Docs Home
Cloudflare v6.1.2 published on Monday, Apr 28, 2025 by Pulumi
cloudflare.ZeroTrustDevicePostureRule
Explore with Pulumi AI
Example Usage
Coming soon!
Coming soon!
Coming soon!
Coming soon!
Coming soon!
resources:
exampleZeroTrustDevicePostureRule:
type: cloudflare:ZeroTrustDevicePostureRule
name: example_zero_trust_device_posture_rule
properties:
accountId: 699d98642c564d2e855e9661899b7252
name: Admin Serial Numbers
type: file
description: The rule for admin serial numbers
expiration: 1h
input:
operating_system: linux
path: /bin/cat
exists: true
sha256: https://api.us-2.crowdstrike.com
thumbprint: 0aabab210bdb998e9cf45da2c9ce352977ab531c681b74cf1e487be1bbe9fe6e
matches:
- platform: windows
schedule: 1h
Create ZeroTrustDevicePostureRule Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new ZeroTrustDevicePostureRule(name: string, args: ZeroTrustDevicePostureRuleArgs, opts?: CustomResourceOptions);@overload
def ZeroTrustDevicePostureRule(resource_name: str,
args: ZeroTrustDevicePostureRuleArgs,
opts: Optional[ResourceOptions] = None)
@overload
def ZeroTrustDevicePostureRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
name: Optional[str] = None,
type: Optional[str] = None,
description: Optional[str] = None,
expiration: Optional[str] = None,
input: Optional[ZeroTrustDevicePostureRuleInputArgs] = None,
matches: Optional[Sequence[ZeroTrustDevicePostureRuleMatchArgs]] = None,
schedule: Optional[str] = None)func NewZeroTrustDevicePostureRule(ctx *Context, name string, args ZeroTrustDevicePostureRuleArgs, opts ...ResourceOption) (*ZeroTrustDevicePostureRule, error)public ZeroTrustDevicePostureRule(string name, ZeroTrustDevicePostureRuleArgs args, CustomResourceOptions? opts = null)
public ZeroTrustDevicePostureRule(String name, ZeroTrustDevicePostureRuleArgs args)
public ZeroTrustDevicePostureRule(String name, ZeroTrustDevicePostureRuleArgs args, CustomResourceOptions options)
type: cloudflare:ZeroTrustDevicePostureRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ZeroTrustDevicePostureRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ZeroTrustDevicePostureRuleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ZeroTrustDevicePostureRuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ZeroTrustDevicePostureRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ZeroTrustDevicePostureRuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var zeroTrustDevicePostureRuleResource = new Cloudflare.ZeroTrustDevicePostureRule("zeroTrustDevicePostureRuleResource", new()
{
AccountId = "string",
Name = "string",
Type = "string",
Description = "string",
Expiration = "string",
Input = new Cloudflare.Inputs.ZeroTrustDevicePostureRuleInputArgs
{
ActiveThreats = 0,
CertificateId = "string",
CheckDisks = new[]
{
"string",
},
CheckPrivateKey = false,
Cn = "string",
ComplianceStatus = "string",
ConnectionId = "string",
CountOperator = "string",
Domain = "string",
EidLastSeen = "string",
Enabled = false,
Exists = false,
ExtendedKeyUsages = new[]
{
"string",
},
Id = "string",
Infected = false,
IsActive = false,
IssueCount = "string",
LastSeen = "string",
Locations = new Cloudflare.Inputs.ZeroTrustDevicePostureRuleInputLocationsArgs
{
Paths = new[]
{
"string",
},
TrustStores = new[]
{
"string",
},
},
NetworkStatus = "string",
OperatingSystem = "string",
OperationalState = "string",
Operator = "string",
Os = "string",
OsDistroName = "string",
OsDistroRevision = "string",
OsVersionExtra = "string",
Overall = "string",
Path = "string",
RequireAll = false,
RiskLevel = "string",
Score = 0,
ScoreOperator = "string",
SensorConfig = "string",
Sha256 = "string",
State = "string",
Thumbprint = "string",
TotalScore = 0,
Version = "string",
VersionOperator = "string",
},
Matches = new[]
{
new Cloudflare.Inputs.ZeroTrustDevicePostureRuleMatchArgs
{
Platform = "string",
},
},
Schedule = "string",
});
example, err := cloudflare.NewZeroTrustDevicePostureRule(ctx, "zeroTrustDevicePostureRuleResource", &cloudflare.ZeroTrustDevicePostureRuleArgs{
AccountId: pulumi.String("string"),
Name: pulumi.String("string"),
Type: pulumi.String("string"),
Description: pulumi.String("string"),
Expiration: pulumi.String("string"),
Input: &cloudflare.ZeroTrustDevicePostureRuleInputTypeArgs{
ActiveThreats: pulumi.Float64(0),
CertificateId: pulumi.String("string"),
CheckDisks: pulumi.StringArray{
pulumi.String("string"),
},
CheckPrivateKey: pulumi.Bool(false),
Cn: pulumi.String("string"),
ComplianceStatus: pulumi.String("string"),
ConnectionId: pulumi.String("string"),
CountOperator: pulumi.String("string"),
Domain: pulumi.String("string"),
EidLastSeen: pulumi.String("string"),
Enabled: pulumi.Bool(false),
Exists: pulumi.Bool(false),
ExtendedKeyUsages: pulumi.StringArray{
pulumi.String("string"),
},
Id: pulumi.String("string"),
Infected: pulumi.Bool(false),
IsActive: pulumi.Bool(false),
IssueCount: pulumi.String("string"),
LastSeen: pulumi.String("string"),
Locations: &cloudflare.ZeroTrustDevicePostureRuleInputLocationsArgs{
Paths: pulumi.StringArray{
pulumi.String("string"),
},
TrustStores: pulumi.StringArray{
pulumi.String("string"),
},
},
NetworkStatus: pulumi.String("string"),
OperatingSystem: pulumi.String("string"),
OperationalState: pulumi.String("string"),
Operator: pulumi.String("string"),
Os: pulumi.String("string"),
OsDistroName: pulumi.String("string"),
OsDistroRevision: pulumi.String("string"),
OsVersionExtra: pulumi.String("string"),
Overall: pulumi.String("string"),
Path: pulumi.String("string"),
RequireAll: pulumi.Bool(false),
RiskLevel: pulumi.String("string"),
Score: pulumi.Float64(0),
ScoreOperator: pulumi.String("string"),
SensorConfig: pulumi.String("string"),
Sha256: pulumi.String("string"),
State: pulumi.String("string"),
Thumbprint: pulumi.String("string"),
TotalScore: pulumi.Float64(0),
Version: pulumi.String("string"),
VersionOperator: pulumi.String("string"),
},
Matches: cloudflare.ZeroTrustDevicePostureRuleMatchArray{
&cloudflare.ZeroTrustDevicePostureRuleMatchArgs{
Platform: pulumi.String("string"),
},
},
Schedule: pulumi.String("string"),
})
var zeroTrustDevicePostureRuleResource = new ZeroTrustDevicePostureRule("zeroTrustDevicePostureRuleResource", ZeroTrustDevicePostureRuleArgs.builder()
.accountId("string")
.name("string")
.type("string")
.description("string")
.expiration("string")
.input(ZeroTrustDevicePostureRuleInputArgs.builder()
.activeThreats(0)
.certificateId("string")
.checkDisks("string")
.checkPrivateKey(false)
.cn("string")
.complianceStatus("string")
.connectionId("string")
.countOperator("string")
.domain("string")
.eidLastSeen("string")
.enabled(false)
.exists(false)
.extendedKeyUsages("string")
.id("string")
.infected(false)
.isActive(false)
.issueCount("string")
.lastSeen("string")
.locations(ZeroTrustDevicePostureRuleInputLocationsArgs.builder()
.paths("string")
.trustStores("string")
.build())
.networkStatus("string")
.operatingSystem("string")
.operationalState("string")
.operator("string")
.os("string")
.osDistroName("string")
.osDistroRevision("string")
.osVersionExtra("string")
.overall("string")
.path("string")
.requireAll(false)
.riskLevel("string")
.score(0)
.scoreOperator("string")
.sensorConfig("string")
.sha256("string")
.state("string")
.thumbprint("string")
.totalScore(0)
.version("string")
.versionOperator("string")
.build())
.matches(ZeroTrustDevicePostureRuleMatchArgs.builder()
.platform("string")
.build())
.schedule("string")
.build());
zero_trust_device_posture_rule_resource = cloudflare.ZeroTrustDevicePostureRule("zeroTrustDevicePostureRuleResource",
account_id="string",
name="string",
type="string",
description="string",
expiration="string",
input={
"active_threats": 0,
"certificate_id": "string",
"check_disks": ["string"],
"check_private_key": False,
"cn": "string",
"compliance_status": "string",
"connection_id": "string",
"count_operator": "string",
"domain": "string",
"eid_last_seen": "string",
"enabled": False,
"exists": False,
"extended_key_usages": ["string"],
"id": "string",
"infected": False,
"is_active": False,
"issue_count": "string",
"last_seen": "string",
"locations": {
"paths": ["string"],
"trust_stores": ["string"],
},
"network_status": "string",
"operating_system": "string",
"operational_state": "string",
"operator": "string",
"os": "string",
"os_distro_name": "string",
"os_distro_revision": "string",
"os_version_extra": "string",
"overall": "string",
"path": "string",
"require_all": False,
"risk_level": "string",
"score": 0,
"score_operator": "string",
"sensor_config": "string",
"sha256": "string",
"state": "string",
"thumbprint": "string",
"total_score": 0,
"version": "string",
"version_operator": "string",
},
matches=[{
"platform": "string",
}],
schedule="string")
const zeroTrustDevicePostureRuleResource = new cloudflare.ZeroTrustDevicePostureRule("zeroTrustDevicePostureRuleResource", {
accountId: "string",
name: "string",
type: "string",
description: "string",
expiration: "string",
input: {
activeThreats: 0,
certificateId: "string",
checkDisks: ["string"],
checkPrivateKey: false,
cn: "string",
complianceStatus: "string",
connectionId: "string",
countOperator: "string",
domain: "string",
eidLastSeen: "string",
enabled: false,
exists: false,
extendedKeyUsages: ["string"],
id: "string",
infected: false,
isActive: false,
issueCount: "string",
lastSeen: "string",
locations: {
paths: ["string"],
trustStores: ["string"],
},
networkStatus: "string",
operatingSystem: "string",
operationalState: "string",
operator: "string",
os: "string",
osDistroName: "string",
osDistroRevision: "string",
osVersionExtra: "string",
overall: "string",
path: "string",
requireAll: false,
riskLevel: "string",
score: 0,
scoreOperator: "string",
sensorConfig: "string",
sha256: "string",
state: "string",
thumbprint: "string",
totalScore: 0,
version: "string",
versionOperator: "string",
},
matches: [{
platform: "string",
}],
schedule: "string",
});
type: cloudflare:ZeroTrustDevicePostureRule
properties:
accountId: string
description: string
expiration: string
input:
activeThreats: 0
certificateId: string
checkDisks:
- string
checkPrivateKey: false
cn: string
complianceStatus: string
connectionId: string
countOperator: string
domain: string
eidLastSeen: string
enabled: false
exists: false
extendedKeyUsages:
- string
id: string
infected: false
isActive: false
issueCount: string
lastSeen: string
locations:
paths:
- string
trustStores:
- string
networkStatus: string
operatingSystem: string
operationalState: string
operator: string
os: string
osDistroName: string
osDistroRevision: string
osVersionExtra: string
overall: string
path: string
requireAll: false
riskLevel: string
score: 0
scoreOperator: string
sensorConfig: string
sha256: string
state: string
thumbprint: string
totalScore: 0
version: string
versionOperator: string
matches:
- platform: string
name: string
schedule: string
type: string
ZeroTrustDevicePostureRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The ZeroTrustDevicePostureRule resource accepts the following input properties:
- Account
Id string - Name string
- The name of the device posture rule.
- Type string
- The type of device posture rule. Available values: "file", "application", "tanium", "gateway", "warp", "diskencryption", "sentinelone", "carbonblack", "firewall", "osversion", "domainjoined", "clientcertificate", "clientcertificatev2", "uniqueclientid", "kolide", "taniums2s", "crowdstrikes2s", "intune", "workspaceone", "sentinelones2s", "custom_s2s".
- Description string
- The description of the device posture rule.
- Expiration string
- Sets the expiration time for a posture check result. If empty, the result remains valid until it is overwritten by new data from the WARP client.
- Input
Zero
Trust Device Posture Rule Input - The value to be checked against.
- Matches
List<Zero
Trust Device Posture Rule Match> - The conditions that the client must match to run the rule.
- Schedule string
- Polling frequency for the WARP client posture check. Default:
5m(poll every five minutes). Minimum:1m.
- Account
Id string - Name string
- The name of the device posture rule.
- Type string
- The type of device posture rule. Available values: "file", "application", "tanium", "gateway", "warp", "diskencryption", "sentinelone", "carbonblack", "firewall", "osversion", "domainjoined", "clientcertificate", "clientcertificatev2", "uniqueclientid", "kolide", "taniums2s", "crowdstrikes2s", "intune", "workspaceone", "sentinelones2s", "custom_s2s".
- Description string
- The description of the device posture rule.
- Expiration string
- Sets the expiration time for a posture check result. If empty, the result remains valid until it is overwritten by new data from the WARP client.
- Input
Zero
Trust Device Posture Rule Input Type Args - The value to be checked against.
- Matches
[]Zero
Trust Device Posture Rule Match Args - The conditions that the client must match to run the rule.
- Schedule string
- Polling frequency for the WARP client posture check. Default:
5m(poll every five minutes). Minimum:1m.
- account
Id String - name String
- The name of the device posture rule.
- type String
- The type of device posture rule. Available values: "file", "application", "tanium", "gateway", "warp", "diskencryption", "sentinelone", "carbonblack", "firewall", "osversion", "domainjoined", "clientcertificate", "clientcertificatev2", "uniqueclientid", "kolide", "taniums2s", "crowdstrikes2s", "intune", "workspaceone", "sentinelones2s", "custom_s2s".
- description String
- The description of the device posture rule.
- expiration String
- Sets the expiration time for a posture check result. If empty, the result remains valid until it is overwritten by new data from the WARP client.
- input
Zero
Trust Device Posture Rule Input - The value to be checked against.
- matches
List<Zero
Trust Device Posture Rule Match> - The conditions that the client must match to run the rule.
- schedule String
- Polling frequency for the WARP client posture check. Default:
5m(poll every five minutes). Minimum:1m.
- account
Id string - name string
- The name of the device posture rule.
- type string
- The type of device posture rule. Available values: "file", "application", "tanium", "gateway", "warp", "diskencryption", "sentinelone", "carbonblack", "firewall", "osversion", "domainjoined", "clientcertificate", "clientcertificatev2", "uniqueclientid", "kolide", "taniums2s", "crowdstrikes2s", "intune", "workspaceone", "sentinelones2s", "custom_s2s".
- description string
- The description of the device posture rule.
- expiration string
- Sets the expiration time for a posture check result. If empty, the result remains valid until it is overwritten by new data from the WARP client.
- input
Zero
Trust Device Posture Rule Input - The value to be checked against.
- matches
Zero
Trust Device Posture Rule Match[] - The conditions that the client must match to run the rule.
- schedule string
- Polling frequency for the WARP client posture check. Default:
5m(poll every five minutes). Minimum:1m.
- account_
id str - name str
- The name of the device posture rule.
- type str
- The type of device posture rule. Available values: "file", "application", "tanium", "gateway", "warp", "diskencryption", "sentinelone", "carbonblack", "firewall", "osversion", "domainjoined", "clientcertificate", "clientcertificatev2", "uniqueclientid", "kolide", "taniums2s", "crowdstrikes2s", "intune", "workspaceone", "sentinelones2s", "custom_s2s".
- description str
- The description of the device posture rule.
- expiration str
- Sets the expiration time for a posture check result. If empty, the result remains valid until it is overwritten by new data from the WARP client.
- input
Zero
Trust Device Posture Rule Input Args - The value to be checked against.
- matches
Sequence[Zero
Trust Device Posture Rule Match Args] - The conditions that the client must match to run the rule.
- schedule str
- Polling frequency for the WARP client posture check. Default:
5m(poll every five minutes). Minimum:1m.
- account
Id String - name String
- The name of the device posture rule.
- type String
- The type of device posture rule. Available values: "file", "application", "tanium", "gateway", "warp", "diskencryption", "sentinelone", "carbonblack", "firewall", "osversion", "domainjoined", "clientcertificate", "clientcertificatev2", "uniqueclientid", "kolide", "taniums2s", "crowdstrikes2s", "intune", "workspaceone", "sentinelones2s", "custom_s2s".
- description String
- The description of the device posture rule.
- expiration String
- Sets the expiration time for a posture check result. If empty, the result remains valid until it is overwritten by new data from the WARP client.
- input Property Map
- The value to be checked against.
- matches List<Property Map>
- The conditions that the client must match to run the rule.
- schedule String
- Polling frequency for the WARP client posture check. Default:
5m(poll every five minutes). Minimum:1m.
Outputs
All input properties are implicitly available as output properties. Additionally, the ZeroTrustDevicePostureRule resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing ZeroTrustDevicePostureRule Resource
Get an existing ZeroTrustDevicePostureRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ZeroTrustDevicePostureRuleState, opts?: CustomResourceOptions): ZeroTrustDevicePostureRule@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
description: Optional[str] = None,
expiration: Optional[str] = None,
input: Optional[ZeroTrustDevicePostureRuleInputArgs] = None,
matches: Optional[Sequence[ZeroTrustDevicePostureRuleMatchArgs]] = None,
name: Optional[str] = None,
schedule: Optional[str] = None,
type: Optional[str] = None) -> ZeroTrustDevicePostureRulefunc GetZeroTrustDevicePostureRule(ctx *Context, name string, id IDInput, state *ZeroTrustDevicePostureRuleState, opts ...ResourceOption) (*ZeroTrustDevicePostureRule, error)public static ZeroTrustDevicePostureRule Get(string name, Input<string> id, ZeroTrustDevicePostureRuleState? state, CustomResourceOptions? opts = null)public static ZeroTrustDevicePostureRule get(String name, Output<String> id, ZeroTrustDevicePostureRuleState state, CustomResourceOptions options)resources: _: type: cloudflare:ZeroTrustDevicePostureRule get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Account
Id string - Description string
- The description of the device posture rule.
- Expiration string
- Sets the expiration time for a posture check result. If empty, the result remains valid until it is overwritten by new data from the WARP client.
- Input
Zero
Trust Device Posture Rule Input - The value to be checked against.
- Matches
List<Zero
Trust Device Posture Rule Match> - The conditions that the client must match to run the rule.
- Name string
- The name of the device posture rule.
- Schedule string
- Polling frequency for the WARP client posture check. Default:
5m(poll every five minutes). Minimum:1m. - Type string
- The type of device posture rule. Available values: "file", "application", "tanium", "gateway", "warp", "diskencryption", "sentinelone", "carbonblack", "firewall", "osversion", "domainjoined", "clientcertificate", "clientcertificatev2", "uniqueclientid", "kolide", "taniums2s", "crowdstrikes2s", "intune", "workspaceone", "sentinelones2s", "custom_s2s".
- Account
Id string - Description string
- The description of the device posture rule.
- Expiration string
- Sets the expiration time for a posture check result. If empty, the result remains valid until it is overwritten by new data from the WARP client.
- Input
Zero
Trust Device Posture Rule Input Type Args - The value to be checked against.
- Matches
[]Zero
Trust Device Posture Rule Match Args - The conditions that the client must match to run the rule.
- Name string
- The name of the device posture rule.
- Schedule string
- Polling frequency for the WARP client posture check. Default:
5m(poll every five minutes). Minimum:1m. - Type string
- The type of device posture rule. Available values: "file", "application", "tanium", "gateway", "warp", "diskencryption", "sentinelone", "carbonblack", "firewall", "osversion", "domainjoined", "clientcertificate", "clientcertificatev2", "uniqueclientid", "kolide", "taniums2s", "crowdstrikes2s", "intune", "workspaceone", "sentinelones2s", "custom_s2s".
- account
Id String - description String
- The description of the device posture rule.
- expiration String
- Sets the expiration time for a posture check result. If empty, the result remains valid until it is overwritten by new data from the WARP client.
- input
Zero
Trust Device Posture Rule Input - The value to be checked against.
- matches
List<Zero
Trust Device Posture Rule Match> - The conditions that the client must match to run the rule.
- name String
- The name of the device posture rule.
- schedule String
- Polling frequency for the WARP client posture check. Default:
5m(poll every five minutes). Minimum:1m. - type String
- The type of device posture rule. Available values: "file", "application", "tanium", "gateway", "warp", "diskencryption", "sentinelone", "carbonblack", "firewall", "osversion", "domainjoined", "clientcertificate", "clientcertificatev2", "uniqueclientid", "kolide", "taniums2s", "crowdstrikes2s", "intune", "workspaceone", "sentinelones2s", "custom_s2s".
- account
Id string - description string
- The description of the device posture rule.
- expiration string
- Sets the expiration time for a posture check result. If empty, the result remains valid until it is overwritten by new data from the WARP client.
- input
Zero
Trust Device Posture Rule Input - The value to be checked against.
- matches
Zero
Trust Device Posture Rule Match[] - The conditions that the client must match to run the rule.
- name string
- The name of the device posture rule.
- schedule string
- Polling frequency for the WARP client posture check. Default:
5m(poll every five minutes). Minimum:1m. - type string
- The type of device posture rule. Available values: "file", "application", "tanium", "gateway", "warp", "diskencryption", "sentinelone", "carbonblack", "firewall", "osversion", "domainjoined", "clientcertificate", "clientcertificatev2", "uniqueclientid", "kolide", "taniums2s", "crowdstrikes2s", "intune", "workspaceone", "sentinelones2s", "custom_s2s".
- account_
id str - description str
- The description of the device posture rule.
- expiration str
- Sets the expiration time for a posture check result. If empty, the result remains valid until it is overwritten by new data from the WARP client.
- input
Zero
Trust Device Posture Rule Input Args - The value to be checked against.
- matches
Sequence[Zero
Trust Device Posture Rule Match Args] - The conditions that the client must match to run the rule.
- name str
- The name of the device posture rule.
- schedule str
- Polling frequency for the WARP client posture check. Default:
5m(poll every five minutes). Minimum:1m. - type str
- The type of device posture rule. Available values: "file", "application", "tanium", "gateway", "warp", "diskencryption", "sentinelone", "carbonblack", "firewall", "osversion", "domainjoined", "clientcertificate", "clientcertificatev2", "uniqueclientid", "kolide", "taniums2s", "crowdstrikes2s", "intune", "workspaceone", "sentinelones2s", "custom_s2s".
- account
Id String - description String
- The description of the device posture rule.
- expiration String
- Sets the expiration time for a posture check result. If empty, the result remains valid until it is overwritten by new data from the WARP client.
- input Property Map
- The value to be checked against.
- matches List<Property Map>
- The conditions that the client must match to run the rule.
- name String
- The name of the device posture rule.
- schedule String
- Polling frequency for the WARP client posture check. Default:
5m(poll every five minutes). Minimum:1m. - type String
- The type of device posture rule. Available values: "file", "application", "tanium", "gateway", "warp", "diskencryption", "sentinelone", "carbonblack", "firewall", "osversion", "domainjoined", "clientcertificate", "clientcertificatev2", "uniqueclientid", "kolide", "taniums2s", "crowdstrikes2s", "intune", "workspaceone", "sentinelones2s", "custom_s2s".
Supporting Types
ZeroTrustDevicePostureRuleInput, ZeroTrustDevicePostureRuleInputArgs
- Active
Threats double - The Number of active threats.
- Certificate
Id string - UUID of Cloudflare managed certificate.
- Check
Disks List<string> - List of volume names to be checked for encryption.
- Check
Private boolKey - Confirm the certificate was not imported from another device. We recommend keeping this enabled unless the certificate was deployed without a private key.
- Cn string
- Common Name that is protected by the certificate
- Compliance
Status string - Compliance Status Available values: "compliant", "noncompliant", "unknown".
- Connection
Id string - Posture Integration ID.
- Count
Operator string - Count Operator Available values: "<", "<=", ">", ">=", "==".
- Domain string
- Domain
- Eid
Last stringSeen - For more details on eid last seen, refer to the Tanium documentation.
- Enabled bool
- Enabled
- Exists bool
- Whether or not file exists
- Extended
Key List<string>Usages - List of values indicating purposes for which the certificate public key can be used
- Id string
- List ID.
- Infected bool
- Whether device is infected.
- Is
Active bool - Whether device is active.
- Issue
Count string - The Number of Issues.
- Last
Seen string - For more details on last seen, please refer to the Crowdstrike documentation.
- Locations
Zero
Trust Device Posture Rule Input Locations - Network
Status string - Network status of device. Available values: "connected", "disconnected", "disconnecting", "connecting".
- Operating
System string - Operating system Available values: "windows", "linux", "mac".
- Operational
State string - Agent operational state. Available values: "na", "partiallydisabled", "autofullydisabled", "fullydisabled", "autopartiallydisabled", "disablederror", "dbcorruption".
- Operator string
- operator Available values: "<", "<=", ">", ">=", "==".
- Os string
- Os Version
- Os
Distro stringName - Operating System Distribution Name (linux only)
- Os
Distro stringRevision - Version of OS Distribution (linux only)
- Os
Version stringExtra - Additional version data. For Mac or iOS, the Product Version Extra. For Linux, the kernel release version. (Mac, iOS, and Linux only)
- Overall string
- overall
- Path string
- File path.
- Require
All bool - Whether to check all disks for encryption.
- Risk
Level string - For more details on risk level, refer to the Tanium documentation. Available values: "low", "medium", "high", "critical".
- Score double
- A value between 0-100 assigned to devices set by the 3rd party posture provider.
- Score
Operator string - Score Operator Available values: "<", "<=", ">", ">=", "==".
- Sensor
Config string - SensorConfig
- Sha256 string
- SHA-256.
- State string
- For more details on state, please refer to the Crowdstrike documentation. Available values: "online", "offline", "unknown".
- Thumbprint string
- Signing certificate thumbprint.
- Total
Score double - For more details on total score, refer to the Tanium documentation.
- Version string
- Version of OS
- Version
Operator string - Version Operator Available values: "<", "<=", ">", ">=", "==".
- Active
Threats float64 - The Number of active threats.
- Certificate
Id string - UUID of Cloudflare managed certificate.
- Check
Disks []string - List of volume names to be checked for encryption.
- Check
Private boolKey - Confirm the certificate was not imported from another device. We recommend keeping this enabled unless the certificate was deployed without a private key.
- Cn string
- Common Name that is protected by the certificate
- Compliance
Status string - Compliance Status Available values: "compliant", "noncompliant", "unknown".
- Connection
Id string - Posture Integration ID.
- Count
Operator string - Count Operator Available values: "<", "<=", ">", ">=", "==".
- Domain string
- Domain
- Eid
Last stringSeen - For more details on eid last seen, refer to the Tanium documentation.
- Enabled bool
- Enabled
- Exists bool
- Whether or not file exists
- Extended
Key []stringUsages - List of values indicating purposes for which the certificate public key can be used
- Id string
- List ID.
- Infected bool
- Whether device is infected.
- Is
Active bool - Whether device is active.
- Issue
Count string - The Number of Issues.
- Last
Seen string - For more details on last seen, please refer to the Crowdstrike documentation.
- Locations
Zero
Trust Device Posture Rule Input Locations - Network
Status string - Network status of device. Available values: "connected", "disconnected", "disconnecting", "connecting".
- Operating
System string - Operating system Available values: "windows", "linux", "mac".
- Operational
State string - Agent operational state. Available values: "na", "partiallydisabled", "autofullydisabled", "fullydisabled", "autopartiallydisabled", "disablederror", "dbcorruption".
- Operator string
- operator Available values: "<", "<=", ">", ">=", "==".
- Os string
- Os Version
- Os
Distro stringName - Operating System Distribution Name (linux only)
- Os
Distro stringRevision - Version of OS Distribution (linux only)
- Os
Version stringExtra - Additional version data. For Mac or iOS, the Product Version Extra. For Linux, the kernel release version. (Mac, iOS, and Linux only)
- Overall string
- overall
- Path string
- File path.
- Require
All bool - Whether to check all disks for encryption.
- Risk
Level string - For more details on risk level, refer to the Tanium documentation. Available values: "low", "medium", "high", "critical".
- Score float64
- A value between 0-100 assigned to devices set by the 3rd party posture provider.
- Score
Operator string - Score Operator Available values: "<", "<=", ">", ">=", "==".
- Sensor
Config string - SensorConfig
- Sha256 string
- SHA-256.
- State string
- For more details on state, please refer to the Crowdstrike documentation. Available values: "online", "offline", "unknown".
- Thumbprint string
- Signing certificate thumbprint.
- Total
Score float64 - For more details on total score, refer to the Tanium documentation.
- Version string
- Version of OS
- Version
Operator string - Version Operator Available values: "<", "<=", ">", ">=", "==".
- active
Threats Double - The Number of active threats.
- certificate
Id String - UUID of Cloudflare managed certificate.
- check
Disks List<String> - List of volume names to be checked for encryption.
- check
Private BooleanKey - Confirm the certificate was not imported from another device. We recommend keeping this enabled unless the certificate was deployed without a private key.
- cn String
- Common Name that is protected by the certificate
- compliance
Status String - Compliance Status Available values: "compliant", "noncompliant", "unknown".
- connection
Id String - Posture Integration ID.
- count
Operator String - Count Operator Available values: "<", "<=", ">", ">=", "==".
- domain String
- Domain
- eid
Last StringSeen - For more details on eid last seen, refer to the Tanium documentation.
- enabled Boolean
- Enabled
- exists Boolean
- Whether or not file exists
- extended
Key List<String>Usages - List of values indicating purposes for which the certificate public key can be used
- id String
- List ID.
- infected Boolean
- Whether device is infected.
- is
Active Boolean - Whether device is active.
- issue
Count String - The Number of Issues.
- last
Seen String - For more details on last seen, please refer to the Crowdstrike documentation.
- locations
Zero
Trust Device Posture Rule Input Locations - network
Status String - Network status of device. Available values: "connected", "disconnected", "disconnecting", "connecting".
- operating
System String - Operating system Available values: "windows", "linux", "mac".
- operational
State String - Agent operational state. Available values: "na", "partiallydisabled", "autofullydisabled", "fullydisabled", "autopartiallydisabled", "disablederror", "dbcorruption".
- operator String
- operator Available values: "<", "<=", ">", ">=", "==".
- os String
- Os Version
- os
Distro StringName - Operating System Distribution Name (linux only)
- os
Distro StringRevision - Version of OS Distribution (linux only)
- os
Version StringExtra - Additional version data. For Mac or iOS, the Product Version Extra. For Linux, the kernel release version. (Mac, iOS, and Linux only)
- overall String
- overall
- path String
- File path.
- require
All Boolean - Whether to check all disks for encryption.
- risk
Level String - For more details on risk level, refer to the Tanium documentation. Available values: "low", "medium", "high", "critical".
- score Double
- A value between 0-100 assigned to devices set by the 3rd party posture provider.
- score
Operator String - Score Operator Available values: "<", "<=", ">", ">=", "==".
- sensor
Config String - SensorConfig
- sha256 String
- SHA-256.
- state String
- For more details on state, please refer to the Crowdstrike documentation. Available values: "online", "offline", "unknown".
- thumbprint String
- Signing certificate thumbprint.
- total
Score Double - For more details on total score, refer to the Tanium documentation.
- version String
- Version of OS
- version
Operator String - Version Operator Available values: "<", "<=", ">", ">=", "==".
- active
Threats number - The Number of active threats.
- certificate
Id string - UUID of Cloudflare managed certificate.
- check
Disks string[] - List of volume names to be checked for encryption.
- check
Private booleanKey - Confirm the certificate was not imported from another device. We recommend keeping this enabled unless the certificate was deployed without a private key.
- cn string
- Common Name that is protected by the certificate
- compliance
Status string - Compliance Status Available values: "compliant", "noncompliant", "unknown".
- connection
Id string - Posture Integration ID.
- count
Operator string - Count Operator Available values: "<", "<=", ">", ">=", "==".
- domain string
- Domain
- eid
Last stringSeen - For more details on eid last seen, refer to the Tanium documentation.
- enabled boolean
- Enabled
- exists boolean
- Whether or not file exists
- extended
Key string[]Usages - List of values indicating purposes for which the certificate public key can be used
- id string
- List ID.
- infected boolean
- Whether device is infected.
- is
Active boolean - Whether device is active.
- issue
Count string - The Number of Issues.
- last
Seen string - For more details on last seen, please refer to the Crowdstrike documentation.
- locations
Zero
Trust Device Posture Rule Input Locations - network
Status string - Network status of device. Available values: "connected", "disconnected", "disconnecting", "connecting".
- operating
System string - Operating system Available values: "windows", "linux", "mac".
- operational
State string - Agent operational state. Available values: "na", "partiallydisabled", "autofullydisabled", "fullydisabled", "autopartiallydisabled", "disablederror", "dbcorruption".
- operator string
- operator Available values: "<", "<=", ">", ">=", "==".
- os string
- Os Version
- os
Distro stringName - Operating System Distribution Name (linux only)
- os
Distro stringRevision - Version of OS Distribution (linux only)
- os
Version stringExtra - Additional version data. For Mac or iOS, the Product Version Extra. For Linux, the kernel release version. (Mac, iOS, and Linux only)
- overall string
- overall
- path string
- File path.
- require
All boolean - Whether to check all disks for encryption.
- risk
Level string - For more details on risk level, refer to the Tanium documentation. Available values: "low", "medium", "high", "critical".
- score number
- A value between 0-100 assigned to devices set by the 3rd party posture provider.
- score
Operator string - Score Operator Available values: "<", "<=", ">", ">=", "==".
- sensor
Config string - SensorConfig
- sha256 string
- SHA-256.
- state string
- For more details on state, please refer to the Crowdstrike documentation. Available values: "online", "offline", "unknown".
- thumbprint string
- Signing certificate thumbprint.
- total
Score number - For more details on total score, refer to the Tanium documentation.
- version string
- Version of OS
- version
Operator string - Version Operator Available values: "<", "<=", ">", ">=", "==".
- active_
threats float - The Number of active threats.
- certificate_
id str - UUID of Cloudflare managed certificate.
- check_
disks Sequence[str] - List of volume names to be checked for encryption.
- check_
private_ boolkey - Confirm the certificate was not imported from another device. We recommend keeping this enabled unless the certificate was deployed without a private key.
- cn str
- Common Name that is protected by the certificate
- compliance_
status str - Compliance Status Available values: "compliant", "noncompliant", "unknown".
- connection_
id str - Posture Integration ID.
- count_
operator str - Count Operator Available values: "<", "<=", ">", ">=", "==".
- domain str
- Domain
- eid_
last_ strseen - For more details on eid last seen, refer to the Tanium documentation.
- enabled bool
- Enabled
- exists bool
- Whether or not file exists
- extended_
key_ Sequence[str]usages - List of values indicating purposes for which the certificate public key can be used
- id str
- List ID.
- infected bool
- Whether device is infected.
- is_
active bool - Whether device is active.
- issue_
count str - The Number of Issues.
- last_
seen str - For more details on last seen, please refer to the Crowdstrike documentation.
- locations
Zero
Trust Device Posture Rule Input Locations - network_
status str - Network status of device. Available values: "connected", "disconnected", "disconnecting", "connecting".
- operating_
system str - Operating system Available values: "windows", "linux", "mac".
- operational_
state str - Agent operational state. Available values: "na", "partiallydisabled", "autofullydisabled", "fullydisabled", "autopartiallydisabled", "disablederror", "dbcorruption".
- operator str
- operator Available values: "<", "<=", ">", ">=", "==".
- os str
- Os Version
- os_
distro_ strname - Operating System Distribution Name (linux only)
- os_
distro_ strrevision - Version of OS Distribution (linux only)
- os_
version_ strextra - Additional version data. For Mac or iOS, the Product Version Extra. For Linux, the kernel release version. (Mac, iOS, and Linux only)
- overall str
- overall
- path str
- File path.
- require_
all bool - Whether to check all disks for encryption.
- risk_
level str - For more details on risk level, refer to the Tanium documentation. Available values: "low", "medium", "high", "critical".
- score float
- A value between 0-100 assigned to devices set by the 3rd party posture provider.
- score_
operator str - Score Operator Available values: "<", "<=", ">", ">=", "==".
- sensor_
config str - SensorConfig
- sha256 str
- SHA-256.
- state str
- For more details on state, please refer to the Crowdstrike documentation. Available values: "online", "offline", "unknown".
- thumbprint str
- Signing certificate thumbprint.
- total_
score float - For more details on total score, refer to the Tanium documentation.
- version str
- Version of OS
- version_
operator str - Version Operator Available values: "<", "<=", ">", ">=", "==".
- active
Threats Number - The Number of active threats.
- certificate
Id String - UUID of Cloudflare managed certificate.
- check
Disks List<String> - List of volume names to be checked for encryption.
- check
Private BooleanKey - Confirm the certificate was not imported from another device. We recommend keeping this enabled unless the certificate was deployed without a private key.
- cn String
- Common Name that is protected by the certificate
- compliance
Status String - Compliance Status Available values: "compliant", "noncompliant", "unknown".
- connection
Id String - Posture Integration ID.
- count
Operator String - Count Operator Available values: "<", "<=", ">", ">=", "==".
- domain String
- Domain
- eid
Last StringSeen - For more details on eid last seen, refer to the Tanium documentation.
- enabled Boolean
- Enabled
- exists Boolean
- Whether or not file exists
- extended
Key List<String>Usages - List of values indicating purposes for which the certificate public key can be used
- id String
- List ID.
- infected Boolean
- Whether device is infected.
- is
Active Boolean - Whether device is active.
- issue
Count String - The Number of Issues.
- last
Seen String - For more details on last seen, please refer to the Crowdstrike documentation.
- locations Property Map
- network
Status String - Network status of device. Available values: "connected", "disconnected", "disconnecting", "connecting".
- operating
System String - Operating system Available values: "windows", "linux", "mac".
- operational
State String - Agent operational state. Available values: "na", "partiallydisabled", "autofullydisabled", "fullydisabled", "autopartiallydisabled", "disablederror", "dbcorruption".
- operator String
- operator Available values: "<", "<=", ">", ">=", "==".
- os String
- Os Version
- os
Distro StringName - Operating System Distribution Name (linux only)
- os
Distro StringRevision - Version of OS Distribution (linux only)
- os
Version StringExtra - Additional version data. For Mac or iOS, the Product Version Extra. For Linux, the kernel release version. (Mac, iOS, and Linux only)
- overall String
- overall
- path String
- File path.
- require
All Boolean - Whether to check all disks for encryption.
- risk
Level String - For more details on risk level, refer to the Tanium documentation. Available values: "low", "medium", "high", "critical".
- score Number
- A value between 0-100 assigned to devices set by the 3rd party posture provider.
- score
Operator String - Score Operator Available values: "<", "<=", ">", ">=", "==".
- sensor
Config String - SensorConfig
- sha256 String
- SHA-256.
- state String
- For more details on state, please refer to the Crowdstrike documentation. Available values: "online", "offline", "unknown".
- thumbprint String
- Signing certificate thumbprint.
- total
Score Number - For more details on total score, refer to the Tanium documentation.
- version String
- Version of OS
- version
Operator String - Version Operator Available values: "<", "<=", ">", ">=", "==".
ZeroTrustDevicePostureRuleInputLocations, ZeroTrustDevicePostureRuleInputLocationsArgs
- Paths List<string>
- List of paths to check for client certificate on linux.
- Trust
Stores List<string> - List of trust stores to check for client certificate.
- Paths []string
- List of paths to check for client certificate on linux.
- Trust
Stores []string - List of trust stores to check for client certificate.
- paths List<String>
- List of paths to check for client certificate on linux.
- trust
Stores List<String> - List of trust stores to check for client certificate.
- paths string[]
- List of paths to check for client certificate on linux.
- trust
Stores string[] - List of trust stores to check for client certificate.
- paths Sequence[str]
- List of paths to check for client certificate on linux.
- trust_
stores Sequence[str] - List of trust stores to check for client certificate.
- paths List<String>
- List of paths to check for client certificate on linux.
- trust
Stores List<String> - List of trust stores to check for client certificate.
ZeroTrustDevicePostureRuleMatch, ZeroTrustDevicePostureRuleMatchArgs
- Platform string
- Available values: "windows", "mac", "linux", "android", "ios".
- Platform string
- Available values: "windows", "mac", "linux", "android", "ios".
- platform String
- Available values: "windows", "mac", "linux", "android", "ios".
- platform string
- Available values: "windows", "mac", "linux", "android", "ios".
- platform str
- Available values: "windows", "mac", "linux", "android", "ios".
- platform String
- Available values: "windows", "mac", "linux", "android", "ios".
Import
$ pulumi import cloudflare:index/zeroTrustDevicePostureRule:ZeroTrustDevicePostureRule example '<account_id>/<rule_id>'
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Cloudflare pulumi/pulumi-cloudflare
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
cloudflareTerraform Provider.