cloudflare.ZoneLockdown
Provides a Cloudflare Zone Lockdown resource. Zone Lockdown allows you to define one or more URLs (with wildcard matching on the domain or path) that will only permit access if the request originates from an IP address that matches a safelist of one or more IP addresses and/or IP ranges.
Example Usage
using System.Collections.Generic;
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;
return await Deployment.RunAsync(() =>
{
// Restrict access to these endpoints to requests from a known IP address range.
var example = new Cloudflare.ZoneLockdown("example", new()
{
Configurations = new[]
{
new Cloudflare.Inputs.ZoneLockdownConfigurationArgs
{
Target = "ip_range",
Value = "192.0.2.0/24",
},
},
Description = "Restrict access to these endpoints to requests from a known IP address range",
Paused = false,
Urls = new[]
{
"api.mysite.com/some/endpoint*",
},
ZoneId = "0da42c8d2132a9ddaf714f9e7c920711",
});
});
package main
import (
"github.com/pulumi/pulumi-cloudflare/sdk/v5/go/cloudflare"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cloudflare.NewZoneLockdown(ctx, "example", &cloudflare.ZoneLockdownArgs{
Configurations: cloudflare.ZoneLockdownConfigurationArray{
&cloudflare.ZoneLockdownConfigurationArgs{
Target: pulumi.String("ip_range"),
Value: pulumi.String("192.0.2.0/24"),
},
},
Description: pulumi.String("Restrict access to these endpoints to requests from a known IP address range"),
Paused: pulumi.Bool(false),
Urls: pulumi.StringArray{
pulumi.String("api.mysite.com/some/endpoint*"),
},
ZoneId: pulumi.String("0da42c8d2132a9ddaf714f9e7c920711"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudflare.ZoneLockdown;
import com.pulumi.cloudflare.ZoneLockdownArgs;
import com.pulumi.cloudflare.inputs.ZoneLockdownConfigurationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ZoneLockdown("example", ZoneLockdownArgs.builder()
.configurations(ZoneLockdownConfigurationArgs.builder()
.target("ip_range")
.value("192.0.2.0/24")
.build())
.description("Restrict access to these endpoints to requests from a known IP address range")
.paused("false")
.urls("api.mysite.com/some/endpoint*")
.zoneId("0da42c8d2132a9ddaf714f9e7c920711")
.build());
}
}
import pulumi
import pulumi_cloudflare as cloudflare
# Restrict access to these endpoints to requests from a known IP address range.
example = cloudflare.ZoneLockdown("example",
configurations=[cloudflare.ZoneLockdownConfigurationArgs(
target="ip_range",
value="192.0.2.0/24",
)],
description="Restrict access to these endpoints to requests from a known IP address range",
paused=False,
urls=["api.mysite.com/some/endpoint*"],
zone_id="0da42c8d2132a9ddaf714f9e7c920711")
import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";
// Restrict access to these endpoints to requests from a known IP address range.
const example = new cloudflare.ZoneLockdown("example", {
configurations: [{
target: "ip_range",
value: "192.0.2.0/24",
}],
description: "Restrict access to these endpoints to requests from a known IP address range",
paused: false,
urls: ["api.mysite.com/some/endpoint*"],
zoneId: "0da42c8d2132a9ddaf714f9e7c920711",
});
resources:
# Restrict access to these endpoints to requests from a known IP address range.
example:
type: cloudflare:ZoneLockdown
properties:
configurations:
- target: ip_range
value: 192.0.2.0/24
description: Restrict access to these endpoints to requests from a known IP address range
paused: 'false'
urls:
- api.mysite.com/some/endpoint*
zoneId: 0da42c8d2132a9ddaf714f9e7c920711
Create ZoneLockdown Resource
new ZoneLockdown(name: string, args: ZoneLockdownArgs, opts?: CustomResourceOptions);@overload
def ZoneLockdown(resource_name: str,
opts: Optional[ResourceOptions] = None,
configurations: Optional[Sequence[ZoneLockdownConfigurationArgs]] = None,
description: Optional[str] = None,
paused: Optional[bool] = None,
priority: Optional[int] = None,
urls: Optional[Sequence[str]] = None,
zone_id: Optional[str] = None)
@overload
def ZoneLockdown(resource_name: str,
args: ZoneLockdownArgs,
opts: Optional[ResourceOptions] = None)func NewZoneLockdown(ctx *Context, name string, args ZoneLockdownArgs, opts ...ResourceOption) (*ZoneLockdown, error)public ZoneLockdown(string name, ZoneLockdownArgs args, CustomResourceOptions? opts = null)
public ZoneLockdown(String name, ZoneLockdownArgs args)
public ZoneLockdown(String name, ZoneLockdownArgs args, CustomResourceOptions options)
type: cloudflare:ZoneLockdown
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ZoneLockdownArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ZoneLockdownArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ZoneLockdownArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ZoneLockdownArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ZoneLockdownArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
ZoneLockdown Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The ZoneLockdown resource accepts the following input properties:
- Configurations
List<Zone
Lockdown Configuration Args> A list of IP addresses or IP ranges to match the request against specified in target, value pairs.
- Urls List<string>
A list of simple wildcard patterns to match requests against. The order of the urls is unimportant.
- Zone
Id string The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
- Description string
A description about the lockdown entry. Typically used as a reminder or explanation for the lockdown.
- Paused bool
Boolean of whether this zone lockdown is currently paused. Defaults to
false.- Priority int
- Configurations
[]Zone
Lockdown Configuration Args A list of IP addresses or IP ranges to match the request against specified in target, value pairs.
- Urls []string
A list of simple wildcard patterns to match requests against. The order of the urls is unimportant.
- Zone
Id string The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
- Description string
A description about the lockdown entry. Typically used as a reminder or explanation for the lockdown.
- Paused bool
Boolean of whether this zone lockdown is currently paused. Defaults to
false.- Priority int
- configurations
List<Zone
Lockdown Configuration Args> A list of IP addresses or IP ranges to match the request against specified in target, value pairs.
- urls List<String>
A list of simple wildcard patterns to match requests against. The order of the urls is unimportant.
- zone
Id String The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
- description String
A description about the lockdown entry. Typically used as a reminder or explanation for the lockdown.
- paused Boolean
Boolean of whether this zone lockdown is currently paused. Defaults to
false.- priority Integer
- configurations
Zone
Lockdown Configuration Args[] A list of IP addresses or IP ranges to match the request against specified in target, value pairs.
- urls string[]
A list of simple wildcard patterns to match requests against. The order of the urls is unimportant.
- zone
Id string The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
- description string
A description about the lockdown entry. Typically used as a reminder or explanation for the lockdown.
- paused boolean
Boolean of whether this zone lockdown is currently paused. Defaults to
false.- priority number
- configurations
Sequence[Zone
Lockdown Configuration Args] A list of IP addresses or IP ranges to match the request against specified in target, value pairs.
- urls Sequence[str]
A list of simple wildcard patterns to match requests against. The order of the urls is unimportant.
- zone_
id str The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
- description str
A description about the lockdown entry. Typically used as a reminder or explanation for the lockdown.
- paused bool
Boolean of whether this zone lockdown is currently paused. Defaults to
false.- priority int
- configurations List<Property Map>
A list of IP addresses or IP ranges to match the request against specified in target, value pairs.
- urls List<String>
A list of simple wildcard patterns to match requests against. The order of the urls is unimportant.
- zone
Id String The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
- description String
A description about the lockdown entry. Typically used as a reminder or explanation for the lockdown.
- paused Boolean
Boolean of whether this zone lockdown is currently paused. Defaults to
false.- priority Number
Outputs
All input properties are implicitly available as output properties. Additionally, the ZoneLockdown resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Id string
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
- id string
The provider-assigned unique ID for this managed resource.
- id str
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
Look up Existing ZoneLockdown Resource
Get an existing ZoneLockdown resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ZoneLockdownState, opts?: CustomResourceOptions): ZoneLockdown@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
configurations: Optional[Sequence[ZoneLockdownConfigurationArgs]] = None,
description: Optional[str] = None,
paused: Optional[bool] = None,
priority: Optional[int] = None,
urls: Optional[Sequence[str]] = None,
zone_id: Optional[str] = None) -> ZoneLockdownfunc GetZoneLockdown(ctx *Context, name string, id IDInput, state *ZoneLockdownState, opts ...ResourceOption) (*ZoneLockdown, error)public static ZoneLockdown Get(string name, Input<string> id, ZoneLockdownState? state, CustomResourceOptions? opts = null)public static ZoneLockdown get(String name, Output<String> id, ZoneLockdownState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Configurations
List<Zone
Lockdown Configuration Args> A list of IP addresses or IP ranges to match the request against specified in target, value pairs.
- Description string
A description about the lockdown entry. Typically used as a reminder or explanation for the lockdown.
- Paused bool
Boolean of whether this zone lockdown is currently paused. Defaults to
false.- Priority int
- Urls List<string>
A list of simple wildcard patterns to match requests against. The order of the urls is unimportant.
- Zone
Id string The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
- Configurations
[]Zone
Lockdown Configuration Args A list of IP addresses or IP ranges to match the request against specified in target, value pairs.
- Description string
A description about the lockdown entry. Typically used as a reminder or explanation for the lockdown.
- Paused bool
Boolean of whether this zone lockdown is currently paused. Defaults to
false.- Priority int
- Urls []string
A list of simple wildcard patterns to match requests against. The order of the urls is unimportant.
- Zone
Id string The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
- configurations
List<Zone
Lockdown Configuration Args> A list of IP addresses or IP ranges to match the request against specified in target, value pairs.
- description String
A description about the lockdown entry. Typically used as a reminder or explanation for the lockdown.
- paused Boolean
Boolean of whether this zone lockdown is currently paused. Defaults to
false.- priority Integer
- urls List<String>
A list of simple wildcard patterns to match requests against. The order of the urls is unimportant.
- zone
Id String The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
- configurations
Zone
Lockdown Configuration Args[] A list of IP addresses or IP ranges to match the request against specified in target, value pairs.
- description string
A description about the lockdown entry. Typically used as a reminder or explanation for the lockdown.
- paused boolean
Boolean of whether this zone lockdown is currently paused. Defaults to
false.- priority number
- urls string[]
A list of simple wildcard patterns to match requests against. The order of the urls is unimportant.
- zone
Id string The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
- configurations
Sequence[Zone
Lockdown Configuration Args] A list of IP addresses or IP ranges to match the request against specified in target, value pairs.
- description str
A description about the lockdown entry. Typically used as a reminder or explanation for the lockdown.
- paused bool
Boolean of whether this zone lockdown is currently paused. Defaults to
false.- priority int
- urls Sequence[str]
A list of simple wildcard patterns to match requests against. The order of the urls is unimportant.
- zone_
id str The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
- configurations List<Property Map>
A list of IP addresses or IP ranges to match the request against specified in target, value pairs.
- description String
A description about the lockdown entry. Typically used as a reminder or explanation for the lockdown.
- paused Boolean
Boolean of whether this zone lockdown is currently paused. Defaults to
false.- priority Number
- urls List<String>
A list of simple wildcard patterns to match requests against. The order of the urls is unimportant.
- zone
Id String The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
Supporting Types
ZoneLockdownConfiguration
Import
$ pulumi import cloudflare:index/zoneLockdown:ZoneLockdown example <zone_id>/<lockdown_id>
Package Details
- Repository
- Cloudflare pulumi/pulumi-cloudflare
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
cloudflareTerraform Provider.