Cloudflare v6.10.1, Oct 22 25

Cloudflare v6.10.1 published on Wednesday, Oct 22, 2025 by Pulumi

cloudflare.getZeroTrustGatewayPolicy

Cloudflare v6.10.1 published on Wednesday, Oct 22, 2025 by Pulumi

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";

const exampleZeroTrustGatewayPolicy = cloudflare.getZeroTrustGatewayPolicy({
    accountId: "699d98642c564d2e855e9661899b7252",
    ruleId: "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
});

import pulumi
import pulumi_cloudflare as cloudflare

example_zero_trust_gateway_policy = cloudflare.get_zero_trust_gateway_policy(account_id="699d98642c564d2e855e9661899b7252",
    rule_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415")

package main

import (
	"github.com/pulumi/pulumi-cloudflare/sdk/v6/go/cloudflare"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := cloudflare.LookupZeroTrustGatewayPolicy(ctx, &cloudflare.LookupZeroTrustGatewayPolicyArgs{
			AccountId: "699d98642c564d2e855e9661899b7252",
			RuleId:    pulumi.StringRef("f174e90a-fafe-4643-bbbc-4a0ed4fc8415"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;

return await Deployment.RunAsync(() => 
{
    var exampleZeroTrustGatewayPolicy = Cloudflare.GetZeroTrustGatewayPolicy.Invoke(new()
    {
        AccountId = "699d98642c564d2e855e9661899b7252",
        RuleId = "f174e90a-fafe-4643-bbbc-4a0ed4fc8415",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudflare.CloudflareFunctions;
import com.pulumi.cloudflare.inputs.GetZeroTrustGatewayPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var exampleZeroTrustGatewayPolicy = CloudflareFunctions.getZeroTrustGatewayPolicy(GetZeroTrustGatewayPolicyArgs.builder()
            .accountId("699d98642c564d2e855e9661899b7252")
            .ruleId("f174e90a-fafe-4643-bbbc-4a0ed4fc8415")
            .build());

    }
}

variables:
  exampleZeroTrustGatewayPolicy:
    fn::invoke:
      function: cloudflare:getZeroTrustGatewayPolicy
      arguments:
        accountId: 699d98642c564d2e855e9661899b7252
        ruleId: f174e90a-fafe-4643-bbbc-4a0ed4fc8415

Using getZeroTrustGatewayPolicy

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getZeroTrustGatewayPolicy(args: GetZeroTrustGatewayPolicyArgs, opts?: InvokeOptions): Promise<GetZeroTrustGatewayPolicyResult>
function getZeroTrustGatewayPolicyOutput(args: GetZeroTrustGatewayPolicyOutputArgs, opts?: InvokeOptions): Output<GetZeroTrustGatewayPolicyResult>

def get_zero_trust_gateway_policy(account_id: Optional[str] = None,
                                  rule_id: Optional[str] = None,
                                  opts: Optional[InvokeOptions] = None) -> GetZeroTrustGatewayPolicyResult
def get_zero_trust_gateway_policy_output(account_id: Optional[pulumi.Input[str]] = None,
                                  rule_id: Optional[pulumi.Input[str]] = None,
                                  opts: Optional[InvokeOptions] = None) -> Output[GetZeroTrustGatewayPolicyResult]

func LookupZeroTrustGatewayPolicy(ctx *Context, args *LookupZeroTrustGatewayPolicyArgs, opts ...InvokeOption) (*LookupZeroTrustGatewayPolicyResult, error)
func LookupZeroTrustGatewayPolicyOutput(ctx *Context, args *LookupZeroTrustGatewayPolicyOutputArgs, opts ...InvokeOption) LookupZeroTrustGatewayPolicyResultOutput

> Note: This function is named LookupZeroTrustGatewayPolicy in the Go SDK.

public static class GetZeroTrustGatewayPolicy 
{
    public static Task<GetZeroTrustGatewayPolicyResult> InvokeAsync(GetZeroTrustGatewayPolicyArgs args, InvokeOptions? opts = null)
    public static Output<GetZeroTrustGatewayPolicyResult> Invoke(GetZeroTrustGatewayPolicyInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetZeroTrustGatewayPolicyResult> getZeroTrustGatewayPolicy(GetZeroTrustGatewayPolicyArgs args, InvokeOptions options)
public static Output<GetZeroTrustGatewayPolicyResult> getZeroTrustGatewayPolicy(GetZeroTrustGatewayPolicyArgs args, InvokeOptions options)

fn::invoke:
  function: cloudflare:index/getZeroTrustGatewayPolicy:getZeroTrustGatewayPolicy
  arguments:
    # arguments dictionary

The following arguments are supported:

AccountId string
RuleId string: Identify the API resource with a UUID.

AccountId string
RuleId string: Identify the API resource with a UUID.

accountId String
ruleId String: Identify the API resource with a UUID.

accountId string
ruleId string: Identify the API resource with a UUID.

account_id str
rule_id str: Identify the API resource with a UUID.

accountId String
ruleId String: Identify the API resource with a UUID.

getZeroTrustGatewayPolicy Result

The following output properties are available:

AccountId string
Action string: Specify the action to perform when the associated traffic, identity, and device posture expressions either absent or evaluate to true. Available values: "on", "off", "allow", "block", "scan", "noscan", "safesearch", "ytrestricted", "isolate", "noisolate", "override", "l4_override", "egress", "resolve", "quarantine", "redirect".
CreatedAt string
DeletedAt string: Indicate the date of deletion, if any.
Description string: Specify the rule description.
DevicePosture string
Enabled bool: Specify whether the rule is enabled.
Expiration GetZeroTrustGatewayPolicyExpiration: Defines the expiration time stamp and default duration of a DNS policy. Takes precedence over the policy's schedule configuration, if any. This does not apply to HTTP or network policies. Settable only for dns rules.
Filters List<string>: Specify the protocol or layer to evaluate the traffic, identity, and device posture expressions.
Id string: Identify the API resource with a UUID.
Identity string
Name string: Specify the rule name.
Precedence int
ReadOnly bool: Indicate that this rule is shared via the Orgs API and read only.
RuleSettings GetZeroTrustGatewayPolicyRuleSettings
Schedule GetZeroTrustGatewayPolicySchedule: Defines the schedule for activating DNS policies. Settable only for dns and dns_resolver rules.
Sharable bool: Indicate that this rule is sharable via the Orgs API.
SourceAccount string: Provide the account tag of the account that created the rule.
Traffic string
UpdatedAt string
Version int: Indicate the version number of the rule(read-only).
WarningStatus string: Indicate a warning for a misconfigured rule, if any.
RuleId string: Identify the API resource with a UUID.

AccountId string
Action string: Specify the action to perform when the associated traffic, identity, and device posture expressions either absent or evaluate to true. Available values: "on", "off", "allow", "block", "scan", "noscan", "safesearch", "ytrestricted", "isolate", "noisolate", "override", "l4_override", "egress", "resolve", "quarantine", "redirect".
CreatedAt string
DeletedAt string: Indicate the date of deletion, if any.
Description string: Specify the rule description.
DevicePosture string
Enabled bool: Specify whether the rule is enabled.
Expiration GetZeroTrustGatewayPolicyExpiration: Defines the expiration time stamp and default duration of a DNS policy. Takes precedence over the policy's schedule configuration, if any. This does not apply to HTTP or network policies. Settable only for dns rules.
Filters []string: Specify the protocol or layer to evaluate the traffic, identity, and device posture expressions.
Id string: Identify the API resource with a UUID.
Identity string
Name string: Specify the rule name.
Precedence int
ReadOnly bool: Indicate that this rule is shared via the Orgs API and read only.
RuleSettings GetZeroTrustGatewayPolicyRuleSettings
Schedule GetZeroTrustGatewayPolicySchedule: Defines the schedule for activating DNS policies. Settable only for dns and dns_resolver rules.
Sharable bool: Indicate that this rule is sharable via the Orgs API.
SourceAccount string: Provide the account tag of the account that created the rule.
Traffic string
UpdatedAt string
Version int: Indicate the version number of the rule(read-only).
WarningStatus string: Indicate a warning for a misconfigured rule, if any.
RuleId string: Identify the API resource with a UUID.

accountId String
action String: Specify the action to perform when the associated traffic, identity, and device posture expressions either absent or evaluate to true. Available values: "on", "off", "allow", "block", "scan", "noscan", "safesearch", "ytrestricted", "isolate", "noisolate", "override", "l4_override", "egress", "resolve", "quarantine", "redirect".
createdAt String
deletedAt String: Indicate the date of deletion, if any.
description String: Specify the rule description.
devicePosture String
enabled Boolean: Specify whether the rule is enabled.
expiration GetZeroTrustGatewayPolicyExpiration: Defines the expiration time stamp and default duration of a DNS policy. Takes precedence over the policy's schedule configuration, if any. This does not apply to HTTP or network policies. Settable only for dns rules.
filters List<String>: Specify the protocol or layer to evaluate the traffic, identity, and device posture expressions.
id String: Identify the API resource with a UUID.
identity String
name String: Specify the rule name.
precedence Integer
readOnly Boolean: Indicate that this rule is shared via the Orgs API and read only.
ruleSettings GetZeroTrustGatewayPolicyRuleSettings
schedule GetZeroTrustGatewayPolicySchedule: Defines the schedule for activating DNS policies. Settable only for dns and dns_resolver rules.
sharable Boolean: Indicate that this rule is sharable via the Orgs API.
sourceAccount String: Provide the account tag of the account that created the rule.
traffic String
updatedAt String
version Integer: Indicate the version number of the rule(read-only).
warningStatus String: Indicate a warning for a misconfigured rule, if any.
ruleId String: Identify the API resource with a UUID.

accountId string
action string: Specify the action to perform when the associated traffic, identity, and device posture expressions either absent or evaluate to true. Available values: "on", "off", "allow", "block", "scan", "noscan", "safesearch", "ytrestricted", "isolate", "noisolate", "override", "l4_override", "egress", "resolve", "quarantine", "redirect".
createdAt string
deletedAt string: Indicate the date of deletion, if any.
description string: Specify the rule description.
devicePosture string
enabled boolean: Specify whether the rule is enabled.
expiration GetZeroTrustGatewayPolicyExpiration: Defines the expiration time stamp and default duration of a DNS policy. Takes precedence over the policy's schedule configuration, if any. This does not apply to HTTP or network policies. Settable only for dns rules.
filters string[]: Specify the protocol or layer to evaluate the traffic, identity, and device posture expressions.
id string: Identify the API resource with a UUID.
identity string
name string: Specify the rule name.
precedence number
readOnly boolean: Indicate that this rule is shared via the Orgs API and read only.
ruleSettings GetZeroTrustGatewayPolicyRuleSettings
schedule GetZeroTrustGatewayPolicySchedule: Defines the schedule for activating DNS policies. Settable only for dns and dns_resolver rules.
sharable boolean: Indicate that this rule is sharable via the Orgs API.
sourceAccount string: Provide the account tag of the account that created the rule.
traffic string
updatedAt string
version number: Indicate the version number of the rule(read-only).
warningStatus string: Indicate a warning for a misconfigured rule, if any.
ruleId string: Identify the API resource with a UUID.

account_id str
action str: Specify the action to perform when the associated traffic, identity, and device posture expressions either absent or evaluate to true. Available values: "on", "off", "allow", "block", "scan", "noscan", "safesearch", "ytrestricted", "isolate", "noisolate", "override", "l4_override", "egress", "resolve", "quarantine", "redirect".
created_at str
deleted_at str: Indicate the date of deletion, if any.
description str: Specify the rule description.
device_posture str
enabled bool: Specify whether the rule is enabled.
expiration GetZeroTrustGatewayPolicyExpiration: Defines the expiration time stamp and default duration of a DNS policy. Takes precedence over the policy's schedule configuration, if any. This does not apply to HTTP or network policies. Settable only for dns rules.
filters Sequence[str]: Specify the protocol or layer to evaluate the traffic, identity, and device posture expressions.
id str: Identify the API resource with a UUID.
identity str
name str: Specify the rule name.
precedence int
read_only bool: Indicate that this rule is shared via the Orgs API and read only.
rule_settings GetZeroTrustGatewayPolicyRuleSettings
schedule GetZeroTrustGatewayPolicySchedule: Defines the schedule for activating DNS policies. Settable only for dns and dns_resolver rules.
sharable bool: Indicate that this rule is sharable via the Orgs API.
source_account str: Provide the account tag of the account that created the rule.
traffic str
updated_at str
version int: Indicate the version number of the rule(read-only).
warning_status str: Indicate a warning for a misconfigured rule, if any.
rule_id str: Identify the API resource with a UUID.

accountId String
action String: Specify the action to perform when the associated traffic, identity, and device posture expressions either absent or evaluate to true. Available values: "on", "off", "allow", "block", "scan", "noscan", "safesearch", "ytrestricted", "isolate", "noisolate", "override", "l4_override", "egress", "resolve", "quarantine", "redirect".
createdAt String
deletedAt String: Indicate the date of deletion, if any.
description String: Specify the rule description.
devicePosture String
enabled Boolean: Specify whether the rule is enabled.
expiration Property Map: Defines the expiration time stamp and default duration of a DNS policy. Takes precedence over the policy's schedule configuration, if any. This does not apply to HTTP or network policies. Settable only for dns rules.
filters List<String>: Specify the protocol or layer to evaluate the traffic, identity, and device posture expressions.
id String: Identify the API resource with a UUID.
identity String
name String: Specify the rule name.
precedence Number
readOnly Boolean: Indicate that this rule is shared via the Orgs API and read only.
ruleSettings Property Map
schedule Property Map: Defines the schedule for activating DNS policies. Settable only for dns and dns_resolver rules.
sharable Boolean: Indicate that this rule is sharable via the Orgs API.
sourceAccount String: Provide the account tag of the account that created the rule.
traffic String
updatedAt String
version Number: Indicate the version number of the rule(read-only).
warningStatus String: Indicate a warning for a misconfigured rule, if any.
ruleId String: Identify the API resource with a UUID.

Supporting Types

GetZeroTrustGatewayPolicyExpiration

Duration int: Defines the default duration a policy active in minutes. Must set in order to use the reset_expiration endpoint on this rule.
Expired bool: Indicates whether the policy is expired.
ExpiresAt string: Show the timestamp when the policy expires and stops applying. The value must follow RFC 3339 and include a UTC offset. The system accepts non-zero offsets but converts them to the equivalent UTC+00:00 value and returns timestamps with a trailing Z. Expiration policies ignore client timezones and expire globally at the specified expires_at time.

Duration int: Defines the default duration a policy active in minutes. Must set in order to use the reset_expiration endpoint on this rule.
Expired bool: Indicates whether the policy is expired.
ExpiresAt string: Show the timestamp when the policy expires and stops applying. The value must follow RFC 3339 and include a UTC offset. The system accepts non-zero offsets but converts them to the equivalent UTC+00:00 value and returns timestamps with a trailing Z. Expiration policies ignore client timezones and expire globally at the specified expires_at time.

duration Integer: Defines the default duration a policy active in minutes. Must set in order to use the reset_expiration endpoint on this rule.
expired Boolean: Indicates whether the policy is expired.
expiresAt String: Show the timestamp when the policy expires and stops applying. The value must follow RFC 3339 and include a UTC offset. The system accepts non-zero offsets but converts them to the equivalent UTC+00:00 value and returns timestamps with a trailing Z. Expiration policies ignore client timezones and expire globally at the specified expires_at time.

duration number: Defines the default duration a policy active in minutes. Must set in order to use the reset_expiration endpoint on this rule.
expired boolean: Indicates whether the policy is expired.
expiresAt string: Show the timestamp when the policy expires and stops applying. The value must follow RFC 3339 and include a UTC offset. The system accepts non-zero offsets but converts them to the equivalent UTC+00:00 value and returns timestamps with a trailing Z. Expiration policies ignore client timezones and expire globally at the specified expires_at time.

duration int: Defines the default duration a policy active in minutes. Must set in order to use the reset_expiration endpoint on this rule.
expired bool: Indicates whether the policy is expired.
expires_at str: Show the timestamp when the policy expires and stops applying. The value must follow RFC 3339 and include a UTC offset. The system accepts non-zero offsets but converts them to the equivalent UTC+00:00 value and returns timestamps with a trailing Z. Expiration policies ignore client timezones and expire globally at the specified expires_at time.

duration Number: Defines the default duration a policy active in minutes. Must set in order to use the reset_expiration endpoint on this rule.
expired Boolean: Indicates whether the policy is expired.
expiresAt String: Show the timestamp when the policy expires and stops applying. The value must follow RFC 3339 and include a UTC offset. The system accepts non-zero offsets but converts them to the equivalent UTC+00:00 value and returns timestamps with a trailing Z. Expiration policies ignore client timezones and expire globally at the specified expires_at time.

GetZeroTrustGatewayPolicyRuleSettings

AddHeaders Dictionary<string, ImmutableArray<string>>: Add custom headers to allowed requests as key-value pairs. Use header names as keys that map to arrays of header values. Settable only for http rules with the action set to allow.
AllowChildBypass bool: Set to enable MSP children to bypass this rule. Only parent MSP accounts can set this. this rule. Settable for all types of rules.
AuditSsh GetZeroTrustGatewayPolicyRuleSettingsAuditSsh: Define the settings for the Audit SSH action. Settable only for l4 rules with audit_ssh action.
BisoAdminControls GetZeroTrustGatewayPolicyRuleSettingsBisoAdminControls: Configure browser isolation behavior. Settable only for http rules with the action set to isolate.
BlockPage GetZeroTrustGatewayPolicyRuleSettingsBlockPage: Configure custom block page settings. If missing or null, use the account settings. Settable only for http rules with the action set to block.
BlockPageEnabled bool: Enable the custom block page. Settable only for dns rules with action block.
BlockReason string: Explain why the rule blocks the request. The custom block page shows this text (if enabled). Settable only for dns, l4, and http rules when the action set to block.
BypassParentRule bool: Set to enable MSP accounts to bypass their parent's rules. Only MSP child accounts can set this. Settable for all types of rules.
CheckSession GetZeroTrustGatewayPolicyRuleSettingsCheckSession: Configure session check behavior. Settable only for l4 and http rules with the action set to allow.
DnsResolvers GetZeroTrustGatewayPolicyRuleSettingsDnsResolvers: Configure custom resolvers to route queries that match the resolver policy. Unused with 'resolvednsthroughcloudflare' or 'resolvedns*internally' settings. DNS queries get routed to the address closest to their origin. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
Egress GetZeroTrustGatewayPolicyRuleSettingsEgress: Configure how Gateway Proxy traffic egresses. You can enable this setting for rules with Egress actions and filters, or omit it to indicate local egress via WARP IPs. Settable only for egress rules.
IgnoreCnameCategoryMatches bool: Ignore category matches at CNAME domains in a response. When off, evaluate categories in this rule against all CNAME domain categories in the response. Settable only for dns and dns_resolver rules.
InsecureDisableDnssecValidation bool: Specify whether to disable DNSSEC validation (for Allow actions) [INSECURE]. Settable only for dns rules.
IpCategories bool: Enable IPs in DNS resolver category blocks. The system blocks only domain name categories unless you enable this setting. Settable only for dns and dns_resolver rules.
IpIndicatorFeeds bool: Indicates whether to include IPs in DNS resolver indicator feed blocks. Default, indicator feeds block only domain names. Settable only for dns and dns_resolver rules.
L4override GetZeroTrustGatewayPolicyRuleSettingsL4override: Send matching traffic to the supplied destination IP address and port. Settable only for l4 rules with the action set to l4_override.
NotificationSettings GetZeroTrustGatewayPolicyRuleSettingsNotificationSettings: Configure a notification to display on the user's device when this rule matched. Settable for all types of rules with the action set to block.
OverrideHost string: Defines a hostname for override, for the matching DNS queries. Settable only for dns rules with the action set to override.
OverrideIps List<string>: Defines a an IP or set of IPs for overriding matched DNS queries. Settable only for dns rules with the action set to override.
PayloadLog GetZeroTrustGatewayPolicyRuleSettingsPayloadLog: Configure DLP payload logging. Settable only for http rules.
Quarantine GetZeroTrustGatewayPolicyRuleSettingsQuarantine: Configure settings that apply to quarantine rules. Settable only for http rules.
Redirect GetZeroTrustGatewayPolicyRuleSettingsRedirect: Apply settings to redirect rules. Settable only for http rules with the action set to redirect.
ResolveDnsInternally GetZeroTrustGatewayPolicyRuleSettingsResolveDnsInternally: Configure to forward the query to the internal DNS service, passing the specified 'viewid' as input. Not used when 'dnsresolvers' is specified or 'resolvednsthrough*cloudflare' is set. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
ResolveDnsThroughCloudflare bool: Enable to send queries that match the policy to Cloudflare's default 1.1.1.1 DNS resolver. Cannot set when 'dnsresolvers' specified or 'resolvedns_internally' is set. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
UntrustedCert GetZeroTrustGatewayPolicyRuleSettingsUntrustedCert: Configure behavior when an upstream certificate is invalid or an SSL error occurs. Settable only for http rules with the action set to allow.

AddHeaders map[string][]string: Add custom headers to allowed requests as key-value pairs. Use header names as keys that map to arrays of header values. Settable only for http rules with the action set to allow.
AllowChildBypass bool: Set to enable MSP children to bypass this rule. Only parent MSP accounts can set this. this rule. Settable for all types of rules.
AuditSsh GetZeroTrustGatewayPolicyRuleSettingsAuditSsh: Define the settings for the Audit SSH action. Settable only for l4 rules with audit_ssh action.
BisoAdminControls GetZeroTrustGatewayPolicyRuleSettingsBisoAdminControls: Configure browser isolation behavior. Settable only for http rules with the action set to isolate.
BlockPage GetZeroTrustGatewayPolicyRuleSettingsBlockPage: Configure custom block page settings. If missing or null, use the account settings. Settable only for http rules with the action set to block.
BlockPageEnabled bool: Enable the custom block page. Settable only for dns rules with action block.
BlockReason string: Explain why the rule blocks the request. The custom block page shows this text (if enabled). Settable only for dns, l4, and http rules when the action set to block.
BypassParentRule bool: Set to enable MSP accounts to bypass their parent's rules. Only MSP child accounts can set this. Settable for all types of rules.
CheckSession GetZeroTrustGatewayPolicyRuleSettingsCheckSession: Configure session check behavior. Settable only for l4 and http rules with the action set to allow.
DnsResolvers GetZeroTrustGatewayPolicyRuleSettingsDnsResolvers: Configure custom resolvers to route queries that match the resolver policy. Unused with 'resolvednsthroughcloudflare' or 'resolvedns*internally' settings. DNS queries get routed to the address closest to their origin. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
Egress GetZeroTrustGatewayPolicyRuleSettingsEgress: Configure how Gateway Proxy traffic egresses. You can enable this setting for rules with Egress actions and filters, or omit it to indicate local egress via WARP IPs. Settable only for egress rules.
IgnoreCnameCategoryMatches bool: Ignore category matches at CNAME domains in a response. When off, evaluate categories in this rule against all CNAME domain categories in the response. Settable only for dns and dns_resolver rules.
InsecureDisableDnssecValidation bool: Specify whether to disable DNSSEC validation (for Allow actions) [INSECURE]. Settable only for dns rules.
IpCategories bool: Enable IPs in DNS resolver category blocks. The system blocks only domain name categories unless you enable this setting. Settable only for dns and dns_resolver rules.
IpIndicatorFeeds bool: Indicates whether to include IPs in DNS resolver indicator feed blocks. Default, indicator feeds block only domain names. Settable only for dns and dns_resolver rules.
L4override GetZeroTrustGatewayPolicyRuleSettingsL4override: Send matching traffic to the supplied destination IP address and port. Settable only for l4 rules with the action set to l4_override.
NotificationSettings GetZeroTrustGatewayPolicyRuleSettingsNotificationSettings: Configure a notification to display on the user's device when this rule matched. Settable for all types of rules with the action set to block.
OverrideHost string: Defines a hostname for override, for the matching DNS queries. Settable only for dns rules with the action set to override.
OverrideIps []string: Defines a an IP or set of IPs for overriding matched DNS queries. Settable only for dns rules with the action set to override.
PayloadLog GetZeroTrustGatewayPolicyRuleSettingsPayloadLog: Configure DLP payload logging. Settable only for http rules.
Quarantine GetZeroTrustGatewayPolicyRuleSettingsQuarantine: Configure settings that apply to quarantine rules. Settable only for http rules.
Redirect GetZeroTrustGatewayPolicyRuleSettingsRedirect: Apply settings to redirect rules. Settable only for http rules with the action set to redirect.
ResolveDnsInternally GetZeroTrustGatewayPolicyRuleSettingsResolveDnsInternally: Configure to forward the query to the internal DNS service, passing the specified 'viewid' as input. Not used when 'dnsresolvers' is specified or 'resolvednsthrough*cloudflare' is set. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
ResolveDnsThroughCloudflare bool: Enable to send queries that match the policy to Cloudflare's default 1.1.1.1 DNS resolver. Cannot set when 'dnsresolvers' specified or 'resolvedns_internally' is set. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
UntrustedCert GetZeroTrustGatewayPolicyRuleSettingsUntrustedCert: Configure behavior when an upstream certificate is invalid or an SSL error occurs. Settable only for http rules with the action set to allow.

addHeaders Map<String,List<String>>: Add custom headers to allowed requests as key-value pairs. Use header names as keys that map to arrays of header values. Settable only for http rules with the action set to allow.
allowChildBypass Boolean: Set to enable MSP children to bypass this rule. Only parent MSP accounts can set this. this rule. Settable for all types of rules.
auditSsh GetZeroTrustGatewayPolicyRuleSettingsAuditSsh: Define the settings for the Audit SSH action. Settable only for l4 rules with audit_ssh action.
bisoAdminControls GetZeroTrustGatewayPolicyRuleSettingsBisoAdminControls: Configure browser isolation behavior. Settable only for http rules with the action set to isolate.
blockPage GetZeroTrustGatewayPolicyRuleSettingsBlockPage: Configure custom block page settings. If missing or null, use the account settings. Settable only for http rules with the action set to block.
blockPageEnabled Boolean: Enable the custom block page. Settable only for dns rules with action block.
blockReason String: Explain why the rule blocks the request. The custom block page shows this text (if enabled). Settable only for dns, l4, and http rules when the action set to block.
bypassParentRule Boolean: Set to enable MSP accounts to bypass their parent's rules. Only MSP child accounts can set this. Settable for all types of rules.
checkSession GetZeroTrustGatewayPolicyRuleSettingsCheckSession: Configure session check behavior. Settable only for l4 and http rules with the action set to allow.
dnsResolvers GetZeroTrustGatewayPolicyRuleSettingsDnsResolvers: Configure custom resolvers to route queries that match the resolver policy. Unused with 'resolvednsthroughcloudflare' or 'resolvedns*internally' settings. DNS queries get routed to the address closest to their origin. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
egress GetZeroTrustGatewayPolicyRuleSettingsEgress: Configure how Gateway Proxy traffic egresses. You can enable this setting for rules with Egress actions and filters, or omit it to indicate local egress via WARP IPs. Settable only for egress rules.
ignoreCnameCategoryMatches Boolean: Ignore category matches at CNAME domains in a response. When off, evaluate categories in this rule against all CNAME domain categories in the response. Settable only for dns and dns_resolver rules.
insecureDisableDnssecValidation Boolean: Specify whether to disable DNSSEC validation (for Allow actions) [INSECURE]. Settable only for dns rules.
ipCategories Boolean: Enable IPs in DNS resolver category blocks. The system blocks only domain name categories unless you enable this setting. Settable only for dns and dns_resolver rules.
ipIndicatorFeeds Boolean: Indicates whether to include IPs in DNS resolver indicator feed blocks. Default, indicator feeds block only domain names. Settable only for dns and dns_resolver rules.
l4override GetZeroTrustGatewayPolicyRuleSettingsL4override: Send matching traffic to the supplied destination IP address and port. Settable only for l4 rules with the action set to l4_override.
notificationSettings GetZeroTrustGatewayPolicyRuleSettingsNotificationSettings: Configure a notification to display on the user's device when this rule matched. Settable for all types of rules with the action set to block.
overrideHost String: Defines a hostname for override, for the matching DNS queries. Settable only for dns rules with the action set to override.
overrideIps List<String>: Defines a an IP or set of IPs for overriding matched DNS queries. Settable only for dns rules with the action set to override.
payloadLog GetZeroTrustGatewayPolicyRuleSettingsPayloadLog: Configure DLP payload logging. Settable only for http rules.
quarantine GetZeroTrustGatewayPolicyRuleSettingsQuarantine: Configure settings that apply to quarantine rules. Settable only for http rules.
redirect GetZeroTrustGatewayPolicyRuleSettingsRedirect: Apply settings to redirect rules. Settable only for http rules with the action set to redirect.
resolveDnsInternally GetZeroTrustGatewayPolicyRuleSettingsResolveDnsInternally: Configure to forward the query to the internal DNS service, passing the specified 'viewid' as input. Not used when 'dnsresolvers' is specified or 'resolvednsthrough*cloudflare' is set. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
resolveDnsThroughCloudflare Boolean: Enable to send queries that match the policy to Cloudflare's default 1.1.1.1 DNS resolver. Cannot set when 'dnsresolvers' specified or 'resolvedns_internally' is set. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
untrustedCert GetZeroTrustGatewayPolicyRuleSettingsUntrustedCert: Configure behavior when an upstream certificate is invalid or an SSL error occurs. Settable only for http rules with the action set to allow.

addHeaders {[key: string]: string[]}: Add custom headers to allowed requests as key-value pairs. Use header names as keys that map to arrays of header values. Settable only for http rules with the action set to allow.
allowChildBypass boolean: Set to enable MSP children to bypass this rule. Only parent MSP accounts can set this. this rule. Settable for all types of rules.
auditSsh GetZeroTrustGatewayPolicyRuleSettingsAuditSsh: Define the settings for the Audit SSH action. Settable only for l4 rules with audit_ssh action.
bisoAdminControls GetZeroTrustGatewayPolicyRuleSettingsBisoAdminControls: Configure browser isolation behavior. Settable only for http rules with the action set to isolate.
blockPage GetZeroTrustGatewayPolicyRuleSettingsBlockPage: Configure custom block page settings. If missing or null, use the account settings. Settable only for http rules with the action set to block.
blockPageEnabled boolean: Enable the custom block page. Settable only for dns rules with action block.
blockReason string: Explain why the rule blocks the request. The custom block page shows this text (if enabled). Settable only for dns, l4, and http rules when the action set to block.
bypassParentRule boolean: Set to enable MSP accounts to bypass their parent's rules. Only MSP child accounts can set this. Settable for all types of rules.
checkSession GetZeroTrustGatewayPolicyRuleSettingsCheckSession: Configure session check behavior. Settable only for l4 and http rules with the action set to allow.
dnsResolvers GetZeroTrustGatewayPolicyRuleSettingsDnsResolvers: Configure custom resolvers to route queries that match the resolver policy. Unused with 'resolvednsthroughcloudflare' or 'resolvedns*internally' settings. DNS queries get routed to the address closest to their origin. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
egress GetZeroTrustGatewayPolicyRuleSettingsEgress: Configure how Gateway Proxy traffic egresses. You can enable this setting for rules with Egress actions and filters, or omit it to indicate local egress via WARP IPs. Settable only for egress rules.
ignoreCnameCategoryMatches boolean: Ignore category matches at CNAME domains in a response. When off, evaluate categories in this rule against all CNAME domain categories in the response. Settable only for dns and dns_resolver rules.
insecureDisableDnssecValidation boolean: Specify whether to disable DNSSEC validation (for Allow actions) [INSECURE]. Settable only for dns rules.
ipCategories boolean: Enable IPs in DNS resolver category blocks. The system blocks only domain name categories unless you enable this setting. Settable only for dns and dns_resolver rules.
ipIndicatorFeeds boolean: Indicates whether to include IPs in DNS resolver indicator feed blocks. Default, indicator feeds block only domain names. Settable only for dns and dns_resolver rules.
l4override GetZeroTrustGatewayPolicyRuleSettingsL4override: Send matching traffic to the supplied destination IP address and port. Settable only for l4 rules with the action set to l4_override.
notificationSettings GetZeroTrustGatewayPolicyRuleSettingsNotificationSettings: Configure a notification to display on the user's device when this rule matched. Settable for all types of rules with the action set to block.
overrideHost string: Defines a hostname for override, for the matching DNS queries. Settable only for dns rules with the action set to override.
overrideIps string[]: Defines a an IP or set of IPs for overriding matched DNS queries. Settable only for dns rules with the action set to override.
payloadLog GetZeroTrustGatewayPolicyRuleSettingsPayloadLog: Configure DLP payload logging. Settable only for http rules.
quarantine GetZeroTrustGatewayPolicyRuleSettingsQuarantine: Configure settings that apply to quarantine rules. Settable only for http rules.
redirect GetZeroTrustGatewayPolicyRuleSettingsRedirect: Apply settings to redirect rules. Settable only for http rules with the action set to redirect.
resolveDnsInternally GetZeroTrustGatewayPolicyRuleSettingsResolveDnsInternally: Configure to forward the query to the internal DNS service, passing the specified 'viewid' as input. Not used when 'dnsresolvers' is specified or 'resolvednsthrough*cloudflare' is set. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
resolveDnsThroughCloudflare boolean: Enable to send queries that match the policy to Cloudflare's default 1.1.1.1 DNS resolver. Cannot set when 'dnsresolvers' specified or 'resolvedns_internally' is set. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
untrustedCert GetZeroTrustGatewayPolicyRuleSettingsUntrustedCert: Configure behavior when an upstream certificate is invalid or an SSL error occurs. Settable only for http rules with the action set to allow.

add_headers Mapping[str, Sequence[str]]: Add custom headers to allowed requests as key-value pairs. Use header names as keys that map to arrays of header values. Settable only for http rules with the action set to allow.
allow_child_bypass bool: Set to enable MSP children to bypass this rule. Only parent MSP accounts can set this. this rule. Settable for all types of rules.
audit_ssh GetZeroTrustGatewayPolicyRuleSettingsAuditSsh: Define the settings for the Audit SSH action. Settable only for l4 rules with audit_ssh action.
biso_admin_controls GetZeroTrustGatewayPolicyRuleSettingsBisoAdminControls: Configure browser isolation behavior. Settable only for http rules with the action set to isolate.
block_page GetZeroTrustGatewayPolicyRuleSettingsBlockPage: Configure custom block page settings. If missing or null, use the account settings. Settable only for http rules with the action set to block.
block_page_enabled bool: Enable the custom block page. Settable only for dns rules with action block.
block_reason str: Explain why the rule blocks the request. The custom block page shows this text (if enabled). Settable only for dns, l4, and http rules when the action set to block.
bypass_parent_rule bool: Set to enable MSP accounts to bypass their parent's rules. Only MSP child accounts can set this. Settable for all types of rules.
check_session GetZeroTrustGatewayPolicyRuleSettingsCheckSession: Configure session check behavior. Settable only for l4 and http rules with the action set to allow.
dns_resolvers GetZeroTrustGatewayPolicyRuleSettingsDnsResolvers: Configure custom resolvers to route queries that match the resolver policy. Unused with 'resolvednsthroughcloudflare' or 'resolvedns*internally' settings. DNS queries get routed to the address closest to their origin. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
egress GetZeroTrustGatewayPolicyRuleSettingsEgress: Configure how Gateway Proxy traffic egresses. You can enable this setting for rules with Egress actions and filters, or omit it to indicate local egress via WARP IPs. Settable only for egress rules.
ignore_cname_category_matches bool: Ignore category matches at CNAME domains in a response. When off, evaluate categories in this rule against all CNAME domain categories in the response. Settable only for dns and dns_resolver rules.
insecure_disable_dnssec_validation bool: Specify whether to disable DNSSEC validation (for Allow actions) [INSECURE]. Settable only for dns rules.
ip_categories bool: Enable IPs in DNS resolver category blocks. The system blocks only domain name categories unless you enable this setting. Settable only for dns and dns_resolver rules.
ip_indicator_feeds bool: Indicates whether to include IPs in DNS resolver indicator feed blocks. Default, indicator feeds block only domain names. Settable only for dns and dns_resolver rules.
l4override GetZeroTrustGatewayPolicyRuleSettingsL4override: Send matching traffic to the supplied destination IP address and port. Settable only for l4 rules with the action set to l4_override.
notification_settings GetZeroTrustGatewayPolicyRuleSettingsNotificationSettings: Configure a notification to display on the user's device when this rule matched. Settable for all types of rules with the action set to block.
override_host str: Defines a hostname for override, for the matching DNS queries. Settable only for dns rules with the action set to override.
override_ips Sequence[str]: Defines a an IP or set of IPs for overriding matched DNS queries. Settable only for dns rules with the action set to override.
payload_log GetZeroTrustGatewayPolicyRuleSettingsPayloadLog: Configure DLP payload logging. Settable only for http rules.
quarantine GetZeroTrustGatewayPolicyRuleSettingsQuarantine: Configure settings that apply to quarantine rules. Settable only for http rules.
redirect GetZeroTrustGatewayPolicyRuleSettingsRedirect: Apply settings to redirect rules. Settable only for http rules with the action set to redirect.
resolve_dns_internally GetZeroTrustGatewayPolicyRuleSettingsResolveDnsInternally: Configure to forward the query to the internal DNS service, passing the specified 'viewid' as input. Not used when 'dnsresolvers' is specified or 'resolvednsthrough*cloudflare' is set. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
resolve_dns_through_cloudflare bool: Enable to send queries that match the policy to Cloudflare's default 1.1.1.1 DNS resolver. Cannot set when 'dnsresolvers' specified or 'resolvedns_internally' is set. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
untrusted_cert GetZeroTrustGatewayPolicyRuleSettingsUntrustedCert: Configure behavior when an upstream certificate is invalid or an SSL error occurs. Settable only for http rules with the action set to allow.

addHeaders Map<List<String>>: Add custom headers to allowed requests as key-value pairs. Use header names as keys that map to arrays of header values. Settable only for http rules with the action set to allow.
allowChildBypass Boolean: Set to enable MSP children to bypass this rule. Only parent MSP accounts can set this. this rule. Settable for all types of rules.
auditSsh Property Map: Define the settings for the Audit SSH action. Settable only for l4 rules with audit_ssh action.
bisoAdminControls Property Map: Configure browser isolation behavior. Settable only for http rules with the action set to isolate.
blockPage Property Map: Configure custom block page settings. If missing or null, use the account settings. Settable only for http rules with the action set to block.
blockPageEnabled Boolean: Enable the custom block page. Settable only for dns rules with action block.
blockReason String: Explain why the rule blocks the request. The custom block page shows this text (if enabled). Settable only for dns, l4, and http rules when the action set to block.
bypassParentRule Boolean: Set to enable MSP accounts to bypass their parent's rules. Only MSP child accounts can set this. Settable for all types of rules.
checkSession Property Map: Configure session check behavior. Settable only for l4 and http rules with the action set to allow.
dnsResolvers Property Map: Configure custom resolvers to route queries that match the resolver policy. Unused with 'resolvednsthroughcloudflare' or 'resolvedns*internally' settings. DNS queries get routed to the address closest to their origin. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
egress Property Map: Configure how Gateway Proxy traffic egresses. You can enable this setting for rules with Egress actions and filters, or omit it to indicate local egress via WARP IPs. Settable only for egress rules.
ignoreCnameCategoryMatches Boolean: Ignore category matches at CNAME domains in a response. When off, evaluate categories in this rule against all CNAME domain categories in the response. Settable only for dns and dns_resolver rules.
insecureDisableDnssecValidation Boolean: Specify whether to disable DNSSEC validation (for Allow actions) [INSECURE]. Settable only for dns rules.
ipCategories Boolean: Enable IPs in DNS resolver category blocks. The system blocks only domain name categories unless you enable this setting. Settable only for dns and dns_resolver rules.
ipIndicatorFeeds Boolean: Indicates whether to include IPs in DNS resolver indicator feed blocks. Default, indicator feeds block only domain names. Settable only for dns and dns_resolver rules.
l4override Property Map: Send matching traffic to the supplied destination IP address and port. Settable only for l4 rules with the action set to l4_override.
notificationSettings Property Map: Configure a notification to display on the user's device when this rule matched. Settable for all types of rules with the action set to block.
overrideHost String: Defines a hostname for override, for the matching DNS queries. Settable only for dns rules with the action set to override.
overrideIps List<String>: Defines a an IP or set of IPs for overriding matched DNS queries. Settable only for dns rules with the action set to override.
payloadLog Property Map: Configure DLP payload logging. Settable only for http rules.
quarantine Property Map: Configure settings that apply to quarantine rules. Settable only for http rules.
redirect Property Map: Apply settings to redirect rules. Settable only for http rules with the action set to redirect.
resolveDnsInternally Property Map: Configure to forward the query to the internal DNS service, passing the specified 'viewid' as input. Not used when 'dnsresolvers' is specified or 'resolvednsthrough*cloudflare' is set. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
resolveDnsThroughCloudflare Boolean: Enable to send queries that match the policy to Cloudflare's default 1.1.1.1 DNS resolver. Cannot set when 'dnsresolvers' specified or 'resolvedns_internally' is set. Only valid when a rule's action set to 'resolve'. Settable only for dns_resolver rules.
untrustedCert Property Map: Configure behavior when an upstream certificate is invalid or an SSL error occurs. Settable only for http rules with the action set to allow.

GetZeroTrustGatewayPolicyRuleSettingsAuditSsh

CommandLogging bool: Enable SSH command logging.

CommandLogging bool: Enable SSH command logging.

commandLogging Boolean: Enable SSH command logging.

commandLogging boolean: Enable SSH command logging.

command_logging bool: Enable SSH command logging.

commandLogging Boolean: Enable SSH command logging.

GetZeroTrustGatewayPolicyRuleSettingsBisoAdminControls

Copy string: Configure copy behavior. If set to remoteonly, users cannot copy isolated content from the remote browser to the local clipboard. If this field is absent, copying remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
Dcp bool: Set to false to enable copy-pasting. Only applies when version == "v1".
Dd bool: Set to false to enable downloading. Only applies when version == "v1".
Dk bool: Set to false to enable keyboard usage. Only applies when version == "v1".
Download string: Configure download behavior. When set to remoteonly, users can view downloads but cannot save them. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
Dp bool: Set to false to enable printing. Only applies when version == "v1".
Du bool: Set to false to enable uploading. Only applies when version == "v1".
Keyboard string: Configure keyboard usage behavior. If this field is absent, keyboard usage remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
Paste string: Configure paste behavior. If set to remoteonly, users cannot paste content from the local clipboard into isolated pages. If this field is absent, pasting remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
Printing string: Configure print behavior. Default, Printing is enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
Upload string: Configure upload behavior. If this field is absent, uploading remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
Version string: Indicate which version of the browser isolation controls should apply. Available values: "v1", "v2".

Copy string: Configure copy behavior. If set to remoteonly, users cannot copy isolated content from the remote browser to the local clipboard. If this field is absent, copying remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
Dcp bool: Set to false to enable copy-pasting. Only applies when version == "v1".
Dd bool: Set to false to enable downloading. Only applies when version == "v1".
Dk bool: Set to false to enable keyboard usage. Only applies when version == "v1".
Download string: Configure download behavior. When set to remoteonly, users can view downloads but cannot save them. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
Dp bool: Set to false to enable printing. Only applies when version == "v1".
Du bool: Set to false to enable uploading. Only applies when version == "v1".
Keyboard string: Configure keyboard usage behavior. If this field is absent, keyboard usage remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
Paste string: Configure paste behavior. If set to remoteonly, users cannot paste content from the local clipboard into isolated pages. If this field is absent, pasting remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
Printing string: Configure print behavior. Default, Printing is enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
Upload string: Configure upload behavior. If this field is absent, uploading remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
Version string: Indicate which version of the browser isolation controls should apply. Available values: "v1", "v2".

copy String: Configure copy behavior. If set to remoteonly, users cannot copy isolated content from the remote browser to the local clipboard. If this field is absent, copying remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
dcp Boolean: Set to false to enable copy-pasting. Only applies when version == "v1".
dd Boolean: Set to false to enable downloading. Only applies when version == "v1".
dk Boolean: Set to false to enable keyboard usage. Only applies when version == "v1".
download String: Configure download behavior. When set to remoteonly, users can view downloads but cannot save them. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
dp Boolean: Set to false to enable printing. Only applies when version == "v1".
du Boolean: Set to false to enable uploading. Only applies when version == "v1".
keyboard String: Configure keyboard usage behavior. If this field is absent, keyboard usage remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
paste String: Configure paste behavior. If set to remoteonly, users cannot paste content from the local clipboard into isolated pages. If this field is absent, pasting remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
printing String: Configure print behavior. Default, Printing is enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
upload String: Configure upload behavior. If this field is absent, uploading remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
version String: Indicate which version of the browser isolation controls should apply. Available values: "v1", "v2".

copy string: Configure copy behavior. If set to remoteonly, users cannot copy isolated content from the remote browser to the local clipboard. If this field is absent, copying remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
dcp boolean: Set to false to enable copy-pasting. Only applies when version == "v1".
dd boolean: Set to false to enable downloading. Only applies when version == "v1".
dk boolean: Set to false to enable keyboard usage. Only applies when version == "v1".
download string: Configure download behavior. When set to remoteonly, users can view downloads but cannot save them. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
dp boolean: Set to false to enable printing. Only applies when version == "v1".
du boolean: Set to false to enable uploading. Only applies when version == "v1".
keyboard string: Configure keyboard usage behavior. If this field is absent, keyboard usage remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
paste string: Configure paste behavior. If set to remoteonly, users cannot paste content from the local clipboard into isolated pages. If this field is absent, pasting remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
printing string: Configure print behavior. Default, Printing is enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
upload string: Configure upload behavior. If this field is absent, uploading remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
version string: Indicate which version of the browser isolation controls should apply. Available values: "v1", "v2".

copy str: Configure copy behavior. If set to remoteonly, users cannot copy isolated content from the remote browser to the local clipboard. If this field is absent, copying remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
dcp bool: Set to false to enable copy-pasting. Only applies when version == "v1".
dd bool: Set to false to enable downloading. Only applies when version == "v1".
dk bool: Set to false to enable keyboard usage. Only applies when version == "v1".
download str: Configure download behavior. When set to remoteonly, users can view downloads but cannot save them. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
dp bool: Set to false to enable printing. Only applies when version == "v1".
du bool: Set to false to enable uploading. Only applies when version == "v1".
keyboard str: Configure keyboard usage behavior. If this field is absent, keyboard usage remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
paste str: Configure paste behavior. If set to remoteonly, users cannot paste content from the local clipboard into isolated pages. If this field is absent, pasting remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
printing str: Configure print behavior. Default, Printing is enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
upload str: Configure upload behavior. If this field is absent, uploading remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
version str: Indicate which version of the browser isolation controls should apply. Available values: "v1", "v2".

copy String: Configure copy behavior. If set to remoteonly, users cannot copy isolated content from the remote browser to the local clipboard. If this field is absent, copying remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
dcp Boolean: Set to false to enable copy-pasting. Only applies when version == "v1".
dd Boolean: Set to false to enable downloading. Only applies when version == "v1".
dk Boolean: Set to false to enable keyboard usage. Only applies when version == "v1".
download String: Configure download behavior. When set to remoteonly, users can view downloads but cannot save them. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
dp Boolean: Set to false to enable printing. Only applies when version == "v1".
du Boolean: Set to false to enable uploading. Only applies when version == "v1".
keyboard String: Configure keyboard usage behavior. If this field is absent, keyboard usage remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
paste String: Configure paste behavior. If set to remoteonly, users cannot paste content from the local clipboard into isolated pages. If this field is absent, pasting remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled", "remoteonly".
printing String: Configure print behavior. Default, Printing is enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
upload String: Configure upload behavior. If this field is absent, uploading remains enabled. Applies only when version == "v2". Available values: "enabled", "disabled".
version String: Indicate which version of the browser isolation controls should apply. Available values: "v1", "v2".

GetZeroTrustGatewayPolicyRuleSettingsBlockPage

IncludeContext bool: Specify whether to pass the context information as query parameters.
TargetUri string: Specify the URI to which the user is redirected.

IncludeContext bool: Specify whether to pass the context information as query parameters.
TargetUri string: Specify the URI to which the user is redirected.

includeContext Boolean: Specify whether to pass the context information as query parameters.
targetUri String: Specify the URI to which the user is redirected.

includeContext boolean: Specify whether to pass the context information as query parameters.
targetUri string: Specify the URI to which the user is redirected.

include_context bool: Specify whether to pass the context information as query parameters.
target_uri str: Specify the URI to which the user is redirected.

includeContext Boolean: Specify whether to pass the context information as query parameters.
targetUri String: Specify the URI to which the user is redirected.

GetZeroTrustGatewayPolicyRuleSettingsCheckSession

Duration string: Sets the required session freshness threshold. The API returns a normalized version of this value.
Enforce bool: Enable session enforcement.

Duration string: Sets the required session freshness threshold. The API returns a normalized version of this value.
Enforce bool: Enable session enforcement.

duration String: Sets the required session freshness threshold. The API returns a normalized version of this value.
enforce Boolean: Enable session enforcement.

duration string: Sets the required session freshness threshold. The API returns a normalized version of this value.
enforce boolean: Enable session enforcement.

duration str: Sets the required session freshness threshold. The API returns a normalized version of this value.
enforce bool: Enable session enforcement.

duration String: Sets the required session freshness threshold. The API returns a normalized version of this value.
enforce Boolean: Enable session enforcement.

GetZeroTrustGatewayPolicyRuleSettingsDnsResolvers

Ipv4s List<GetZeroTrustGatewayPolicyRuleSettingsDnsResolversIpv4>
Ipv6s List<GetZeroTrustGatewayPolicyRuleSettingsDnsResolversIpv6>

Ipv4s []GetZeroTrustGatewayPolicyRuleSettingsDnsResolversIpv4
Ipv6s []GetZeroTrustGatewayPolicyRuleSettingsDnsResolversIpv6

ipv4s List<GetZeroTrustGatewayPolicyRuleSettingsDnsResolversIpv4>
ipv6s List<GetZeroTrustGatewayPolicyRuleSettingsDnsResolversIpv6>

ipv4s GetZeroTrustGatewayPolicyRuleSettingsDnsResolversIpv4[]
ipv6s GetZeroTrustGatewayPolicyRuleSettingsDnsResolversIpv6[]

ipv4s Sequence[GetZeroTrustGatewayPolicyRuleSettingsDnsResolversIpv4]
ipv6s Sequence[GetZeroTrustGatewayPolicyRuleSettingsDnsResolversIpv6]

ipv4s List<Property Map>
ipv6s List<Property Map>

GetZeroTrustGatewayPolicyRuleSettingsDnsResolversIpv4

Ip string: Specify the IPv4 address of the upstream resolver.
Port int: Specify a port number to use for the upstream resolver. Defaults to 53 if unspecified.
RouteThroughPrivateNetwork bool: Indicate whether to connect to this resolver over a private network. Must set when vnet_id set.
VnetId string: Specify an optional virtual network for this resolver. Uses default virtual network id if omitted.

Ip string: Specify the IPv4 address of the upstream resolver.
Port int: Specify a port number to use for the upstream resolver. Defaults to 53 if unspecified.
RouteThroughPrivateNetwork bool: Indicate whether to connect to this resolver over a private network. Must set when vnet_id set.
VnetId string: Specify an optional virtual network for this resolver. Uses default virtual network id if omitted.

ip String: Specify the IPv4 address of the upstream resolver.
port Integer: Specify a port number to use for the upstream resolver. Defaults to 53 if unspecified.
routeThroughPrivateNetwork Boolean: Indicate whether to connect to this resolver over a private network. Must set when vnet_id set.
vnetId String: Specify an optional virtual network for this resolver. Uses default virtual network id if omitted.

ip string: Specify the IPv4 address of the upstream resolver.
port number: Specify a port number to use for the upstream resolver. Defaults to 53 if unspecified.
routeThroughPrivateNetwork boolean: Indicate whether to connect to this resolver over a private network. Must set when vnet_id set.
vnetId string: Specify an optional virtual network for this resolver. Uses default virtual network id if omitted.

ip str: Specify the IPv4 address of the upstream resolver.
port int: Specify a port number to use for the upstream resolver. Defaults to 53 if unspecified.
route_through_private_network bool: Indicate whether to connect to this resolver over a private network. Must set when vnet_id set.
vnet_id str: Specify an optional virtual network for this resolver. Uses default virtual network id if omitted.

ip String: Specify the IPv4 address of the upstream resolver.
port Number: Specify a port number to use for the upstream resolver. Defaults to 53 if unspecified.
routeThroughPrivateNetwork Boolean: Indicate whether to connect to this resolver over a private network. Must set when vnet_id set.
vnetId String: Specify an optional virtual network for this resolver. Uses default virtual network id if omitted.

GetZeroTrustGatewayPolicyRuleSettingsDnsResolversIpv6

Ip string: Specify the IPv6 address of the upstream resolver.
Port int: Specify a port number to use for the upstream resolver. Defaults to 53 if unspecified.
RouteThroughPrivateNetwork bool: Indicate whether to connect to this resolver over a private network. Must set when vnet_id set.
VnetId string: Specify an optional virtual network for this resolver. Uses default virtual network id if omitted.

Ip string: Specify the IPv6 address of the upstream resolver.
Port int: Specify a port number to use for the upstream resolver. Defaults to 53 if unspecified.
RouteThroughPrivateNetwork bool: Indicate whether to connect to this resolver over a private network. Must set when vnet_id set.
VnetId string: Specify an optional virtual network for this resolver. Uses default virtual network id if omitted.

ip String: Specify the IPv6 address of the upstream resolver.
port Integer: Specify a port number to use for the upstream resolver. Defaults to 53 if unspecified.
routeThroughPrivateNetwork Boolean: Indicate whether to connect to this resolver over a private network. Must set when vnet_id set.
vnetId String: Specify an optional virtual network for this resolver. Uses default virtual network id if omitted.

ip string: Specify the IPv6 address of the upstream resolver.
port number: Specify a port number to use for the upstream resolver. Defaults to 53 if unspecified.
routeThroughPrivateNetwork boolean: Indicate whether to connect to this resolver over a private network. Must set when vnet_id set.
vnetId string: Specify an optional virtual network for this resolver. Uses default virtual network id if omitted.

ip str: Specify the IPv6 address of the upstream resolver.
port int: Specify a port number to use for the upstream resolver. Defaults to 53 if unspecified.
route_through_private_network bool: Indicate whether to connect to this resolver over a private network. Must set when vnet_id set.
vnet_id str: Specify an optional virtual network for this resolver. Uses default virtual network id if omitted.

ip String: Specify the IPv6 address of the upstream resolver.
port Number: Specify a port number to use for the upstream resolver. Defaults to 53 if unspecified.
routeThroughPrivateNetwork Boolean: Indicate whether to connect to this resolver over a private network. Must set when vnet_id set.
vnetId String: Specify an optional virtual network for this resolver. Uses default virtual network id if omitted.

GetZeroTrustGatewayPolicyRuleSettingsEgress

Ipv4 string: Specify the IPv4 address to use for egress.
Ipv4Fallback string: Specify the fallback IPv4 address to use for egress when the primary IPv4 fails. Set '0.0.0.0' to indicate local egress via WARP IPs.
Ipv6 string: Specify the IPv6 range to use for egress.

Ipv4 string: Specify the IPv4 address to use for egress.
Ipv4Fallback string: Specify the fallback IPv4 address to use for egress when the primary IPv4 fails. Set '0.0.0.0' to indicate local egress via WARP IPs.
Ipv6 string: Specify the IPv6 range to use for egress.

ipv4 String: Specify the IPv4 address to use for egress.
ipv4Fallback String: Specify the fallback IPv4 address to use for egress when the primary IPv4 fails. Set '0.0.0.0' to indicate local egress via WARP IPs.
ipv6 String: Specify the IPv6 range to use for egress.

ipv4 string: Specify the IPv4 address to use for egress.
ipv4Fallback string: Specify the fallback IPv4 address to use for egress when the primary IPv4 fails. Set '0.0.0.0' to indicate local egress via WARP IPs.
ipv6 string: Specify the IPv6 range to use for egress.

ipv4 str: Specify the IPv4 address to use for egress.
ipv4_fallback str: Specify the fallback IPv4 address to use for egress when the primary IPv4 fails. Set '0.0.0.0' to indicate local egress via WARP IPs.
ipv6 str: Specify the IPv6 range to use for egress.

ipv4 String: Specify the IPv4 address to use for egress.
ipv4Fallback String: Specify the fallback IPv4 address to use for egress when the primary IPv4 fails. Set '0.0.0.0' to indicate local egress via WARP IPs.
ipv6 String: Specify the IPv6 range to use for egress.

GetZeroTrustGatewayPolicyRuleSettingsL4override

Ip string: Defines the IPv4 or IPv6 address.
Port int: Defines a port number to use for TCP/UDP overrides.

Ip string: Defines the IPv4 or IPv6 address.
Port int: Defines a port number to use for TCP/UDP overrides.

ip String: Defines the IPv4 or IPv6 address.
port Integer: Defines a port number to use for TCP/UDP overrides.

ip string: Defines the IPv4 or IPv6 address.
port number: Defines a port number to use for TCP/UDP overrides.

ip str: Defines the IPv4 or IPv6 address.
port int: Defines a port number to use for TCP/UDP overrides.

ip String: Defines the IPv4 or IPv6 address.
port Number: Defines a port number to use for TCP/UDP overrides.

GetZeroTrustGatewayPolicyRuleSettingsNotificationSettings

Enabled bool: Enable notification.
IncludeContext bool: Indicates whether to pass the context information as query parameters.
Msg string: Customize the message shown in the notification.
SupportUrl string: Defines an optional URL to direct users to additional information. If unset, the notification opens a block page.

Enabled bool: Enable notification.
IncludeContext bool: Indicates whether to pass the context information as query parameters.
Msg string: Customize the message shown in the notification.
SupportUrl string: Defines an optional URL to direct users to additional information. If unset, the notification opens a block page.

enabled Boolean: Enable notification.
includeContext Boolean: Indicates whether to pass the context information as query parameters.
msg String: Customize the message shown in the notification.
supportUrl String: Defines an optional URL to direct users to additional information. If unset, the notification opens a block page.

enabled boolean: Enable notification.
includeContext boolean: Indicates whether to pass the context information as query parameters.
msg string: Customize the message shown in the notification.
supportUrl string: Defines an optional URL to direct users to additional information. If unset, the notification opens a block page.

enabled bool: Enable notification.
include_context bool: Indicates whether to pass the context information as query parameters.
msg str: Customize the message shown in the notification.
support_url str: Defines an optional URL to direct users to additional information. If unset, the notification opens a block page.

enabled Boolean: Enable notification.
includeContext Boolean: Indicates whether to pass the context information as query parameters.
msg String: Customize the message shown in the notification.
supportUrl String: Defines an optional URL to direct users to additional information. If unset, the notification opens a block page.

GetZeroTrustGatewayPolicyRuleSettingsPayloadLog

Enabled bool: Enable DLP payload logging for this rule.

Enabled bool: Enable DLP payload logging for this rule.

enabled Boolean: Enable DLP payload logging for this rule.

enabled boolean: Enable DLP payload logging for this rule.

enabled bool: Enable DLP payload logging for this rule.

enabled Boolean: Enable DLP payload logging for this rule.

GetZeroTrustGatewayPolicyRuleSettingsQuarantine

FileTypes List<string>: Specify the types of files to sandbox.

FileTypes []string: Specify the types of files to sandbox.

fileTypes List<String>: Specify the types of files to sandbox.

fileTypes string[]: Specify the types of files to sandbox.

file_types Sequence[str]: Specify the types of files to sandbox.

fileTypes List<String>: Specify the types of files to sandbox.

GetZeroTrustGatewayPolicyRuleSettingsRedirect

IncludeContext bool: Specify whether to pass the context information as query parameters.
PreservePathAndQuery bool: Specify whether to append the path and query parameters from the original request to target_uri.
TargetUri string: Specify the URI to which the user is redirected.

IncludeContext bool: Specify whether to pass the context information as query parameters.
PreservePathAndQuery bool: Specify whether to append the path and query parameters from the original request to target_uri.
TargetUri string: Specify the URI to which the user is redirected.

includeContext Boolean: Specify whether to pass the context information as query parameters.
preservePathAndQuery Boolean: Specify whether to append the path and query parameters from the original request to target_uri.
targetUri String: Specify the URI to which the user is redirected.

includeContext boolean: Specify whether to pass the context information as query parameters.
preservePathAndQuery boolean: Specify whether to append the path and query parameters from the original request to target_uri.
targetUri string: Specify the URI to which the user is redirected.

include_context bool: Specify whether to pass the context information as query parameters.
preserve_path_and_query bool: Specify whether to append the path and query parameters from the original request to target_uri.
target_uri str: Specify the URI to which the user is redirected.

includeContext Boolean: Specify whether to pass the context information as query parameters.
preservePathAndQuery Boolean: Specify whether to append the path and query parameters from the original request to target_uri.
targetUri String: Specify the URI to which the user is redirected.

GetZeroTrustGatewayPolicyRuleSettingsResolveDnsInternally

Fallback string: Specify the fallback behavior to apply when the internal DNS response code differs from 'NOERROR' or when the response data contains only CNAME records for 'A' or 'AAAA' queries. Available values: "none", "public_dns".
ViewId string: Specify the internal DNS view identifier to pass to the internal DNS service.

Fallback string: Specify the fallback behavior to apply when the internal DNS response code differs from 'NOERROR' or when the response data contains only CNAME records for 'A' or 'AAAA' queries. Available values: "none", "public_dns".
ViewId string: Specify the internal DNS view identifier to pass to the internal DNS service.

fallback String: Specify the fallback behavior to apply when the internal DNS response code differs from 'NOERROR' or when the response data contains only CNAME records for 'A' or 'AAAA' queries. Available values: "none", "public_dns".
viewId String: Specify the internal DNS view identifier to pass to the internal DNS service.

fallback string: Specify the fallback behavior to apply when the internal DNS response code differs from 'NOERROR' or when the response data contains only CNAME records for 'A' or 'AAAA' queries. Available values: "none", "public_dns".
viewId string: Specify the internal DNS view identifier to pass to the internal DNS service.

fallback str: Specify the fallback behavior to apply when the internal DNS response code differs from 'NOERROR' or when the response data contains only CNAME records for 'A' or 'AAAA' queries. Available values: "none", "public_dns".
view_id str: Specify the internal DNS view identifier to pass to the internal DNS service.

fallback String: Specify the fallback behavior to apply when the internal DNS response code differs from 'NOERROR' or when the response data contains only CNAME records for 'A' or 'AAAA' queries. Available values: "none", "public_dns".
viewId String: Specify the internal DNS view identifier to pass to the internal DNS service.

GetZeroTrustGatewayPolicyRuleSettingsUntrustedCert

Action string: Defines the action performed when an untrusted certificate seen. The default action an error with HTTP code 526. Available values: <span pulumi-lang-nodejs=""passThrough"" pulumi-lang-dotnet=""PassThrough"" pulumi-lang-go=""passThrough"" pulumi-lang-python=""pass_through"" pulumi-lang-yaml=""passThrough"" pulumi-lang-java=""passThrough"">"pass_through", "block", "error".

Action string: Defines the action performed when an untrusted certificate seen. The default action an error with HTTP code 526. Available values: <span pulumi-lang-nodejs=""passThrough"" pulumi-lang-dotnet=""PassThrough"" pulumi-lang-go=""passThrough"" pulumi-lang-python=""pass_through"" pulumi-lang-yaml=""passThrough"" pulumi-lang-java=""passThrough"">"pass_through", "block", "error".

action String: Defines the action performed when an untrusted certificate seen. The default action an error with HTTP code 526. Available values: <span pulumi-lang-nodejs=""passThrough"" pulumi-lang-dotnet=""PassThrough"" pulumi-lang-go=""passThrough"" pulumi-lang-python=""pass_through"" pulumi-lang-yaml=""passThrough"" pulumi-lang-java=""passThrough"">"pass_through", "block", "error".

action string: Defines the action performed when an untrusted certificate seen. The default action an error with HTTP code 526. Available values: <span pulumi-lang-nodejs=""passThrough"" pulumi-lang-dotnet=""PassThrough"" pulumi-lang-go=""passThrough"" pulumi-lang-python=""pass_through"" pulumi-lang-yaml=""passThrough"" pulumi-lang-java=""passThrough"">"pass_through", "block", "error".

action str: Defines the action performed when an untrusted certificate seen. The default action an error with HTTP code 526. Available values: <span pulumi-lang-nodejs=""passThrough"" pulumi-lang-dotnet=""PassThrough"" pulumi-lang-go=""passThrough"" pulumi-lang-python=""pass_through"" pulumi-lang-yaml=""passThrough"" pulumi-lang-java=""passThrough"">"pass_through", "block", "error".

action String: Defines the action performed when an untrusted certificate seen. The default action an error with HTTP code 526. Available values: <span pulumi-lang-nodejs=""passThrough"" pulumi-lang-dotnet=""PassThrough"" pulumi-lang-go=""passThrough"" pulumi-lang-python=""pass_through"" pulumi-lang-yaml=""passThrough"" pulumi-lang-java=""passThrough"">"pass_through", "block", "error".

GetZeroTrustGatewayPolicySchedule

Fri string
Mon string
Sat string
Sun string
Thu string
TimeZone string: Specify the time zone for rule evaluation. When a valid time zone city name is provided, Gateway always uses the current time for that time zone. When this parameter is omitted, Gateway uses the time zone determined from the user's IP address. Colo time zone is used when the user's IP address does not resolve to a location.
Tue string
Wed string

Fri string
Mon string
Sat string
Sun string
Thu string
TimeZone string: Specify the time zone for rule evaluation. When a valid time zone city name is provided, Gateway always uses the current time for that time zone. When this parameter is omitted, Gateway uses the time zone determined from the user's IP address. Colo time zone is used when the user's IP address does not resolve to a location.
Tue string
Wed string

fri String
mon String
sat String
sun String
thu String
timeZone String: Specify the time zone for rule evaluation. When a valid time zone city name is provided, Gateway always uses the current time for that time zone. When this parameter is omitted, Gateway uses the time zone determined from the user's IP address. Colo time zone is used when the user's IP address does not resolve to a location.
tue String
wed String

fri string
mon string
sat string
sun string
thu string
timeZone string: Specify the time zone for rule evaluation. When a valid time zone city name is provided, Gateway always uses the current time for that time zone. When this parameter is omitted, Gateway uses the time zone determined from the user's IP address. Colo time zone is used when the user's IP address does not resolve to a location.
tue string
wed string

fri str
mon str
sat str
sun str
thu str
time_zone str: Specify the time zone for rule evaluation. When a valid time zone city name is provided, Gateway always uses the current time for that time zone. When this parameter is omitted, Gateway uses the time zone determined from the user's IP address. Colo time zone is used when the user's IP address does not resolve to a location.
tue str
wed str

fri String
mon String
sat String
sun String
thu String
timeZone String: Specify the time zone for rule evaluation. When a valid time zone city name is provided, Gateway always uses the current time for that time zone. When this parameter is omitted, Gateway uses the time zone determined from the user's IP address. Colo time zone is used when the user's IP address does not resolve to a location.
tue String
wed String

Package Details

Repository: Cloudflare pulumi/pulumi-cloudflare
License: Apache-2.0
Notes: This Pulumi package is based on the cloudflare Terraform Provider.

Cloudflare v6.10.1 published on Wednesday, Oct 22, 2025 by Pulumi

pulumi/pulumi-cloudflare

cloudflare.getZeroTrustGatewayPolicy

On this page

On this page

Example Usage

Using getZeroTrustGatewayPolicy

getZeroTrustGatewayPolicy Result

Supporting Types

GetZeroTrustGatewayPolicyExpiration

GetZeroTrustGatewayPolicyRuleSettings

GetZeroTrustGatewayPolicyRuleSettingsAuditSsh

GetZeroTrustGatewayPolicyRuleSettingsBisoAdminControls

GetZeroTrustGatewayPolicyRuleSettingsBlockPage

GetZeroTrustGatewayPolicyRuleSettingsCheckSession

GetZeroTrustGatewayPolicyRuleSettingsDnsResolvers

GetZeroTrustGatewayPolicyRuleSettingsDnsResolversIpv4

GetZeroTrustGatewayPolicyRuleSettingsDnsResolversIpv6

GetZeroTrustGatewayPolicyRuleSettingsEgress

GetZeroTrustGatewayPolicyRuleSettingsL4override

GetZeroTrustGatewayPolicyRuleSettingsNotificationSettings

GetZeroTrustGatewayPolicyRuleSettingsPayloadLog

GetZeroTrustGatewayPolicyRuleSettingsQuarantine

GetZeroTrustGatewayPolicyRuleSettingsRedirect

GetZeroTrustGatewayPolicyRuleSettingsResolveDnsInternally

GetZeroTrustGatewayPolicyRuleSettingsUntrustedCert

GetZeroTrustGatewayPolicySchedule

Package Details

On this page

On this page