Cloudflare v6.10.0 published on Thursday, Oct 2, 2025 by Pulumi
cloudflare.ZeroTrustGatewaySettings
Example Usage
Example coming soon!
Example coming soon!
Example coming soon!
Example coming soon!
Example coming soon!
resources:
exampleZeroTrustGatewaySettings:
type: cloudflare:ZeroTrustGatewaySettings
name: example_zero_trust_gateway_settings
properties:
accountId: 699d98642c564d2e855e9661899b7252
settings:
activity_log:
enabled: true
antivirus:
enabledDownloadPhase: false
enabledUploadPhase: false
failClosed: false
notificationSettings:
enabled: true
includeContext: true
msg: msg
supportUrl: support_url
block_page:
backgroundColor: background_color
enabled: true
footerText: --footer--
headerText: --header--
includeContext: true
logoPath: https://logos.com/a.png
mailtoAddress: admin@example.com
mailtoSubject: Blocked User Inquiry
mode: ""
name: Cloudflare
suppressFooter: false
targetUri: https://example.com
body_scanning:
inspectionMode: deep
browser_isolation:
nonIdentityEnabled: true
urlBrowserIsolationEnabled: true
certificate:
id: d1b364c5-1311-466e-a194-f0e943e0799f
custom_certificate:
enabled: true
id: d1b364c5-1311-466e-a194-f0e943e0799f
extended_email_matching:
enabled: true
fips:
tls: true
host_selector:
enabled: false
inspection:
mode: static
protocol_detection:
enabled: true
sandbox:
enabled: true
fallbackAction: allow
tls_decrypt:
enabled: true
Create ZeroTrustGatewaySettings Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new ZeroTrustGatewaySettings(name: string, args: ZeroTrustGatewaySettingsArgs, opts?: CustomResourceOptions);@overload
def ZeroTrustGatewaySettings(resource_name: str,
args: ZeroTrustGatewaySettingsArgs,
opts: Optional[ResourceOptions] = None)
@overload
def ZeroTrustGatewaySettings(resource_name: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
settings: Optional[ZeroTrustGatewaySettingsSettingsArgs] = None)func NewZeroTrustGatewaySettings(ctx *Context, name string, args ZeroTrustGatewaySettingsArgs, opts ...ResourceOption) (*ZeroTrustGatewaySettings, error)public ZeroTrustGatewaySettings(string name, ZeroTrustGatewaySettingsArgs args, CustomResourceOptions? opts = null)
public ZeroTrustGatewaySettings(String name, ZeroTrustGatewaySettingsArgs args)
public ZeroTrustGatewaySettings(String name, ZeroTrustGatewaySettingsArgs args, CustomResourceOptions options)
type: cloudflare:ZeroTrustGatewaySettings
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ZeroTrustGatewaySettingsArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ZeroTrustGatewaySettingsArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ZeroTrustGatewaySettingsArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ZeroTrustGatewaySettingsArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ZeroTrustGatewaySettingsArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var zeroTrustGatewaySettingsResource = new Cloudflare.ZeroTrustGatewaySettings("zeroTrustGatewaySettingsResource", new()
{
AccountId = "string",
Settings = new Cloudflare.Inputs.ZeroTrustGatewaySettingsSettingsArgs
{
ActivityLog = new Cloudflare.Inputs.ZeroTrustGatewaySettingsSettingsActivityLogArgs
{
Enabled = false,
},
Antivirus = new Cloudflare.Inputs.ZeroTrustGatewaySettingsSettingsAntivirusArgs
{
EnabledDownloadPhase = false,
EnabledUploadPhase = false,
FailClosed = false,
NotificationSettings = new Cloudflare.Inputs.ZeroTrustGatewaySettingsSettingsAntivirusNotificationSettingsArgs
{
Enabled = false,
IncludeContext = false,
Msg = "string",
SupportUrl = "string",
},
},
BlockPage = new Cloudflare.Inputs.ZeroTrustGatewaySettingsSettingsBlockPageArgs
{
BackgroundColor = "string",
Enabled = false,
FooterText = "string",
HeaderText = "string",
IncludeContext = false,
LogoPath = "string",
MailtoAddress = "string",
MailtoSubject = "string",
Mode = "string",
Name = "string",
ReadOnly = false,
SourceAccount = "string",
SuppressFooter = false,
TargetUri = "string",
Version = 0,
},
BodyScanning = new Cloudflare.Inputs.ZeroTrustGatewaySettingsSettingsBodyScanningArgs
{
InspectionMode = "string",
},
BrowserIsolation = new Cloudflare.Inputs.ZeroTrustGatewaySettingsSettingsBrowserIsolationArgs
{
NonIdentityEnabled = false,
UrlBrowserIsolationEnabled = false,
},
Certificate = new Cloudflare.Inputs.ZeroTrustGatewaySettingsSettingsCertificateArgs
{
Id = "string",
},
ExtendedEmailMatching = new Cloudflare.Inputs.ZeroTrustGatewaySettingsSettingsExtendedEmailMatchingArgs
{
Enabled = false,
ReadOnly = false,
SourceAccount = "string",
Version = 0,
},
Fips = new Cloudflare.Inputs.ZeroTrustGatewaySettingsSettingsFipsArgs
{
Tls = false,
},
HostSelector = new Cloudflare.Inputs.ZeroTrustGatewaySettingsSettingsHostSelectorArgs
{
Enabled = false,
},
Inspection = new Cloudflare.Inputs.ZeroTrustGatewaySettingsSettingsInspectionArgs
{
Mode = "string",
},
ProtocolDetection = new Cloudflare.Inputs.ZeroTrustGatewaySettingsSettingsProtocolDetectionArgs
{
Enabled = false,
},
Sandbox = new Cloudflare.Inputs.ZeroTrustGatewaySettingsSettingsSandboxArgs
{
Enabled = false,
FallbackAction = "string",
},
TlsDecrypt = new Cloudflare.Inputs.ZeroTrustGatewaySettingsSettingsTlsDecryptArgs
{
Enabled = false,
},
},
});
example, err := cloudflare.NewZeroTrustGatewaySettings(ctx, "zeroTrustGatewaySettingsResource", &cloudflare.ZeroTrustGatewaySettingsArgs{
AccountId: pulumi.String("string"),
Settings: &cloudflare.ZeroTrustGatewaySettingsSettingsArgs{
ActivityLog: &cloudflare.ZeroTrustGatewaySettingsSettingsActivityLogArgs{
Enabled: pulumi.Bool(false),
},
Antivirus: &cloudflare.ZeroTrustGatewaySettingsSettingsAntivirusArgs{
EnabledDownloadPhase: pulumi.Bool(false),
EnabledUploadPhase: pulumi.Bool(false),
FailClosed: pulumi.Bool(false),
NotificationSettings: &cloudflare.ZeroTrustGatewaySettingsSettingsAntivirusNotificationSettingsArgs{
Enabled: pulumi.Bool(false),
IncludeContext: pulumi.Bool(false),
Msg: pulumi.String("string"),
SupportUrl: pulumi.String("string"),
},
},
BlockPage: &cloudflare.ZeroTrustGatewaySettingsSettingsBlockPageArgs{
BackgroundColor: pulumi.String("string"),
Enabled: pulumi.Bool(false),
FooterText: pulumi.String("string"),
HeaderText: pulumi.String("string"),
IncludeContext: pulumi.Bool(false),
LogoPath: pulumi.String("string"),
MailtoAddress: pulumi.String("string"),
MailtoSubject: pulumi.String("string"),
Mode: pulumi.String("string"),
Name: pulumi.String("string"),
ReadOnly: pulumi.Bool(false),
SourceAccount: pulumi.String("string"),
SuppressFooter: pulumi.Bool(false),
TargetUri: pulumi.String("string"),
Version: pulumi.Int(0),
},
BodyScanning: &cloudflare.ZeroTrustGatewaySettingsSettingsBodyScanningArgs{
InspectionMode: pulumi.String("string"),
},
BrowserIsolation: &cloudflare.ZeroTrustGatewaySettingsSettingsBrowserIsolationArgs{
NonIdentityEnabled: pulumi.Bool(false),
UrlBrowserIsolationEnabled: pulumi.Bool(false),
},
Certificate: &cloudflare.ZeroTrustGatewaySettingsSettingsCertificateArgs{
Id: pulumi.String("string"),
},
ExtendedEmailMatching: &cloudflare.ZeroTrustGatewaySettingsSettingsExtendedEmailMatchingArgs{
Enabled: pulumi.Bool(false),
ReadOnly: pulumi.Bool(false),
SourceAccount: pulumi.String("string"),
Version: pulumi.Int(0),
},
Fips: &cloudflare.ZeroTrustGatewaySettingsSettingsFipsArgs{
Tls: pulumi.Bool(false),
},
HostSelector: &cloudflare.ZeroTrustGatewaySettingsSettingsHostSelectorArgs{
Enabled: pulumi.Bool(false),
},
Inspection: &cloudflare.ZeroTrustGatewaySettingsSettingsInspectionArgs{
Mode: pulumi.String("string"),
},
ProtocolDetection: &cloudflare.ZeroTrustGatewaySettingsSettingsProtocolDetectionArgs{
Enabled: pulumi.Bool(false),
},
Sandbox: &cloudflare.ZeroTrustGatewaySettingsSettingsSandboxArgs{
Enabled: pulumi.Bool(false),
FallbackAction: pulumi.String("string"),
},
TlsDecrypt: &cloudflare.ZeroTrustGatewaySettingsSettingsTlsDecryptArgs{
Enabled: pulumi.Bool(false),
},
},
})
var zeroTrustGatewaySettingsResource = new ZeroTrustGatewaySettings("zeroTrustGatewaySettingsResource", ZeroTrustGatewaySettingsArgs.builder()
.accountId("string")
.settings(ZeroTrustGatewaySettingsSettingsArgs.builder()
.activityLog(ZeroTrustGatewaySettingsSettingsActivityLogArgs.builder()
.enabled(false)
.build())
.antivirus(ZeroTrustGatewaySettingsSettingsAntivirusArgs.builder()
.enabledDownloadPhase(false)
.enabledUploadPhase(false)
.failClosed(false)
.notificationSettings(ZeroTrustGatewaySettingsSettingsAntivirusNotificationSettingsArgs.builder()
.enabled(false)
.includeContext(false)
.msg("string")
.supportUrl("string")
.build())
.build())
.blockPage(ZeroTrustGatewaySettingsSettingsBlockPageArgs.builder()
.backgroundColor("string")
.enabled(false)
.footerText("string")
.headerText("string")
.includeContext(false)
.logoPath("string")
.mailtoAddress("string")
.mailtoSubject("string")
.mode("string")
.name("string")
.readOnly(false)
.sourceAccount("string")
.suppressFooter(false)
.targetUri("string")
.version(0)
.build())
.bodyScanning(ZeroTrustGatewaySettingsSettingsBodyScanningArgs.builder()
.inspectionMode("string")
.build())
.browserIsolation(ZeroTrustGatewaySettingsSettingsBrowserIsolationArgs.builder()
.nonIdentityEnabled(false)
.urlBrowserIsolationEnabled(false)
.build())
.certificate(ZeroTrustGatewaySettingsSettingsCertificateArgs.builder()
.id("string")
.build())
.extendedEmailMatching(ZeroTrustGatewaySettingsSettingsExtendedEmailMatchingArgs.builder()
.enabled(false)
.readOnly(false)
.sourceAccount("string")
.version(0)
.build())
.fips(ZeroTrustGatewaySettingsSettingsFipsArgs.builder()
.tls(false)
.build())
.hostSelector(ZeroTrustGatewaySettingsSettingsHostSelectorArgs.builder()
.enabled(false)
.build())
.inspection(ZeroTrustGatewaySettingsSettingsInspectionArgs.builder()
.mode("string")
.build())
.protocolDetection(ZeroTrustGatewaySettingsSettingsProtocolDetectionArgs.builder()
.enabled(false)
.build())
.sandbox(ZeroTrustGatewaySettingsSettingsSandboxArgs.builder()
.enabled(false)
.fallbackAction("string")
.build())
.tlsDecrypt(ZeroTrustGatewaySettingsSettingsTlsDecryptArgs.builder()
.enabled(false)
.build())
.build())
.build());
zero_trust_gateway_settings_resource = cloudflare.ZeroTrustGatewaySettings("zeroTrustGatewaySettingsResource",
account_id="string",
settings={
"activity_log": {
"enabled": False,
},
"antivirus": {
"enabled_download_phase": False,
"enabled_upload_phase": False,
"fail_closed": False,
"notification_settings": {
"enabled": False,
"include_context": False,
"msg": "string",
"support_url": "string",
},
},
"block_page": {
"background_color": "string",
"enabled": False,
"footer_text": "string",
"header_text": "string",
"include_context": False,
"logo_path": "string",
"mailto_address": "string",
"mailto_subject": "string",
"mode": "string",
"name": "string",
"read_only": False,
"source_account": "string",
"suppress_footer": False,
"target_uri": "string",
"version": 0,
},
"body_scanning": {
"inspection_mode": "string",
},
"browser_isolation": {
"non_identity_enabled": False,
"url_browser_isolation_enabled": False,
},
"certificate": {
"id": "string",
},
"extended_email_matching": {
"enabled": False,
"read_only": False,
"source_account": "string",
"version": 0,
},
"fips": {
"tls": False,
},
"host_selector": {
"enabled": False,
},
"inspection": {
"mode": "string",
},
"protocol_detection": {
"enabled": False,
},
"sandbox": {
"enabled": False,
"fallback_action": "string",
},
"tls_decrypt": {
"enabled": False,
},
})
const zeroTrustGatewaySettingsResource = new cloudflare.ZeroTrustGatewaySettings("zeroTrustGatewaySettingsResource", {
accountId: "string",
settings: {
activityLog: {
enabled: false,
},
antivirus: {
enabledDownloadPhase: false,
enabledUploadPhase: false,
failClosed: false,
notificationSettings: {
enabled: false,
includeContext: false,
msg: "string",
supportUrl: "string",
},
},
blockPage: {
backgroundColor: "string",
enabled: false,
footerText: "string",
headerText: "string",
includeContext: false,
logoPath: "string",
mailtoAddress: "string",
mailtoSubject: "string",
mode: "string",
name: "string",
readOnly: false,
sourceAccount: "string",
suppressFooter: false,
targetUri: "string",
version: 0,
},
bodyScanning: {
inspectionMode: "string",
},
browserIsolation: {
nonIdentityEnabled: false,
urlBrowserIsolationEnabled: false,
},
certificate: {
id: "string",
},
extendedEmailMatching: {
enabled: false,
readOnly: false,
sourceAccount: "string",
version: 0,
},
fips: {
tls: false,
},
hostSelector: {
enabled: false,
},
inspection: {
mode: "string",
},
protocolDetection: {
enabled: false,
},
sandbox: {
enabled: false,
fallbackAction: "string",
},
tlsDecrypt: {
enabled: false,
},
},
});
type: cloudflare:ZeroTrustGatewaySettings
properties:
accountId: string
settings:
activityLog:
enabled: false
antivirus:
enabledDownloadPhase: false
enabledUploadPhase: false
failClosed: false
notificationSettings:
enabled: false
includeContext: false
msg: string
supportUrl: string
blockPage:
backgroundColor: string
enabled: false
footerText: string
headerText: string
includeContext: false
logoPath: string
mailtoAddress: string
mailtoSubject: string
mode: string
name: string
readOnly: false
sourceAccount: string
suppressFooter: false
targetUri: string
version: 0
bodyScanning:
inspectionMode: string
browserIsolation:
nonIdentityEnabled: false
urlBrowserIsolationEnabled: false
certificate:
id: string
extendedEmailMatching:
enabled: false
readOnly: false
sourceAccount: string
version: 0
fips:
tls: false
hostSelector:
enabled: false
inspection:
mode: string
protocolDetection:
enabled: false
sandbox:
enabled: false
fallbackAction: string
tlsDecrypt:
enabled: false
ZeroTrustGatewaySettings Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The ZeroTrustGatewaySettings resource accepts the following input properties:
- Account
Id string - Settings
Zero
Trust Gateway Settings Settings - Specify account settings.
- Account
Id string - Settings
Zero
Trust Gateway Settings Settings Args - Specify account settings.
- account
Id String - settings
Zero
Trust Gateway Settings Settings - Specify account settings.
- account
Id string - settings
Zero
Trust Gateway Settings Settings - Specify account settings.
- account_
id str - settings
Zero
Trust Gateway Settings Settings Args - Specify account settings.
- account
Id String - settings Property Map
- Specify account settings.
Outputs
All input properties are implicitly available as output properties. Additionally, the ZeroTrustGatewaySettings resource produces the following output properties:
- created_
at str - id str
- The provider-assigned unique ID for this managed resource.
- updated_
at str
Look up Existing ZeroTrustGatewaySettings Resource
Get an existing ZeroTrustGatewaySettings resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ZeroTrustGatewaySettingsState, opts?: CustomResourceOptions): ZeroTrustGatewaySettings@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
created_at: Optional[str] = None,
settings: Optional[ZeroTrustGatewaySettingsSettingsArgs] = None,
updated_at: Optional[str] = None) -> ZeroTrustGatewaySettingsfunc GetZeroTrustGatewaySettings(ctx *Context, name string, id IDInput, state *ZeroTrustGatewaySettingsState, opts ...ResourceOption) (*ZeroTrustGatewaySettings, error)public static ZeroTrustGatewaySettings Get(string name, Input<string> id, ZeroTrustGatewaySettingsState? state, CustomResourceOptions? opts = null)public static ZeroTrustGatewaySettings get(String name, Output<String> id, ZeroTrustGatewaySettingsState state, CustomResourceOptions options)resources: _: type: cloudflare:ZeroTrustGatewaySettings get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Account
Id string - Created
At string - Settings
Zero
Trust Gateway Settings Settings - Specify account settings.
- Updated
At string
- Account
Id string - Created
At string - Settings
Zero
Trust Gateway Settings Settings Args - Specify account settings.
- Updated
At string
- account
Id String - created
At String - settings
Zero
Trust Gateway Settings Settings - Specify account settings.
- updated
At String
- account
Id string - created
At string - settings
Zero
Trust Gateway Settings Settings - Specify account settings.
- updated
At string
- account_
id str - created_
at str - settings
Zero
Trust Gateway Settings Settings Args - Specify account settings.
- updated_
at str
- account
Id String - created
At String - settings Property Map
- Specify account settings.
- updated
At String
Supporting Types
ZeroTrustGatewaySettingsSettings, ZeroTrustGatewaySettingsSettingsArgs
- Activity
Log ZeroTrust Gateway Settings Settings Activity Log - Specify activity log settings.
- Antivirus
Zero
Trust Gateway Settings Settings Antivirus - Specify anti-virus settings.
- Block
Page ZeroTrust Gateway Settings Settings Block Page - Specify block page layout settings.
- Body
Scanning ZeroTrust Gateway Settings Settings Body Scanning - Specify the DLP inspection mode.
- Browser
Isolation ZeroTrust Gateway Settings Settings Browser Isolation - Specify Clientless Browser Isolation settings.
- Certificate
Zero
Trust Gateway Settings Settings Certificate - Specify certificate settings for Gateway TLS interception. If unset, the Cloudflare Root CA handles interception.
- Custom
Certificate ZeroTrust Gateway Settings Settings Custom Certificate - Specify custom certificate settings for BYO-PKI. This field is deprecated; use
certificateinstead. - Extended
Email ZeroMatching Trust Gateway Settings Settings Extended Email Matching - Specify user email settings for the firewall policies. When this is enabled, we standardize the email addresses in the identity part of the rule, so that they match the extended email variants in the firewall policies. When this setting is turned off, the email addresses in the identity part of the rule will be matched exactly as provided. If your email has
.or+modifiers, you should enable this setting. - Fips
Zero
Trust Gateway Settings Settings Fips - Specify FIPS settings.
- Host
Selector ZeroTrust Gateway Settings Settings Host Selector - Enable host selection in egress policies.
- Inspection
Zero
Trust Gateway Settings Settings Inspection - Define the proxy inspection mode.
- Protocol
Detection ZeroTrust Gateway Settings Settings Protocol Detection - Specify whether to detect protocols from the initial bytes of client traffic.
- Sandbox
Zero
Trust Gateway Settings Settings Sandbox - Specify whether to enable the sandbox.
- Tls
Decrypt ZeroTrust Gateway Settings Settings Tls Decrypt - Specify whether to inspect encrypted HTTP traffic.
- Activity
Log ZeroTrust Gateway Settings Settings Activity Log - Specify activity log settings.
- Antivirus
Zero
Trust Gateway Settings Settings Antivirus - Specify anti-virus settings.
- Block
Page ZeroTrust Gateway Settings Settings Block Page - Specify block page layout settings.
- Body
Scanning ZeroTrust Gateway Settings Settings Body Scanning - Specify the DLP inspection mode.
- Browser
Isolation ZeroTrust Gateway Settings Settings Browser Isolation - Specify Clientless Browser Isolation settings.
- Certificate
Zero
Trust Gateway Settings Settings Certificate - Specify certificate settings for Gateway TLS interception. If unset, the Cloudflare Root CA handles interception.
- Custom
Certificate ZeroTrust Gateway Settings Settings Custom Certificate - Specify custom certificate settings for BYO-PKI. This field is deprecated; use
certificateinstead. - Extended
Email ZeroMatching Trust Gateway Settings Settings Extended Email Matching - Specify user email settings for the firewall policies. When this is enabled, we standardize the email addresses in the identity part of the rule, so that they match the extended email variants in the firewall policies. When this setting is turned off, the email addresses in the identity part of the rule will be matched exactly as provided. If your email has
.or+modifiers, you should enable this setting. - Fips
Zero
Trust Gateway Settings Settings Fips - Specify FIPS settings.
- Host
Selector ZeroTrust Gateway Settings Settings Host Selector - Enable host selection in egress policies.
- Inspection
Zero
Trust Gateway Settings Settings Inspection - Define the proxy inspection mode.
- Protocol
Detection ZeroTrust Gateway Settings Settings Protocol Detection - Specify whether to detect protocols from the initial bytes of client traffic.
- Sandbox
Zero
Trust Gateway Settings Settings Sandbox - Specify whether to enable the sandbox.
- Tls
Decrypt ZeroTrust Gateway Settings Settings Tls Decrypt - Specify whether to inspect encrypted HTTP traffic.
- activity
Log ZeroTrust Gateway Settings Settings Activity Log - Specify activity log settings.
- antivirus
Zero
Trust Gateway Settings Settings Antivirus - Specify anti-virus settings.
- block
Page ZeroTrust Gateway Settings Settings Block Page - Specify block page layout settings.
- body
Scanning ZeroTrust Gateway Settings Settings Body Scanning - Specify the DLP inspection mode.
- browser
Isolation ZeroTrust Gateway Settings Settings Browser Isolation - Specify Clientless Browser Isolation settings.
- certificate
Zero
Trust Gateway Settings Settings Certificate - Specify certificate settings for Gateway TLS interception. If unset, the Cloudflare Root CA handles interception.
- custom
Certificate ZeroTrust Gateway Settings Settings Custom Certificate - Specify custom certificate settings for BYO-PKI. This field is deprecated; use
certificateinstead. - extended
Email ZeroMatching Trust Gateway Settings Settings Extended Email Matching - Specify user email settings for the firewall policies. When this is enabled, we standardize the email addresses in the identity part of the rule, so that they match the extended email variants in the firewall policies. When this setting is turned off, the email addresses in the identity part of the rule will be matched exactly as provided. If your email has
.or+modifiers, you should enable this setting. - fips
Zero
Trust Gateway Settings Settings Fips - Specify FIPS settings.
- host
Selector ZeroTrust Gateway Settings Settings Host Selector - Enable host selection in egress policies.
- inspection
Zero
Trust Gateway Settings Settings Inspection - Define the proxy inspection mode.
- protocol
Detection ZeroTrust Gateway Settings Settings Protocol Detection - Specify whether to detect protocols from the initial bytes of client traffic.
- sandbox
Zero
Trust Gateway Settings Settings Sandbox - Specify whether to enable the sandbox.
- tls
Decrypt ZeroTrust Gateway Settings Settings Tls Decrypt - Specify whether to inspect encrypted HTTP traffic.
- activity
Log ZeroTrust Gateway Settings Settings Activity Log - Specify activity log settings.
- antivirus
Zero
Trust Gateway Settings Settings Antivirus - Specify anti-virus settings.
- block
Page ZeroTrust Gateway Settings Settings Block Page - Specify block page layout settings.
- body
Scanning ZeroTrust Gateway Settings Settings Body Scanning - Specify the DLP inspection mode.
- browser
Isolation ZeroTrust Gateway Settings Settings Browser Isolation - Specify Clientless Browser Isolation settings.
- certificate
Zero
Trust Gateway Settings Settings Certificate - Specify certificate settings for Gateway TLS interception. If unset, the Cloudflare Root CA handles interception.
- custom
Certificate ZeroTrust Gateway Settings Settings Custom Certificate - Specify custom certificate settings for BYO-PKI. This field is deprecated; use
certificateinstead. - extended
Email ZeroMatching Trust Gateway Settings Settings Extended Email Matching - Specify user email settings for the firewall policies. When this is enabled, we standardize the email addresses in the identity part of the rule, so that they match the extended email variants in the firewall policies. When this setting is turned off, the email addresses in the identity part of the rule will be matched exactly as provided. If your email has
.or+modifiers, you should enable this setting. - fips
Zero
Trust Gateway Settings Settings Fips - Specify FIPS settings.
- host
Selector ZeroTrust Gateway Settings Settings Host Selector - Enable host selection in egress policies.
- inspection
Zero
Trust Gateway Settings Settings Inspection - Define the proxy inspection mode.
- protocol
Detection ZeroTrust Gateway Settings Settings Protocol Detection - Specify whether to detect protocols from the initial bytes of client traffic.
- sandbox
Zero
Trust Gateway Settings Settings Sandbox - Specify whether to enable the sandbox.
- tls
Decrypt ZeroTrust Gateway Settings Settings Tls Decrypt - Specify whether to inspect encrypted HTTP traffic.
- activity_
log ZeroTrust Gateway Settings Settings Activity Log - Specify activity log settings.
- antivirus
Zero
Trust Gateway Settings Settings Antivirus - Specify anti-virus settings.
- block_
page ZeroTrust Gateway Settings Settings Block Page - Specify block page layout settings.
- body_
scanning ZeroTrust Gateway Settings Settings Body Scanning - Specify the DLP inspection mode.
- browser_
isolation ZeroTrust Gateway Settings Settings Browser Isolation - Specify Clientless Browser Isolation settings.
- certificate
Zero
Trust Gateway Settings Settings Certificate - Specify certificate settings for Gateway TLS interception. If unset, the Cloudflare Root CA handles interception.
- custom_
certificate ZeroTrust Gateway Settings Settings Custom Certificate - Specify custom certificate settings for BYO-PKI. This field is deprecated; use
certificateinstead. - extended_
email_ Zeromatching Trust Gateway Settings Settings Extended Email Matching - Specify user email settings for the firewall policies. When this is enabled, we standardize the email addresses in the identity part of the rule, so that they match the extended email variants in the firewall policies. When this setting is turned off, the email addresses in the identity part of the rule will be matched exactly as provided. If your email has
.or+modifiers, you should enable this setting. - fips
Zero
Trust Gateway Settings Settings Fips - Specify FIPS settings.
- host_
selector ZeroTrust Gateway Settings Settings Host Selector - Enable host selection in egress policies.
- inspection
Zero
Trust Gateway Settings Settings Inspection - Define the proxy inspection mode.
- protocol_
detection ZeroTrust Gateway Settings Settings Protocol Detection - Specify whether to detect protocols from the initial bytes of client traffic.
- sandbox
Zero
Trust Gateway Settings Settings Sandbox - Specify whether to enable the sandbox.
- tls_
decrypt ZeroTrust Gateway Settings Settings Tls Decrypt - Specify whether to inspect encrypted HTTP traffic.
- activity
Log Property Map - Specify activity log settings.
- antivirus Property Map
- Specify anti-virus settings.
- block
Page Property Map - Specify block page layout settings.
- body
Scanning Property Map - Specify the DLP inspection mode.
- browser
Isolation Property Map - Specify Clientless Browser Isolation settings.
- certificate Property Map
- Specify certificate settings for Gateway TLS interception. If unset, the Cloudflare Root CA handles interception.
- custom
Certificate Property Map - Specify custom certificate settings for BYO-PKI. This field is deprecated; use
certificateinstead. - extended
Email Property MapMatching - Specify user email settings for the firewall policies. When this is enabled, we standardize the email addresses in the identity part of the rule, so that they match the extended email variants in the firewall policies. When this setting is turned off, the email addresses in the identity part of the rule will be matched exactly as provided. If your email has
.or+modifiers, you should enable this setting. - fips Property Map
- Specify FIPS settings.
- host
Selector Property Map - Enable host selection in egress policies.
- inspection Property Map
- Define the proxy inspection mode.
- protocol
Detection Property Map - Specify whether to detect protocols from the initial bytes of client traffic.
- sandbox Property Map
- Specify whether to enable the sandbox.
- tls
Decrypt Property Map - Specify whether to inspect encrypted HTTP traffic.
ZeroTrustGatewaySettingsSettingsActivityLog, ZeroTrustGatewaySettingsSettingsActivityLogArgs
- Enabled bool
- Specify whether to log activity.
- Enabled bool
- Specify whether to log activity.
- enabled Boolean
- Specify whether to log activity.
- enabled boolean
- Specify whether to log activity.
- enabled bool
- Specify whether to log activity.
- enabled Boolean
- Specify whether to log activity.
ZeroTrustGatewaySettingsSettingsAntivirus, ZeroTrustGatewaySettingsSettingsAntivirusArgs
- Enabled
Download boolPhase - Specify whether to enable anti-virus scanning on downloads.
- Enabled
Upload boolPhase - Specify whether to enable anti-virus scanning on uploads.
- Fail
Closed bool - Specify whether to block requests for unscannable files.
- Notification
Settings ZeroTrust Gateway Settings Settings Antivirus Notification Settings - Configure the message the user's device shows during an antivirus scan.
- Enabled
Download boolPhase - Specify whether to enable anti-virus scanning on downloads.
- Enabled
Upload boolPhase - Specify whether to enable anti-virus scanning on uploads.
- Fail
Closed bool - Specify whether to block requests for unscannable files.
- Notification
Settings ZeroTrust Gateway Settings Settings Antivirus Notification Settings - Configure the message the user's device shows during an antivirus scan.
- enabled
Download BooleanPhase - Specify whether to enable anti-virus scanning on downloads.
- enabled
Upload BooleanPhase - Specify whether to enable anti-virus scanning on uploads.
- fail
Closed Boolean - Specify whether to block requests for unscannable files.
- notification
Settings ZeroTrust Gateway Settings Settings Antivirus Notification Settings - Configure the message the user's device shows during an antivirus scan.
- enabled
Download booleanPhase - Specify whether to enable anti-virus scanning on downloads.
- enabled
Upload booleanPhase - Specify whether to enable anti-virus scanning on uploads.
- fail
Closed boolean - Specify whether to block requests for unscannable files.
- notification
Settings ZeroTrust Gateway Settings Settings Antivirus Notification Settings - Configure the message the user's device shows during an antivirus scan.
- enabled_
download_ boolphase - Specify whether to enable anti-virus scanning on downloads.
- enabled_
upload_ boolphase - Specify whether to enable anti-virus scanning on uploads.
- fail_
closed bool - Specify whether to block requests for unscannable files.
- notification_
settings ZeroTrust Gateway Settings Settings Antivirus Notification Settings - Configure the message the user's device shows during an antivirus scan.
- enabled
Download BooleanPhase - Specify whether to enable anti-virus scanning on downloads.
- enabled
Upload BooleanPhase - Specify whether to enable anti-virus scanning on uploads.
- fail
Closed Boolean - Specify whether to block requests for unscannable files.
- notification
Settings Property Map - Configure the message the user's device shows during an antivirus scan.
ZeroTrustGatewaySettingsSettingsAntivirusNotificationSettings, ZeroTrustGatewaySettingsSettingsAntivirusNotificationSettingsArgs
- Enabled bool
- Specify whether to enable notifications.
- Include
Context bool - Specify whether to include context information as query parameters.
- Msg string
- Specify the message to show in the notification.
- Support
Url string - Specify a URL that directs users to more information. If unset, the notification opens a block page.
- Enabled bool
- Specify whether to enable notifications.
- Include
Context bool - Specify whether to include context information as query parameters.
- Msg string
- Specify the message to show in the notification.
- Support
Url string - Specify a URL that directs users to more information. If unset, the notification opens a block page.
- enabled Boolean
- Specify whether to enable notifications.
- include
Context Boolean - Specify whether to include context information as query parameters.
- msg String
- Specify the message to show in the notification.
- support
Url String - Specify a URL that directs users to more information. If unset, the notification opens a block page.
- enabled boolean
- Specify whether to enable notifications.
- include
Context boolean - Specify whether to include context information as query parameters.
- msg string
- Specify the message to show in the notification.
- support
Url string - Specify a URL that directs users to more information. If unset, the notification opens a block page.
- enabled bool
- Specify whether to enable notifications.
- include_
context bool - Specify whether to include context information as query parameters.
- msg str
- Specify the message to show in the notification.
- support_
url str - Specify a URL that directs users to more information. If unset, the notification opens a block page.
- enabled Boolean
- Specify whether to enable notifications.
- include
Context Boolean - Specify whether to include context information as query parameters.
- msg String
- Specify the message to show in the notification.
- support
Url String - Specify a URL that directs users to more information. If unset, the notification opens a block page.
ZeroTrustGatewaySettingsSettingsBlockPage, ZeroTrustGatewaySettingsSettingsBlockPageArgs
- Background
Color string - Specify the block page background color in
#rrggbbformat when the mode is customizedblockpage. - Enabled bool
- Specify whether to enable the custom block page.
- string
- Specify the block page footer text when the mode is customizedblockpage.
- Header
Text string - Specify the block page header text when the mode is customizedblockpage.
- Include
Context bool - Specify whether to append context to targeturi as query parameters. This applies only when the mode is redirecturi.
- Logo
Path string - Specify the full URL to the logo file when the mode is customizedblockpage.
- Mailto
Address string - Specify the admin email for users to contact when the mode is customizedblockpage.
- Mailto
Subject string - Specify the subject line for emails created from the block page when the mode is customizedblockpage.
- Mode string
- Specify whether to redirect users to a Cloudflare-hosted block page or a customer-provided URI. Available values: "", "customizedblockpage", "redirect_uri".
- Name string
- Specify the block page title when the mode is customizedblockpage.
- Read
Only bool - Indicate that this setting was shared via the Orgs API and read only for the current account.
- Source
Account string - Indicate the account tag of the account that shared this setting.
- bool
- Specify whether to suppress detailed information at the bottom of the block page when the mode is customizedblockpage.
- Target
Uri string - Specify the URI to redirect users to when the mode is redirect_uri.
- Version int
- Indicate the version number of the setting.
- Background
Color string - Specify the block page background color in
#rrggbbformat when the mode is customizedblockpage. - Enabled bool
- Specify whether to enable the custom block page.
- string
- Specify the block page footer text when the mode is customizedblockpage.
- Header
Text string - Specify the block page header text when the mode is customizedblockpage.
- Include
Context bool - Specify whether to append context to targeturi as query parameters. This applies only when the mode is redirecturi.
- Logo
Path string - Specify the full URL to the logo file when the mode is customizedblockpage.
- Mailto
Address string - Specify the admin email for users to contact when the mode is customizedblockpage.
- Mailto
Subject string - Specify the subject line for emails created from the block page when the mode is customizedblockpage.
- Mode string
- Specify whether to redirect users to a Cloudflare-hosted block page or a customer-provided URI. Available values: "", "customizedblockpage", "redirect_uri".
- Name string
- Specify the block page title when the mode is customizedblockpage.
- Read
Only bool - Indicate that this setting was shared via the Orgs API and read only for the current account.
- Source
Account string - Indicate the account tag of the account that shared this setting.
- bool
- Specify whether to suppress detailed information at the bottom of the block page when the mode is customizedblockpage.
- Target
Uri string - Specify the URI to redirect users to when the mode is redirect_uri.
- Version int
- Indicate the version number of the setting.
- background
Color String - Specify the block page background color in
#rrggbbformat when the mode is customizedblockpage. - enabled Boolean
- Specify whether to enable the custom block page.
- String
- Specify the block page footer text when the mode is customizedblockpage.
- header
Text String - Specify the block page header text when the mode is customizedblockpage.
- include
Context Boolean - Specify whether to append context to targeturi as query parameters. This applies only when the mode is redirecturi.
- logo
Path String - Specify the full URL to the logo file when the mode is customizedblockpage.
- mailto
Address String - Specify the admin email for users to contact when the mode is customizedblockpage.
- mailto
Subject String - Specify the subject line for emails created from the block page when the mode is customizedblockpage.
- mode String
- Specify whether to redirect users to a Cloudflare-hosted block page or a customer-provided URI. Available values: "", "customizedblockpage", "redirect_uri".
- name String
- Specify the block page title when the mode is customizedblockpage.
- read
Only Boolean - Indicate that this setting was shared via the Orgs API and read only for the current account.
- source
Account String - Indicate the account tag of the account that shared this setting.
- Boolean
- Specify whether to suppress detailed information at the bottom of the block page when the mode is customizedblockpage.
- target
Uri String - Specify the URI to redirect users to when the mode is redirect_uri.
- version Integer
- Indicate the version number of the setting.
- background
Color string - Specify the block page background color in
#rrggbbformat when the mode is customizedblockpage. - enabled boolean
- Specify whether to enable the custom block page.
- string
- Specify the block page footer text when the mode is customizedblockpage.
- header
Text string - Specify the block page header text when the mode is customizedblockpage.
- include
Context boolean - Specify whether to append context to targeturi as query parameters. This applies only when the mode is redirecturi.
- logo
Path string - Specify the full URL to the logo file when the mode is customizedblockpage.
- mailto
Address string - Specify the admin email for users to contact when the mode is customizedblockpage.
- mailto
Subject string - Specify the subject line for emails created from the block page when the mode is customizedblockpage.
- mode string
- Specify whether to redirect users to a Cloudflare-hosted block page or a customer-provided URI. Available values: "", "customizedblockpage", "redirect_uri".
- name string
- Specify the block page title when the mode is customizedblockpage.
- read
Only boolean - Indicate that this setting was shared via the Orgs API and read only for the current account.
- source
Account string - Indicate the account tag of the account that shared this setting.
- boolean
- Specify whether to suppress detailed information at the bottom of the block page when the mode is customizedblockpage.
- target
Uri string - Specify the URI to redirect users to when the mode is redirect_uri.
- version number
- Indicate the version number of the setting.
- background_
color str - Specify the block page background color in
#rrggbbformat when the mode is customizedblockpage. - enabled bool
- Specify whether to enable the custom block page.
- str
- Specify the block page footer text when the mode is customizedblockpage.
- header_
text str - Specify the block page header text when the mode is customizedblockpage.
- include_
context bool - Specify whether to append context to targeturi as query parameters. This applies only when the mode is redirecturi.
- logo_
path str - Specify the full URL to the logo file when the mode is customizedblockpage.
- mailto_
address str - Specify the admin email for users to contact when the mode is customizedblockpage.
- mailto_
subject str - Specify the subject line for emails created from the block page when the mode is customizedblockpage.
- mode str
- Specify whether to redirect users to a Cloudflare-hosted block page or a customer-provided URI. Available values: "", "customizedblockpage", "redirect_uri".
- name str
- Specify the block page title when the mode is customizedblockpage.
- read_
only bool - Indicate that this setting was shared via the Orgs API and read only for the current account.
- source_
account str - Indicate the account tag of the account that shared this setting.
- bool
- Specify whether to suppress detailed information at the bottom of the block page when the mode is customizedblockpage.
- target_
uri str - Specify the URI to redirect users to when the mode is redirect_uri.
- version int
- Indicate the version number of the setting.
- background
Color String - Specify the block page background color in
#rrggbbformat when the mode is customizedblockpage. - enabled Boolean
- Specify whether to enable the custom block page.
- String
- Specify the block page footer text when the mode is customizedblockpage.
- header
Text String - Specify the block page header text when the mode is customizedblockpage.
- include
Context Boolean - Specify whether to append context to targeturi as query parameters. This applies only when the mode is redirecturi.
- logo
Path String - Specify the full URL to the logo file when the mode is customizedblockpage.
- mailto
Address String - Specify the admin email for users to contact when the mode is customizedblockpage.
- mailto
Subject String - Specify the subject line for emails created from the block page when the mode is customizedblockpage.
- mode String
- Specify whether to redirect users to a Cloudflare-hosted block page or a customer-provided URI. Available values: "", "customizedblockpage", "redirect_uri".
- name String
- Specify the block page title when the mode is customizedblockpage.
- read
Only Boolean - Indicate that this setting was shared via the Orgs API and read only for the current account.
- source
Account String - Indicate the account tag of the account that shared this setting.
- Boolean
- Specify whether to suppress detailed information at the bottom of the block page when the mode is customizedblockpage.
- target
Uri String - Specify the URI to redirect users to when the mode is redirect_uri.
- version Number
- Indicate the version number of the setting.
ZeroTrustGatewaySettingsSettingsBodyScanning, ZeroTrustGatewaySettingsSettingsBodyScanningArgs
- Inspection
Mode string - Specify the inspection mode as either
deeporshallow. Available values: "deep", "shallow".
- Inspection
Mode string - Specify the inspection mode as either
deeporshallow. Available values: "deep", "shallow".
- inspection
Mode String - Specify the inspection mode as either
deeporshallow. Available values: "deep", "shallow".
- inspection
Mode string - Specify the inspection mode as either
deeporshallow. Available values: "deep", "shallow".
- inspection_
mode str - Specify the inspection mode as either
deeporshallow. Available values: "deep", "shallow".
- inspection
Mode String - Specify the inspection mode as either
deeporshallow. Available values: "deep", "shallow".
ZeroTrustGatewaySettingsSettingsBrowserIsolation, ZeroTrustGatewaySettingsSettingsBrowserIsolationArgs
- Non
Identity boolEnabled - Specify whether to enable non-identity onramp support for Browser Isolation.
- Url
Browser boolIsolation Enabled - Specify whether to enable Clientless Browser Isolation.
- Non
Identity boolEnabled - Specify whether to enable non-identity onramp support for Browser Isolation.
- Url
Browser boolIsolation Enabled - Specify whether to enable Clientless Browser Isolation.
- non
Identity BooleanEnabled - Specify whether to enable non-identity onramp support for Browser Isolation.
- url
Browser BooleanIsolation Enabled - Specify whether to enable Clientless Browser Isolation.
- non
Identity booleanEnabled - Specify whether to enable non-identity onramp support for Browser Isolation.
- url
Browser booleanIsolation Enabled - Specify whether to enable Clientless Browser Isolation.
- non_
identity_ boolenabled - Specify whether to enable non-identity onramp support for Browser Isolation.
- url_
browser_ boolisolation_ enabled - Specify whether to enable Clientless Browser Isolation.
- non
Identity BooleanEnabled - Specify whether to enable non-identity onramp support for Browser Isolation.
- url
Browser BooleanIsolation Enabled - Specify whether to enable Clientless Browser Isolation.
ZeroTrustGatewaySettingsSettingsCertificate, ZeroTrustGatewaySettingsSettingsCertificateArgs
- Id string
- Specify the UUID of the certificate used for interception. Ensure the certificate is available at the edge(previously called 'active'). A nil UUID directs Cloudflare to use the Root CA.
- Id string
- Specify the UUID of the certificate used for interception. Ensure the certificate is available at the edge(previously called 'active'). A nil UUID directs Cloudflare to use the Root CA.
- id String
- Specify the UUID of the certificate used for interception. Ensure the certificate is available at the edge(previously called 'active'). A nil UUID directs Cloudflare to use the Root CA.
- id string
- Specify the UUID of the certificate used for interception. Ensure the certificate is available at the edge(previously called 'active'). A nil UUID directs Cloudflare to use the Root CA.
- id str
- Specify the UUID of the certificate used for interception. Ensure the certificate is available at the edge(previously called 'active'). A nil UUID directs Cloudflare to use the Root CA.
- id String
- Specify the UUID of the certificate used for interception. Ensure the certificate is available at the edge(previously called 'active'). A nil UUID directs Cloudflare to use the Root CA.
ZeroTrustGatewaySettingsSettingsCustomCertificate, ZeroTrustGatewaySettingsSettingsCustomCertificateArgs
- Enabled bool
- Specify whether to enable a custom certificate authority for signing Gateway traffic.
- Binding
Status string - Indicate the internal certificate status.
- Id string
- Specify the UUID of the certificate (ID from MTLS certificate store).
- Updated
At string
- Enabled bool
- Specify whether to enable a custom certificate authority for signing Gateway traffic.
- Binding
Status string - Indicate the internal certificate status.
- Id string
- Specify the UUID of the certificate (ID from MTLS certificate store).
- Updated
At string
- enabled Boolean
- Specify whether to enable a custom certificate authority for signing Gateway traffic.
- binding
Status String - Indicate the internal certificate status.
- id String
- Specify the UUID of the certificate (ID from MTLS certificate store).
- updated
At String
- enabled boolean
- Specify whether to enable a custom certificate authority for signing Gateway traffic.
- binding
Status string - Indicate the internal certificate status.
- id string
- Specify the UUID of the certificate (ID from MTLS certificate store).
- updated
At string
- enabled bool
- Specify whether to enable a custom certificate authority for signing Gateway traffic.
- binding_
status str - Indicate the internal certificate status.
- id str
- Specify the UUID of the certificate (ID from MTLS certificate store).
- updated_
at str
- enabled Boolean
- Specify whether to enable a custom certificate authority for signing Gateway traffic.
- binding
Status String - Indicate the internal certificate status.
- id String
- Specify the UUID of the certificate (ID from MTLS certificate store).
- updated
At String
ZeroTrustGatewaySettingsSettingsExtendedEmailMatching, ZeroTrustGatewaySettingsSettingsExtendedEmailMatchingArgs
- Enabled bool
- Specify whether to match all variants of user emails (with + or . modifiers) used as criteria in Firewall policies.
- Read
Only bool - Indicate that this setting was shared via the Orgs API and read only for the current account.
- Source
Account string - Indicate the account tag of the account that shared this setting.
- Version int
- Indicate the version number of the setting.
- Enabled bool
- Specify whether to match all variants of user emails (with + or . modifiers) used as criteria in Firewall policies.
- Read
Only bool - Indicate that this setting was shared via the Orgs API and read only for the current account.
- Source
Account string - Indicate the account tag of the account that shared this setting.
- Version int
- Indicate the version number of the setting.
- enabled Boolean
- Specify whether to match all variants of user emails (with + or . modifiers) used as criteria in Firewall policies.
- read
Only Boolean - Indicate that this setting was shared via the Orgs API and read only for the current account.
- source
Account String - Indicate the account tag of the account that shared this setting.
- version Integer
- Indicate the version number of the setting.
- enabled boolean
- Specify whether to match all variants of user emails (with + or . modifiers) used as criteria in Firewall policies.
- read
Only boolean - Indicate that this setting was shared via the Orgs API and read only for the current account.
- source
Account string - Indicate the account tag of the account that shared this setting.
- version number
- Indicate the version number of the setting.
- enabled bool
- Specify whether to match all variants of user emails (with + or . modifiers) used as criteria in Firewall policies.
- read_
only bool - Indicate that this setting was shared via the Orgs API and read only for the current account.
- source_
account str - Indicate the account tag of the account that shared this setting.
- version int
- Indicate the version number of the setting.
- enabled Boolean
- Specify whether to match all variants of user emails (with + or . modifiers) used as criteria in Firewall policies.
- read
Only Boolean - Indicate that this setting was shared via the Orgs API and read only for the current account.
- source
Account String - Indicate the account tag of the account that shared this setting.
- version Number
- Indicate the version number of the setting.
ZeroTrustGatewaySettingsSettingsFips, ZeroTrustGatewaySettingsSettingsFipsArgs
- Tls bool
- Enforce cipher suites and TLS versions compliant with FIPS 140-2.
- Tls bool
- Enforce cipher suites and TLS versions compliant with FIPS 140-2.
- tls Boolean
- Enforce cipher suites and TLS versions compliant with FIPS 140-2.
- tls boolean
- Enforce cipher suites and TLS versions compliant with FIPS 140-2.
- tls bool
- Enforce cipher suites and TLS versions compliant with FIPS 140-2.
- tls Boolean
- Enforce cipher suites and TLS versions compliant with FIPS 140-2.
ZeroTrustGatewaySettingsSettingsHostSelector, ZeroTrustGatewaySettingsSettingsHostSelectorArgs
- Enabled bool
- Specify whether to enable filtering via hosts for egress policies.
- Enabled bool
- Specify whether to enable filtering via hosts for egress policies.
- enabled Boolean
- Specify whether to enable filtering via hosts for egress policies.
- enabled boolean
- Specify whether to enable filtering via hosts for egress policies.
- enabled bool
- Specify whether to enable filtering via hosts for egress policies.
- enabled Boolean
- Specify whether to enable filtering via hosts for egress policies.
ZeroTrustGatewaySettingsSettingsInspection, ZeroTrustGatewaySettingsSettingsInspectionArgs
- Mode string
- Define the proxy inspection mode. 1. static: Gateway applies static inspection to HTTP on TCP(80). With TLS decryption on, Gateway inspects HTTPS traffic on TCP(443) and UDP(443). 2. dynamic: Gateway applies protocol detection to inspect HTTP and HTTPS traffic on any port. TLS decryption must remain on to inspect HTTPS traffic. Available values: "static", "dynamic".
- Mode string
- Define the proxy inspection mode. 1. static: Gateway applies static inspection to HTTP on TCP(80). With TLS decryption on, Gateway inspects HTTPS traffic on TCP(443) and UDP(443). 2. dynamic: Gateway applies protocol detection to inspect HTTP and HTTPS traffic on any port. TLS decryption must remain on to inspect HTTPS traffic. Available values: "static", "dynamic".
- mode String
- Define the proxy inspection mode. 1. static: Gateway applies static inspection to HTTP on TCP(80). With TLS decryption on, Gateway inspects HTTPS traffic on TCP(443) and UDP(443). 2. dynamic: Gateway applies protocol detection to inspect HTTP and HTTPS traffic on any port. TLS decryption must remain on to inspect HTTPS traffic. Available values: "static", "dynamic".
- mode string
- Define the proxy inspection mode. 1. static: Gateway applies static inspection to HTTP on TCP(80). With TLS decryption on, Gateway inspects HTTPS traffic on TCP(443) and UDP(443). 2. dynamic: Gateway applies protocol detection to inspect HTTP and HTTPS traffic on any port. TLS decryption must remain on to inspect HTTPS traffic. Available values: "static", "dynamic".
- mode str
- Define the proxy inspection mode. 1. static: Gateway applies static inspection to HTTP on TCP(80). With TLS decryption on, Gateway inspects HTTPS traffic on TCP(443) and UDP(443). 2. dynamic: Gateway applies protocol detection to inspect HTTP and HTTPS traffic on any port. TLS decryption must remain on to inspect HTTPS traffic. Available values: "static", "dynamic".
- mode String
- Define the proxy inspection mode. 1. static: Gateway applies static inspection to HTTP on TCP(80). With TLS decryption on, Gateway inspects HTTPS traffic on TCP(443) and UDP(443). 2. dynamic: Gateway applies protocol detection to inspect HTTP and HTTPS traffic on any port. TLS decryption must remain on to inspect HTTPS traffic. Available values: "static", "dynamic".
ZeroTrustGatewaySettingsSettingsProtocolDetection, ZeroTrustGatewaySettingsSettingsProtocolDetectionArgs
- Enabled bool
- Specify whether to detect protocols from the initial bytes of client traffic.
- Enabled bool
- Specify whether to detect protocols from the initial bytes of client traffic.
- enabled Boolean
- Specify whether to detect protocols from the initial bytes of client traffic.
- enabled boolean
- Specify whether to detect protocols from the initial bytes of client traffic.
- enabled bool
- Specify whether to detect protocols from the initial bytes of client traffic.
- enabled Boolean
- Specify whether to detect protocols from the initial bytes of client traffic.
ZeroTrustGatewaySettingsSettingsSandbox, ZeroTrustGatewaySettingsSettingsSandboxArgs
- Enabled bool
- Specify whether to enable the sandbox.
- Fallback
Action string - Specify the action to take when the system cannot scan the file. Available values: "allow", "block".
- Enabled bool
- Specify whether to enable the sandbox.
- Fallback
Action string - Specify the action to take when the system cannot scan the file. Available values: "allow", "block".
- enabled Boolean
- Specify whether to enable the sandbox.
- fallback
Action String - Specify the action to take when the system cannot scan the file. Available values: "allow", "block".
- enabled boolean
- Specify whether to enable the sandbox.
- fallback
Action string - Specify the action to take when the system cannot scan the file. Available values: "allow", "block".
- enabled bool
- Specify whether to enable the sandbox.
- fallback_
action str - Specify the action to take when the system cannot scan the file. Available values: "allow", "block".
- enabled Boolean
- Specify whether to enable the sandbox.
- fallback
Action String - Specify the action to take when the system cannot scan the file. Available values: "allow", "block".
ZeroTrustGatewaySettingsSettingsTlsDecrypt, ZeroTrustGatewaySettingsSettingsTlsDecryptArgs
- Enabled bool
- Specify whether to inspect encrypted HTTP traffic.
- Enabled bool
- Specify whether to inspect encrypted HTTP traffic.
- enabled Boolean
- Specify whether to inspect encrypted HTTP traffic.
- enabled boolean
- Specify whether to inspect encrypted HTTP traffic.
- enabled bool
- Specify whether to inspect encrypted HTTP traffic.
- enabled Boolean
- Specify whether to inspect encrypted HTTP traffic.
Import
$ pulumi import cloudflare:index/zeroTrustGatewaySettings:ZeroTrustGatewaySettings example '<account_id>'
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Cloudflare pulumi/pulumi-cloudflare
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
cloudflareTerraform Provider.
