Cloudflare v6.1.2, Apr 28 25

Cloudflare v6.1.2 published on Monday, Apr 28, 2025 by Pulumi

cloudflare.getZeroTrustAccessPolicy

Explore with Pulumi AI

Cloudflare v6.1.2 published on Monday, Apr 28, 2025 by Pulumi

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";

const exampleZeroTrustAccessPolicy = cloudflare.getZeroTrustAccessPolicy({
    accountId: "023e105f4ecef8ad9ca31a8372d0c353",
    policyId: "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
});

import pulumi
import pulumi_cloudflare as cloudflare

example_zero_trust_access_policy = cloudflare.get_zero_trust_access_policy(account_id="023e105f4ecef8ad9ca31a8372d0c353",
    policy_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415")

package main

import (
	"github.com/pulumi/pulumi-cloudflare/sdk/v6/go/cloudflare"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := cloudflare.LookupZeroTrustAccessPolicy(ctx, &cloudflare.LookupZeroTrustAccessPolicyArgs{
			AccountId: "023e105f4ecef8ad9ca31a8372d0c353",
			PolicyId:  pulumi.StringRef("f174e90a-fafe-4643-bbbc-4a0ed4fc8415"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;

return await Deployment.RunAsync(() => 
{
    var exampleZeroTrustAccessPolicy = Cloudflare.GetZeroTrustAccessPolicy.Invoke(new()
    {
        AccountId = "023e105f4ecef8ad9ca31a8372d0c353",
        PolicyId = "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudflare.CloudflareFunctions;
import com.pulumi.cloudflare.inputs.GetZeroTrustAccessPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var exampleZeroTrustAccessPolicy = CloudflareFunctions.getZeroTrustAccessPolicy(GetZeroTrustAccessPolicyArgs.builder()
            .accountId("023e105f4ecef8ad9ca31a8372d0c353")
            .policyId("f174e90a-fafe-4643-bbbc-4a0ed4fc8415")
            .build());

    }
}

variables:
  exampleZeroTrustAccessPolicy:
    fn::invoke:
      function: cloudflare:getZeroTrustAccessPolicy
      arguments:
        accountId: 023e105f4ecef8ad9ca31a8372d0c353
        policyId: f174e90a-fafe-4643-bbbc-4a0ed4fc8415

Using getZeroTrustAccessPolicy

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getZeroTrustAccessPolicy(args: GetZeroTrustAccessPolicyArgs, opts?: InvokeOptions): Promise<GetZeroTrustAccessPolicyResult>
function getZeroTrustAccessPolicyOutput(args: GetZeroTrustAccessPolicyOutputArgs, opts?: InvokeOptions): Output<GetZeroTrustAccessPolicyResult>

def get_zero_trust_access_policy(account_id: Optional[str] = None,
                                 policy_id: Optional[str] = None,
                                 opts: Optional[InvokeOptions] = None) -> GetZeroTrustAccessPolicyResult
def get_zero_trust_access_policy_output(account_id: Optional[pulumi.Input[str]] = None,
                                 policy_id: Optional[pulumi.Input[str]] = None,
                                 opts: Optional[InvokeOptions] = None) -> Output[GetZeroTrustAccessPolicyResult]

func LookupZeroTrustAccessPolicy(ctx *Context, args *LookupZeroTrustAccessPolicyArgs, opts ...InvokeOption) (*LookupZeroTrustAccessPolicyResult, error)
func LookupZeroTrustAccessPolicyOutput(ctx *Context, args *LookupZeroTrustAccessPolicyOutputArgs, opts ...InvokeOption) LookupZeroTrustAccessPolicyResultOutput

> Note: This function is named LookupZeroTrustAccessPolicy in the Go SDK.

public static class GetZeroTrustAccessPolicy 
{
    public static Task<GetZeroTrustAccessPolicyResult> InvokeAsync(GetZeroTrustAccessPolicyArgs args, InvokeOptions? opts = null)
    public static Output<GetZeroTrustAccessPolicyResult> Invoke(GetZeroTrustAccessPolicyInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetZeroTrustAccessPolicyResult> getZeroTrustAccessPolicy(GetZeroTrustAccessPolicyArgs args, InvokeOptions options)
public static Output<GetZeroTrustAccessPolicyResult> getZeroTrustAccessPolicy(GetZeroTrustAccessPolicyArgs args, InvokeOptions options)

fn::invoke:
  function: cloudflare:index/getZeroTrustAccessPolicy:getZeroTrustAccessPolicy
  arguments:
    # arguments dictionary

The following arguments are supported:

AccountId string: Identifier.
PolicyId string: The UUID of the policy

AccountId string: Identifier.
PolicyId string: The UUID of the policy

accountId String: Identifier.
policyId String: The UUID of the policy

accountId string: Identifier.
policyId string: The UUID of the policy

account_id str: Identifier.
policy_id str: The UUID of the policy

accountId String: Identifier.
policyId String: The UUID of the policy

getZeroTrustAccessPolicy Result

The following output properties are available:

AccountId string: Identifier.
AppCount int: Number of access applications currently using this policy.
ApprovalGroups List<GetZeroTrustAccessPolicyApprovalGroup>: Administrators who can approve a temporary authentication request.
ApprovalRequired bool: Requires the user to request access from an administrator at the start of each session.
CreatedAt string
Decision string: The action Access will take if a user matches this policy. Infrastructure application policies can only use the Allow action. Available values: "allow", "deny", "non_identity", "bypass".
Excludes List<GetZeroTrustAccessPolicyExclude>: Rules evaluated with a NOT logical operator. To match the policy, a user cannot meet any of the Exclude rules.
Id string: The UUID of the policy
Includes List<GetZeroTrustAccessPolicyInclude>: Rules evaluated with an OR logical operator. A user needs to meet only one of the Include rules.
IsolationRequired bool: Require this application to be served in an isolated browser for users matching this policy. 'Client Web Isolation' must be on for the account in order to use this feature.
Name string: The name of the Access policy.
PurposeJustificationPrompt string: A custom message that will appear on the purpose justification screen.
PurposeJustificationRequired bool: Require users to enter a justification when they log in to the application.
Requires List<GetZeroTrustAccessPolicyRequire>: Rules evaluated with an AND logical operator. To match the policy, a user must meet all of the Require rules.
Reusable bool
SessionDuration string: The amount of time that tokens issued for the application will be valid. Must be in the format 300ms or 2h45m. Valid time units are: ns, us (or µs), ms, s, m, h.
UpdatedAt string
PolicyId string: The UUID of the policy

AccountId string: Identifier.
AppCount int: Number of access applications currently using this policy.
ApprovalGroups []GetZeroTrustAccessPolicyApprovalGroup: Administrators who can approve a temporary authentication request.
ApprovalRequired bool: Requires the user to request access from an administrator at the start of each session.
CreatedAt string
Decision string: The action Access will take if a user matches this policy. Infrastructure application policies can only use the Allow action. Available values: "allow", "deny", "non_identity", "bypass".
Excludes []GetZeroTrustAccessPolicyExclude: Rules evaluated with a NOT logical operator. To match the policy, a user cannot meet any of the Exclude rules.
Id string: The UUID of the policy
Includes []GetZeroTrustAccessPolicyInclude: Rules evaluated with an OR logical operator. A user needs to meet only one of the Include rules.
IsolationRequired bool: Require this application to be served in an isolated browser for users matching this policy. 'Client Web Isolation' must be on for the account in order to use this feature.
Name string: The name of the Access policy.
PurposeJustificationPrompt string: A custom message that will appear on the purpose justification screen.
PurposeJustificationRequired bool: Require users to enter a justification when they log in to the application.
Requires []GetZeroTrustAccessPolicyRequire: Rules evaluated with an AND logical operator. To match the policy, a user must meet all of the Require rules.
Reusable bool
SessionDuration string: The amount of time that tokens issued for the application will be valid. Must be in the format 300ms or 2h45m. Valid time units are: ns, us (or µs), ms, s, m, h.
UpdatedAt string
PolicyId string: The UUID of the policy

accountId String: Identifier.
appCount Integer: Number of access applications currently using this policy.
approvalGroups List<GetZeroTrustAccessPolicyApprovalGroup>: Administrators who can approve a temporary authentication request.
approvalRequired Boolean: Requires the user to request access from an administrator at the start of each session.
createdAt String
decision String: The action Access will take if a user matches this policy. Infrastructure application policies can only use the Allow action. Available values: "allow", "deny", "non_identity", "bypass".
excludes List<GetZeroTrustAccessPolicyExclude>: Rules evaluated with a NOT logical operator. To match the policy, a user cannot meet any of the Exclude rules.
id String: The UUID of the policy
includes List<GetZeroTrustAccessPolicyInclude>: Rules evaluated with an OR logical operator. A user needs to meet only one of the Include rules.
isolationRequired Boolean: Require this application to be served in an isolated browser for users matching this policy. 'Client Web Isolation' must be on for the account in order to use this feature.
name String: The name of the Access policy.
purposeJustificationPrompt String: A custom message that will appear on the purpose justification screen.
purposeJustificationRequired Boolean: Require users to enter a justification when they log in to the application.
requires List<GetZeroTrustAccessPolicyRequire>: Rules evaluated with an AND logical operator. To match the policy, a user must meet all of the Require rules.
reusable Boolean
sessionDuration String: The amount of time that tokens issued for the application will be valid. Must be in the format 300ms or 2h45m. Valid time units are: ns, us (or µs), ms, s, m, h.
updatedAt String
policyId String: The UUID of the policy

accountId string: Identifier.
appCount number: Number of access applications currently using this policy.
approvalGroups GetZeroTrustAccessPolicyApprovalGroup[]: Administrators who can approve a temporary authentication request.
approvalRequired boolean: Requires the user to request access from an administrator at the start of each session.
createdAt string
decision string: The action Access will take if a user matches this policy. Infrastructure application policies can only use the Allow action. Available values: "allow", "deny", "non_identity", "bypass".
excludes GetZeroTrustAccessPolicyExclude[]: Rules evaluated with a NOT logical operator. To match the policy, a user cannot meet any of the Exclude rules.
id string: The UUID of the policy
includes GetZeroTrustAccessPolicyInclude[]: Rules evaluated with an OR logical operator. A user needs to meet only one of the Include rules.
isolationRequired boolean: Require this application to be served in an isolated browser for users matching this policy. 'Client Web Isolation' must be on for the account in order to use this feature.
name string: The name of the Access policy.
purposeJustificationPrompt string: A custom message that will appear on the purpose justification screen.
purposeJustificationRequired boolean: Require users to enter a justification when they log in to the application.
requires GetZeroTrustAccessPolicyRequire[]: Rules evaluated with an AND logical operator. To match the policy, a user must meet all of the Require rules.
reusable boolean
sessionDuration string: The amount of time that tokens issued for the application will be valid. Must be in the format 300ms or 2h45m. Valid time units are: ns, us (or µs), ms, s, m, h.
updatedAt string
policyId string: The UUID of the policy

account_id str: Identifier.
app_count int: Number of access applications currently using this policy.
approval_groups Sequence[GetZeroTrustAccessPolicyApprovalGroup]: Administrators who can approve a temporary authentication request.
approval_required bool: Requires the user to request access from an administrator at the start of each session.
created_at str
decision str: The action Access will take if a user matches this policy. Infrastructure application policies can only use the Allow action. Available values: "allow", "deny", "non_identity", "bypass".
excludes Sequence[GetZeroTrustAccessPolicyExclude]: Rules evaluated with a NOT logical operator. To match the policy, a user cannot meet any of the Exclude rules.
id str: The UUID of the policy
includes Sequence[GetZeroTrustAccessPolicyInclude]: Rules evaluated with an OR logical operator. A user needs to meet only one of the Include rules.
isolation_required bool: Require this application to be served in an isolated browser for users matching this policy. 'Client Web Isolation' must be on for the account in order to use this feature.
name str: The name of the Access policy.
purpose_justification_prompt str: A custom message that will appear on the purpose justification screen.
purpose_justification_required bool: Require users to enter a justification when they log in to the application.
requires Sequence[GetZeroTrustAccessPolicyRequire]: Rules evaluated with an AND logical operator. To match the policy, a user must meet all of the Require rules.
reusable bool
session_duration str: The amount of time that tokens issued for the application will be valid. Must be in the format 300ms or 2h45m. Valid time units are: ns, us (or µs), ms, s, m, h.
updated_at str
policy_id str: The UUID of the policy

accountId String: Identifier.
appCount Number: Number of access applications currently using this policy.
approvalGroups List<Property Map>: Administrators who can approve a temporary authentication request.
approvalRequired Boolean: Requires the user to request access from an administrator at the start of each session.
createdAt String
decision String: The action Access will take if a user matches this policy. Infrastructure application policies can only use the Allow action. Available values: "allow", "deny", "non_identity", "bypass".
excludes List<Property Map>: Rules evaluated with a NOT logical operator. To match the policy, a user cannot meet any of the Exclude rules.
id String: The UUID of the policy
includes List<Property Map>: Rules evaluated with an OR logical operator. A user needs to meet only one of the Include rules.
isolationRequired Boolean: Require this application to be served in an isolated browser for users matching this policy. 'Client Web Isolation' must be on for the account in order to use this feature.
name String: The name of the Access policy.
purposeJustificationPrompt String: A custom message that will appear on the purpose justification screen.
purposeJustificationRequired Boolean: Require users to enter a justification when they log in to the application.
requires List<Property Map>: Rules evaluated with an AND logical operator. To match the policy, a user must meet all of the Require rules.
reusable Boolean
sessionDuration String: The amount of time that tokens issued for the application will be valid. Must be in the format 300ms or 2h45m. Valid time units are: ns, us (or µs), ms, s, m, h.
updatedAt String
policyId String: The UUID of the policy

Supporting Types

GetZeroTrustAccessPolicyApprovalGroup

ApprovalsNeeded double: The number of approvals needed to obtain access.
EmailAddresses List<string>: A list of emails that can approve the access request.
EmailListUuid string: The UUID of an re-usable email list.

ApprovalsNeeded float64: The number of approvals needed to obtain access.
EmailAddresses []string: A list of emails that can approve the access request.
EmailListUuid string: The UUID of an re-usable email list.

approvalsNeeded Double: The number of approvals needed to obtain access.
emailAddresses List<String>: A list of emails that can approve the access request.
emailListUuid String: The UUID of an re-usable email list.

approvalsNeeded number: The number of approvals needed to obtain access.
emailAddresses string[]: A list of emails that can approve the access request.
emailListUuid string: The UUID of an re-usable email list.

approvals_needed float: The number of approvals needed to obtain access.
email_addresses Sequence[str]: A list of emails that can approve the access request.
email_list_uuid str: The UUID of an re-usable email list.

approvalsNeeded Number: The number of approvals needed to obtain access.
emailAddresses List<String>: A list of emails that can approve the access request.
emailListUuid String: The UUID of an re-usable email list.

GetZeroTrustAccessPolicyExclude

AnyValidServiceToken GetZeroTrustAccessPolicyExcludeAnyValidServiceToken: An empty object which matches on all service tokens.
AuthContext GetZeroTrustAccessPolicyExcludeAuthContext
AuthMethod GetZeroTrustAccessPolicyExcludeAuthMethod
AzureAd GetZeroTrustAccessPolicyExcludeAzureAd
Certificate GetZeroTrustAccessPolicyExcludeCertificate
CommonName GetZeroTrustAccessPolicyExcludeCommonName
DevicePosture GetZeroTrustAccessPolicyExcludeDevicePosture
Email GetZeroTrustAccessPolicyExcludeEmail
EmailDomain GetZeroTrustAccessPolicyExcludeEmailDomain
EmailList GetZeroTrustAccessPolicyExcludeEmailList
Everyone GetZeroTrustAccessPolicyExcludeEveryone: An empty object which matches on all users.
ExternalEvaluation GetZeroTrustAccessPolicyExcludeExternalEvaluation
Geo GetZeroTrustAccessPolicyExcludeGeo
GithubOrganization GetZeroTrustAccessPolicyExcludeGithubOrganization
Group GetZeroTrustAccessPolicyExcludeGroup
Gsuite GetZeroTrustAccessPolicyExcludeGsuite
Ip GetZeroTrustAccessPolicyExcludeIp
IpList GetZeroTrustAccessPolicyExcludeIpList
LoginMethod GetZeroTrustAccessPolicyExcludeLoginMethod
Okta GetZeroTrustAccessPolicyExcludeOkta
Saml GetZeroTrustAccessPolicyExcludeSaml
ServiceToken GetZeroTrustAccessPolicyExcludeServiceToken

AnyValidServiceToken GetZeroTrustAccessPolicyExcludeAnyValidServiceToken: An empty object which matches on all service tokens.
AuthContext GetZeroTrustAccessPolicyExcludeAuthContext
AuthMethod GetZeroTrustAccessPolicyExcludeAuthMethod
AzureAd GetZeroTrustAccessPolicyExcludeAzureAd
Certificate GetZeroTrustAccessPolicyExcludeCertificate
CommonName GetZeroTrustAccessPolicyExcludeCommonName
DevicePosture GetZeroTrustAccessPolicyExcludeDevicePosture
Email GetZeroTrustAccessPolicyExcludeEmail
EmailDomain GetZeroTrustAccessPolicyExcludeEmailDomain
EmailList GetZeroTrustAccessPolicyExcludeEmailList
Everyone GetZeroTrustAccessPolicyExcludeEveryone: An empty object which matches on all users.
ExternalEvaluation GetZeroTrustAccessPolicyExcludeExternalEvaluation
Geo GetZeroTrustAccessPolicyExcludeGeo
GithubOrganization GetZeroTrustAccessPolicyExcludeGithubOrganization
Group GetZeroTrustAccessPolicyExcludeGroup
Gsuite GetZeroTrustAccessPolicyExcludeGsuite
Ip GetZeroTrustAccessPolicyExcludeIp
IpList GetZeroTrustAccessPolicyExcludeIpList
LoginMethod GetZeroTrustAccessPolicyExcludeLoginMethod
Okta GetZeroTrustAccessPolicyExcludeOkta
Saml GetZeroTrustAccessPolicyExcludeSaml
ServiceToken GetZeroTrustAccessPolicyExcludeServiceToken

anyValidServiceToken GetZeroTrustAccessPolicyExcludeAnyValidServiceToken: An empty object which matches on all service tokens.
authContext GetZeroTrustAccessPolicyExcludeAuthContext
authMethod GetZeroTrustAccessPolicyExcludeAuthMethod
azureAd GetZeroTrustAccessPolicyExcludeAzureAd
certificate GetZeroTrustAccessPolicyExcludeCertificate
commonName GetZeroTrustAccessPolicyExcludeCommonName
devicePosture GetZeroTrustAccessPolicyExcludeDevicePosture
email GetZeroTrustAccessPolicyExcludeEmail
emailDomain GetZeroTrustAccessPolicyExcludeEmailDomain
emailList GetZeroTrustAccessPolicyExcludeEmailList
everyone GetZeroTrustAccessPolicyExcludeEveryone: An empty object which matches on all users.
externalEvaluation GetZeroTrustAccessPolicyExcludeExternalEvaluation
geo GetZeroTrustAccessPolicyExcludeGeo
githubOrganization GetZeroTrustAccessPolicyExcludeGithubOrganization
group GetZeroTrustAccessPolicyExcludeGroup
gsuite GetZeroTrustAccessPolicyExcludeGsuite
ip GetZeroTrustAccessPolicyExcludeIp
ipList GetZeroTrustAccessPolicyExcludeIpList
loginMethod GetZeroTrustAccessPolicyExcludeLoginMethod
okta GetZeroTrustAccessPolicyExcludeOkta
saml GetZeroTrustAccessPolicyExcludeSaml
serviceToken GetZeroTrustAccessPolicyExcludeServiceToken

anyValidServiceToken GetZeroTrustAccessPolicyExcludeAnyValidServiceToken: An empty object which matches on all service tokens.
authContext GetZeroTrustAccessPolicyExcludeAuthContext
authMethod GetZeroTrustAccessPolicyExcludeAuthMethod
azureAd GetZeroTrustAccessPolicyExcludeAzureAd
certificate GetZeroTrustAccessPolicyExcludeCertificate
commonName GetZeroTrustAccessPolicyExcludeCommonName
devicePosture GetZeroTrustAccessPolicyExcludeDevicePosture
email GetZeroTrustAccessPolicyExcludeEmail
emailDomain GetZeroTrustAccessPolicyExcludeEmailDomain
emailList GetZeroTrustAccessPolicyExcludeEmailList
everyone GetZeroTrustAccessPolicyExcludeEveryone: An empty object which matches on all users.
externalEvaluation GetZeroTrustAccessPolicyExcludeExternalEvaluation
geo GetZeroTrustAccessPolicyExcludeGeo
githubOrganization GetZeroTrustAccessPolicyExcludeGithubOrganization
group GetZeroTrustAccessPolicyExcludeGroup
gsuite GetZeroTrustAccessPolicyExcludeGsuite
ip GetZeroTrustAccessPolicyExcludeIp
ipList GetZeroTrustAccessPolicyExcludeIpList
loginMethod GetZeroTrustAccessPolicyExcludeLoginMethod
okta GetZeroTrustAccessPolicyExcludeOkta
saml GetZeroTrustAccessPolicyExcludeSaml
serviceToken GetZeroTrustAccessPolicyExcludeServiceToken

any_valid_service_token GetZeroTrustAccessPolicyExcludeAnyValidServiceToken: An empty object which matches on all service tokens.
auth_context GetZeroTrustAccessPolicyExcludeAuthContext
auth_method GetZeroTrustAccessPolicyExcludeAuthMethod
azure_ad GetZeroTrustAccessPolicyExcludeAzureAd
certificate GetZeroTrustAccessPolicyExcludeCertificate
common_name GetZeroTrustAccessPolicyExcludeCommonName
device_posture GetZeroTrustAccessPolicyExcludeDevicePosture
email GetZeroTrustAccessPolicyExcludeEmail
email_domain GetZeroTrustAccessPolicyExcludeEmailDomain
email_list GetZeroTrustAccessPolicyExcludeEmailList
everyone GetZeroTrustAccessPolicyExcludeEveryone: An empty object which matches on all users.
external_evaluation GetZeroTrustAccessPolicyExcludeExternalEvaluation
geo GetZeroTrustAccessPolicyExcludeGeo
github_organization GetZeroTrustAccessPolicyExcludeGithubOrganization
group GetZeroTrustAccessPolicyExcludeGroup
gsuite GetZeroTrustAccessPolicyExcludeGsuite
ip GetZeroTrustAccessPolicyExcludeIp
ip_list GetZeroTrustAccessPolicyExcludeIpList
login_method GetZeroTrustAccessPolicyExcludeLoginMethod
okta GetZeroTrustAccessPolicyExcludeOkta
saml GetZeroTrustAccessPolicyExcludeSaml
service_token GetZeroTrustAccessPolicyExcludeServiceToken

anyValidServiceToken Property Map: An empty object which matches on all service tokens.
authContext Property Map
authMethod Property Map
azureAd Property Map
certificate Property Map
commonName Property Map
devicePosture Property Map
email Property Map
emailDomain Property Map
emailList Property Map
everyone Property Map: An empty object which matches on all users.
externalEvaluation Property Map
geo Property Map
githubOrganization Property Map
group Property Map
gsuite Property Map
ip Property Map
ipList Property Map
loginMethod Property Map
okta Property Map
saml Property Map
serviceToken Property Map

GetZeroTrustAccessPolicyExcludeAuthContext

AcId string: The ACID of an Authentication context.
Id string: The ID of an Authentication context.
IdentityProviderId string: The ID of your Azure identity provider.

AcId string: The ACID of an Authentication context.
Id string: The ID of an Authentication context.
IdentityProviderId string: The ID of your Azure identity provider.

acId String: The ACID of an Authentication context.
id String: The ID of an Authentication context.
identityProviderId String: The ID of your Azure identity provider.

acId string: The ACID of an Authentication context.
id string: The ID of an Authentication context.
identityProviderId string: The ID of your Azure identity provider.

ac_id str: The ACID of an Authentication context.
id str: The ID of an Authentication context.
identity_provider_id str: The ID of your Azure identity provider.

acId String: The ACID of an Authentication context.
id String: The ID of an Authentication context.
identityProviderId String: The ID of your Azure identity provider.

GetZeroTrustAccessPolicyExcludeAuthMethod

AuthMethod string: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

AuthMethod string: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

authMethod String: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

authMethod string: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

auth_method str: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

authMethod String: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

GetZeroTrustAccessPolicyExcludeAzureAd

Id string: The ID of an Azure group.
IdentityProviderId string: The ID of your Azure identity provider.

Id string: The ID of an Azure group.
IdentityProviderId string: The ID of your Azure identity provider.

id String: The ID of an Azure group.
identityProviderId String: The ID of your Azure identity provider.

id string: The ID of an Azure group.
identityProviderId string: The ID of your Azure identity provider.

id str: The ID of an Azure group.
identity_provider_id str: The ID of your Azure identity provider.

id String: The ID of an Azure group.
identityProviderId String: The ID of your Azure identity provider.

GetZeroTrustAccessPolicyExcludeCommonName

CommonName string: The common name to match.

CommonName string: The common name to match.

commonName String: The common name to match.

commonName string: The common name to match.

common_name str: The common name to match.

commonName String: The common name to match.

GetZeroTrustAccessPolicyExcludeDevicePosture

IntegrationUid string: The ID of a device posture integration.

IntegrationUid string: The ID of a device posture integration.

integrationUid String: The ID of a device posture integration.

integrationUid string: The ID of a device posture integration.

integration_uid str: The ID of a device posture integration.

integrationUid String: The ID of a device posture integration.

GetZeroTrustAccessPolicyExcludeEmail

Email string: The email of the user.

Email string: The email of the user.

email String: The email of the user.

email string: The email of the user.

email str: The email of the user.

email String: The email of the user.

GetZeroTrustAccessPolicyExcludeEmailDomain

Domain string: The email domain to match.

Domain string: The email domain to match.

domain String: The email domain to match.

domain string: The email domain to match.

domain str: The email domain to match.

domain String: The email domain to match.

GetZeroTrustAccessPolicyExcludeEmailList

Id string: The ID of a previously created email list.

Id string: The ID of a previously created email list.

id String: The ID of a previously created email list.

id string: The ID of a previously created email list.

id str: The ID of a previously created email list.

id String: The ID of a previously created email list.

GetZeroTrustAccessPolicyExcludeExternalEvaluation

EvaluateUrl string: The API endpoint containing your business logic.
KeysUrl string: The API endpoint containing the key that Access uses to verify that the response came from your API.

EvaluateUrl string: The API endpoint containing your business logic.
KeysUrl string: The API endpoint containing the key that Access uses to verify that the response came from your API.

evaluateUrl String: The API endpoint containing your business logic.
keysUrl String: The API endpoint containing the key that Access uses to verify that the response came from your API.

evaluateUrl string: The API endpoint containing your business logic.
keysUrl string: The API endpoint containing the key that Access uses to verify that the response came from your API.

evaluate_url str: The API endpoint containing your business logic.
keys_url str: The API endpoint containing the key that Access uses to verify that the response came from your API.

evaluateUrl String: The API endpoint containing your business logic.
keysUrl String: The API endpoint containing the key that Access uses to verify that the response came from your API.

GetZeroTrustAccessPolicyExcludeGeo

CountryCode string: The country code that should be matched.

CountryCode string: The country code that should be matched.

countryCode String: The country code that should be matched.

countryCode string: The country code that should be matched.

country_code str: The country code that should be matched.

countryCode String: The country code that should be matched.

GetZeroTrustAccessPolicyExcludeGithubOrganization

IdentityProviderId string: The ID of your Github identity provider.
Name string: The name of the organization.
Team string: The name of the team

IdentityProviderId string: The ID of your Github identity provider.
Name string: The name of the organization.
Team string: The name of the team

identityProviderId String: The ID of your Github identity provider.
name String: The name of the organization.
team String: The name of the team

identityProviderId string: The ID of your Github identity provider.
name string: The name of the organization.
team string: The name of the team

identity_provider_id str: The ID of your Github identity provider.
name str: The name of the organization.
team str: The name of the team

identityProviderId String: The ID of your Github identity provider.
name String: The name of the organization.
team String: The name of the team

GetZeroTrustAccessPolicyExcludeGroup

Id string: The ID of a previously created Access group.

Id string: The ID of a previously created Access group.

id String: The ID of a previously created Access group.

id string: The ID of a previously created Access group.

id str: The ID of a previously created Access group.

id String: The ID of a previously created Access group.

GetZeroTrustAccessPolicyExcludeGsuite

Email string: The email of the Google Workspace group.
IdentityProviderId string: The ID of your Google Workspace identity provider.

Email string: The email of the Google Workspace group.
IdentityProviderId string: The ID of your Google Workspace identity provider.

email String: The email of the Google Workspace group.
identityProviderId String: The ID of your Google Workspace identity provider.

email string: The email of the Google Workspace group.
identityProviderId string: The ID of your Google Workspace identity provider.

email str: The email of the Google Workspace group.
identity_provider_id str: The ID of your Google Workspace identity provider.

email String: The email of the Google Workspace group.
identityProviderId String: The ID of your Google Workspace identity provider.

GetZeroTrustAccessPolicyExcludeIp

Ip string: An IPv4 or IPv6 CIDR block.

Ip string: An IPv4 or IPv6 CIDR block.

ip String: An IPv4 or IPv6 CIDR block.

ip string: An IPv4 or IPv6 CIDR block.

ip str: An IPv4 or IPv6 CIDR block.

ip String: An IPv4 or IPv6 CIDR block.

GetZeroTrustAccessPolicyExcludeIpList

Id string: The ID of a previously created IP list.

Id string: The ID of a previously created IP list.

id String: The ID of a previously created IP list.

id string: The ID of a previously created IP list.

id str: The ID of a previously created IP list.

id String: The ID of a previously created IP list.

GetZeroTrustAccessPolicyExcludeLoginMethod

Id string: The ID of an identity provider.

Id string: The ID of an identity provider.

id String: The ID of an identity provider.

id string: The ID of an identity provider.

id str: The ID of an identity provider.

id String: The ID of an identity provider.

GetZeroTrustAccessPolicyExcludeOkta

IdentityProviderId string: The ID of your Okta identity provider.
Name string: The name of the Okta group.

IdentityProviderId string: The ID of your Okta identity provider.
Name string: The name of the Okta group.

identityProviderId String: The ID of your Okta identity provider.
name String: The name of the Okta group.

identityProviderId string: The ID of your Okta identity provider.
name string: The name of the Okta group.

identity_provider_id str: The ID of your Okta identity provider.
name str: The name of the Okta group.

identityProviderId String: The ID of your Okta identity provider.
name String: The name of the Okta group.

GetZeroTrustAccessPolicyExcludeSaml

AttributeName string: The name of the SAML attribute.
AttributeValue string: The SAML attribute value to look for.
IdentityProviderId string: The ID of your SAML identity provider.

AttributeName string: The name of the SAML attribute.
AttributeValue string: The SAML attribute value to look for.
IdentityProviderId string: The ID of your SAML identity provider.

attributeName String: The name of the SAML attribute.
attributeValue String: The SAML attribute value to look for.
identityProviderId String: The ID of your SAML identity provider.

attributeName string: The name of the SAML attribute.
attributeValue string: The SAML attribute value to look for.
identityProviderId string: The ID of your SAML identity provider.

attribute_name str: The name of the SAML attribute.
attribute_value str: The SAML attribute value to look for.
identity_provider_id str: The ID of your SAML identity provider.

attributeName String: The name of the SAML attribute.
attributeValue String: The SAML attribute value to look for.
identityProviderId String: The ID of your SAML identity provider.

GetZeroTrustAccessPolicyExcludeServiceToken

TokenId string: The ID of a Service Token.

TokenId string: The ID of a Service Token.

tokenId String: The ID of a Service Token.

tokenId string: The ID of a Service Token.

token_id str: The ID of a Service Token.

tokenId String: The ID of a Service Token.

GetZeroTrustAccessPolicyInclude

AnyValidServiceToken GetZeroTrustAccessPolicyIncludeAnyValidServiceToken: An empty object which matches on all service tokens.
AuthContext GetZeroTrustAccessPolicyIncludeAuthContext
AuthMethod GetZeroTrustAccessPolicyIncludeAuthMethod
AzureAd GetZeroTrustAccessPolicyIncludeAzureAd
Certificate GetZeroTrustAccessPolicyIncludeCertificate
CommonName GetZeroTrustAccessPolicyIncludeCommonName
DevicePosture GetZeroTrustAccessPolicyIncludeDevicePosture
Email GetZeroTrustAccessPolicyIncludeEmail
EmailDomain GetZeroTrustAccessPolicyIncludeEmailDomain
EmailList GetZeroTrustAccessPolicyIncludeEmailList
Everyone GetZeroTrustAccessPolicyIncludeEveryone: An empty object which matches on all users.
ExternalEvaluation GetZeroTrustAccessPolicyIncludeExternalEvaluation
Geo GetZeroTrustAccessPolicyIncludeGeo
GithubOrganization GetZeroTrustAccessPolicyIncludeGithubOrganization
Group GetZeroTrustAccessPolicyIncludeGroup
Gsuite GetZeroTrustAccessPolicyIncludeGsuite
Ip GetZeroTrustAccessPolicyIncludeIp
IpList GetZeroTrustAccessPolicyIncludeIpList
LoginMethod GetZeroTrustAccessPolicyIncludeLoginMethod
Okta GetZeroTrustAccessPolicyIncludeOkta
Saml GetZeroTrustAccessPolicyIncludeSaml
ServiceToken GetZeroTrustAccessPolicyIncludeServiceToken

AnyValidServiceToken GetZeroTrustAccessPolicyIncludeAnyValidServiceToken: An empty object which matches on all service tokens.
AuthContext GetZeroTrustAccessPolicyIncludeAuthContext
AuthMethod GetZeroTrustAccessPolicyIncludeAuthMethod
AzureAd GetZeroTrustAccessPolicyIncludeAzureAd
Certificate GetZeroTrustAccessPolicyIncludeCertificate
CommonName GetZeroTrustAccessPolicyIncludeCommonName
DevicePosture GetZeroTrustAccessPolicyIncludeDevicePosture
Email GetZeroTrustAccessPolicyIncludeEmail
EmailDomain GetZeroTrustAccessPolicyIncludeEmailDomain
EmailList GetZeroTrustAccessPolicyIncludeEmailList
Everyone GetZeroTrustAccessPolicyIncludeEveryone: An empty object which matches on all users.
ExternalEvaluation GetZeroTrustAccessPolicyIncludeExternalEvaluation
Geo GetZeroTrustAccessPolicyIncludeGeo
GithubOrganization GetZeroTrustAccessPolicyIncludeGithubOrganization
Group GetZeroTrustAccessPolicyIncludeGroup
Gsuite GetZeroTrustAccessPolicyIncludeGsuite
Ip GetZeroTrustAccessPolicyIncludeIp
IpList GetZeroTrustAccessPolicyIncludeIpList
LoginMethod GetZeroTrustAccessPolicyIncludeLoginMethod
Okta GetZeroTrustAccessPolicyIncludeOkta
Saml GetZeroTrustAccessPolicyIncludeSaml
ServiceToken GetZeroTrustAccessPolicyIncludeServiceToken

anyValidServiceToken GetZeroTrustAccessPolicyIncludeAnyValidServiceToken: An empty object which matches on all service tokens.
authContext GetZeroTrustAccessPolicyIncludeAuthContext
authMethod GetZeroTrustAccessPolicyIncludeAuthMethod
azureAd GetZeroTrustAccessPolicyIncludeAzureAd
certificate GetZeroTrustAccessPolicyIncludeCertificate
commonName GetZeroTrustAccessPolicyIncludeCommonName
devicePosture GetZeroTrustAccessPolicyIncludeDevicePosture
email GetZeroTrustAccessPolicyIncludeEmail
emailDomain GetZeroTrustAccessPolicyIncludeEmailDomain
emailList GetZeroTrustAccessPolicyIncludeEmailList
everyone GetZeroTrustAccessPolicyIncludeEveryone: An empty object which matches on all users.
externalEvaluation GetZeroTrustAccessPolicyIncludeExternalEvaluation
geo GetZeroTrustAccessPolicyIncludeGeo
githubOrganization GetZeroTrustAccessPolicyIncludeGithubOrganization
group GetZeroTrustAccessPolicyIncludeGroup
gsuite GetZeroTrustAccessPolicyIncludeGsuite
ip GetZeroTrustAccessPolicyIncludeIp
ipList GetZeroTrustAccessPolicyIncludeIpList
loginMethod GetZeroTrustAccessPolicyIncludeLoginMethod
okta GetZeroTrustAccessPolicyIncludeOkta
saml GetZeroTrustAccessPolicyIncludeSaml
serviceToken GetZeroTrustAccessPolicyIncludeServiceToken

anyValidServiceToken GetZeroTrustAccessPolicyIncludeAnyValidServiceToken: An empty object which matches on all service tokens.
authContext GetZeroTrustAccessPolicyIncludeAuthContext
authMethod GetZeroTrustAccessPolicyIncludeAuthMethod
azureAd GetZeroTrustAccessPolicyIncludeAzureAd
certificate GetZeroTrustAccessPolicyIncludeCertificate
commonName GetZeroTrustAccessPolicyIncludeCommonName
devicePosture GetZeroTrustAccessPolicyIncludeDevicePosture
email GetZeroTrustAccessPolicyIncludeEmail
emailDomain GetZeroTrustAccessPolicyIncludeEmailDomain
emailList GetZeroTrustAccessPolicyIncludeEmailList
everyone GetZeroTrustAccessPolicyIncludeEveryone: An empty object which matches on all users.
externalEvaluation GetZeroTrustAccessPolicyIncludeExternalEvaluation
geo GetZeroTrustAccessPolicyIncludeGeo
githubOrganization GetZeroTrustAccessPolicyIncludeGithubOrganization
group GetZeroTrustAccessPolicyIncludeGroup
gsuite GetZeroTrustAccessPolicyIncludeGsuite
ip GetZeroTrustAccessPolicyIncludeIp
ipList GetZeroTrustAccessPolicyIncludeIpList
loginMethod GetZeroTrustAccessPolicyIncludeLoginMethod
okta GetZeroTrustAccessPolicyIncludeOkta
saml GetZeroTrustAccessPolicyIncludeSaml
serviceToken GetZeroTrustAccessPolicyIncludeServiceToken

any_valid_service_token GetZeroTrustAccessPolicyIncludeAnyValidServiceToken: An empty object which matches on all service tokens.
auth_context GetZeroTrustAccessPolicyIncludeAuthContext
auth_method GetZeroTrustAccessPolicyIncludeAuthMethod
azure_ad GetZeroTrustAccessPolicyIncludeAzureAd
certificate GetZeroTrustAccessPolicyIncludeCertificate
common_name GetZeroTrustAccessPolicyIncludeCommonName
device_posture GetZeroTrustAccessPolicyIncludeDevicePosture
email GetZeroTrustAccessPolicyIncludeEmail
email_domain GetZeroTrustAccessPolicyIncludeEmailDomain
email_list GetZeroTrustAccessPolicyIncludeEmailList
everyone GetZeroTrustAccessPolicyIncludeEveryone: An empty object which matches on all users.
external_evaluation GetZeroTrustAccessPolicyIncludeExternalEvaluation
geo GetZeroTrustAccessPolicyIncludeGeo
github_organization GetZeroTrustAccessPolicyIncludeGithubOrganization
group GetZeroTrustAccessPolicyIncludeGroup
gsuite GetZeroTrustAccessPolicyIncludeGsuite
ip GetZeroTrustAccessPolicyIncludeIp
ip_list GetZeroTrustAccessPolicyIncludeIpList
login_method GetZeroTrustAccessPolicyIncludeLoginMethod
okta GetZeroTrustAccessPolicyIncludeOkta
saml GetZeroTrustAccessPolicyIncludeSaml
service_token GetZeroTrustAccessPolicyIncludeServiceToken

anyValidServiceToken Property Map: An empty object which matches on all service tokens.
authContext Property Map
authMethod Property Map
azureAd Property Map
certificate Property Map
commonName Property Map
devicePosture Property Map
email Property Map
emailDomain Property Map
emailList Property Map
everyone Property Map: An empty object which matches on all users.
externalEvaluation Property Map
geo Property Map
githubOrganization Property Map
group Property Map
gsuite Property Map
ip Property Map
ipList Property Map
loginMethod Property Map
okta Property Map
saml Property Map
serviceToken Property Map

GetZeroTrustAccessPolicyIncludeAuthContext

AcId string: The ACID of an Authentication context.
Id string: The ID of an Authentication context.
IdentityProviderId string: The ID of your Azure identity provider.

AcId string: The ACID of an Authentication context.
Id string: The ID of an Authentication context.
IdentityProviderId string: The ID of your Azure identity provider.

acId String: The ACID of an Authentication context.
id String: The ID of an Authentication context.
identityProviderId String: The ID of your Azure identity provider.

acId string: The ACID of an Authentication context.
id string: The ID of an Authentication context.
identityProviderId string: The ID of your Azure identity provider.

ac_id str: The ACID of an Authentication context.
id str: The ID of an Authentication context.
identity_provider_id str: The ID of your Azure identity provider.

acId String: The ACID of an Authentication context.
id String: The ID of an Authentication context.
identityProviderId String: The ID of your Azure identity provider.

GetZeroTrustAccessPolicyIncludeAuthMethod

AuthMethod string: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

AuthMethod string: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

authMethod String: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

authMethod string: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

auth_method str: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

authMethod String: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

GetZeroTrustAccessPolicyIncludeAzureAd

Id string: The ID of an Azure group.
IdentityProviderId string: The ID of your Azure identity provider.

Id string: The ID of an Azure group.
IdentityProviderId string: The ID of your Azure identity provider.

id String: The ID of an Azure group.
identityProviderId String: The ID of your Azure identity provider.

id string: The ID of an Azure group.
identityProviderId string: The ID of your Azure identity provider.

id str: The ID of an Azure group.
identity_provider_id str: The ID of your Azure identity provider.

id String: The ID of an Azure group.
identityProviderId String: The ID of your Azure identity provider.

GetZeroTrustAccessPolicyIncludeCommonName

CommonName string: The common name to match.

CommonName string: The common name to match.

commonName String: The common name to match.

commonName string: The common name to match.

common_name str: The common name to match.

commonName String: The common name to match.

GetZeroTrustAccessPolicyIncludeDevicePosture

IntegrationUid string: The ID of a device posture integration.

IntegrationUid string: The ID of a device posture integration.

integrationUid String: The ID of a device posture integration.

integrationUid string: The ID of a device posture integration.

integration_uid str: The ID of a device posture integration.

integrationUid String: The ID of a device posture integration.

GetZeroTrustAccessPolicyIncludeEmail

Email string: The email of the user.

Email string: The email of the user.

email String: The email of the user.

email string: The email of the user.

email str: The email of the user.

email String: The email of the user.

GetZeroTrustAccessPolicyIncludeEmailDomain

Domain string: The email domain to match.

Domain string: The email domain to match.

domain String: The email domain to match.

domain string: The email domain to match.

domain str: The email domain to match.

domain String: The email domain to match.

GetZeroTrustAccessPolicyIncludeEmailList

Id string: The ID of a previously created email list.

Id string: The ID of a previously created email list.

id String: The ID of a previously created email list.

id string: The ID of a previously created email list.

id str: The ID of a previously created email list.

id String: The ID of a previously created email list.

GetZeroTrustAccessPolicyIncludeExternalEvaluation

EvaluateUrl string: The API endpoint containing your business logic.
KeysUrl string: The API endpoint containing the key that Access uses to verify that the response came from your API.

EvaluateUrl string: The API endpoint containing your business logic.
KeysUrl string: The API endpoint containing the key that Access uses to verify that the response came from your API.

evaluateUrl String: The API endpoint containing your business logic.
keysUrl String: The API endpoint containing the key that Access uses to verify that the response came from your API.

evaluateUrl string: The API endpoint containing your business logic.
keysUrl string: The API endpoint containing the key that Access uses to verify that the response came from your API.

evaluate_url str: The API endpoint containing your business logic.
keys_url str: The API endpoint containing the key that Access uses to verify that the response came from your API.

evaluateUrl String: The API endpoint containing your business logic.
keysUrl String: The API endpoint containing the key that Access uses to verify that the response came from your API.

GetZeroTrustAccessPolicyIncludeGeo

CountryCode string: The country code that should be matched.

CountryCode string: The country code that should be matched.

countryCode String: The country code that should be matched.

countryCode string: The country code that should be matched.

country_code str: The country code that should be matched.

countryCode String: The country code that should be matched.

GetZeroTrustAccessPolicyIncludeGithubOrganization

IdentityProviderId string: The ID of your Github identity provider.
Name string: The name of the organization.
Team string: The name of the team

IdentityProviderId string: The ID of your Github identity provider.
Name string: The name of the organization.
Team string: The name of the team

identityProviderId String: The ID of your Github identity provider.
name String: The name of the organization.
team String: The name of the team

identityProviderId string: The ID of your Github identity provider.
name string: The name of the organization.
team string: The name of the team

identity_provider_id str: The ID of your Github identity provider.
name str: The name of the organization.
team str: The name of the team

identityProviderId String: The ID of your Github identity provider.
name String: The name of the organization.
team String: The name of the team

GetZeroTrustAccessPolicyIncludeGroup

Id string: The ID of a previously created Access group.

Id string: The ID of a previously created Access group.

id String: The ID of a previously created Access group.

id string: The ID of a previously created Access group.

id str: The ID of a previously created Access group.

id String: The ID of a previously created Access group.

GetZeroTrustAccessPolicyIncludeGsuite

Email string: The email of the Google Workspace group.
IdentityProviderId string: The ID of your Google Workspace identity provider.

Email string: The email of the Google Workspace group.
IdentityProviderId string: The ID of your Google Workspace identity provider.

email String: The email of the Google Workspace group.
identityProviderId String: The ID of your Google Workspace identity provider.

email string: The email of the Google Workspace group.
identityProviderId string: The ID of your Google Workspace identity provider.

email str: The email of the Google Workspace group.
identity_provider_id str: The ID of your Google Workspace identity provider.

email String: The email of the Google Workspace group.
identityProviderId String: The ID of your Google Workspace identity provider.

GetZeroTrustAccessPolicyIncludeIp

Ip string: An IPv4 or IPv6 CIDR block.

Ip string: An IPv4 or IPv6 CIDR block.

ip String: An IPv4 or IPv6 CIDR block.

ip string: An IPv4 or IPv6 CIDR block.

ip str: An IPv4 or IPv6 CIDR block.

ip String: An IPv4 or IPv6 CIDR block.

GetZeroTrustAccessPolicyIncludeIpList

Id string: The ID of a previously created IP list.

Id string: The ID of a previously created IP list.

id String: The ID of a previously created IP list.

id string: The ID of a previously created IP list.

id str: The ID of a previously created IP list.

id String: The ID of a previously created IP list.

GetZeroTrustAccessPolicyIncludeLoginMethod

Id string: The ID of an identity provider.

Id string: The ID of an identity provider.

id String: The ID of an identity provider.

id string: The ID of an identity provider.

id str: The ID of an identity provider.

id String: The ID of an identity provider.

GetZeroTrustAccessPolicyIncludeOkta

IdentityProviderId string: The ID of your Okta identity provider.
Name string: The name of the Okta group.

IdentityProviderId string: The ID of your Okta identity provider.
Name string: The name of the Okta group.

identityProviderId String: The ID of your Okta identity provider.
name String: The name of the Okta group.

identityProviderId string: The ID of your Okta identity provider.
name string: The name of the Okta group.

identity_provider_id str: The ID of your Okta identity provider.
name str: The name of the Okta group.

identityProviderId String: The ID of your Okta identity provider.
name String: The name of the Okta group.

GetZeroTrustAccessPolicyIncludeSaml

AttributeName string: The name of the SAML attribute.
AttributeValue string: The SAML attribute value to look for.
IdentityProviderId string: The ID of your SAML identity provider.

AttributeName string: The name of the SAML attribute.
AttributeValue string: The SAML attribute value to look for.
IdentityProviderId string: The ID of your SAML identity provider.

attributeName String: The name of the SAML attribute.
attributeValue String: The SAML attribute value to look for.
identityProviderId String: The ID of your SAML identity provider.

attributeName string: The name of the SAML attribute.
attributeValue string: The SAML attribute value to look for.
identityProviderId string: The ID of your SAML identity provider.

attribute_name str: The name of the SAML attribute.
attribute_value str: The SAML attribute value to look for.
identity_provider_id str: The ID of your SAML identity provider.

attributeName String: The name of the SAML attribute.
attributeValue String: The SAML attribute value to look for.
identityProviderId String: The ID of your SAML identity provider.

GetZeroTrustAccessPolicyIncludeServiceToken

TokenId string: The ID of a Service Token.

TokenId string: The ID of a Service Token.

tokenId String: The ID of a Service Token.

tokenId string: The ID of a Service Token.

token_id str: The ID of a Service Token.

tokenId String: The ID of a Service Token.

GetZeroTrustAccessPolicyRequire

AnyValidServiceToken GetZeroTrustAccessPolicyRequireAnyValidServiceToken: An empty object which matches on all service tokens.
AuthContext GetZeroTrustAccessPolicyRequireAuthContext
AuthMethod GetZeroTrustAccessPolicyRequireAuthMethod
AzureAd GetZeroTrustAccessPolicyRequireAzureAd
Certificate GetZeroTrustAccessPolicyRequireCertificate
CommonName GetZeroTrustAccessPolicyRequireCommonName
DevicePosture GetZeroTrustAccessPolicyRequireDevicePosture
Email GetZeroTrustAccessPolicyRequireEmail
EmailDomain GetZeroTrustAccessPolicyRequireEmailDomain
EmailList GetZeroTrustAccessPolicyRequireEmailList
Everyone GetZeroTrustAccessPolicyRequireEveryone: An empty object which matches on all users.
ExternalEvaluation GetZeroTrustAccessPolicyRequireExternalEvaluation
Geo GetZeroTrustAccessPolicyRequireGeo
GithubOrganization GetZeroTrustAccessPolicyRequireGithubOrganization
Group GetZeroTrustAccessPolicyRequireGroup
Gsuite GetZeroTrustAccessPolicyRequireGsuite
Ip GetZeroTrustAccessPolicyRequireIp
IpList GetZeroTrustAccessPolicyRequireIpList
LoginMethod GetZeroTrustAccessPolicyRequireLoginMethod
Okta GetZeroTrustAccessPolicyRequireOkta
Saml GetZeroTrustAccessPolicyRequireSaml
ServiceToken GetZeroTrustAccessPolicyRequireServiceToken

AnyValidServiceToken GetZeroTrustAccessPolicyRequireAnyValidServiceToken: An empty object which matches on all service tokens.
AuthContext GetZeroTrustAccessPolicyRequireAuthContext
AuthMethod GetZeroTrustAccessPolicyRequireAuthMethod
AzureAd GetZeroTrustAccessPolicyRequireAzureAd
Certificate GetZeroTrustAccessPolicyRequireCertificate
CommonName GetZeroTrustAccessPolicyRequireCommonName
DevicePosture GetZeroTrustAccessPolicyRequireDevicePosture
Email GetZeroTrustAccessPolicyRequireEmail
EmailDomain GetZeroTrustAccessPolicyRequireEmailDomain
EmailList GetZeroTrustAccessPolicyRequireEmailList
Everyone GetZeroTrustAccessPolicyRequireEveryone: An empty object which matches on all users.
ExternalEvaluation GetZeroTrustAccessPolicyRequireExternalEvaluation
Geo GetZeroTrustAccessPolicyRequireGeo
GithubOrganization GetZeroTrustAccessPolicyRequireGithubOrganization
Group GetZeroTrustAccessPolicyRequireGroup
Gsuite GetZeroTrustAccessPolicyRequireGsuite
Ip GetZeroTrustAccessPolicyRequireIp
IpList GetZeroTrustAccessPolicyRequireIpList
LoginMethod GetZeroTrustAccessPolicyRequireLoginMethod
Okta GetZeroTrustAccessPolicyRequireOkta
Saml GetZeroTrustAccessPolicyRequireSaml
ServiceToken GetZeroTrustAccessPolicyRequireServiceToken

anyValidServiceToken GetZeroTrustAccessPolicyRequireAnyValidServiceToken: An empty object which matches on all service tokens.
authContext GetZeroTrustAccessPolicyRequireAuthContext
authMethod GetZeroTrustAccessPolicyRequireAuthMethod
azureAd GetZeroTrustAccessPolicyRequireAzureAd
certificate GetZeroTrustAccessPolicyRequireCertificate
commonName GetZeroTrustAccessPolicyRequireCommonName
devicePosture GetZeroTrustAccessPolicyRequireDevicePosture
email GetZeroTrustAccessPolicyRequireEmail
emailDomain GetZeroTrustAccessPolicyRequireEmailDomain
emailList GetZeroTrustAccessPolicyRequireEmailList
everyone GetZeroTrustAccessPolicyRequireEveryone: An empty object which matches on all users.
externalEvaluation GetZeroTrustAccessPolicyRequireExternalEvaluation
geo GetZeroTrustAccessPolicyRequireGeo
githubOrganization GetZeroTrustAccessPolicyRequireGithubOrganization
group GetZeroTrustAccessPolicyRequireGroup
gsuite GetZeroTrustAccessPolicyRequireGsuite
ip GetZeroTrustAccessPolicyRequireIp
ipList GetZeroTrustAccessPolicyRequireIpList
loginMethod GetZeroTrustAccessPolicyRequireLoginMethod
okta GetZeroTrustAccessPolicyRequireOkta
saml GetZeroTrustAccessPolicyRequireSaml
serviceToken GetZeroTrustAccessPolicyRequireServiceToken

anyValidServiceToken GetZeroTrustAccessPolicyRequireAnyValidServiceToken: An empty object which matches on all service tokens.
authContext GetZeroTrustAccessPolicyRequireAuthContext
authMethod GetZeroTrustAccessPolicyRequireAuthMethod
azureAd GetZeroTrustAccessPolicyRequireAzureAd
certificate GetZeroTrustAccessPolicyRequireCertificate
commonName GetZeroTrustAccessPolicyRequireCommonName
devicePosture GetZeroTrustAccessPolicyRequireDevicePosture
email GetZeroTrustAccessPolicyRequireEmail
emailDomain GetZeroTrustAccessPolicyRequireEmailDomain
emailList GetZeroTrustAccessPolicyRequireEmailList
everyone GetZeroTrustAccessPolicyRequireEveryone: An empty object which matches on all users.
externalEvaluation GetZeroTrustAccessPolicyRequireExternalEvaluation
geo GetZeroTrustAccessPolicyRequireGeo
githubOrganization GetZeroTrustAccessPolicyRequireGithubOrganization
group GetZeroTrustAccessPolicyRequireGroup
gsuite GetZeroTrustAccessPolicyRequireGsuite
ip GetZeroTrustAccessPolicyRequireIp
ipList GetZeroTrustAccessPolicyRequireIpList
loginMethod GetZeroTrustAccessPolicyRequireLoginMethod
okta GetZeroTrustAccessPolicyRequireOkta
saml GetZeroTrustAccessPolicyRequireSaml
serviceToken GetZeroTrustAccessPolicyRequireServiceToken

any_valid_service_token GetZeroTrustAccessPolicyRequireAnyValidServiceToken: An empty object which matches on all service tokens.
auth_context GetZeroTrustAccessPolicyRequireAuthContext
auth_method GetZeroTrustAccessPolicyRequireAuthMethod
azure_ad GetZeroTrustAccessPolicyRequireAzureAd
certificate GetZeroTrustAccessPolicyRequireCertificate
common_name GetZeroTrustAccessPolicyRequireCommonName
device_posture GetZeroTrustAccessPolicyRequireDevicePosture
email GetZeroTrustAccessPolicyRequireEmail
email_domain GetZeroTrustAccessPolicyRequireEmailDomain
email_list GetZeroTrustAccessPolicyRequireEmailList
everyone GetZeroTrustAccessPolicyRequireEveryone: An empty object which matches on all users.
external_evaluation GetZeroTrustAccessPolicyRequireExternalEvaluation
geo GetZeroTrustAccessPolicyRequireGeo
github_organization GetZeroTrustAccessPolicyRequireGithubOrganization
group GetZeroTrustAccessPolicyRequireGroup
gsuite GetZeroTrustAccessPolicyRequireGsuite
ip GetZeroTrustAccessPolicyRequireIp
ip_list GetZeroTrustAccessPolicyRequireIpList
login_method GetZeroTrustAccessPolicyRequireLoginMethod
okta GetZeroTrustAccessPolicyRequireOkta
saml GetZeroTrustAccessPolicyRequireSaml
service_token GetZeroTrustAccessPolicyRequireServiceToken

anyValidServiceToken Property Map: An empty object which matches on all service tokens.
authContext Property Map
authMethod Property Map
azureAd Property Map
certificate Property Map
commonName Property Map
devicePosture Property Map
email Property Map
emailDomain Property Map
emailList Property Map
everyone Property Map: An empty object which matches on all users.
externalEvaluation Property Map
geo Property Map
githubOrganization Property Map
group Property Map
gsuite Property Map
ip Property Map
ipList Property Map
loginMethod Property Map
okta Property Map
saml Property Map
serviceToken Property Map

GetZeroTrustAccessPolicyRequireAuthContext

AcId string: The ACID of an Authentication context.
Id string: The ID of an Authentication context.
IdentityProviderId string: The ID of your Azure identity provider.

AcId string: The ACID of an Authentication context.
Id string: The ID of an Authentication context.
IdentityProviderId string: The ID of your Azure identity provider.

acId String: The ACID of an Authentication context.
id String: The ID of an Authentication context.
identityProviderId String: The ID of your Azure identity provider.

acId string: The ACID of an Authentication context.
id string: The ID of an Authentication context.
identityProviderId string: The ID of your Azure identity provider.

ac_id str: The ACID of an Authentication context.
id str: The ID of an Authentication context.
identity_provider_id str: The ID of your Azure identity provider.

acId String: The ACID of an Authentication context.
id String: The ID of an Authentication context.
identityProviderId String: The ID of your Azure identity provider.

GetZeroTrustAccessPolicyRequireAuthMethod

AuthMethod string: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

AuthMethod string: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

authMethod String: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

authMethod string: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

auth_method str: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

authMethod String: The type of authentication method https://datatracker.ietf.org/doc/html/rfc8176#section-2.

GetZeroTrustAccessPolicyRequireAzureAd

Id string: The ID of an Azure group.
IdentityProviderId string: The ID of your Azure identity provider.

Id string: The ID of an Azure group.
IdentityProviderId string: The ID of your Azure identity provider.

id String: The ID of an Azure group.
identityProviderId String: The ID of your Azure identity provider.

id string: The ID of an Azure group.
identityProviderId string: The ID of your Azure identity provider.

id str: The ID of an Azure group.
identity_provider_id str: The ID of your Azure identity provider.

id String: The ID of an Azure group.
identityProviderId String: The ID of your Azure identity provider.

GetZeroTrustAccessPolicyRequireCommonName

CommonName string: The common name to match.

CommonName string: The common name to match.

commonName String: The common name to match.

commonName string: The common name to match.

common_name str: The common name to match.

commonName String: The common name to match.

GetZeroTrustAccessPolicyRequireDevicePosture

IntegrationUid string: The ID of a device posture integration.

IntegrationUid string: The ID of a device posture integration.

integrationUid String: The ID of a device posture integration.

integrationUid string: The ID of a device posture integration.

integration_uid str: The ID of a device posture integration.

integrationUid String: The ID of a device posture integration.

GetZeroTrustAccessPolicyRequireEmail

Email string: The email of the user.

Email string: The email of the user.

email String: The email of the user.

email string: The email of the user.

email str: The email of the user.

email String: The email of the user.

GetZeroTrustAccessPolicyRequireEmailDomain

Domain string: The email domain to match.

Domain string: The email domain to match.

domain String: The email domain to match.

domain string: The email domain to match.

domain str: The email domain to match.

domain String: The email domain to match.

GetZeroTrustAccessPolicyRequireEmailList

Id string: The ID of a previously created email list.

Id string: The ID of a previously created email list.

id String: The ID of a previously created email list.

id string: The ID of a previously created email list.

id str: The ID of a previously created email list.

id String: The ID of a previously created email list.

GetZeroTrustAccessPolicyRequireExternalEvaluation

EvaluateUrl string: The API endpoint containing your business logic.
KeysUrl string: The API endpoint containing the key that Access uses to verify that the response came from your API.

EvaluateUrl string: The API endpoint containing your business logic.
KeysUrl string: The API endpoint containing the key that Access uses to verify that the response came from your API.

evaluateUrl String: The API endpoint containing your business logic.
keysUrl String: The API endpoint containing the key that Access uses to verify that the response came from your API.

evaluateUrl string: The API endpoint containing your business logic.
keysUrl string: The API endpoint containing the key that Access uses to verify that the response came from your API.

evaluate_url str: The API endpoint containing your business logic.
keys_url str: The API endpoint containing the key that Access uses to verify that the response came from your API.

evaluateUrl String: The API endpoint containing your business logic.
keysUrl String: The API endpoint containing the key that Access uses to verify that the response came from your API.

GetZeroTrustAccessPolicyRequireGeo

CountryCode string: The country code that should be matched.

CountryCode string: The country code that should be matched.

countryCode String: The country code that should be matched.

countryCode string: The country code that should be matched.

country_code str: The country code that should be matched.

countryCode String: The country code that should be matched.

GetZeroTrustAccessPolicyRequireGithubOrganization

IdentityProviderId string: The ID of your Github identity provider.
Name string: The name of the organization.
Team string: The name of the team

IdentityProviderId string: The ID of your Github identity provider.
Name string: The name of the organization.
Team string: The name of the team

identityProviderId String: The ID of your Github identity provider.
name String: The name of the organization.
team String: The name of the team

identityProviderId string: The ID of your Github identity provider.
name string: The name of the organization.
team string: The name of the team

identity_provider_id str: The ID of your Github identity provider.
name str: The name of the organization.
team str: The name of the team

identityProviderId String: The ID of your Github identity provider.
name String: The name of the organization.
team String: The name of the team

GetZeroTrustAccessPolicyRequireGroup

Id string: The ID of a previously created Access group.

Id string: The ID of a previously created Access group.

id String: The ID of a previously created Access group.

id string: The ID of a previously created Access group.

id str: The ID of a previously created Access group.

id String: The ID of a previously created Access group.

GetZeroTrustAccessPolicyRequireGsuite

Email string: The email of the Google Workspace group.
IdentityProviderId string: The ID of your Google Workspace identity provider.

Email string: The email of the Google Workspace group.
IdentityProviderId string: The ID of your Google Workspace identity provider.

email String: The email of the Google Workspace group.
identityProviderId String: The ID of your Google Workspace identity provider.

email string: The email of the Google Workspace group.
identityProviderId string: The ID of your Google Workspace identity provider.

email str: The email of the Google Workspace group.
identity_provider_id str: The ID of your Google Workspace identity provider.

email String: The email of the Google Workspace group.
identityProviderId String: The ID of your Google Workspace identity provider.

GetZeroTrustAccessPolicyRequireIp

Ip string: An IPv4 or IPv6 CIDR block.

Ip string: An IPv4 or IPv6 CIDR block.

ip String: An IPv4 or IPv6 CIDR block.

ip string: An IPv4 or IPv6 CIDR block.

ip str: An IPv4 or IPv6 CIDR block.

ip String: An IPv4 or IPv6 CIDR block.

GetZeroTrustAccessPolicyRequireIpList

Id string: The ID of a previously created IP list.

Id string: The ID of a previously created IP list.

id String: The ID of a previously created IP list.

id string: The ID of a previously created IP list.

id str: The ID of a previously created IP list.

id String: The ID of a previously created IP list.

GetZeroTrustAccessPolicyRequireLoginMethod

Id string: The ID of an identity provider.

Id string: The ID of an identity provider.

id String: The ID of an identity provider.

id string: The ID of an identity provider.

id str: The ID of an identity provider.

id String: The ID of an identity provider.

GetZeroTrustAccessPolicyRequireOkta

IdentityProviderId string: The ID of your Okta identity provider.
Name string: The name of the Okta group.

IdentityProviderId string: The ID of your Okta identity provider.
Name string: The name of the Okta group.

identityProviderId String: The ID of your Okta identity provider.
name String: The name of the Okta group.

identityProviderId string: The ID of your Okta identity provider.
name string: The name of the Okta group.

identity_provider_id str: The ID of your Okta identity provider.
name str: The name of the Okta group.

identityProviderId String: The ID of your Okta identity provider.
name String: The name of the Okta group.

GetZeroTrustAccessPolicyRequireSaml

AttributeName string: The name of the SAML attribute.
AttributeValue string: The SAML attribute value to look for.
IdentityProviderId string: The ID of your SAML identity provider.

AttributeName string: The name of the SAML attribute.
AttributeValue string: The SAML attribute value to look for.
IdentityProviderId string: The ID of your SAML identity provider.

attributeName String: The name of the SAML attribute.
attributeValue String: The SAML attribute value to look for.
identityProviderId String: The ID of your SAML identity provider.

attributeName string: The name of the SAML attribute.
attributeValue string: The SAML attribute value to look for.
identityProviderId string: The ID of your SAML identity provider.

attribute_name str: The name of the SAML attribute.
attribute_value str: The SAML attribute value to look for.
identity_provider_id str: The ID of your SAML identity provider.

attributeName String: The name of the SAML attribute.
attributeValue String: The SAML attribute value to look for.
identityProviderId String: The ID of your SAML identity provider.

GetZeroTrustAccessPolicyRequireServiceToken

TokenId string: The ID of a Service Token.

TokenId string: The ID of a Service Token.

tokenId String: The ID of a Service Token.

tokenId string: The ID of a Service Token.

token_id str: The ID of a Service Token.

tokenId String: The ID of a Service Token.

Package Details

Repository: Cloudflare pulumi/pulumi-cloudflare
License: Apache-2.0
Notes: This Pulumi package is based on the cloudflare Terraform Provider.

Cloudflare v6.1.2 published on Monday, Apr 28, 2025 by Pulumi

pulumi/pulumi-cloudflare

cloudflare.getZeroTrustAccessPolicy

On this page

On this page

Example Usage

Using getZeroTrustAccessPolicy

getZeroTrustAccessPolicy Result

Supporting Types

GetZeroTrustAccessPolicyApprovalGroup

GetZeroTrustAccessPolicyExclude

GetZeroTrustAccessPolicyExcludeAuthContext

GetZeroTrustAccessPolicyExcludeAuthMethod

GetZeroTrustAccessPolicyExcludeAzureAd

GetZeroTrustAccessPolicyExcludeCommonName

GetZeroTrustAccessPolicyExcludeDevicePosture

GetZeroTrustAccessPolicyExcludeEmail

GetZeroTrustAccessPolicyExcludeEmailDomain

GetZeroTrustAccessPolicyExcludeEmailList

GetZeroTrustAccessPolicyExcludeExternalEvaluation

GetZeroTrustAccessPolicyExcludeGeo

GetZeroTrustAccessPolicyExcludeGithubOrganization

GetZeroTrustAccessPolicyExcludeGroup

GetZeroTrustAccessPolicyExcludeGsuite

GetZeroTrustAccessPolicyExcludeIp

GetZeroTrustAccessPolicyExcludeIpList

GetZeroTrustAccessPolicyExcludeLoginMethod

GetZeroTrustAccessPolicyExcludeOkta

GetZeroTrustAccessPolicyExcludeSaml

GetZeroTrustAccessPolicyExcludeServiceToken

GetZeroTrustAccessPolicyInclude

GetZeroTrustAccessPolicyIncludeAuthContext

GetZeroTrustAccessPolicyIncludeAuthMethod

GetZeroTrustAccessPolicyIncludeAzureAd

GetZeroTrustAccessPolicyIncludeCommonName

GetZeroTrustAccessPolicyIncludeDevicePosture

GetZeroTrustAccessPolicyIncludeEmail

GetZeroTrustAccessPolicyIncludeEmailDomain

GetZeroTrustAccessPolicyIncludeEmailList

GetZeroTrustAccessPolicyIncludeExternalEvaluation

GetZeroTrustAccessPolicyIncludeGeo

GetZeroTrustAccessPolicyIncludeGithubOrganization

GetZeroTrustAccessPolicyIncludeGroup

GetZeroTrustAccessPolicyIncludeGsuite

GetZeroTrustAccessPolicyIncludeIp

GetZeroTrustAccessPolicyIncludeIpList

GetZeroTrustAccessPolicyIncludeLoginMethod

GetZeroTrustAccessPolicyIncludeOkta

GetZeroTrustAccessPolicyIncludeSaml

GetZeroTrustAccessPolicyIncludeServiceToken

GetZeroTrustAccessPolicyRequire

GetZeroTrustAccessPolicyRequireAuthContext

GetZeroTrustAccessPolicyRequireAuthMethod

GetZeroTrustAccessPolicyRequireAzureAd

GetZeroTrustAccessPolicyRequireCommonName

GetZeroTrustAccessPolicyRequireDevicePosture

GetZeroTrustAccessPolicyRequireEmail

GetZeroTrustAccessPolicyRequireEmailDomain

GetZeroTrustAccessPolicyRequireEmailList

GetZeroTrustAccessPolicyRequireExternalEvaluation

GetZeroTrustAccessPolicyRequireGeo

GetZeroTrustAccessPolicyRequireGithubOrganization

GetZeroTrustAccessPolicyRequireGroup

GetZeroTrustAccessPolicyRequireGsuite

GetZeroTrustAccessPolicyRequireIp

GetZeroTrustAccessPolicyRequireIpList

GetZeroTrustAccessPolicyRequireLoginMethod

GetZeroTrustAccessPolicyRequireOkta

GetZeroTrustAccessPolicyRequireSaml

GetZeroTrustAccessPolicyRequireServiceToken

Package Details

On this page

On this page