Cloudflare v6.10.0 published on Thursday, Oct 2, 2025 by Pulumi
cloudflare.ZeroTrustGatewayCertificate
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";
const exampleZeroTrustGatewayCertificate = new cloudflare.ZeroTrustGatewayCertificate("example_zero_trust_gateway_certificate", {
accountId: "699d98642c564d2e855e9661899b7252",
validityPeriodDays: 1826,
});
import pulumi
import pulumi_cloudflare as cloudflare
example_zero_trust_gateway_certificate = cloudflare.ZeroTrustGatewayCertificate("example_zero_trust_gateway_certificate",
account_id="699d98642c564d2e855e9661899b7252",
validity_period_days=1826)
package main
import (
"github.com/pulumi/pulumi-cloudflare/sdk/v6/go/cloudflare"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cloudflare.NewZeroTrustGatewayCertificate(ctx, "example_zero_trust_gateway_certificate", &cloudflare.ZeroTrustGatewayCertificateArgs{
AccountId: pulumi.String("699d98642c564d2e855e9661899b7252"),
ValidityPeriodDays: pulumi.Int(1826),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;
return await Deployment.RunAsync(() =>
{
var exampleZeroTrustGatewayCertificate = new Cloudflare.ZeroTrustGatewayCertificate("example_zero_trust_gateway_certificate", new()
{
AccountId = "699d98642c564d2e855e9661899b7252",
ValidityPeriodDays = 1826,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudflare.ZeroTrustGatewayCertificate;
import com.pulumi.cloudflare.ZeroTrustGatewayCertificateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleZeroTrustGatewayCertificate = new ZeroTrustGatewayCertificate("exampleZeroTrustGatewayCertificate", ZeroTrustGatewayCertificateArgs.builder()
.accountId("699d98642c564d2e855e9661899b7252")
.validityPeriodDays(1826)
.build());
}
}
resources:
exampleZeroTrustGatewayCertificate:
type: cloudflare:ZeroTrustGatewayCertificate
name: example_zero_trust_gateway_certificate
properties:
accountId: 699d98642c564d2e855e9661899b7252
validityPeriodDays: 1826
Create ZeroTrustGatewayCertificate Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new ZeroTrustGatewayCertificate(name: string, args: ZeroTrustGatewayCertificateArgs, opts?: CustomResourceOptions);@overload
def ZeroTrustGatewayCertificate(resource_name: str,
args: ZeroTrustGatewayCertificateArgs,
opts: Optional[ResourceOptions] = None)
@overload
def ZeroTrustGatewayCertificate(resource_name: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
activate: Optional[bool] = None,
validity_period_days: Optional[int] = None)func NewZeroTrustGatewayCertificate(ctx *Context, name string, args ZeroTrustGatewayCertificateArgs, opts ...ResourceOption) (*ZeroTrustGatewayCertificate, error)public ZeroTrustGatewayCertificate(string name, ZeroTrustGatewayCertificateArgs args, CustomResourceOptions? opts = null)
public ZeroTrustGatewayCertificate(String name, ZeroTrustGatewayCertificateArgs args)
public ZeroTrustGatewayCertificate(String name, ZeroTrustGatewayCertificateArgs args, CustomResourceOptions options)
type: cloudflare:ZeroTrustGatewayCertificate
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ZeroTrustGatewayCertificateArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ZeroTrustGatewayCertificateArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ZeroTrustGatewayCertificateArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ZeroTrustGatewayCertificateArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ZeroTrustGatewayCertificateArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var zeroTrustGatewayCertificateResource = new Cloudflare.ZeroTrustGatewayCertificate("zeroTrustGatewayCertificateResource", new()
{
AccountId = "string",
Activate = false,
ValidityPeriodDays = 0,
});
example, err := cloudflare.NewZeroTrustGatewayCertificate(ctx, "zeroTrustGatewayCertificateResource", &cloudflare.ZeroTrustGatewayCertificateArgs{
AccountId: pulumi.String("string"),
Activate: pulumi.Bool(false),
ValidityPeriodDays: pulumi.Int(0),
})
var zeroTrustGatewayCertificateResource = new ZeroTrustGatewayCertificate("zeroTrustGatewayCertificateResource", ZeroTrustGatewayCertificateArgs.builder()
.accountId("string")
.activate(false)
.validityPeriodDays(0)
.build());
zero_trust_gateway_certificate_resource = cloudflare.ZeroTrustGatewayCertificate("zeroTrustGatewayCertificateResource",
account_id="string",
activate=False,
validity_period_days=0)
const zeroTrustGatewayCertificateResource = new cloudflare.ZeroTrustGatewayCertificate("zeroTrustGatewayCertificateResource", {
accountId: "string",
activate: false,
validityPeriodDays: 0,
});
type: cloudflare:ZeroTrustGatewayCertificate
properties:
accountId: string
activate: false
validityPeriodDays: 0
ZeroTrustGatewayCertificate Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The ZeroTrustGatewayCertificate resource accepts the following input properties:
- Account
Id string - Activate bool
- Validity
Period intDays - Sets the certificate validity period in days (range: 1-10,950 days / ~30 years). Defaults to 1,825 days (5 years). Important: This field is only settable during the certificate creation. Certificates becomes immutable after creation - use the
/activateand/deactivateendpoints to manage certificate lifecycle.
- Account
Id string - Activate bool
- Validity
Period intDays - Sets the certificate validity period in days (range: 1-10,950 days / ~30 years). Defaults to 1,825 days (5 years). Important: This field is only settable during the certificate creation. Certificates becomes immutable after creation - use the
/activateand/deactivateendpoints to manage certificate lifecycle.
- account
Id String - activate Boolean
- validity
Period IntegerDays - Sets the certificate validity period in days (range: 1-10,950 days / ~30 years). Defaults to 1,825 days (5 years). Important: This field is only settable during the certificate creation. Certificates becomes immutable after creation - use the
/activateand/deactivateendpoints to manage certificate lifecycle.
- account
Id string - activate boolean
- validity
Period numberDays - Sets the certificate validity period in days (range: 1-10,950 days / ~30 years). Defaults to 1,825 days (5 years). Important: This field is only settable during the certificate creation. Certificates becomes immutable after creation - use the
/activateand/deactivateendpoints to manage certificate lifecycle.
- account_
id str - activate bool
- validity_
period_ intdays - Sets the certificate validity period in days (range: 1-10,950 days / ~30 years). Defaults to 1,825 days (5 years). Important: This field is only settable during the certificate creation. Certificates becomes immutable after creation - use the
/activateand/deactivateendpoints to manage certificate lifecycle.
- account
Id String - activate Boolean
- validity
Period NumberDays - Sets the certificate validity period in days (range: 1-10,950 days / ~30 years). Defaults to 1,825 days (5 years). Important: This field is only settable during the certificate creation. Certificates becomes immutable after creation - use the
/activateand/deactivateendpoints to manage certificate lifecycle.
Outputs
All input properties are implicitly available as output properties. Additionally, the ZeroTrustGatewayCertificate resource produces the following output properties:
- Binding
Status string - Indicate the read-only deployment status of the certificate on Cloudflare's edge. Gateway TLS interception can use certificates in the 'available' (previously called 'active') state. Available values: "pendingdeployment", "available", "pendingdeletion", "inactive".
- Certificate string
- Provide the CA certificate (read-only).
- Created
At string - Expires
On string - Fingerprint string
- Provide the SHA256 fingerprint of the certificate (read-only).
- Id string
- The provider-assigned unique ID for this managed resource.
- In
Use bool - Indicate whether Gateway TLS interception uses this certificate (read-only). You cannot set this value directly. To configure interception, use the Gateway configuration setting named
certificate(read-only). - Issuer
Org string - Indicate the organization that issued the certificate (read-only).
- Issuer
Raw string - Provide the entire issuer field of the certificate (read-only).
- Type string
- Indicate the read-only certificate type, BYO-PKI (custom) or Gateway-managed. Available values: "custom", "gateway_managed".
- Updated
At string - Uploaded
On string
- Binding
Status string - Indicate the read-only deployment status of the certificate on Cloudflare's edge. Gateway TLS interception can use certificates in the 'available' (previously called 'active') state. Available values: "pendingdeployment", "available", "pendingdeletion", "inactive".
- Certificate string
- Provide the CA certificate (read-only).
- Created
At string - Expires
On string - Fingerprint string
- Provide the SHA256 fingerprint of the certificate (read-only).
- Id string
- The provider-assigned unique ID for this managed resource.
- In
Use bool - Indicate whether Gateway TLS interception uses this certificate (read-only). You cannot set this value directly. To configure interception, use the Gateway configuration setting named
certificate(read-only). - Issuer
Org string - Indicate the organization that issued the certificate (read-only).
- Issuer
Raw string - Provide the entire issuer field of the certificate (read-only).
- Type string
- Indicate the read-only certificate type, BYO-PKI (custom) or Gateway-managed. Available values: "custom", "gateway_managed".
- Updated
At string - Uploaded
On string
- binding
Status String - Indicate the read-only deployment status of the certificate on Cloudflare's edge. Gateway TLS interception can use certificates in the 'available' (previously called 'active') state. Available values: "pendingdeployment", "available", "pendingdeletion", "inactive".
- certificate String
- Provide the CA certificate (read-only).
- created
At String - expires
On String - fingerprint String
- Provide the SHA256 fingerprint of the certificate (read-only).
- id String
- The provider-assigned unique ID for this managed resource.
- in
Use Boolean - Indicate whether Gateway TLS interception uses this certificate (read-only). You cannot set this value directly. To configure interception, use the Gateway configuration setting named
certificate(read-only). - issuer
Org String - Indicate the organization that issued the certificate (read-only).
- issuer
Raw String - Provide the entire issuer field of the certificate (read-only).
- type String
- Indicate the read-only certificate type, BYO-PKI (custom) or Gateway-managed. Available values: "custom", "gateway_managed".
- updated
At String - uploaded
On String
- binding
Status string - Indicate the read-only deployment status of the certificate on Cloudflare's edge. Gateway TLS interception can use certificates in the 'available' (previously called 'active') state. Available values: "pendingdeployment", "available", "pendingdeletion", "inactive".
- certificate string
- Provide the CA certificate (read-only).
- created
At string - expires
On string - fingerprint string
- Provide the SHA256 fingerprint of the certificate (read-only).
- id string
- The provider-assigned unique ID for this managed resource.
- in
Use boolean - Indicate whether Gateway TLS interception uses this certificate (read-only). You cannot set this value directly. To configure interception, use the Gateway configuration setting named
certificate(read-only). - issuer
Org string - Indicate the organization that issued the certificate (read-only).
- issuer
Raw string - Provide the entire issuer field of the certificate (read-only).
- type string
- Indicate the read-only certificate type, BYO-PKI (custom) or Gateway-managed. Available values: "custom", "gateway_managed".
- updated
At string - uploaded
On string
- binding_
status str - Indicate the read-only deployment status of the certificate on Cloudflare's edge. Gateway TLS interception can use certificates in the 'available' (previously called 'active') state. Available values: "pendingdeployment", "available", "pendingdeletion", "inactive".
- certificate str
- Provide the CA certificate (read-only).
- created_
at str - expires_
on str - fingerprint str
- Provide the SHA256 fingerprint of the certificate (read-only).
- id str
- The provider-assigned unique ID for this managed resource.
- in_
use bool - Indicate whether Gateway TLS interception uses this certificate (read-only). You cannot set this value directly. To configure interception, use the Gateway configuration setting named
certificate(read-only). - issuer_
org str - Indicate the organization that issued the certificate (read-only).
- issuer_
raw str - Provide the entire issuer field of the certificate (read-only).
- type str
- Indicate the read-only certificate type, BYO-PKI (custom) or Gateway-managed. Available values: "custom", "gateway_managed".
- updated_
at str - uploaded_
on str
- binding
Status String - Indicate the read-only deployment status of the certificate on Cloudflare's edge. Gateway TLS interception can use certificates in the 'available' (previously called 'active') state. Available values: "pendingdeployment", "available", "pendingdeletion", "inactive".
- certificate String
- Provide the CA certificate (read-only).
- created
At String - expires
On String - fingerprint String
- Provide the SHA256 fingerprint of the certificate (read-only).
- id String
- The provider-assigned unique ID for this managed resource.
- in
Use Boolean - Indicate whether Gateway TLS interception uses this certificate (read-only). You cannot set this value directly. To configure interception, use the Gateway configuration setting named
certificate(read-only). - issuer
Org String - Indicate the organization that issued the certificate (read-only).
- issuer
Raw String - Provide the entire issuer field of the certificate (read-only).
- type String
- Indicate the read-only certificate type, BYO-PKI (custom) or Gateway-managed. Available values: "custom", "gateway_managed".
- updated
At String - uploaded
On String
Look up Existing ZeroTrustGatewayCertificate Resource
Get an existing ZeroTrustGatewayCertificate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ZeroTrustGatewayCertificateState, opts?: CustomResourceOptions): ZeroTrustGatewayCertificate@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
activate: Optional[bool] = None,
binding_status: Optional[str] = None,
certificate: Optional[str] = None,
created_at: Optional[str] = None,
expires_on: Optional[str] = None,
fingerprint: Optional[str] = None,
in_use: Optional[bool] = None,
issuer_org: Optional[str] = None,
issuer_raw: Optional[str] = None,
type: Optional[str] = None,
updated_at: Optional[str] = None,
uploaded_on: Optional[str] = None,
validity_period_days: Optional[int] = None) -> ZeroTrustGatewayCertificatefunc GetZeroTrustGatewayCertificate(ctx *Context, name string, id IDInput, state *ZeroTrustGatewayCertificateState, opts ...ResourceOption) (*ZeroTrustGatewayCertificate, error)public static ZeroTrustGatewayCertificate Get(string name, Input<string> id, ZeroTrustGatewayCertificateState? state, CustomResourceOptions? opts = null)public static ZeroTrustGatewayCertificate get(String name, Output<String> id, ZeroTrustGatewayCertificateState state, CustomResourceOptions options)resources: _: type: cloudflare:ZeroTrustGatewayCertificate get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Account
Id string - Activate bool
- Binding
Status string - Indicate the read-only deployment status of the certificate on Cloudflare's edge. Gateway TLS interception can use certificates in the 'available' (previously called 'active') state. Available values: "pendingdeployment", "available", "pendingdeletion", "inactive".
- Certificate string
- Provide the CA certificate (read-only).
- Created
At string - Expires
On string - Fingerprint string
- Provide the SHA256 fingerprint of the certificate (read-only).
- In
Use bool - Indicate whether Gateway TLS interception uses this certificate (read-only). You cannot set this value directly. To configure interception, use the Gateway configuration setting named
certificate(read-only). - Issuer
Org string - Indicate the organization that issued the certificate (read-only).
- Issuer
Raw string - Provide the entire issuer field of the certificate (read-only).
- Type string
- Indicate the read-only certificate type, BYO-PKI (custom) or Gateway-managed. Available values: "custom", "gateway_managed".
- Updated
At string - Uploaded
On string - Validity
Period intDays - Sets the certificate validity period in days (range: 1-10,950 days / ~30 years). Defaults to 1,825 days (5 years). Important: This field is only settable during the certificate creation. Certificates becomes immutable after creation - use the
/activateand/deactivateendpoints to manage certificate lifecycle.
- Account
Id string - Activate bool
- Binding
Status string - Indicate the read-only deployment status of the certificate on Cloudflare's edge. Gateway TLS interception can use certificates in the 'available' (previously called 'active') state. Available values: "pendingdeployment", "available", "pendingdeletion", "inactive".
- Certificate string
- Provide the CA certificate (read-only).
- Created
At string - Expires
On string - Fingerprint string
- Provide the SHA256 fingerprint of the certificate (read-only).
- In
Use bool - Indicate whether Gateway TLS interception uses this certificate (read-only). You cannot set this value directly. To configure interception, use the Gateway configuration setting named
certificate(read-only). - Issuer
Org string - Indicate the organization that issued the certificate (read-only).
- Issuer
Raw string - Provide the entire issuer field of the certificate (read-only).
- Type string
- Indicate the read-only certificate type, BYO-PKI (custom) or Gateway-managed. Available values: "custom", "gateway_managed".
- Updated
At string - Uploaded
On string - Validity
Period intDays - Sets the certificate validity period in days (range: 1-10,950 days / ~30 years). Defaults to 1,825 days (5 years). Important: This field is only settable during the certificate creation. Certificates becomes immutable after creation - use the
/activateand/deactivateendpoints to manage certificate lifecycle.
- account
Id String - activate Boolean
- binding
Status String - Indicate the read-only deployment status of the certificate on Cloudflare's edge. Gateway TLS interception can use certificates in the 'available' (previously called 'active') state. Available values: "pendingdeployment", "available", "pendingdeletion", "inactive".
- certificate String
- Provide the CA certificate (read-only).
- created
At String - expires
On String - fingerprint String
- Provide the SHA256 fingerprint of the certificate (read-only).
- in
Use Boolean - Indicate whether Gateway TLS interception uses this certificate (read-only). You cannot set this value directly. To configure interception, use the Gateway configuration setting named
certificate(read-only). - issuer
Org String - Indicate the organization that issued the certificate (read-only).
- issuer
Raw String - Provide the entire issuer field of the certificate (read-only).
- type String
- Indicate the read-only certificate type, BYO-PKI (custom) or Gateway-managed. Available values: "custom", "gateway_managed".
- updated
At String - uploaded
On String - validity
Period IntegerDays - Sets the certificate validity period in days (range: 1-10,950 days / ~30 years). Defaults to 1,825 days (5 years). Important: This field is only settable during the certificate creation. Certificates becomes immutable after creation - use the
/activateand/deactivateendpoints to manage certificate lifecycle.
- account
Id string - activate boolean
- binding
Status string - Indicate the read-only deployment status of the certificate on Cloudflare's edge. Gateway TLS interception can use certificates in the 'available' (previously called 'active') state. Available values: "pendingdeployment", "available", "pendingdeletion", "inactive".
- certificate string
- Provide the CA certificate (read-only).
- created
At string - expires
On string - fingerprint string
- Provide the SHA256 fingerprint of the certificate (read-only).
- in
Use boolean - Indicate whether Gateway TLS interception uses this certificate (read-only). You cannot set this value directly. To configure interception, use the Gateway configuration setting named
certificate(read-only). - issuer
Org string - Indicate the organization that issued the certificate (read-only).
- issuer
Raw string - Provide the entire issuer field of the certificate (read-only).
- type string
- Indicate the read-only certificate type, BYO-PKI (custom) or Gateway-managed. Available values: "custom", "gateway_managed".
- updated
At string - uploaded
On string - validity
Period numberDays - Sets the certificate validity period in days (range: 1-10,950 days / ~30 years). Defaults to 1,825 days (5 years). Important: This field is only settable during the certificate creation. Certificates becomes immutable after creation - use the
/activateand/deactivateendpoints to manage certificate lifecycle.
- account_
id str - activate bool
- binding_
status str - Indicate the read-only deployment status of the certificate on Cloudflare's edge. Gateway TLS interception can use certificates in the 'available' (previously called 'active') state. Available values: "pendingdeployment", "available", "pendingdeletion", "inactive".
- certificate str
- Provide the CA certificate (read-only).
- created_
at str - expires_
on str - fingerprint str
- Provide the SHA256 fingerprint of the certificate (read-only).
- in_
use bool - Indicate whether Gateway TLS interception uses this certificate (read-only). You cannot set this value directly. To configure interception, use the Gateway configuration setting named
certificate(read-only). - issuer_
org str - Indicate the organization that issued the certificate (read-only).
- issuer_
raw str - Provide the entire issuer field of the certificate (read-only).
- type str
- Indicate the read-only certificate type, BYO-PKI (custom) or Gateway-managed. Available values: "custom", "gateway_managed".
- updated_
at str - uploaded_
on str - validity_
period_ intdays - Sets the certificate validity period in days (range: 1-10,950 days / ~30 years). Defaults to 1,825 days (5 years). Important: This field is only settable during the certificate creation. Certificates becomes immutable after creation - use the
/activateand/deactivateendpoints to manage certificate lifecycle.
- account
Id String - activate Boolean
- binding
Status String - Indicate the read-only deployment status of the certificate on Cloudflare's edge. Gateway TLS interception can use certificates in the 'available' (previously called 'active') state. Available values: "pendingdeployment", "available", "pendingdeletion", "inactive".
- certificate String
- Provide the CA certificate (read-only).
- created
At String - expires
On String - fingerprint String
- Provide the SHA256 fingerprint of the certificate (read-only).
- in
Use Boolean - Indicate whether Gateway TLS interception uses this certificate (read-only). You cannot set this value directly. To configure interception, use the Gateway configuration setting named
certificate(read-only). - issuer
Org String - Indicate the organization that issued the certificate (read-only).
- issuer
Raw String - Provide the entire issuer field of the certificate (read-only).
- type String
- Indicate the read-only certificate type, BYO-PKI (custom) or Gateway-managed. Available values: "custom", "gateway_managed".
- updated
At String - uploaded
On String - validity
Period NumberDays - Sets the certificate validity period in days (range: 1-10,950 days / ~30 years). Defaults to 1,825 days (5 years). Important: This field is only settable during the certificate creation. Certificates becomes immutable after creation - use the
/activateand/deactivateendpoints to manage certificate lifecycle.
Import
$ pulumi import cloudflare:index/zeroTrustGatewayCertificate:ZeroTrustGatewayCertificate example '<account_id>/<certificate_id>'
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Cloudflare pulumi/pulumi-cloudflare
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
cloudflareTerraform Provider.
