.
attributeValue String: The SAML attribute value to look for.
identityProviderId String: The ID of your SAML identity provider.

attributeName string: The name of the SAML attribute.
attributeValue string: The SAML attribute value to look for.
identityProviderId string: The ID of your SAML identity provider.

attribute_name str: The name of the SAML attribute.
attribute_value str: The SAML attribute value to look for.
identity_provider_id str: The ID of your SAML identity provider.

attributeName String: The name of the SAML attribute.
attributeValue String: The SAML attribute value to look for.
identityProviderId String: The ID of your SAML identity provider.

AccessPolicyExcludeServiceToken, AccessPolicyExcludeServiceTokenArgs

TokenId string: The ID of a Service Token.

TokenId string: The ID of a Service Token.

tokenId String: The ID of a Service Token.

tokenId string: The ID of a Service Token.

token_id str: The ID of a Service Token.

tokenId String: The ID of a Service Token.

AccessPolicyInclude, AccessPolicyIncludeArgs

AnyValidServiceToken AccessPolicyIncludeAnyValidServiceToken: An empty object which matches on all service tokens.
AuthContext AccessPolicyIncludeAuthContext
AuthMethod AccessPolicyIncludeAuthMethod
AzureAd AccessPolicyIncludeAzureAd
Certificate AccessPolicyIncludeCertificate
CommonName AccessPolicyIncludeCommonName
DevicePosture AccessPolicyIncludeDevicePosture
Email AccessPolicyIncludeEmail
EmailDomain AccessPolicyIncludeEmailDomain
EmailList AccessPolicyIncludeEmailList
Everyone AccessPolicyIncludeEveryone: An empty object which matches on all users.
ExternalEvaluation AccessPolicyIncludeExternalEvaluation
Geo AccessPolicyIncludeGeo
GithubOrganization AccessPolicyIncludeGithubOrganization
Group AccessPolicyIncludeGroup
Gsuite AccessPolicyIncludeGsuite
Ip AccessPolicyIncludeIp
IpList AccessPolicyIncludeIpList
LoginMethod AccessPolicyIncludeLoginMethod
Okta AccessPolicyIncludeOkta
Saml AccessPolicyIncludeSaml
ServiceToken AccessPolicyIncludeServiceToken

AnyValidServiceToken AccessPolicyIncludeAnyValidServiceToken: An empty object which matches on all service tokens.
AuthContext AccessPolicyIncludeAuthContext
AuthMethod AccessPolicyIncludeAuthMethod
AzureAd AccessPolicyIncludeAzureAd
Certificate AccessPolicyIncludeCertificate
CommonName AccessPolicyIncludeCommonName
DevicePosture AccessPolicyIncludeDevicePosture
Email AccessPolicyIncludeEmail
EmailDomain AccessPolicyIncludeEmailDomain
EmailList AccessPolicyIncludeEmailList
Everyone AccessPolicyIncludeEveryone: An empty object which matches on all users.
ExternalEvaluation AccessPolicyIncludeExternalEvaluation
Geo AccessPolicyIncludeGeo
GithubOrganization AccessPolicyIncludeGithubOrganization
Group AccessPolicyIncludeGroup
Gsuite AccessPolicyIncludeGsuite
Ip AccessPolicyIncludeIp
IpList AccessPolicyIncludeIpList
LoginMethod AccessPolicyIncludeLoginMethod
Okta AccessPolicyIncludeOkta
Saml AccessPolicyIncludeSaml
ServiceToken AccessPolicyIncludeServiceToken

anyValidServiceToken AccessPolicyIncludeAnyValidServiceToken: An empty object which matches on all service tokens.
authContext AccessPolicyIncludeAuthContext
authMethod AccessPolicyIncludeAuthMethod
azureAd AccessPolicyIncludeAzureAd
certificate AccessPolicyIncludeCertificate
commonName AccessPolicyIncludeCommonName
devicePosture AccessPolicyIncludeDevicePosture
email AccessPolicyIncludeEmail
emailDomain AccessPolicyIncludeEmailDomain
emailList AccessPolicyIncludeEmailList
everyone AccessPolicyIncludeEveryone: An empty object which matches on all users.
externalEvaluation AccessPolicyIncludeExternalEvaluation
geo AccessPolicyIncludeGeo
githubOrganization AccessPolicyIncludeGithubOrganization
group AccessPolicyIncludeGroup
gsuite AccessPolicyIncludeGsuite
ip AccessPolicyIncludeIp
ipList AccessPolicyIncludeIpList
loginMethod AccessPolicyIncludeLoginMethod
okta AccessPolicyIncludeOkta
saml AccessPolicyIncludeSaml
serviceToken AccessPolicyIncludeServiceToken

anyValidServiceToken AccessPolicyIncludeAnyValidServiceToken: An empty object which matches on all service tokens.
authContext AccessPolicyIncludeAuthContext
authMethod AccessPolicyIncludeAuthMethod
azureAd AccessPolicyIncludeAzureAd
certificate AccessPolicyIncludeCertificate
commonName AccessPolicyIncludeCommonName
devicePosture AccessPolicyIncludeDevicePosture
email AccessPolicyIncludeEmail
emailDomain AccessPolicyIncludeEmailDomain
emailList AccessPolicyIncludeEmailList
everyone AccessPolicyIncludeEveryone: An empty object which matches on all users.
externalEvaluation AccessPolicyIncludeExternalEvaluation
geo AccessPolicyIncludeGeo
githubOrganization AccessPolicyIncludeGithubOrganization
group AccessPolicyIncludeGroup
gsuite AccessPolicyIncludeGsuite
ip AccessPolicyIncludeIp
ipList AccessPolicyIncludeIpList
loginMethod AccessPolicyIncludeLoginMethod
okta AccessPolicyIncludeOkta
saml AccessPolicyIncludeSaml
serviceToken AccessPolicyIncludeServiceToken

any_valid_service_token AccessPolicyIncludeAnyValidServiceToken: An empty object which matches on all service tokens.
auth_context AccessPolicyIncludeAuthContext
auth_method AccessPolicyIncludeAuthMethod
azure_ad AccessPolicyIncludeAzureAd
certificate AccessPolicyIncludeCertificate
common_name AccessPolicyIncludeCommonName
device_posture AccessPolicyIncludeDevicePosture
email AccessPolicyIncludeEmail
email_domain AccessPolicyIncludeEmailDomain
email_list AccessPolicyIncludeEmailList
everyone AccessPolicyIncludeEveryone: An empty object which matches on all users.
external_evaluation AccessPolicyIncludeExternalEvaluation
geo AccessPolicyIncludeGeo
github_organization AccessPolicyIncludeGithubOrganization
group AccessPolicyIncludeGroup
gsuite AccessPolicyIncludeGsuite
ip AccessPolicyIncludeIp
ip_list AccessPolicyIncludeIpList
login_method AccessPolicyIncludeLoginMethod
okta AccessPolicyIncludeOkta
saml AccessPolicyIncludeSaml
service_token AccessPolicyIncludeServiceToken

anyValidServiceToken Property Map: An empty object which matches on all service tokens.
authContext Property Map
authMethod Property Map
azureAd Property Map
certificate Property Map
commonName Property Map
devicePosture Property Map
email Property Map
emailDomain Property Map
emailList Property Map
everyone Property Map: An empty object which matches on all users.
externalEvaluation Property Map
geo Property Map
githubOrganization Property Map
group Property Map
gsuite Property Map
ip Property Map
ipList Property Map
loginMethod Property Map
okta Property Map
saml Property Map
serviceToken Property Map

AccessPolicyIncludeAuthContext, AccessPolicyIncludeAuthContextArgs

AcId string: The ACID of an Authentication context.
Id string: The ID of an Authentication context.
IdentityProviderId string: The ID of your Azure identity provider.

AcId string: The ACID of an Authentication context.
Id string: The ID of an Authentication context.
IdentityProviderId string: The ID of your Azure identity provider.

acId String: The ACID of an Authentication context.
id String: The ID of an Authentication context.
identityProviderId String: The ID of your Azure identity provider.

acId string: The ACID of an Authentication context.
id string: The ID of an Authentication context.
identityProviderId string: The ID of your Azure identity provider.

ac_id str: The ACID of an Authentication context.
id str: The ID of an Authentication context.
identity_provider_id str: The ID of your Azure identity provider.

acId String: The ACID of an Authentication context.
id String: The ID of an Authentication context.
identityProviderId String: The ID of your Azure identity provider.

AccessPolicyIncludeAuthMethod, AccessPolicyIncludeAuthMethodArgs

AuthMethod string: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

AuthMethod string: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

authMethod String: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

authMethod string: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

auth_method str: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

authMethod String: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

AccessPolicyIncludeAzureAd, AccessPolicyIncludeAzureAdArgs

Id string: The ID of an Azure group.
IdentityProviderId string: The ID of your Azure identity provider.

Id string: The ID of an Azure group.
IdentityProviderId string: The ID of your Azure identity provider.

id String: The ID of an Azure group.
identityProviderId String: The ID of your Azure identity provider.

id string: The ID of an Azure group.
identityProviderId string: The ID of your Azure identity provider.

id str: The ID of an Azure group.
identity_provider_id str: The ID of your Azure identity provider.

id String: The ID of an Azure group.
identityProviderId String: The ID of your Azure identity provider.

AccessPolicyIncludeCommonName, AccessPolicyIncludeCommonNameArgs

CommonName string: The common name to match.

CommonName string: The common name to match.

commonName String: The common name to match.

commonName string: The common name to match.

common_name str: The common name to match.

commonName String: The common name to match.

AccessPolicyIncludeDevicePosture, AccessPolicyIncludeDevicePostureArgs

IntegrationUid string: The ID of a device posture integration.

IntegrationUid string: The ID of a device posture integration.

integrationUid String: The ID of a device posture integration.

integrationUid string: The ID of a device posture integration.

integration_uid str: The ID of a device posture integration.

integrationUid String: The ID of a device posture integration.

AccessPolicyIncludeEmail, AccessPolicyIncludeEmailArgs

Email string: The email of the user.

Email string: The email of the user.

email String: The email of the user.

email string: The email of the user.

email str: The email of the user.

email String: The email of the user.

AccessPolicyIncludeEmailDomain, AccessPolicyIncludeEmailDomainArgs

Domain string: The email domain to match.

Domain string: The email domain to match.

domain String: The email domain to match.

domain string: The email domain to match.

domain str: The email domain to match.

domain String: The email domain to match.

AccessPolicyIncludeEmailList, AccessPolicyIncludeEmailListArgs

Id string: The ID of a previously created email list.

Id string: The ID of a previously created email list.

id String: The ID of a previously created email list.

id string: The ID of a previously created email list.

id str: The ID of a previously created email list.

id String: The ID of a previously created email list.

AccessPolicyIncludeExternalEvaluation, AccessPolicyIncludeExternalEvaluationArgs

EvaluateUrl string: The API endpoint containing your business logic.
KeysUrl string: The API endpoint containing the key that Access uses to verify that the response came from your API.

EvaluateUrl string: The API endpoint containing your business logic.
KeysUrl string: The API endpoint containing the key that Access uses to verify that the response came from your API.

evaluateUrl String: The API endpoint containing your business logic.
keysUrl String: The API endpoint containing the key that Access uses to verify that the response came from your API.

evaluateUrl string: The API endpoint containing your business logic.
keysUrl string: The API endpoint containing the key that Access uses to verify that the response came from your API.

evaluate_url str: The API endpoint containing your business logic.
keys_url str: The API endpoint containing the key that Access uses to verify that the response came from your API.

evaluateUrl String: The API endpoint containing your business logic.
keysUrl String: The API endpoint containing the key that Access uses to verify that the response came from your API.

AccessPolicyIncludeGeo, AccessPolicyIncludeGeoArgs

CountryCode string: The country code that should be matched.

CountryCode string: The country code that should be matched.

countryCode String: The country code that should be matched.

countryCode string: The country code that should be matched.

country_code str: The country code that should be matched.

countryCode String: The country code that should be matched.

AccessPolicyIncludeGithubOrganization, AccessPolicyIncludeGithubOrganizationArgs

IdentityProviderId string: The ID of your Github identity provider.
Name string: The name of the organization.
Team string: The name of the team

IdentityProviderId string: The ID of your Github identity provider.
Name string: The name of the organization.
Team string: The name of the team

identityProviderId String: The ID of your Github identity provider.
name String: The name of the organization.
team String: The name of the team

identityProviderId string: The ID of your Github identity provider.
name string: The name of the organization.
team string: The name of the team

identity_provider_id str: The ID of your Github identity provider.
name str: The name of the organization.
team str: The name of the team

identityProviderId String: The ID of your Github identity provider.
name String: The name of the organization.
team String: The name of the team

AccessPolicyIncludeGroup, AccessPolicyIncludeGroupArgs

Id string: The ID of a previously created Access group.

Id string: The ID of a previously created Access group.

id String: The ID of a previously created Access group.

id string: The ID of a previously created Access group.

id str: The ID of a previously created Access group.

id String: The ID of a previously created Access group.

AccessPolicyIncludeGsuite, AccessPolicyIncludeGsuiteArgs

Email string: The email of the Google Workspace group.
IdentityProviderId string: The ID of your Google Workspace identity provider.

Email string: The email of the Google Workspace group.
IdentityProviderId string: The ID of your Google Workspace identity provider.

email String: The email of the Google Workspace group.
identityProviderId String: The ID of your Google Workspace identity provider.

email string: The email of the Google Workspace group.
identityProviderId string: The ID of your Google Workspace identity provider.

email str: The email of the Google Workspace group.
identity_provider_id str: The ID of your Google Workspace identity provider.

email String: The email of the Google Workspace group.
identityProviderId String: The ID of your Google Workspace identity provider.

AccessPolicyIncludeIp, AccessPolicyIncludeIpArgs

Ip string: An IPv4 or IPv6 CIDR block.

Ip string: An IPv4 or IPv6 CIDR block.

ip String: An IPv4 or IPv6 CIDR block.

ip string: An IPv4 or IPv6 CIDR block.

ip str: An IPv4 or IPv6 CIDR block.

ip String: An IPv4 or IPv6 CIDR block.

AccessPolicyIncludeIpList, AccessPolicyIncludeIpListArgs

Id string: The ID of a previously created IP list.

Id string: The ID of a previously created IP list.

id String: The ID of a previously created IP list.

id string: The ID of a previously created IP list.

id str: The ID of a previously created IP list.

id String: The ID of a previously created IP list.

AccessPolicyIncludeLoginMethod, AccessPolicyIncludeLoginMethodArgs

Id string: The ID of an identity provider.

Id string: The ID of an identity provider.

id String: The ID of an identity provider.

id string: The ID of an identity provider.

id str: The ID of an identity provider.

id String: The ID of an identity provider.

AccessPolicyIncludeOkta, AccessPolicyIncludeOktaArgs

IdentityProviderId string: The ID of your Okta identity provider.
Name string: The name of the Okta group.

IdentityProviderId string: The ID of your Okta identity provider.
Name string: The name of the Okta group.

identityProviderId String: The ID of your Okta identity provider.
name String: The name of the Okta group.

identityProviderId string: The ID of your Okta identity provider.
name string: The name of the Okta group.

identity_provider_id str: The ID of your Okta identity provider.
name str: The name of the Okta group.

identityProviderId String: The ID of your Okta identity provider.
name String: The name of the Okta group.

AccessPolicyIncludeSaml, AccessPolicyIncludeSamlArgs

AttributeName string: The name of the SAML attribute.
AttributeValue string: The SAML attribute value to look for.
IdentityProviderId string: The ID of your SAML identity provider.

AttributeName string: The name of the SAML attribute.
AttributeValue string: The SAML attribute value to look for.
IdentityProviderId string: The ID of your SAML identity provider.

attributeName String: The name of the SAML attribute.
attributeValue String: The SAML attribute value to look for.
identityProviderId String: The ID of your SAML identity provider.

attributeName string: The name of the SAML attribute.
attributeValue string: The SAML attribute value to look for.
identityProviderId string: The ID of your SAML identity provider.

attribute_name str: The name of the SAML attribute.
attribute_value str: The SAML attribute value to look for.
identity_provider_id str: The ID of your SAML identity provider.

attributeName String: The name of the SAML attribute.
attributeValue String: The SAML attribute value to look for.
identityProviderId String: The ID of your SAML identity provider.

AccessPolicyIncludeServiceToken, AccessPolicyIncludeServiceTokenArgs

TokenId string: The ID of a Service Token.

TokenId string: The ID of a Service Token.

tokenId String: The ID of a Service Token.

tokenId string: The ID of a Service Token.

token_id str: The ID of a Service Token.

tokenId String: The ID of a Service Token.

AccessPolicyRequire, AccessPolicyRequireArgs

AnyValidServiceToken AccessPolicyRequireAnyValidServiceToken: An empty object which matches on all service tokens.
AuthContext AccessPolicyRequireAuthContext
AuthMethod AccessPolicyRequireAuthMethod
AzureAd AccessPolicyRequireAzureAd
Certificate AccessPolicyRequireCertificate
CommonName AccessPolicyRequireCommonName
DevicePosture AccessPolicyRequireDevicePosture
Email AccessPolicyRequireEmail
EmailDomain AccessPolicyRequireEmailDomain
EmailList AccessPolicyRequireEmailList
Everyone AccessPolicyRequireEveryone: An empty object which matches on all users.
ExternalEvaluation AccessPolicyRequireExternalEvaluation
Geo AccessPolicyRequireGeo
GithubOrganization AccessPolicyRequireGithubOrganization
Group AccessPolicyRequireGroup
Gsuite AccessPolicyRequireGsuite
Ip AccessPolicyRequireIp
IpList AccessPolicyRequireIpList
LoginMethod AccessPolicyRequireLoginMethod
Okta AccessPolicyRequireOkta
Saml AccessPolicyRequireSaml
ServiceToken AccessPolicyRequireServiceToken

AnyValidServiceToken AccessPolicyRequireAnyValidServiceToken: An empty object which matches on all service tokens.
AuthContext AccessPolicyRequireAuthContext
AuthMethod AccessPolicyRequireAuthMethod
AzureAd AccessPolicyRequireAzureAd
Certificate AccessPolicyRequireCertificate
CommonName AccessPolicyRequireCommonName
DevicePosture AccessPolicyRequireDevicePosture
Email AccessPolicyRequireEmail
EmailDomain AccessPolicyRequireEmailDomain
EmailList AccessPolicyRequireEmailList
Everyone AccessPolicyRequireEveryone: An empty object which matches on all users.
ExternalEvaluation AccessPolicyRequireExternalEvaluation
Geo AccessPolicyRequireGeo
GithubOrganization AccessPolicyRequireGithubOrganization
Group AccessPolicyRequireGroup
Gsuite AccessPolicyRequireGsuite
Ip AccessPolicyRequireIp
IpList AccessPolicyRequireIpList
LoginMethod AccessPolicyRequireLoginMethod
Okta AccessPolicyRequireOkta
Saml AccessPolicyRequireSaml
ServiceToken AccessPolicyRequireServiceToken

anyValidServiceToken AccessPolicyRequireAnyValidServiceToken: An empty object which matches on all service tokens.
authContext AccessPolicyRequireAuthContext
authMethod AccessPolicyRequireAuthMethod
azureAd AccessPolicyRequireAzureAd
certificate AccessPolicyRequireCertificate
commonName AccessPolicyRequireCommonName
devicePosture AccessPolicyRequireDevicePosture
email AccessPolicyRequireEmail
emailDomain AccessPolicyRequireEmailDomain
emailList AccessPolicyRequireEmailList
everyone AccessPolicyRequireEveryone: An empty object which matches on all users.
externalEvaluation AccessPolicyRequireExternalEvaluation
geo AccessPolicyRequireGeo
githubOrganization AccessPolicyRequireGithubOrganization
group AccessPolicyRequireGroup
gsuite AccessPolicyRequireGsuite
ip AccessPolicyRequireIp
ipList AccessPolicyRequireIpList
loginMethod AccessPolicyRequireLoginMethod
okta AccessPolicyRequireOkta
saml AccessPolicyRequireSaml
serviceToken AccessPolicyRequireServiceToken

anyValidServiceToken AccessPolicyRequireAnyValidServiceToken: An empty object which matches on all service tokens.
authContext AccessPolicyRequireAuthContext
authMethod AccessPolicyRequireAuthMethod
azureAd AccessPolicyRequireAzureAd
certificate AccessPolicyRequireCertificate
commonName AccessPolicyRequireCommonName
devicePosture AccessPolicyRequireDevicePosture
email AccessPolicyRequireEmail
emailDomain AccessPolicyRequireEmailDomain
emailList AccessPolicyRequireEmailList
everyone AccessPolicyRequireEveryone: An empty object which matches on all users.
externalEvaluation AccessPolicyRequireExternalEvaluation
geo AccessPolicyRequireGeo
githubOrganization AccessPolicyRequireGithubOrganization
group AccessPolicyRequireGroup
gsuite AccessPolicyRequireGsuite
ip AccessPolicyRequireIp
ipList AccessPolicyRequireIpList
loginMethod AccessPolicyRequireLoginMethod
okta AccessPolicyRequireOkta
saml AccessPolicyRequireSaml
serviceToken AccessPolicyRequireServiceToken

any_valid_service_token AccessPolicyRequireAnyValidServiceToken: An empty object which matches on all service tokens.
auth_context AccessPolicyRequireAuthContext
auth_method AccessPolicyRequireAuthMethod
azure_ad AccessPolicyRequireAzureAd
certificate AccessPolicyRequireCertificate
common_name AccessPolicyRequireCommonName
device_posture AccessPolicyRequireDevicePosture
email AccessPolicyRequireEmail
email_domain AccessPolicyRequireEmailDomain
email_list AccessPolicyRequireEmailList
everyone AccessPolicyRequireEveryone: An empty object which matches on all users.
external_evaluation AccessPolicyRequireExternalEvaluation
geo AccessPolicyRequireGeo
github_organization AccessPolicyRequireGithubOrganization
group AccessPolicyRequireGroup
gsuite AccessPolicyRequireGsuite
ip AccessPolicyRequireIp
ip_list AccessPolicyRequireIpList
login_method AccessPolicyRequireLoginMethod
okta AccessPolicyRequireOkta
saml AccessPolicyRequireSaml
service_token AccessPolicyRequireServiceToken

anyValidServiceToken Property Map: An empty object which matches on all service tokens.
authContext Property Map
authMethod Property Map
azureAd Property Map
certificate Property Map
commonName Property Map
devicePosture Property Map
email Property Map
emailDomain Property Map
emailList Property Map
everyone Property Map: An empty object which matches on all users.
externalEvaluation Property Map
geo Property Map
githubOrganization Property Map
group Property Map
gsuite Property Map
ip Property Map
ipList Property Map
loginMethod Property Map
okta Property Map
saml Property Map
serviceToken Property Map

AccessPolicyRequireAuthContext, AccessPolicyRequireAuthContextArgs

AcId string: The ACID of an Authentication context.
Id string: The ID of an Authentication context.
IdentityProviderId string: The ID of your Azure identity provider.

AcId string: The ACID of an Authentication context.
Id string: The ID of an Authentication context.
IdentityProviderId string: The ID of your Azure identity provider.

acId String: The ACID of an Authentication context.
id String: The ID of an Authentication context.
identityProviderId String: The ID of your Azure identity provider.

acId string: The ACID of an Authentication context.
id string: The ID of an Authentication context.
identityProviderId string: The ID of your Azure identity provider.

ac_id str: The ACID of an Authentication context.
id str: The ID of an Authentication context.
identity_provider_id str: The ID of your Azure identity provider.

acId String: The ACID of an Authentication context.
id String: The ID of an Authentication context.
identityProviderId String: The ID of your Azure identity provider.

AccessPolicyRequireAuthMethod, AccessPolicyRequireAuthMethodArgs

AuthMethod string: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

AuthMethod string: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

authMethod String: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

authMethod string: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

auth_method str: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

authMethod String: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

AccessPolicyRequireAzureAd, AccessPolicyRequireAzureAdArgs

Id string: The ID of an Azure group.
IdentityProviderId string: The ID of your Azure identity provider.

Id string: The ID of an Azure group.
IdentityProviderId string: The ID of your Azure identity provider.

id String: The ID of an Azure group.
identityProviderId String: The ID of your Azure identity provider.

id string: The ID of an Azure group.
identityProviderId string: The ID of your Azure identity provider.

id str: The ID of an Azure group.
identity_provider_id str: The ID of your Azure identity provider.

id String: The ID of an Azure group.
identityProviderId String: The ID of your Azure identity provider.

AccessPolicyRequireCommonName, AccessPolicyRequireCommonNameArgs

CommonName string: The common name to match.

CommonName string: The common name to match.

commonName String: The common name to match.

commonName string: The common name to match.

common_name str: The common name to match.

commonName String: The common name to match.

AccessPolicyRequireDevicePosture, AccessPolicyRequireDevicePostureArgs

IntegrationUid string: The ID of a device posture integration.

IntegrationUid string: The ID of a device posture integration.

integrationUid String: The ID of a device posture integration.

integrationUid string: The ID of a device posture integration.

integration_uid str: The ID of a device posture integration.

integrationUid String: The ID of a device posture integration.

AccessPolicyRequireEmail, AccessPolicyRequireEmailArgs

Email string: The email of the user.

Email string: The email of the user.

email String: The email of the user.

email string: The email of the user.

email str: The email of the user.

email String: The email of the user.

AccessPolicyRequireEmailDomain, AccessPolicyRequireEmailDomainArgs

Domain string: The email domain to match.

Domain string: The email domain to match.

domain String: The email domain to match.

domain string: The email domain to match.

domain str: The email domain to match.

domain String: The email domain to match.

AccessPolicyRequireEmailList, AccessPolicyRequireEmailListArgs

Id string: The ID of a previously created email list.

Id string: The ID of a previously created email list.

id String: The ID of a previously created email list.

id string: The ID of a previously created email list.

id str: The ID of a previously created email list.

id String: The ID of a previously created email list.

AccessPolicyRequireExternalEvaluation, AccessPolicyRequireExternalEvaluationArgs

EvaluateUrl string: The API endpoint containing your business logic.
KeysUrl string: The API endpoint containing the key that Access uses to verify that the response came from your API.

EvaluateUrl string: The API endpoint containing your business logic.
KeysUrl string: The API endpoint containing the key that Access uses to verify that the response came from your API.

evaluateUrl String: The API endpoint containing your business logic.
keysUrl String: The API endpoint containing the key that Access uses to verify that the response came from your API.

evaluateUrl string: The API endpoint containing your business logic.
keysUrl string: The API endpoint containing the key that Access uses to verify that the response came from your API.

evaluate_url str: The API endpoint containing your business logic.
keys_url str: The API endpoint containing the key that Access uses to verify that the response came from your API.

evaluateUrl String: The API endpoint containing your business logic.
keysUrl String: The API endpoint containing the key that Access uses to verify that the response came from your API.

AccessPolicyRequireGeo, AccessPolicyRequireGeoArgs

CountryCode string: The country code that should be matched.

CountryCode string: The country code that should be matched.

countryCode String: The country code that should be matched.

countryCode string: The country code that should be matched.

country_code str: The country code that should be matched.

countryCode String: The country code that should be matched.

AccessPolicyRequireGithubOrganization, AccessPolicyRequireGithubOrganizationArgs

IdentityProviderId string: The ID of your Github identity provider.
Name string: The name of the organization.
Team string: The name of the team

IdentityProviderId string: The ID of your Github identity provider.
Name string: The name of the organization.
Team string: The name of the team

identityProviderId String: The ID of your Github identity provider.
name String: The name of the organization.
team String: The name of the team

identityProviderId string: The ID of your Github identity provider.
name string: The name of the organization.
team string: The name of the team

identity_provider_id str: The ID of your Github identity provider.
name str: The name of the organization.
team str: The name of the team

identityProviderId String: The ID of your Github identity provider.
name String: The name of the organization.
team String: The name of the team

AccessPolicyRequireGroup, AccessPolicyRequireGroupArgs

Id string: The ID of a previously created Access group.

Id string: The ID of a previously created Access group.

id String: The ID of a previously created Access group.

id string: The ID of a previously created Access group.

id str: The ID of a previously created Access group.

id String: The ID of a previously created Access group.

AccessPolicyRequireGsuite, AccessPolicyRequireGsuiteArgs

Email string: The email of the Google Workspace group.
IdentityProviderId string: The ID of your Google Workspace identity provider.

Email string: The email of the Google Workspace group.
IdentityProviderId string: The ID of your Google Workspace identity provider.

email String: The email of the Google Workspace group.
identityProviderId String: The ID of your Google Workspace identity provider.

email string: The email of the Google Workspace group.
identityProviderId string: The ID of your Google Workspace identity provider.

email str: The email of the Google Workspace group.
identity_provider_id str: The ID of your Google Workspace identity provider.

email String: The email of the Google Workspace group.
identityProviderId String: The ID of your Google Workspace identity provider.

AccessPolicyRequireIp, AccessPolicyRequireIpArgs

Ip string: An IPv4 or IPv6 CIDR block.

Ip string: An IPv4 or IPv6 CIDR block.

ip String: An IPv4 or IPv6 CIDR block.

ip string: An IPv4 or IPv6 CIDR block.

ip str: An IPv4 or IPv6 CIDR block.

ip String: An IPv4 or IPv6 CIDR block.

AccessPolicyRequireIpList, AccessPolicyRequireIpListArgs

Id string: The ID of a previously created IP list.

Id string: The ID of a previously created IP list.

id String: The ID of a previously created IP list.

id string: The ID of a previously created IP list.

id str: The ID of a previously created IP list.

id String: The ID of a previously created IP list.

AccessPolicyRequireLoginMethod, AccessPolicyRequireLoginMethodArgs

Id string: The ID of an identity provider.

Id string: The ID of an identity provider.

id String: The ID of an identity provider.

id string: The ID of an identity provider.

id str: The ID of an identity provider.

id String: The ID of an identity provider.

AccessPolicyRequireOkta, AccessPolicyRequireOktaArgs

IdentityProviderId string: The ID of your Okta identity provider.
Name string: The name of the Okta group.

IdentityProviderId string: The ID of your Okta identity provider.
Name string: The name of the Okta group.

identityProviderId String: The ID of your Okta identity provider.
name String: The name of the Okta group.

identityProviderId string: The ID of your Okta identity provider.
name string: The name of the Okta group.

identity_provider_id str: The ID of your Okta identity provider.
name str: The name of the Okta group.

identityProviderId String: The ID of your Okta identity provider.
name String: The name of the Okta group.

AccessPolicyRequireSaml, AccessPolicyRequireSamlArgs

AttributeName string: The name of the SAML attribute.
AttributeValue string: The SAML attribute value to look for.
IdentityProviderId string: The ID of your SAML identity provider.

AttributeName string: The name of the SAML attribute.
AttributeValue string: The SAML attribute value to look for.
IdentityProviderId string: The ID of your SAML identity provider.

attributeName String: The name of the SAML attribute.
attributeValue String: The SAML attribute value to look for.
identityProviderId String: The ID of your SAML identity provider.

attributeName string: The name of the SAML attribute.
attributeValue string: The SAML attribute value to look for.
identityProviderId string: The ID of your SAML identity provider.

attribute_name str: The name of the SAML attribute.
attribute_value str: The SAML attribute value to look for.
identity_provider_id str: The ID of your SAML identity provider.

attributeName String: The name of the SAML attribute.
attributeValue String: The SAML attribute value to look for.
identityProviderId String: The ID of your SAML identity provider.

AccessPolicyRequireServiceToken, AccessPolicyRequireServiceTokenArgs

TokenId string: The ID of a Service Token.

TokenId string: The ID of a Service Token.

tokenId String: The ID of a Service Token.

tokenId string: The ID of a Service Token.

token_id str: The ID of a Service Token.

tokenId String: The ID of a Service Token.

Import

$ pulumi import cloudflare:index/accessPolicy:AccessPolicy example '<account_id>/<policy_id>'

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: Cloudflare pulumi/pulumi-cloudflare
License: Apache-2.0
Notes: This Pulumi package is based on the cloudflare Terraform Provider.

Cloudflare v6.2.0 published on Tuesday, May 13, 2025 by Pulumi

pulumi/pulumi-cloudflare

cloudflare.AccessPolicy

On this page

On this page

Example Usage

Create AccessPolicy Resource

Constructor syntax

Parameters

AccessPolicy Resource Properties

Inputs

Outputs

Look up Existing AccessPolicy Resource

Supporting Types

AccessPolicyApprovalGroup, AccessPolicyApprovalGroupArgs

AccessPolicyExclude, AccessPolicyExcludeArgs

AccessPolicyExcludeAuthContext, AccessPolicyExcludeAuthContextArgs

AccessPolicyExcludeAuthMethod, AccessPolicyExcludeAuthMethodArgs

AccessPolicyExcludeAzureAd, AccessPolicyExcludeAzureAdArgs

AccessPolicyExcludeCommonName, AccessPolicyExcludeCommonNameArgs

AccessPolicyExcludeDevicePosture, AccessPolicyExcludeDevicePostureArgs

AccessPolicyExcludeEmail, AccessPolicyExcludeEmailArgs

AccessPolicyExcludeEmailDomain, AccessPolicyExcludeEmailDomainArgs

AccessPolicyExcludeEmailList, AccessPolicyExcludeEmailListArgs

AccessPolicyExcludeExternalEvaluation, AccessPolicyExcludeExternalEvaluationArgs

AccessPolicyExcludeGeo, AccessPolicyExcludeGeoArgs

AccessPolicyExcludeGithubOrganization, AccessPolicyExcludeGithubOrganizationArgs

AccessPolicyExcludeGroup, AccessPolicyExcludeGroupArgs

AccessPolicyExcludeGsuite, AccessPolicyExcludeGsuiteArgs

AccessPolicyExcludeIp, AccessPolicyExcludeIpArgs

AccessPolicyExcludeIpList, AccessPolicyExcludeIpListArgs

AccessPolicyExcludeLoginMethod, AccessPolicyExcludeLoginMethodArgs

AccessPolicyExcludeOkta, AccessPolicyExcludeOktaArgs

AccessPolicyExcludeSaml, AccessPolicyExcludeSamlArgs

AccessPolicyExcludeServiceToken, AccessPolicyExcludeServiceTokenArgs

AccessPolicyInclude, AccessPolicyIncludeArgs

AccessPolicyIncludeAuthContext, AccessPolicyIncludeAuthContextArgs

AccessPolicyIncludeAuthMethod, AccessPolicyIncludeAuthMethodArgs

AccessPolicyIncludeAzureAd, AccessPolicyIncludeAzureAdArgs

AccessPolicyIncludeCommonName, AccessPolicyIncludeCommonNameArgs

AccessPolicyIncludeDevicePosture, AccessPolicyIncludeDevicePostureArgs

AccessPolicyIncludeEmail, AccessPolicyIncludeEmailArgs

AccessPolicyIncludeEmailDomain, AccessPolicyIncludeEmailDomainArgs

AccessPolicyIncludeEmailList, AccessPolicyIncludeEmailListArgs

AccessPolicyIncludeExternalEvaluation, AccessPolicyIncludeExternalEvaluationArgs

AccessPolicyIncludeGeo, AccessPolicyIncludeGeoArgs

AccessPolicyIncludeGithubOrganization, AccessPolicyIncludeGithubOrganizationArgs

AccessPolicyIncludeGroup, AccessPolicyIncludeGroupArgs

AccessPolicyIncludeGsuite, AccessPolicyIncludeGsuiteArgs

AccessPolicyIncludeIp, AccessPolicyIncludeIpArgs

AccessPolicyIncludeIpList, AccessPolicyIncludeIpListArgs

AccessPolicyIncludeLoginMethod, AccessPolicyIncludeLoginMethodArgs

AccessPolicyIncludeOkta, AccessPolicyIncludeOktaArgs

AccessPolicyIncludeSaml, AccessPolicyIncludeSamlArgs

AccessPolicyIncludeServiceToken, AccessPolicyIncludeServiceTokenArgs

AccessPolicyRequire, AccessPolicyRequireArgs

AccessPolicyRequireAuthContext, AccessPolicyRequireAuthContextArgs

AccessPolicyRequireAuthMethod, AccessPolicyRequireAuthMethodArgs

AccessPolicyRequireAzureAd, AccessPolicyRequireAzureAdArgs

AccessPolicyRequireCommonName, AccessPolicyRequireCommonNameArgs

AccessPolicyRequireDevicePosture, AccessPolicyRequireDevicePostureArgs

AccessPolicyRequireEmail, AccessPolicyRequireEmailArgs

AccessPolicyRequireEmailDomain, AccessPolicyRequireEmailDomainArgs

AccessPolicyRequireEmailList, AccessPolicyRequireEmailListArgs

AccessPolicyRequireExternalEvaluation, AccessPolicyRequireExternalEvaluationArgs

AccessPolicyRequireGeo, AccessPolicyRequireGeoArgs

AccessPolicyRequireGithubOrganization, AccessPolicyRequireGithubOrganizationArgs

AccessPolicyRequireGroup, AccessPolicyRequireGroupArgs

AccessPolicyRequireGsuite, AccessPolicyRequireGsuiteArgs

AccessPolicyRequireIp, AccessPolicyRequireIpArgs

AccessPolicyRequireIpList, AccessPolicyRequireIpListArgs

AccessPolicyRequireLoginMethod, AccessPolicyRequireLoginMethodArgs

AccessPolicyRequireOkta, AccessPolicyRequireOktaArgs

AccessPolicyRequireSaml, AccessPolicyRequireSamlArgs

AccessPolicyRequireServiceToken, AccessPolicyRequireServiceTokenArgs

Import

Package Details

On this page

On this page