Cloudflare v6.11.0, Oct 31 25

Cloudflare v6.11.0 published on Friday, Oct 31, 2025 by Pulumi

cloudflare.getZeroTrustGatewayPolicies

Cloudflare v6.11.0 published on Friday, Oct 31, 2025 by Pulumi

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";

const exampleZeroTrustGatewayPolicies = cloudflare.getZeroTrustGatewayPolicies({
    accountId: "699d98642c564d2e855e9661899b7252",
});

import pulumi
import pulumi_cloudflare as cloudflare

example_zero_trust_gateway_policies = cloudflare.get_zero_trust_gateway_policies(account_id="699d98642c564d2e855e9661899b7252")

package main

import (
	"github.com/pulumi/pulumi-cloudflare/sdk/v6/go/cloudflare"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := cloudflare.LookupZeroTrustGatewayPolicies(ctx, &cloudflare.LookupZeroTrustGatewayPoliciesArgs{
			AccountId: "699d98642c564d2e855e9661899b7252",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;

return await Deployment.RunAsync(() => 
{
    var exampleZeroTrustGatewayPolicies = Cloudflare.GetZeroTrustGatewayPolicies.Invoke(new()
    {
        AccountId = "699d98642c564d2e855e9661899b7252",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudflare.CloudflareFunctions;
import com.pulumi.cloudflare.inputs.GetZeroTrustGatewayPoliciesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var exampleZeroTrustGatewayPolicies = CloudflareFunctions.getZeroTrustGatewayPolicies(GetZeroTrustGatewayPoliciesArgs.builder()
            .accountId("699d98642c564d2e855e9661899b7252")
            .build());

    }
}

variables:
  exampleZeroTrustGatewayPolicies:
    fn::invoke:
      function: cloudflare:getZeroTrustGatewayPolicies
      arguments:
        accountId: 699d98642c564d2e855e9661899b7252

Using getZeroTrustGatewayPolicies

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getZeroTrustGatewayPolicies(args: GetZeroTrustGatewayPoliciesArgs, opts?: InvokeOptions): Promise<GetZeroTrustGatewayPoliciesResult>
function getZeroTrustGatewayPoliciesOutput(args: GetZeroTrustGatewayPoliciesOutputArgs, opts?: InvokeOptions): Output<GetZeroTrustGatewayPoliciesResult>

def get_zero_trust_gateway_policies(account_id: Optional[str] = None,
                                    max_items: Optional[int] = None,
                                    opts: Optional[InvokeOptions] = None) -> GetZeroTrustGatewayPoliciesResult
def get_zero_trust_gateway_policies_output(account_id: Optional[pulumi.Input[str]] = None,
                                    max_items: Optional[pulumi.Input[int]] = None,
                                    opts: Optional[InvokeOptions] = None) -> Output[GetZeroTrustGatewayPoliciesResult]

func LookupZeroTrustGatewayPolicies(ctx *Context, args *LookupZeroTrustGatewayPoliciesArgs, opts ...InvokeOption) (*LookupZeroTrustGatewayPoliciesResult, error)
func LookupZeroTrustGatewayPoliciesOutput(ctx *Context, args *LookupZeroTrustGatewayPoliciesOutputArgs, opts ...InvokeOption) LookupZeroTrustGatewayPoliciesResultOutput

> Note: This function is named LookupZeroTrustGatewayPolicies in the Go SDK.

public static class GetZeroTrustGatewayPolicies 
{
    public static Task<GetZeroTrustGatewayPoliciesResult> InvokeAsync(GetZeroTrustGatewayPoliciesArgs args, InvokeOptions? opts = null)
    public static Output<GetZeroTrustGatewayPoliciesResult> Invoke(GetZeroTrustGatewayPoliciesInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetZeroTrustGatewayPoliciesResult> getZeroTrustGatewayPolicies(GetZeroTrustGatewayPoliciesArgs args, InvokeOptions options)
public static Output<GetZeroTrustGatewayPoliciesResult> getZeroTrustGatewayPolicies(GetZeroTrustGatewayPoliciesArgs args, InvokeOptions options)

fn::invoke:
  function: cloudflare:index/getZeroTrustGatewayPolicies:getZeroTrustGatewayPolicies
  arguments:
    # arguments dictionary

The following arguments are supported:

AccountId string
MaxItems int: Max items to fetch, default: 1000

AccountId string
MaxItems int: Max items to fetch, default: 1000

accountId String
maxItems Integer: Max items to fetch, default: 1000

accountId string
maxItems number: Max items to fetch, default: 1000

account_id str
max_items int: Max items to fetch, default: 1000

accountId String
maxItems Number: Max items to fetch, default: 1000

getZeroTrustGatewayPolicies Result

The following output properties are available:

AccountId string
Id string: The provider-assigned unique ID for this managed resource.
Results List<GetZeroTrustGatewayPoliciesResult>: The items returned by the data source
MaxItems int: Max items to fetch, default: 1000

AccountId string
Id string: The provider-assigned unique ID for this managed resource.
Results []GetZeroTrustGatewayPoliciesResult: The items returned by the data source
MaxItems int: Max items to fetch, default: 1000

accountId String
id String: The provider-assigned unique ID for this managed resource.
results List<GetZeroTrustGatewayPoliciesResult>: The items returned by the data source
maxItems Integer: Max items to fetch, default: 1000

accountId string
id string: The provider-assigned unique ID for this managed resource.
results GetZeroTrustGatewayPoliciesResult[]: The items returned by the data source
maxItems number: Max items to fetch, default: 1000

account_id str
id str: The provider-assigned unique ID for this managed resource.
results Sequence[GetZeroTrustGatewayPoliciesResult]: The items returned by the data source
max_items int: Max items to fetch, default: 1000

accountId String
id String: The provider-assigned unique ID for this managed resource.
results List<Property Map>: The items returned by the data source
maxItems Number: Max items to fetch, default: 1000

Supporting Types

GetZeroTrustGatewayPoliciesResult

Action string: Specify the action to perform when the associated traffic, identity, and device posture expressions either absent or evaluate to true. Available values: "on", "off", "allow", "block", "scan", "noscan", "safesearch", "ytrestricted", "isolate", "noisolate", "override", "l4_override", "egress", "resolve", "quarantine", "redirect".
CreatedAt string
DeletedAt string: Indicate the date of deletion, if any.
Description string: Specify the rule description.
DevicePosture string
Enabled bool: Specify whether the rule is enabled.
Expiration GetZeroTrustGatewayPoliciesResultExpiration: Defines the expiration time stamp and default duration of a DNS policy. Takes precedence over the policy's schedule configuration, if any. This does not apply to HTTP or network policies. Settable only for dns rules.
Filters List<string>: Specify the protocol or layer to evaluate the traffic, identity, and device posture expressions. Can only contain a single value.
Id string: Identify the API resource with a UUID.
Identity string
Name string: Specify the rule name.
Precedence int
ReadOnly bool: Indicate that this rule is shared via the Orgs API and read only.
RuleSettings GetZeroTrustGatewayPoliciesResultRuleSettings
Schedule GetZeroTrustGatewayPoliciesResultSchedule: Defines the schedule for activating DNS policies. Settable only for dns and dns_resolver rules.
Sharable bool: Indicate that this rule is sharable via the Orgs API.
SourceAccount string: Provide the account tag of the account that created the rule.
Traffic string
UpdatedAt string
Version int: Indicate the version number of the rule(read-only).
WarningStatus string: Indicate a warning for a misconfigured rule, if any.

Action string: Specify the action to perform when the associated traffic, identity, and device posture expressions either absent or evaluate to true. Available values: "on", "off", "allow", "block", "scan", "noscan", "safesearch", "ytrestricted", "isolate", "noisolate", "override", "l4_override", "egress", "resolve", "quarantine", "redirect".
CreatedAt string
DeletedAt string: Indicate the date of deletion, if any.
Description string: Specify the rule description.
DevicePosture string
Enabled bool: Specify whether the rule is enabled.
Expiration GetZeroTrustGatewayPoliciesResultExpiration: Defines the expiration time stamp and default duration of a DNS policy. Takes precedence over the policy's schedule configuration, if any. This does not apply to HTTP or network policies. Settable only for dns rules.
Filters []string: Specify the protocol or layer to evaluate the traffic, identity, and device posture expressions. Can only contain a single value.
Id string: Identify the API resource with a UUID.
Identity string
Name string: Specify the rule name.
Precedence int
ReadOnly bool: Indicate that this rule is shared via the Orgs API and read only.
RuleSettings GetZeroTrustGatewayPoliciesResultRuleSettings
Schedule GetZeroTrustGatewayPoliciesResultSchedule: Defines the schedule for activating DNS policies. Settable only for dns and dns_resolver rules.
Sharable bool: Indicate that this rule is sharable via the Orgs API.
SourceAccount string: Provide the account tag of the account that created the rule.
Traffic string
UpdatedAt string
Version int: Indicate the version number of the rule(read-only).
WarningStatus string: Indicate a warning for a misconfigured rule, if any.

action String: Specify the action to perform when the associated traffic, identity, and device posture expressions either absent or evaluate to true. Available values: "on", "off", "allow", "block", "scan", "noscan", "safesearch", "ytrestricted", "isolate", "noisolate", "override", "l4_override", "egress", "resolve", "quarantine", "redirect".
createdAt String
deletedAt String: Indicate the date of deletion, if any.
description String: Specify the rule description.
devicePosture String
enabled Boolean: Specify whether the rule is enabled.
expiration GetZeroTrustGatewayPoliciesResultExpiration: Defines the expiration time stamp and default duration of a DNS policy. Takes precedence over the policy's schedule configuration, if any. This does not apply to HTTP or network policies. Settable only for dns rules.
filters List<String>: Specify the protocol or layer to evaluate the traffic, identity, and device posture expressions. Can only contain a single value.
id String: Identify the API resource with a UUID.
identity String
name String: Specify the rule name.
precedence Integer
readOnly Boolean: Indicate that this rule is shared via the Orgs API and read only.
ruleSettings GetZeroTrustGatewayPoliciesResultRuleSettings
schedule GetZeroTrustGatewayPoliciesResultSchedule: Defines the schedule for activating DNS policies. Settable only for dns and dns_resolver rules.
sharable Boolean: Indicate that this rule is sharable via the Orgs API.
sourceAccount String: Provide the account tag of the account that created the rule.
traffic String
updatedAt String
version Integer: Indicate the version number of the rule(read-only).
warningStatus String: Indicate a warning for a misconfigured rule, if any.

action string: Specify the action to perform when the associated traffic, identity, and device posture expressions either absent or evaluate to true. Available values: "on", "off", "allow", "block", "scan", "noscan", "safesearch", "ytrestricted", "isolate", "noisolate", "override", "l4_override", "egress", "resolve", "quarantine", "redirect".
createdAt string
deletedAt string: Indicate the date of deletion, if any.
description string: Specify the rule description.
devicePosture string
enabled boolean: Specify whether the rule is enabled.
expiration GetZeroTrustGatewayPoliciesResultExpiration: Defines the expiration time stamp and default duration of a DNS policy. Takes precedence over the policy's schedule configuration, if any. This does not apply to HTTP or network policies. Settable only for dns rules.
filters string[]: Specify the protocol or layer to evaluate the traffic, identity, and device posture expressions. Can only contain a single value.
id string: Identify the API resource with a UUID.
identity string
name string: Specify the rule name.
precedence number
readOnly boolean: Indicate that this rule is shared via the Orgs API and read only.
ruleSettings GetZeroTrustGatewayPoliciesResultRuleSettings
schedule GetZeroTrustGatewayPoliciesResultSchedule: Defines the schedule for activating DNS policies. Settable only for dns and dns_resolver rules.
sharable boolean: Indicate that this rule is sharable via the Orgs API.
sourceAccount string: Provide the account tag of the account that created the rule.
traffic string
updatedAt string
version number: Indicate the version number of the rule(read-only).
warningStatus string: Indicate a warning for a misconfigured rule, if any.

action str: Specify the action to perform when the associated traffic, identity, and device posture expressions either absent or evaluate to true. Available values: "on", "off", "allow", "block", "scan", "noscan", "safesearch", "ytrestricted", "isolate", "noisolate", "override", "l4_override", "egress", "resolve", "quarantine", "redirect".
created_at str
deleted_at str: Indicate the date of deletion, if any.
description str: Specify the rule description.
device_posture str
enabled bool: Specify whether the rule is enabled.
expiration GetZeroTrustGatewayPoliciesResultExpiration: Defines the expiration time stamp and default duration of a DNS policy. Takes precedence over the policy's schedule configuration, if any. This does not apply to HTTP or network policies. Settable only for dns rules.
filters Sequence[str]: Specify the protocol or layer to evaluate the traffic, identity, and device posture expressions. Can only contain a single value.
id str: Identify the API resource with a UUID.
identity str
name str: Specify the rule name.
precedence int
read_only bool: Indicate that this rule is shared via the Orgs API and read only.
rule_settings GetZeroTrustGatewayPoliciesResultRuleSettings
schedule GetZeroTrustGatewayPoliciesResultSchedule: Defines the schedule for activating DNS policies. Settable only for dns and dns_resolver rules.
sharable bool: Indicate that this rule is sharable via the Orgs API.
source_account str: Provide the account tag of the account that created the rule.
traffic str
updated_at str
version int: Indicate the version number of the rule(read-only).
warning_status str: Indicate a warning for a misconfigured rule, if any.

action String: Specify the action to perform when the associated traffic, identity, and device posture expressions either absent or evaluate to true. Available values: "on", "off", "allow", "block", "scan", "noscan", "safesearch", "ytrestricted", "isolate", "noisolate", "override", "l4_override", "egress", "resolve", "quarantine", "redirect".
createdAt String
deletedAt String: Indicate the date of deletion, if any.
description String: Specify the rule description.
devicePosture String
enabled Boolean: Specify whether the rule is enabled.
expiration Property Map: Defines the expiration time stamp and default duration of a DNS policy. Takes precedence over the policy's schedule configuration, if any. This does not apply to HTTP or network policies. Settable only for dns rules.
filters List<String>: Specify the protocol or layer to evaluate the traffic, identity, and device posture expressions. Can only contain a single value.
id String: Identify the API resource with a UUID.
identity String
name String: Specify the rule name.
precedence Number
readOnly Boolean: Indicate that this rule is shared via the Orgs API and read only.
ruleSettings Property Map
schedule Property Map: Defines the schedule for activating DNS policies. Settable only for dns and dns_resolver rules.
sharable Boolean: Indicate that this rule is sharable via the Orgs API.
sourceAccount String: Provide the account tag of the account that created the rule.
traffic String
updatedAt String
version Number: Indicate the version number of the rule(read-only).
warningStatus String: Indicate a warning for a misconfigured rule, if any.

GetZeroTrustGatewayPoliciesResultExpiration

Duration int: Defines the default duration a policy active in minutes. Must set in order to use the reset_expiration endpoint on this rule.
Expired bool: Indicates whether the policy is expired.
ExpiresAt string: Show the timestamp when the policy expires and stops applying. The value must follow RFC 3339 and include a UTC offset. The system accepts non-zero offsets but converts them to the equivalent UTC+00:00 value and returns timestamps with a trailing Z. Expiration policies ignore client timezones and expire globally at the specified expires_at time.

Duration int: Defines the default duration a policy active in minutes. Must set in order to use the reset_expiration endpoint on this rule.
Expired bool: Indicates whether the policy is expired.
ExpiresAt string: Show the timestamp when the policy expires and stops applying. The value must follow RFC 3339 and include a UTC offset. The system accepts non-zero offsets but converts them to the equivalent UTC+00:00 value and returns timestamps with a trailing Z. Expiration policies ignore client timezones and expire globally at the specified expires_at time.

duration Integer: Defines the default duration a policy active in minutes. Must set in order to use the reset_expiration endpoint on this rule.
expired Boolean: Indicates whether the policy is expired.
expiresAt String: Show the timestamp when the policy expires and stops applying. The value must follow RFC 3339 and include a UTC offset. The system accepts non-zero offsets but converts them to the equivalent UTC+00:00 value and returns timestamps with a trailing Z. Expiration policies ignore client timezones and expire globally at the specified expires_at time.

duration number: Defines the default duration a policy active in minutes. Must set in order to use the reset_expiration endpoint on this rule.
expired boolean: Indicates whether the policy is expired.
expiresAt string: Show the timestamp when the policy expires and stops applying. The value must follow RFC 3339 and include a UTC offset. The system accepts non-zero offsets but converts them to the equivalent UTC+00:00 value and returns timestamps with a trailing Z. Expiration policies ignore client timezones and expire globally at the specified expires_at time.

duration int: Defines the default duration a policy active in minutes. Must set in order to use the reset_expiration endpoint on this rule.
expired bool: Indicates whether the policy is expired.
expires_at str: Show the timestamp when the policy expires and stops applying. The value must follow RFC 3339 and include a UTC offset. The system accepts non-zero offsets but converts them to the equivalent UTC+00:00 value and returns timestamps with a trailing Z. Expiration policies ignore client timezones and expire globally at the specified expires_at time.

duration Number: Defines the default duration a policy active in minutes. Must set in order to use the reset_expiration endpoint on this rule.
expired Boolean: Indicates whether the policy is expired.
expiresAt String: Show the timestamp when the policy expires and stops applying. The value must follow RFC 3339 and include a UTC offset. The system accepts non-zero offsets but converts them to the equivalent UTC+00:00 value and returns timestamps with a trailing Z. Expiration policies ignore client timezones and expire globally at the specified expires_at time.

GetZeroTrustGatewayPoliciesResultRuleSettings

AddHeaders Dictionary<string, ImmutableArray<string>>: Add custom headers to allowed requests as key-value pairs. Use header names as keys that map to arrays of header values. Settable only for http rules with the action set to allow.
AllowChildBypass bool: Set to enable MSP children to bypass this rule. Only parent MSP accounts can set this. this rule. Settable for all types of rules.
AuditSsh GetZeroTrustGatewayPoliciesResultRuleSettingsAuditSsh: Define the settings for the Audit SSH action. Settable only for l4 rules with audit_ssh action.
BisoAdminControls GetZeroTrustGatewayPoliciesResultRuleSettingsBisoAdminControls: Configure browser isolation behavior. Settable only for http rules with the action set to isolate.
BlockPage GetZeroTrustGatewayPoliciesResultRuleSettingsBlockPage: Configure custom block page settings. If missing or null, use the account settings. Settable only for http rules with the action set to block.
BlockPageEnabled bool: Enable the custom block page. Settable only for dns rules with action block.
BlockReason string: Explain why the rule blocks the request. The custom block page shows this text (if enabled). Settable only for dns, l4, and http rules when the action set to block.
BypassParentRule bool: Set to enable MSP accounts to bypass their parent's rules. Only MSP child accounts can set this. Settable for all types of rules.
CheckSession GetZeroTrustGatewayPoliciesResultRuleSettingsCheckSession: Configure session check behavior. Settable only for l4 and http rules with the action set to allow.
DnsResolvers GetZeroTrustGatewayPoliciesResultRuleSettingsDnsResolvers: Configure custom resolvers to route queries that match the resolver policy. Unused with 'resolvednsthroughcloudflare' or 'resolvedns*internally' settings. DNS queries get routed to the address closest to their origin. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
Egress GetZeroTrustGatewayPoliciesResultRuleSettingsEgress: Configure how Gateway Proxy traffic egresses. You can enable this setting for rules with Egress actions and filters, or omit it to indicate local egress via WARP IPs. Settable only for egress rules.
IgnoreCnameCategoryMatches bool: Ignore category matches at CNAME domains in a response. When off, evaluate categories in this rule against all CNAME domain categories in the response. Settable only for dns and dns_resolver rules.
InsecureDisableDnssecValidation bool: Specify whether to disable DNSSEC validation (for Allow actions) [INSECURE]. Settable only for dns rules.
IpCategories bool: Enable IPs in DNS resolver category blocks. The system blocks only domain name categories unless you enable this setting. Settable only for dns and dns_resolver rules.
IpIndicatorFeeds bool: Indicates whether to include IPs in DNS resolver indicator feed blocks. Default, indicator feeds block only domain names. Settable only for dns and dns_resolver rules.
L4override GetZeroTrustGatewayPoliciesResultRuleSettingsL4override: Send matching traffic to the supplied destination IP address and port. Settable only for l4 rules with the action set to l4_override.
NotificationSettings GetZeroTrustGatewayPoliciesResultRuleSettingsNotificationSettings: Configure a notification to display on the user's device when this rule matched. Settable for all types of rules with the action set to block.
OverrideHost string: Defines a hostname for override, for the matching DNS queries. Settable only for dns rules with the action set to override.
OverrideIps List<string>: Defines a an IP or set of IPs for overriding matched DNS queries. Settable only for dns rules with the action set to override.
PayloadLog GetZeroTrustGatewayPoliciesResultRuleSettingsPayloadLog: Configure DLP payload logging. Settable only for http rules.
Quarantine GetZeroTrustGatewayPoliciesResultRuleSettingsQuarantine: Configure settings that apply to quarantine rules. Settable only for http rules.
Redirect GetZeroTrustGatewayPoliciesResultRuleSettingsRedirect: Apply settings to redirect rules. Settable only for http rules with the action set to redirect.
ResolveDnsInternally GetZeroTrustGatewayPoliciesResultRuleSettingsResolveDnsInternally: Configure to forward the query to the internal DNS service, passing the specified 'viewid' as input. Not used when 'dnsresolvers' is specified or 'resolvednsthrough*cloudflare' is set. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
ResolveDnsThroughCloudflare bool: Enable to send queries that match the policy to Cloudflare's default 1.1.1.1 DNS resolver. Cannot set when 'dnsresolvers' specified or 'resolvedns_internally' is set. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
UntrustedCert GetZeroTrustGatewayPoliciesResultRuleSettingsUntrustedCert: Configure behavior when an upstream certificate is invalid or an SSL error occurs. Settable only for http rules with the action set to allow.

AddHeaders map[string][]string: Add custom headers to allowed requests as key-value pairs. Use header names as keys that map to arrays of header values. Settable only for http rules with the action set to allow.
AllowChildBypass bool: Set to enable MSP children to bypass this rule. Only parent MSP accounts can set this. this rule. Settable for all types of rules.
AuditSsh GetZeroTrustGatewayPoliciesResultRuleSettingsAuditSsh: Define the settings for the Audit SSH action. Settable only for l4 rules with audit_ssh action.
BisoAdminControls GetZeroTrustGatewayPoliciesResultRuleSettingsBisoAdminControls: Configure browser isolation behavior. Settable only for http rules with the action set to isolate.
BlockPage GetZeroTrustGatewayPoliciesResultRuleSettingsBlockPage: Configure custom block page settings. If missing or null, use the account settings. Settable only for http rules with the action set to block.
BlockPageEnabled bool: Enable the custom block page. Settable only for dns rules with action block.
BlockReason string: Explain why the rule blocks the request. The custom block page shows this text (if enabled). Settable only for dns, l4, and http rules when the action set to block.
BypassParentRule bool: Set to enable MSP accounts to bypass their parent's rules. Only MSP child accounts can set this. Settable for all types of rules.
CheckSession GetZeroTrustGatewayPoliciesResultRuleSettingsCheckSession: Configure session check behavior. Settable only for l4 and http rules with the action set to allow.
DnsResolvers GetZeroTrustGatewayPoliciesResultRuleSettingsDnsResolvers: Configure custom resolvers to route queries that match the resolver policy. Unused with 'resolvednsthroughcloudflare' or 'resolvedns*internally' settings. DNS queries get routed to the address closest to their origin. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
Egress GetZeroTrustGatewayPoliciesResultRuleSettingsEgress: Configure how Gateway Proxy traffic egresses. You can enable this setting for rules with Egress actions and filters, or omit it to indicate local egress via WARP IPs. Settable only for egress rules.
IgnoreCnameCategoryMatches bool: Ignore category matches at CNAME domains in a response. When off, evaluate categories in this rule against all CNAME domain categories in the response. Settable only for dns and dns_resolver rules.
InsecureDisableDnssecValidation bool: Specify whether to disable DNSSEC validation (for Allow actions) [INSECURE]. Settable only for dns rules.
IpCategories bool: Enable IPs in DNS resolver category blocks. The system blocks only domain name categories unless you enable this setting. Settable only for dns and dns_resolver rules.
IpIndicatorFeeds bool: Indicates whether to include IPs in DNS resolver indicator feed blocks. Default, indicator feeds block only domain names. Settable only for dns and dns_resolver rules.
L4override GetZeroTrustGatewayPoliciesResultRuleSettingsL4override: Send matching traffic to the supplied destination IP address and port. Settable only for l4 rules with the action set to l4_override.
NotificationSettings GetZeroTrustGatewayPoliciesResultRuleSettingsNotificationSettings: Configure a notification to display on the user's device when this rule matched. Settable for all types of rules with the action set to block.
OverrideHost string: Defines a hostname for override, for the matching DNS queries. Settable only for dns rules with the action set to override.
OverrideIps []string: Defines a an IP or set of IPs for overriding matched DNS queries. Settable only for dns rules with the action set to override.
PayloadLog GetZeroTrustGatewayPoliciesResultRuleSettingsPayloadLog: Configure DLP payload logging. Settable only for http rules.
Quarantine GetZeroTrustGatewayPoliciesResultRuleSettingsQuarantine: Configure settings that apply to quarantine rules. Settable only for http rules.
Redirect GetZeroTrustGatewayPoliciesResultRuleSettingsRedirect: Apply settings to redirect rules. Settable only for http rules with the action set to redirect.
ResolveDnsInternally GetZeroTrustGatewayPoliciesResultRuleSettingsResolveDnsInternally: Configure to forward the query to the internal DNS service, passing the specified 'viewid' as input. Not used when 'dnsresolvers' is specified or 'resolvednsthrough*cloudflare' is set. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
ResolveDnsThroughCloudflare bool: Enable to send queries that match the policy to Cloudflare's default 1.1.1.1 DNS resolver. Cannot set when 'dnsresolvers' specified or 'resolvedns_internally' is set. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
UntrustedCert GetZeroTrustGatewayPoliciesResultRuleSettingsUntrustedCert: Configure behavior when an upstream certificate is invalid or an SSL error occurs. Settable only for http rules with the action set to allow.

addHeaders Map<String,List<String>>: Add custom headers to allowed requests as key-value pairs. Use header names as keys that map to arrays of header values. Settable only for http rules with the action set to allow.
allowChildBypass Boolean: Set to enable MSP children to bypass this rule. Only parent MSP accounts can set this. this rule. Settable for all types of rules.
auditSsh GetZeroTrustGatewayPoliciesResultRuleSettingsAuditSsh: Define the settings for the Audit SSH action. Settable only for l4 rules with audit_ssh action.
bisoAdminControls GetZeroTrustGatewayPoliciesResultRuleSettingsBisoAdminControls: Configure browser isolation behavior. Settable only for http rules with the action set to isolate.
blockPage GetZeroTrustGatewayPoliciesResultRuleSettingsBlockPage: Configure custom block page settings. If missing or null, use the account settings. Settable only for http rules with the action set to block.
blockPageEnabled Boolean: Enable the custom block page. Settable only for dns rules with action block.
blockReason String: Explain why the rule blocks the request. The custom block page shows this text (if enabled). Settable only for dns, l4, and http rules when the action set to block.
bypassParentRule Boolean: Set to enable MSP accounts to bypass their parent's rules. Only MSP child accounts can set this. Settable for all types of rules.
checkSession GetZeroTrustGatewayPoliciesResultRuleSettingsCheckSession: Configure session check behavior. Settable only for l4 and http rules with the action set to allow.
dnsResolvers GetZeroTrustGatewayPoliciesResultRuleSettingsDnsResolvers: Configure custom resolvers to route queries that match the resolver policy. Unused with 'resolvednsthroughcloudflare' or 'resolvedns*internally' settings. DNS queries get routed to the address closest to their origin. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
egress GetZeroTrustGatewayPoliciesResultRuleSettingsEgress: Configure how Gateway Proxy traffic egresses. You can enable this setting for rules with Egress actions and filters, or omit it to indicate local egress via WARP IPs. Settable only for egress rules.
ignoreCnameCategoryMatches Boolean: Ignore category matches at CNAME domains in a response. When off, evaluate categories in this rule against all CNAME domain categories in the response. Settable only for dns and dns_resolver rules.
insecureDisableDnssecValidation Boolean: Specify whether to disable DNSSEC validation (for Allow actions) [INSECURE]. Settable only for dns rules.
ipCategories Boolean: Enable IPs in DNS resolver category blocks. The system blocks only domain name categories unless you enable this setting. Settable only for dns and dns_resolver rules.
ipIndicatorFeeds Boolean: Indicates whether to include IPs in DNS resolver indicator feed blocks. Default, indicator feeds block only domain names. Settable only for dns and dns_resolver rules.
l4override GetZeroTrustGatewayPoliciesResultRuleSettingsL4override: Send matching traffic to the supplied destination IP address and port. Settable only for l4 rules with the action set to l4_override.
notificationSettings GetZeroTrustGatewayPoliciesResultRuleSettingsNotificationSettings: Configure a notification to display on the user's device when this rule matched. Settable for all types of rules with the action set to block.
overrideHost String: Defines a hostname for override, for the matching DNS queries. Settable only for dns rules with the action set to override.
overrideIps List<String>: Defines a an IP or set of IPs for overriding matched DNS queries. Settable only for dns rules with the action set to override.
payloadLog GetZeroTrustGatewayPoliciesResultRuleSettingsPayloadLog: Configure DLP payload logging. Settable only for http rules.
quarantine GetZeroTrustGatewayPoliciesResultRuleSettingsQuarantine: Configure settings that apply to quarantine rules. Settable only for http rules.
redirect GetZeroTrustGatewayPoliciesResultRuleSettingsRedirect: Apply settings to redirect rules. Settable only for http rules with the action set to redirect.
resolveDnsInternally GetZeroTrustGatewayPoliciesResultRuleSettingsResolveDnsInternally: Configure to forward the query to the internal DNS service, passing the specified 'viewid' as input. Not used when 'dnsresolvers' is specified or 'resolvednsthrough*cloudflare' is set. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
resolveDnsThroughCloudflare Boolean: Enable to send queries that match the policy to Cloudflare's default 1.1.1.1 DNS resolver. Cannot set when 'dnsresolvers' specified or 'resolvedns_internally' is set. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
untrustedCert GetZeroTrustGatewayPoliciesResultRuleSettingsUntrustedCert: Configure behavior when an upstream certificate is invalid or an SSL error occurs. Settable only for http rules with the action set to allow.

addHeaders {[key: string]: string[]}: Add custom headers to allowed requests as key-value pairs. Use header names as keys that map to arrays of header values. Settable only for http rules with the action set to allow.
allowChildBypass boolean: Set to enable MSP children to bypass this rule. Only parent MSP accounts can set this. this rule. Settable for all types of rules.
auditSsh GetZeroTrustGatewayPoliciesResultRuleSettingsAuditSsh: Define the settings for the Audit SSH action. Settable only for l4 rules with audit_ssh action.
bisoAdminControls GetZeroTrustGatewayPoliciesResultRuleSettingsBisoAdminControls: Configure browser isolation behavior. Settable only for http rules with the action set to isolate.
blockPage GetZeroTrustGatewayPoliciesResultRuleSettingsBlockPage: Configure custom block page settings. If missing or null, use the account settings. Settable only for http rules with the action set to block.
blockPageEnabled boolean: Enable the custom block page. Settable only for dns rules with action block.
blockReason string: Explain why the rule blocks the request. The custom block page shows this text (if enabled). Settable only for dns, l4, and http rules when the action set to block.
bypassParentRule boolean: Set to enable MSP accounts to bypass their parent's rules. Only MSP child accounts can set this. Settable for all types of rules.
checkSession GetZeroTrustGatewayPoliciesResultRuleSettingsCheckSession: Configure session check behavior. Settable only for l4 and http rules with the action set to allow.
dnsResolvers GetZeroTrustGatewayPoliciesResultRuleSettingsDnsResolvers: Configure custom resolvers to route queries that match the resolver policy. Unused with 'resolvednsthroughcloudflare' or 'resolvedns*internally' settings. DNS queries get routed to the address closest to their origin. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
egress GetZeroTrustGatewayPoliciesResultRuleSettingsEgress: Configure how Gateway Proxy traffic egresses. You can enable this setting for rules with Egress actions and filters, or omit it to indicate local egress via WARP IPs. Settable only for egress rules.
ignoreCnameCategoryMatches boolean: Ignore category matches at CNAME domains in a response. When off, evaluate categories in this rule against all CNAME domain categories in the response. Settable only for dns and dns_resolver rules.
insecureDisableDnssecValidation boolean: Specify whether to disable DNSSEC validation (for Allow actions) [INSECURE]. Settable only for dns rules.
ipCategories boolean: Enable IPs in DNS resolver category blocks. The system blocks only domain name categories unless you enable this setting. Settable only for dns and dns_resolver rules.
ipIndicatorFeeds boolean: Indicates whether to include IPs in DNS resolver indicator feed blocks. Default, indicator feeds block only domain names. Settable only for dns and dns_resolver rules.
l4override GetZeroTrustGatewayPoliciesResultRuleSettingsL4override: Send matching traffic to the supplied destination IP address and port. Settable only for l4 rules with the action set to l4_override.
notificationSettings GetZeroTrustGatewayPoliciesResultRuleSettingsNotificationSettings: Configure a notification to display on the user's device when this rule matched. Settable for all types of rules with the action set to block.
overrideHost string: Defines a hostname for override, for the matching DNS queries. Settable only for dns rules with the action set to override.
overrideIps string[]: Defines a an IP or set of IPs for overriding matched DNS queries. Settable only for dns rules with the action set to override.
payloadLog GetZeroTrustGatewayPoliciesResultRuleSettingsPayloadLog: Configure DLP payload logging. Settable only for http rules.
quarantine GetZeroTrustGatewayPoliciesResultRuleSettingsQuarantine: Configure settings that apply to quarantine rules. Settable only for http rules.
redirect GetZeroTrustGatewayPoliciesResultRuleSettingsRedirect: Apply settings to redirect rules. Settable only for http rules with the action set to redirect.
resolveDnsInternally GetZeroTrustGatewayPoliciesResultRuleSettingsResolveDnsInternally: Configure to forward the query to the internal DNS service, passing the specified 'viewid' as input. Not used when 'dnsresolvers' is specified or 'resolvednsthrough*cloudflare' is set. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
resolveDnsThroughCloudflare boolean: Enable to send queries that match the policy to Cloudflare's default 1.1.1.1 DNS resolver. Cannot set when 'dnsresolvers' specified or 'resolvedns_internally' is set. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
untrustedCert GetZeroTrustGatewayPoliciesResultRuleSettingsUntrustedCert: Configure behavior when an upstream certificate is invalid or an SSL error occurs. Settable only for http rules with the action set to allow.

add_headers Mapping[str, Sequence[str]]: Add custom headers to allowed requests as key-value pairs. Use header names as keys that map to arrays of header values. Settable only for http rules with the action set to allow.
allow_child_bypass bool: Set to enable MSP children to bypass this rule. Only parent MSP accounts can set this. this rule. Settable for all types of rules.
audit_ssh GetZeroTrustGatewayPoliciesResultRuleSettingsAuditSsh: Define the settings for the Audit SSH action. Settable only for l4 rules with audit_ssh action.
biso_admin_controls GetZeroTrustGatewayPoliciesResultRuleSettingsBisoAdminControls: Configure browser isolation behavior. Settable only for http rules with the action set to isolate.
block_page GetZeroTrustGatewayPoliciesResultRuleSettingsBlockPage: Configure custom block page settings. If missing or null, use the account settings. Settable only for http rules with the action set to block.
block_page_enabled bool: Enable the custom block page. Settable only for dns rules with action block.
block_reason str: Explain why the rule blocks the request. The custom block page shows this text (if enabled). Settable only for dns, l4, and http rules when the action set to block.
bypass_parent_rule bool: Set to enable MSP accounts to bypass their parent's rules. Only MSP child accounts can set this. Settable for all types of rules.
check_session GetZeroTrustGatewayPoliciesResultRuleSettingsCheckSession: Configure session check behavior. Settable only for l4 and http rules with the action set to allow.
dns_resolvers GetZeroTrustGatewayPoliciesResultRuleSettingsDnsResolvers: Configure custom resolvers to route queries that match the resolver policy. Unused with 'resolvednsthroughcloudflare' or 'resolvedns*internally' settings. DNS queries get routed to the address closest to their origin. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
egress GetZeroTrustGatewayPoliciesResultRuleSettingsEgress: Configure how Gateway Proxy traffic egresses. You can enable this setting for rules with Egress actions and filters, or omit it to indicate local egress via WARP IPs. Settable only for egress rules.
ignore_cname_category_matches bool: Ignore category matches at CNAME domains in a response. When off, evaluate categories in this rule against all CNAME domain categories in the response. Settable only for dns and dns_resolver rules.
insecure_disable_dnssec_validation bool: Specify whether to disable DNSSEC validation (for Allow actions) [INSECURE]. Settable only for dns rules.
ip_categories bool: Enable IPs in DNS resolver category blocks. The system blocks only domain name categories unless you enable this setting. Settable only for dns and dns_resolver rules.
ip_indicator_feeds bool: Indicates whether to include IPs in DNS resolver indicator feed blocks. Default, indicator feeds block only domain names. Settable only for dns and dns_resolver rules.
l4override GetZeroTrustGatewayPoliciesResultRuleSettingsL4override: Send matching traffic to the supplied destination IP address and port. Settable only for l4 rules with the action set to l4_override.
notification_settings GetZeroTrustGatewayPoliciesResultRuleSettingsNotificationSettings: Configure a notification to display on the user's device when this rule matched. Settable for all types of rules with the action set to block.
override_host str: Defines a hostname for override, for the matching DNS queries. Settable only for dns rules with the action set to override.
override_ips Sequence[str]: Defines a an IP or set of IPs for overriding matched DNS queries. Settable only for dns rules with the action set to override.
payload_log GetZeroTrustGatewayPoliciesResultRuleSettingsPayloadLog: Configure DLP payload logging. Settable only for http rules.
quarantine GetZeroTrustGatewayPoliciesResultRuleSettingsQuarantine: Configure settings that apply to quarantine rules. Settable only for http rules.
redirect GetZeroTrustGatewayPoliciesResultRuleSettingsRedirect: Apply settings to redirect rules. Settable only for http rules with the action set to redirect.
resolve_dns_internally GetZeroTrustGatewayPoliciesResultRuleSettingsResolveDnsInternally: Configure to forward the query to the internal DNS service, passing the specified 'viewid' as input. Not used when 'dnsresolvers' is specified or 'resolvednsthrough*cloudflare' is set. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
resolve_dns_through_cloudflare bool: Enable to send queries that match the policy to Cloudflare's default 1.1.1.1 DNS resolver. Cannot set when 'dnsresolvers' specified or 'resolvedns_internally' is set. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
untrusted_cert GetZeroTrustGatewayPoliciesResultRuleSettingsUntrustedCert: Configure behavior when an upstream certificate is invalid or an SSL error occurs. Settable only for http rules with the action set to allow.

addHeaders Map<List<String>>: Add custom headers to allowed requests as key-value pairs. Use header names as keys that map to arrays of header values. Settable only for http rules with the action set to allow.
allowChildBypass Boolean: Set to enable MSP children to bypass this rule. Only parent MSP accounts can set this. this rule. Settable for all types of rules.
auditSsh Property Map: Define the settings for the Audit SSH action. Settable only for l4 rules with audit_ssh action.
bisoAdminControls Property Map: Configure browser isolation behavior. Settable only for http rules with the action set to isolate.
blockPage Property Map: Configure custom block page settings. If missing or null, use the account settings. Settable only for http rules with the action set to block.
blockPageEnabled Boolean: Enable the custom block page. Settable only for dns rules with action block.
blockReason String: Explain why the rule blocks the request. The custom block page shows this text (if enabled). Settable only for dns, l4, and http rules when the action set to block.
bypassParentRule Boolean: Set to enable MSP accounts to bypass their parent's rules. Only MSP child accounts can set this. Settable for all types of rules.
checkSession Property Map: Configure session check behavior. Settable only for l4 and http rules with the action set to allow.
dnsResolvers Property Map: Configure custom resolvers to route queries that match the resolver policy. Unused with 'resolvednsthroughcloudflare' or 'resolvedns*internally' settings. DNS queries get routed to the address closest to their origin. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
egress Property Map: Configure how Gateway Proxy traffic egresses. You can enable this setting for rules with Egress actions and filters, or omit it to indicate local egress via WARP IPs. Settable only for egress rules.
ignoreCnameCategoryMatches Boolean: Ignore category matches at CNAME domains in a response. When off, evaluate categories in this rule against all CNAME domain categories in the response. Settable only for dns and dns_resolver rules.
insecureDisableDnssecValidation Boolean: Specify whether to disable DNSSEC validation (for Allow actions) [INSECURE]. Settable only for dns rules.
ipCategories Boolean: Enable IPs in DNS resolver category blocks. The system blocks only domain name categories unless you enable this setting. Settable only for dns and dns_resolver rules.
ipIndicatorFeeds Boolean: Indicates whether to include IPs in DNS resolver indicator feed blocks. Default, indicator feeds block only domain names. Settable only for dns and dns_resolver rules.
l4override Property Map: Send matching traffic to the supplied destination IP address and port. Settable only for l4 rules with the action set to l4_override.
notificationSettings Property Map: Configure a notification to display on the user's device when this rule matched. Settable for all types of rules with the action set to block.
overrideHost String: Defines a hostname for override, for the matching DNS queries. Settable only for dns rules with the action set to override.
overrideIps List<String>: Defines a an IP or set of IPs for overriding matched DNS queries. Settable only for dns rules with the action set to override.
payloadLog Property Map: Configure DLP payload logging. Settable only for http rules.
quarantine Property Map: Configure settings that apply to quarantine rules. Settable only for http rules.
redirect Property Map: Apply settings to redirect rules. Settable only for http rules with the action set to redirect.
resolveDnsInternally Property Map: Configure to forward the query to the internal DNS service, passing the specified 'viewid' as input. Not used when 'dnsresolvers' is specified or 'resolvednsthrough*cloudflare' is set. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
resolveDnsThroughCloudflare Boolean: Enable to send queries that match the policy to Cloudflare's default 1.1.1.1 DNS resolver. Cannot set when 'dnsresolvers' specified or 'resolvedns_internally' is set. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
untrustedCert Property Map: Configure behavior when an upstream certificate is invalid or an SSL error occurs. Settable only for http rules with the action set to allow.

GetZeroTrustGatewayPoliciesResultRuleSettingsAuditSsh

CommandLogging bool: Enable SSH command logging.

CommandLogging bool: Enable SSH command logging.

commandLogging Boolean: Enable SSH command logging.

commandLogging boolean: Enable SSH command logging.

command_logging bool: Enable SSH command logging.

commandLogging Boolean: Enable SSH command logging.

GetZeroTrustGatewayPoliciesResultRuleSettingsBisoAdminControls

Copy string: Configure copy behavior. If set to remoteonly, users cannot copy isolated content from the remote browser to the local clipboard. If this field is absent, copying remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
Dcp bool: Set to false to enable copy-pasting. Only applies when version == "v1".
Dd bool: Set to false to enable downloading. Only applies when version == "v1".
Dk bool: Set to false to enable keyboard usage. Only applies when version == "v1".
Download string: Configure download behavior. When set to remoteonly, users can view downloads but cannot save them. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
Dp bool: Set to false to enable printing. Only applies when version == "v1".
Du bool: Set to false to enable uploading. Only applies when version == "v1".
Keyboard string: Configure keyboard usage behavior. If this field is absent, keyboard usage remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
Paste string: Configure paste behavior. If set to remoteonly, users cannot paste content from the local clipboard into isolated pages. If this field is absent, pasting remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
Printing string: Configure print behavior. Default, Printing is enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
Upload string: Configure upload behavior. If this field is absent, uploading remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
Version string: Indicate which version of the browser isolation controls should apply. Available values: "v1", "v2".

Copy string: Configure copy behavior. If set to remoteonly, users cannot copy isolated content from the remote browser to the local clipboard. If this field is absent, copying remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
Dcp bool: Set to false to enable copy-pasting. Only applies when version == "v1".
Dd bool: Set to false to enable downloading. Only applies when version == "v1".
Dk bool: Set to false to enable keyboard usage. Only applies when version == "v1".
Download string: Configure download behavior. When set to remoteonly, users can view downloads but cannot save them. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
Dp bool: Set to false to enable printing. Only applies when version == "v1".
Du bool: Set to false to enable uploading. Only applies when version == "v1".
Keyboard string: Configure keyboard usage behavior. If this field is absent, keyboard usage remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
Paste string: Configure paste behavior. If set to remoteonly, users cannot paste content from the local clipboard into isolated pages. If this field is absent, pasting remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
Printing string: Configure print behavior. Default, Printing is enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
Upload string: Configure upload behavior. If this field is absent, uploading remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
Version string: Indicate which version of the browser isolation controls should apply. Available values: "v1", "v2".

copy String: Configure copy behavior. If set to remoteonly, users cannot copy isolated content from the remote browser to the local clipboard. If this field is absent, copying remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
dcp Boolean: Set to false to enable copy-pasting. Only applies when version == "v1".
dd Boolean: Set to false to enable downloading. Only applies when version == "v1".
dk Boolean: Set to false to enable keyboard usage. Only applies when version == "v1".
download String: Configure download behavior. When set to remoteonly, users can view downloads but cannot save them. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
dp Boolean: Set to false to enable printing. Only applies when version == "v1".
du Boolean: Set to false to enable uploading. Only applies when version == "v1".
keyboard String: Configure keyboard usage behavior. If this field is absent, keyboard usage remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
paste String: Configure paste behavior. If set to remoteonly, users cannot paste content from the local clipboard into isolated pages. If this field is absent, pasting remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
printing String: Configure print behavior. Default, Printing is enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
upload String: Configure upload behavior. If this field is absent, uploading remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
version String: Indicate which version of the browser isolation controls should apply. Available values: "v1", "v2".

copy string: Configure copy behavior. If set to remoteonly, users cannot copy isolated content from the remote browser to the local clipboard. If this field is absent, copying remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
dcp boolean: Set to false to enable copy-pasting. Only applies when version == "v1".
dd boolean: Set to false to enable downloading. Only applies when version == "v1".
dk boolean: Set to false to enable keyboard usage. Only applies when version == "v1".
download string: Configure download behavior. When set to remoteonly, users can view downloads but cannot save them. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
dp boolean: Set to false to enable printing. Only applies when version == "v1".
du boolean: Set to false to enable uploading. Only applies when version == "v1".
keyboard string: Configure keyboard usage behavior. If this field is absent, keyboard usage remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
paste string: Configure paste behavior. If set to remoteonly, users cannot paste content from the local clipboard into isolated pages. If this field is absent, pasting remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
printing string: Configure print behavior. Default, Printing is enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
upload string: Configure upload behavior. If this field is absent, uploading remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
version string: Indicate which version of the browser isolation controls should apply. Available values: "v1", "v2".

copy str: Configure copy behavior. If set to remoteonly, users cannot copy isolated content from the remote browser to the local clipboard. If this field is absent, copying remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
dcp bool: Set to false to enable copy-pasting. Only applies when version == "v1".
dd bool: Set to false to enable downloading. Only applies when version == "v1".
dk bool: Set to false to enable keyboard usage. Only applies when version == "v1".
download str: Configure download behavior. When set to remoteonly, users can view downloads but cannot save them. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
dp bool: Set to false to enable printing. Only applies when version == "v1".
du bool: Set to false to enable uploading. Only applies when version == "v1".
keyboard str: Configure keyboard usage behavior. If this field is absent, keyboard usage remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
paste str: Configure paste behavior. If set to remoteonly, users cannot paste content from the local clipboard into isolated pages. If this field is absent, pasting remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
printing str: Configure print behavior. Default, Printing is enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
upload str: Configure upload behavior. If this field is absent, uploading remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
version str: Indicate which version of the browser isolation controls should apply. Available values: "v1", "v2".

copy String: Configure copy behavior. If set to remoteonly, users cannot copy isolated content from the remote browser to the local clipboard. If this field is absent, copying remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
dcp Boolean: Set to false to enable copy-pasting. Only applies when version == "v1".
dd Boolean: Set to false to enable downloading. Only applies when version == "v1".
dk Boolean: Set to false to enable keyboard usage. Only applies when version == "v1".
download String: Configure download behavior. When set to remoteonly, users can view downloads but cannot save them. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
dp Boolean: Set to false to enable printing. Only applies when version == "v1".
du Boolean: Set to false to enable uploading. Only applies when version == "v1".
keyboard String: Configure keyboard usage behavior. If this field is absent, keyboard usage remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
paste String: Configure paste behavior. If set to remoteonly, users cannot paste content from the local clipboard into isolated pages. If this field is absent, pasting remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
printing String: Configure print behavior. Default, Printing is enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
upload String: Configure upload behavior. If this field is absent, uploading remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
version String: Indicate which version of the browser isolation controls should apply. Available values: "v1", "v2".

GetZeroTrustGatewayPoliciesResultRuleSettingsBlockPage

IncludeContext bool: Specify whether to pass the context information as query parameters.
TargetUri string: Specify the URI to which the user is redirected.

IncludeContext bool: Specify whether to pass the context information as query parameters.
TargetUri string: Specify the URI to which the user is redirected.

includeContext Boolean: Specify whether to pass the context information as query parameters.
targetUri String: Specify the URI to which the user is redirected.

includeContext boolean: Specify whether to pass the context information as query parameters.
targetUri string: Specify the URI to which the user is redirected.

include_context bool: Specify whether to pass the context information as query parameters.
target_uri str: Specify the URI to which the user is redirected.

includeContext Boolean: Specify whether to pass the context information as query parameters.
targetUri String: Specify the URI to which the user is redirected.

GetZeroTrustGatewayPoliciesResultRuleSettingsCheckSession

Duration string: Sets the required session freshness threshold. The API returns a normalized version of this value.
Enforce bool: Enable session enforcement.

Duration string: Sets the required session freshness threshold. The API returns a normalized version of this value.
Enforce bool: Enable session enforcement.

duration String: Sets the required session freshness threshold. The API returns a normalized version of this value.
enforce Boolean: Enable session enforcement.

duration string: Sets the required session freshness threshold. The API returns a normalized version of this value.
enforce boolean: Enable session enforcement.

duration str: Sets the required session freshness threshold. The API returns a normalized version of this value.
enforce bool: Enable session enforcement.

duration String: Sets the required session freshness threshold. The API returns a normalized version of this value.
enforce Boolean: Enable session enforcement.

GetZeroTrustGatewayPoliciesResultRuleSettingsDnsResolvers

Ipv4s List<GetZeroTrustGatewayPoliciesResultRuleSettingsDnsResolversIpv4>
Ipv6s List<GetZeroTrustGatewayPoliciesResultRuleSettingsDnsResolversIpv6>

Ipv4s []GetZeroTrustGatewayPoliciesResultRuleSettingsDnsResolversIpv4
Ipv6s []GetZeroTrustGatewayPoliciesResultRuleSettingsDnsResolversIpv6

ipv4s List<GetZeroTrustGatewayPoliciesResultRuleSettingsDnsResolversIpv4>
ipv6s List<GetZeroTrustGatewayPoliciesResultRuleSettingsDnsResolversIpv6>

ipv4s GetZeroTrustGatewayPoliciesResultRuleSettingsDnsResolversIpv4[]
ipv6s GetZeroTrustGatewayPoliciesResultRuleSettingsDnsResolversIpv6[]

ipv4s Sequence[GetZeroTrustGatewayPoliciesResultRuleSettingsDnsResolversIpv4]
ipv6s Sequence[GetZeroTrustGatewayPoliciesResultRuleSettingsDnsResolversIpv6]

ipv4s List<Property Map>
ipv6s List<Property Map>

GetZeroTrustGatewayPoliciesResultRuleSettingsDnsResolversIpv4

Ip string: Specify the IPv4 address of the upstream resolver.
Port int: Specify a port number to use for the upstream resolver. Defaults to 53 if unspecified.
RouteThroughPrivateNetwork bool: Indicate whether to connect to this resolver over a private network. Must set when vnet_id set.
VnetId string: Specify an optional virtual network for this resolver. Uses default virtual network id if omitted.

Ip string: Specify the IPv4 address of the upstream resolver.
Port int: Specify a port number to use for the upstream resolver. Defaults to 53 if unspecified.
RouteThroughPrivateNetwork bool: Indicate whether to connect to this resolver over a private network. Must set when vnet_id set.
VnetId string: Specify an optional virtual network for this resolver. Uses default virtual network id if omitted.

ip String: Specify the IPv4 address of the upstream resolver.
port Integer: Specify a port number to use for the upstream resolver. Defaults to 53 if unspecified.
routeThroughPrivateNetwork Boolean: Indicate whether to connect to this resolver over a private network. Must set when vnet_id set.
vnetId String: Specify an optional virtual network for this resolver. Uses default virtual network id if omitted.

ip string: Specify the IPv4 address of the upstream resolver.
port number: Specify a port number to use for the upstream resolver. Defaults to 53 if unspecified.
routeThroughPrivateNetwork boolean: Indicate whether to connect to this resolver over a private network. Must set when vnet_id set.
vnetId string: Specify an optional virtual network for this resolver. Uses default virtual network id if omitted.

ip str: Specify the IPv4 address of the upstream resolver.
port int: Specify a port number to use for the upstream resolver. Defaults to 53 if unspecified.
route_through_private_network bool: Indicate whether to connect to this resolver over a private network. Must set when vnet_id set.
vnet_id str: Specify an optional virtual network for this resolver. Uses default virtual network id if omitted.

ip String: Specify the IPv4 address of the upstream resolver.
port Number: Specify a port number to use for the upstream resolver. Defaults to 53 if unspecified.
routeThroughPrivateNetwork Boolean: Indicate whether to connect to this resolver over a private network. Must set when vnet_id set.
vnetId String: Specify an optional virtual network for this resolver. Uses default virtual network id if omitted.

GetZeroTrustGatewayPoliciesResultRuleSettingsDnsResolversIpv6

Ip string: Specify the IPv6 address of the upstream resolver.
Port int: Specify a port number to use for the upstream resolver. Defaults to 53 if unspecified.
RouteThroughPrivateNetwork bool: Indicate whether to connect to this resolver over a private network. Must set when vnet_id set.
VnetId string: Specify an optional virtual network for this resolver. Uses default virtual network id if omitted.

Ip string: Specify the IPv6 address of the upstream resolver.
Port int: Specify a port number to use for the upstream resolver. Defaults to 53 if unspecified.
RouteThroughPrivateNetwork bool: Indicate whether to connect to this resolver over a private network. Must set when vnet_id set.
VnetId string: Specify an optional virtual network for this resolver. Uses default virtual network id if omitted.

ip String: Specify the IPv6 address of the upstream resolver.
port Integer: Specify a port number to use for the upstream resolver. Defaults to 53 if unspecified.
routeThroughPrivateNetwork Boolean: Indicate whether to connect to this resolver over a private network. Must set when vnet_id set.
vnetId String: Specify an optional virtual network for this resolver. Uses default virtual network id if omitted.

ip string: Specify the IPv6 address of the upstream resolver.
port number: Specify a port number to use for the upstream resolver. Defaults to 53 if unspecified.
routeThroughPrivateNetwork boolean: Indicate whether to connect to this resolver over a private network. Must set when vnet_id set.
vnetId string: Specify an optional virtual network for this resolver. Uses default virtual network id if omitted.

ip str: Specify the IPv6 address of the upstream resolver.
port int: Specify a port number to use for the upstream resolver. Defaults to 53 if unspecified.
route_through_private_network bool: Indicate whether to connect to this resolver over a private network. Must set when vnet_id set.
vnet_id str: Specify an optional virtual network for this resolver. Uses default virtual network id if omitted.

ip String: Specify the IPv6 address of the upstream resolver.
port Number: Specify a port number to use for the upstream resolver. Defaults to 53 if unspecified.
routeThroughPrivateNetwork Boolean: Indicate whether to connect to this resolver over a private network. Must set when vnet_id set.
vnetId String: Specify an optional virtual network for this resolver. Uses default virtual network id if omitted.

GetZeroTrustGatewayPoliciesResultRuleSettingsEgress

Ipv4 string: Specify the IPv4 address to use for egress.
Ipv4Fallback string: Specify the fallback IPv4 address to use for egress when the primary IPv4 fails. Set '0.0.0.0' to indicate local egress via WARP IPs.
Ipv6 string: Specify the IPv6 range to use for egress.

Ipv4 string: Specify the IPv4 address to use for egress.
Ipv4Fallback string: Specify the fallback IPv4 address to use for egress when the primary IPv4 fails. Set '0.0.0.0' to indicate local egress via WARP IPs.
Ipv6 string: Specify the IPv6 range to use for egress.

ipv4 String: Specify the IPv4 address to use for egress.
ipv4Fallback String: Specify the fallback IPv4 address to use for egress when the primary IPv4 fails. Set '0.0.0.0' to indicate local egress via WARP IPs.
ipv6 String: Specify the IPv6 range to use for egress.

ipv4 string: Specify the IPv4 address to use for egress.
ipv4Fallback string: Specify the fallback IPv4 address to use for egress when the primary IPv4 fails. Set '0.0.0.0' to indicate local egress via WARP IPs.
ipv6 string: Specify the IPv6 range to use for egress.

ipv4 str: Specify the IPv4 address to use for egress.
ipv4_fallback str: Specify the fallback IPv4 address to use for egress when the primary IPv4 fails. Set '0.0.0.0' to indicate local egress via WARP IPs.
ipv6 str: Specify the IPv6 range to use for egress.

ipv4 String: Specify the IPv4 address to use for egress.
ipv4Fallback String: Specify the fallback IPv4 address to use for egress when the primary IPv4 fails. Set '0.0.0.0' to indicate local egress via WARP IPs.
ipv6 String: Specify the IPv6 range to use for egress.

GetZeroTrustGatewayPoliciesResultRuleSettingsL4override

Ip string: Defines the IPv4 or IPv6 address.
Port int: Defines a port number to use for TCP/UDP overrides.

Ip string: Defines the IPv4 or IPv6 address.
Port int: Defines a port number to use for TCP/UDP overrides.

ip String: Defines the IPv4 or IPv6 address.
port Integer: Defines a port number to use for TCP/UDP overrides.

ip string: Defines the IPv4 or IPv6 address.
port number: Defines a port number to use for TCP/UDP overrides.

ip str: Defines the IPv4 or IPv6 address.
port int: Defines a port number to use for TCP/UDP overrides.

ip String: Defines the IPv4 or IPv6 address.
port Number: Defines a port number to use for TCP/UDP overrides.

GetZeroTrustGatewayPoliciesResultRuleSettingsNotificationSettings

Enabled bool: Enable notification.
IncludeContext bool: Indicates whether to pass the context information as query parameters.
Msg string: Customize the message shown in the notification.
SupportUrl string: Defines an optional URL to direct users to additional information. If unset, the notification opens a block page.

Enabled bool: Enable notification.
IncludeContext bool: Indicates whether to pass the context information as query parameters.
Msg string: Customize the message shown in the notification.
SupportUrl string: Defines an optional URL to direct users to additional information. If unset, the notification opens a block page.

enabled Boolean: Enable notification.
includeContext Boolean: Indicates whether to pass the context information as query parameters.
msg String: Customize the message shown in the notification.
supportUrl String: Defines an optional URL to direct users to additional information. If unset, the notification opens a block page.

enabled boolean: Enable notification.
includeContext boolean: Indicates whether to pass the context information as query parameters.
msg string: Customize the message shown in the notification.
supportUrl string: Defines an optional URL to direct users to additional information. If unset, the notification opens a block page.

enabled bool: Enable notification.
include_context bool: Indicates whether to pass the context information as query parameters.
msg str: Customize the message shown in the notification.
support_url str: Defines an optional URL to direct users to additional information. If unset, the notification opens a block page.

enabled Boolean: Enable notification.
includeContext Boolean: Indicates whether to pass the context information as query parameters.
msg String: Customize the message shown in the notification.
supportUrl String: Defines an optional URL to direct users to additional information. If unset, the notification opens a block page.

GetZeroTrustGatewayPoliciesResultRuleSettingsPayloadLog

Enabled bool: Enable DLP payload logging for this rule.

Enabled bool: Enable DLP payload logging for this rule.

enabled Boolean: Enable DLP payload logging for this rule.

enabled boolean: Enable DLP payload logging for this rule.

enabled bool: Enable DLP payload logging for this rule.

enabled Boolean: Enable DLP payload logging for this rule.

GetZeroTrustGatewayPoliciesResultRuleSettingsQuarantine

FileTypes List<string>: Specify the types of files to sandbox.

FileTypes []string: Specify the types of files to sandbox.

fileTypes List<String>: Specify the types of files to sandbox.

fileTypes string[]: Specify the types of files to sandbox.

file_types Sequence[str]: Specify the types of files to sandbox.

fileTypes List<String>: Specify the types of files to sandbox.

GetZeroTrustGatewayPoliciesResultRuleSettingsRedirect

IncludeContext bool: Specify whether to pass the context information as query parameters.
PreservePathAndQuery bool: Specify whether to append the path and query parameters from the original request to target_uri.
TargetUri string: Specify the URI to which the user is redirected.

IncludeContext bool: Specify whether to pass the context information as query parameters.
PreservePathAndQuery bool: Specify whether to append the path and query parameters from the original request to target_uri.
TargetUri string: Specify the URI to which the user is redirected.

includeContext Boolean: Specify whether to pass the context information as query parameters.
preservePathAndQuery Boolean: Specify whether to append the path and query parameters from the original request to target_uri.
targetUri String: Specify the URI to which the user is redirected.

includeContext boolean: Specify whether to pass the context information as query parameters.
preservePathAndQuery boolean: Specify whether to append the path and query parameters from the original request to target_uri.
targetUri string: Specify the URI to which the user is redirected.

include_context bool: Specify whether to pass the context information as query parameters.
preserve_path_and_query bool: Specify whether to append the path and query parameters from the original request to target_uri.
target_uri str: Specify the URI to which the user is redirected.

includeContext Boolean: Specify whether to pass the context information as query parameters.
preservePathAndQuery Boolean: Specify whether to append the path and query parameters from the original request to target_uri.
targetUri String: Specify the URI to which the user is redirected.

GetZeroTrustGatewayPoliciesResultRuleSettingsResolveDnsInternally

Fallback string: Specify the fallback behavior to apply when the internal DNS response code differs from 'NOERROR' or when the response data contains only CNAME records for 'A' or 'AAAA' queries. Available values: "none", "public_dns".
ViewId string: Specify the internal DNS view identifier to pass to the internal DNS service.

Fallback string: Specify the fallback behavior to apply when the internal DNS response code differs from 'NOERROR' or when the response data contains only CNAME records for 'A' or 'AAAA' queries. Available values: "none", "public_dns".
ViewId string: Specify the internal DNS view identifier to pass to the internal DNS service.

fallback String: Specify the fallback behavior to apply when the internal DNS response code differs from 'NOERROR' or when the response data contains only CNAME records for 'A' or 'AAAA' queries. Available values: "none", "public_dns".
viewId String: Specify the internal DNS view identifier to pass to the internal DNS service.

fallback string: Specify the fallback behavior to apply when the internal DNS response code differs from 'NOERROR' or when the response data contains only CNAME records for 'A' or 'AAAA' queries. Available values: "none", "public_dns".
viewId string: Specify the internal DNS view identifier to pass to the internal DNS service.

fallback str: Specify the fallback behavior to apply when the internal DNS response code differs from 'NOERROR' or when the response data contains only CNAME records for 'A' or 'AAAA' queries. Available values: "none", "public_dns".
view_id str: Specify the internal DNS view identifier to pass to the internal DNS service.

fallback String: Specify the fallback behavior to apply when the internal DNS response code differs from 'NOERROR' or when the response data contains only CNAME records for 'A' or 'AAAA' queries. Available values: "none", "public_dns".
viewId String: Specify the internal DNS view identifier to pass to the internal DNS service.

GetZeroTrustGatewayPoliciesResultRuleSettingsUntrustedCert

Action string: Defines the action performed when an untrusted certificate seen. The default action an error with HTTP code 526. Available values: <span pulumi-lang-nodejs=""passThrough"" pulumi-lang-dotnet=""PassThrough"" pulumi-lang-go=""passThrough"" pulumi-lang-python=""pass_through"" pulumi-lang-yaml=""passThrough"" pulumi-lang-java=""passThrough"">"pass_through", "block", "error".

Action string: Defines the action performed when an untrusted certificate seen. The default action an error with HTTP code 526. Available values: <span pulumi-lang-nodejs=""passThrough"" pulumi-lang-dotnet=""PassThrough"" pulumi-lang-go=""passThrough"" pulumi-lang-python=""pass_through"" pulumi-lang-yaml=""passThrough"" pulumi-lang-java=""passThrough"">"pass_through", "block", "error".

action String: Defines the action performed when an untrusted certificate seen. The default action an error with HTTP code 526. Available values: <span pulumi-lang-nodejs=""passThrough"" pulumi-lang-dotnet=""PassThrough"" pulumi-lang-go=""passThrough"" pulumi-lang-python=""pass_through"" pulumi-lang-yaml=""passThrough"" pulumi-lang-java=""passThrough"">"pass_through", "block", "error".

action string: Defines the action performed when an untrusted certificate seen. The default action an error with HTTP code 526. Available values: <span pulumi-lang-nodejs=""passThrough"" pulumi-lang-dotnet=""PassThrough"" pulumi-lang-go=""passThrough"" pulumi-lang-python=""pass_through"" pulumi-lang-yaml=""passThrough"" pulumi-lang-java=""passThrough"">"pass_through", "block", "error".

action str: Defines the action performed when an untrusted certificate seen. The default action an error with HTTP code 526. Available values: <span pulumi-lang-nodejs=""passThrough"" pulumi-lang-dotnet=""PassThrough"" pulumi-lang-go=""passThrough"" pulumi-lang-python=""pass_through"" pulumi-lang-yaml=""passThrough"" pulumi-lang-java=""passThrough"">"pass_through", "block", "error".

action String: Defines the action performed when an untrusted certificate seen. The default action an error with HTTP code 526. Available values: <span pulumi-lang-nodejs=""passThrough"" pulumi-lang-dotnet=""PassThrough"" pulumi-lang-go=""passThrough"" pulumi-lang-python=""pass_through"" pulumi-lang-yaml=""passThrough"" pulumi-lang-java=""passThrough"">"pass_through", "block", "error".

GetZeroTrustGatewayPoliciesResultSchedule

Fri string
Mon string
Sat string
Sun string
Thu string
TimeZone string: Specify the time zone for rule evaluation. When a valid time zone city name is provided, Gateway always uses the current time for that time zone. When this parameter is omitted, Gateway uses the time zone determined from the user's IP address. Colo time zone is used when the user's IP address does not resolve to a location.
Tue string
Wed string

Fri string
Mon string
Sat string
Sun string
Thu string
TimeZone string: Specify the time zone for rule evaluation. When a valid time zone city name is provided, Gateway always uses the current time for that time zone. When this parameter is omitted, Gateway uses the time zone determined from the user's IP address. Colo time zone is used when the user's IP address does not resolve to a location.
Tue string
Wed string

fri String
mon String
sat String
sun String
thu String
timeZone String: Specify the time zone for rule evaluation. When a valid time zone city name is provided, Gateway always uses the current time for that time zone. When this parameter is omitted, Gateway uses the time zone determined from the user's IP address. Colo time zone is used when the user's IP address does not resolve to a location.
tue String
wed String

fri string
mon string
sat string
sun string
thu string
timeZone string: Specify the time zone for rule evaluation. When a valid time zone city name is provided, Gateway always uses the current time for that time zone. When this parameter is omitted, Gateway uses the time zone determined from the user's IP address. Colo time zone is used when the user's IP address does not resolve to a location.
tue string
wed string

fri str
mon str
sat str
sun str
thu str
time_zone str: Specify the time zone for rule evaluation. When a valid time zone city name is provided, Gateway always uses the current time for that time zone. When this parameter is omitted, Gateway uses the time zone determined from the user's IP address. Colo time zone is used when the user's IP address does not resolve to a location.
tue str
wed str

fri String
mon String
sat String
sun String
thu String
timeZone String: Specify the time zone for rule evaluation. When a valid time zone city name is provided, Gateway always uses the current time for that time zone. When this parameter is omitted, Gateway uses the time zone determined from the user's IP address. Colo time zone is used when the user's IP address does not resolve to a location.
tue String
wed String

Package Details

Repository: Cloudflare pulumi/pulumi-cloudflare
License: Apache-2.0
Notes: This Pulumi package is based on the cloudflare Terraform Provider.

Cloudflare v6.11.0 published on Friday, Oct 31, 2025 by Pulumi

pulumi/pulumi-cloudflare

cloudflare.getZeroTrustGatewayPolicies

On this page

On this page

Example Usage

Using getZeroTrustGatewayPolicies

getZeroTrustGatewayPolicies Result

Supporting Types

GetZeroTrustGatewayPoliciesResult

GetZeroTrustGatewayPoliciesResultExpiration

GetZeroTrustGatewayPoliciesResultRuleSettings

GetZeroTrustGatewayPoliciesResultRuleSettingsAuditSsh

GetZeroTrustGatewayPoliciesResultRuleSettingsBisoAdminControls

GetZeroTrustGatewayPoliciesResultRuleSettingsBlockPage

GetZeroTrustGatewayPoliciesResultRuleSettingsCheckSession

GetZeroTrustGatewayPoliciesResultRuleSettingsDnsResolvers

GetZeroTrustGatewayPoliciesResultRuleSettingsDnsResolversIpv4

GetZeroTrustGatewayPoliciesResultRuleSettingsDnsResolversIpv6

GetZeroTrustGatewayPoliciesResultRuleSettingsEgress

GetZeroTrustGatewayPoliciesResultRuleSettingsL4override

GetZeroTrustGatewayPoliciesResultRuleSettingsNotificationSettings

GetZeroTrustGatewayPoliciesResultRuleSettingsPayloadLog

GetZeroTrustGatewayPoliciesResultRuleSettingsQuarantine

GetZeroTrustGatewayPoliciesResultRuleSettingsRedirect

GetZeroTrustGatewayPoliciesResultRuleSettingsResolveDnsInternally

GetZeroTrustGatewayPoliciesResultRuleSettingsUntrustedCert

GetZeroTrustGatewayPoliciesResultSchedule

Package Details

On this page

On this page