1. Packages
  2. Cloudflare
  3. API Docs
  4. ZoneLockdown
Cloudflare v5.34.0 published on Friday, Jul 12, 2024 by Pulumi

cloudflare.ZoneLockdown

Explore with Pulumi AI

cloudflare logo
Cloudflare v5.34.0 published on Friday, Jul 12, 2024 by Pulumi

    Provides a Cloudflare Zone Lockdown resource. Zone Lockdown allows you to define one or more URLs (with wildcard matching on the domain or path) that will only permit access if the request originates from an IP address that matches a safelist of one or more IP addresses and/or IP ranges.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as cloudflare from "@pulumi/cloudflare";
    
    // Restrict access to these endpoints to requests from a known IP address range.
    const example = new cloudflare.ZoneLockdown("example", {
        zoneId: "0da42c8d2132a9ddaf714f9e7c920711",
        paused: false,
        description: "Restrict access to these endpoints to requests from a known IP address range",
        urls: ["api.mysite.com/some/endpoint*"],
        configurations: [{
            target: "ip_range",
            value: "192.0.2.0/24",
        }],
    });
    
    import pulumi
    import pulumi_cloudflare as cloudflare
    
    # Restrict access to these endpoints to requests from a known IP address range.
    example = cloudflare.ZoneLockdown("example",
        zone_id="0da42c8d2132a9ddaf714f9e7c920711",
        paused=False,
        description="Restrict access to these endpoints to requests from a known IP address range",
        urls=["api.mysite.com/some/endpoint*"],
        configurations=[cloudflare.ZoneLockdownConfigurationArgs(
            target="ip_range",
            value="192.0.2.0/24",
        )])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-cloudflare/sdk/v5/go/cloudflare"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		// Restrict access to these endpoints to requests from a known IP address range.
    		_, err := cloudflare.NewZoneLockdown(ctx, "example", &cloudflare.ZoneLockdownArgs{
    			ZoneId:      pulumi.String("0da42c8d2132a9ddaf714f9e7c920711"),
    			Paused:      pulumi.Bool(false),
    			Description: pulumi.String("Restrict access to these endpoints to requests from a known IP address range"),
    			Urls: pulumi.StringArray{
    				pulumi.String("api.mysite.com/some/endpoint*"),
    			},
    			Configurations: cloudflare.ZoneLockdownConfigurationArray{
    				&cloudflare.ZoneLockdownConfigurationArgs{
    					Target: pulumi.String("ip_range"),
    					Value:  pulumi.String("192.0.2.0/24"),
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Cloudflare = Pulumi.Cloudflare;
    
    return await Deployment.RunAsync(() => 
    {
        // Restrict access to these endpoints to requests from a known IP address range.
        var example = new Cloudflare.ZoneLockdown("example", new()
        {
            ZoneId = "0da42c8d2132a9ddaf714f9e7c920711",
            Paused = false,
            Description = "Restrict access to these endpoints to requests from a known IP address range",
            Urls = new[]
            {
                "api.mysite.com/some/endpoint*",
            },
            Configurations = new[]
            {
                new Cloudflare.Inputs.ZoneLockdownConfigurationArgs
                {
                    Target = "ip_range",
                    Value = "192.0.2.0/24",
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.cloudflare.ZoneLockdown;
    import com.pulumi.cloudflare.ZoneLockdownArgs;
    import com.pulumi.cloudflare.inputs.ZoneLockdownConfigurationArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            // Restrict access to these endpoints to requests from a known IP address range.
            var example = new ZoneLockdown("example", ZoneLockdownArgs.builder()
                .zoneId("0da42c8d2132a9ddaf714f9e7c920711")
                .paused("false")
                .description("Restrict access to these endpoints to requests from a known IP address range")
                .urls("api.mysite.com/some/endpoint*")
                .configurations(ZoneLockdownConfigurationArgs.builder()
                    .target("ip_range")
                    .value("192.0.2.0/24")
                    .build())
                .build());
    
        }
    }
    
    resources:
      # Restrict access to these endpoints to requests from a known IP address range.
      example:
        type: cloudflare:ZoneLockdown
        properties:
          zoneId: 0da42c8d2132a9ddaf714f9e7c920711
          paused: 'false'
          description: Restrict access to these endpoints to requests from a known IP address range
          urls:
            - api.mysite.com/some/endpoint*
          configurations:
            - target: ip_range
              value: 192.0.2.0/24
    

    Create ZoneLockdown Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new ZoneLockdown(name: string, args: ZoneLockdownArgs, opts?: CustomResourceOptions);
    @overload
    def ZoneLockdown(resource_name: str,
                     args: ZoneLockdownArgs,
                     opts: Optional[ResourceOptions] = None)
    
    @overload
    def ZoneLockdown(resource_name: str,
                     opts: Optional[ResourceOptions] = None,
                     configurations: Optional[Sequence[ZoneLockdownConfigurationArgs]] = None,
                     urls: Optional[Sequence[str]] = None,
                     zone_id: Optional[str] = None,
                     description: Optional[str] = None,
                     paused: Optional[bool] = None,
                     priority: Optional[int] = None)
    func NewZoneLockdown(ctx *Context, name string, args ZoneLockdownArgs, opts ...ResourceOption) (*ZoneLockdown, error)
    public ZoneLockdown(string name, ZoneLockdownArgs args, CustomResourceOptions? opts = null)
    public ZoneLockdown(String name, ZoneLockdownArgs args)
    public ZoneLockdown(String name, ZoneLockdownArgs args, CustomResourceOptions options)
    
    type: cloudflare:ZoneLockdown
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args ZoneLockdownArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args ZoneLockdownArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args ZoneLockdownArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args ZoneLockdownArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args ZoneLockdownArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var zoneLockdownResource = new Cloudflare.ZoneLockdown("zoneLockdownResource", new()
    {
        Configurations = new[]
        {
            new Cloudflare.Inputs.ZoneLockdownConfigurationArgs
            {
                Target = "string",
                Value = "string",
            },
        },
        Urls = new[]
        {
            "string",
        },
        ZoneId = "string",
        Description = "string",
        Paused = false,
        Priority = 0,
    });
    
    example, err := cloudflare.NewZoneLockdown(ctx, "zoneLockdownResource", &cloudflare.ZoneLockdownArgs{
    	Configurations: cloudflare.ZoneLockdownConfigurationArray{
    		&cloudflare.ZoneLockdownConfigurationArgs{
    			Target: pulumi.String("string"),
    			Value:  pulumi.String("string"),
    		},
    	},
    	Urls: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	ZoneId:      pulumi.String("string"),
    	Description: pulumi.String("string"),
    	Paused:      pulumi.Bool(false),
    	Priority:    pulumi.Int(0),
    })
    
    var zoneLockdownResource = new ZoneLockdown("zoneLockdownResource", ZoneLockdownArgs.builder()
        .configurations(ZoneLockdownConfigurationArgs.builder()
            .target("string")
            .value("string")
            .build())
        .urls("string")
        .zoneId("string")
        .description("string")
        .paused(false)
        .priority(0)
        .build());
    
    zone_lockdown_resource = cloudflare.ZoneLockdown("zoneLockdownResource",
        configurations=[cloudflare.ZoneLockdownConfigurationArgs(
            target="string",
            value="string",
        )],
        urls=["string"],
        zone_id="string",
        description="string",
        paused=False,
        priority=0)
    
    const zoneLockdownResource = new cloudflare.ZoneLockdown("zoneLockdownResource", {
        configurations: [{
            target: "string",
            value: "string",
        }],
        urls: ["string"],
        zoneId: "string",
        description: "string",
        paused: false,
        priority: 0,
    });
    
    type: cloudflare:ZoneLockdown
    properties:
        configurations:
            - target: string
              value: string
        description: string
        paused: false
        priority: 0
        urls:
            - string
        zoneId: string
    

    ZoneLockdown Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The ZoneLockdown resource accepts the following input properties:

    Configurations List<ZoneLockdownConfiguration>
    A list of IP addresses or IP ranges to match the request against specified in target, value pairs.
    Urls List<string>
    A list of simple wildcard patterns to match requests against. The order of the urls is unimportant.
    ZoneId string
    The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
    Description string
    A description about the lockdown entry. Typically used as a reminder or explanation for the lockdown.
    Paused bool
    Boolean of whether this zone lockdown is currently paused. Defaults to false.
    Priority int
    Configurations []ZoneLockdownConfigurationArgs
    A list of IP addresses or IP ranges to match the request against specified in target, value pairs.
    Urls []string
    A list of simple wildcard patterns to match requests against. The order of the urls is unimportant.
    ZoneId string
    The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
    Description string
    A description about the lockdown entry. Typically used as a reminder or explanation for the lockdown.
    Paused bool
    Boolean of whether this zone lockdown is currently paused. Defaults to false.
    Priority int
    configurations List<ZoneLockdownConfiguration>
    A list of IP addresses or IP ranges to match the request against specified in target, value pairs.
    urls List<String>
    A list of simple wildcard patterns to match requests against. The order of the urls is unimportant.
    zoneId String
    The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
    description String
    A description about the lockdown entry. Typically used as a reminder or explanation for the lockdown.
    paused Boolean
    Boolean of whether this zone lockdown is currently paused. Defaults to false.
    priority Integer
    configurations ZoneLockdownConfiguration[]
    A list of IP addresses or IP ranges to match the request against specified in target, value pairs.
    urls string[]
    A list of simple wildcard patterns to match requests against. The order of the urls is unimportant.
    zoneId string
    The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
    description string
    A description about the lockdown entry. Typically used as a reminder or explanation for the lockdown.
    paused boolean
    Boolean of whether this zone lockdown is currently paused. Defaults to false.
    priority number
    configurations Sequence[ZoneLockdownConfigurationArgs]
    A list of IP addresses or IP ranges to match the request against specified in target, value pairs.
    urls Sequence[str]
    A list of simple wildcard patterns to match requests against. The order of the urls is unimportant.
    zone_id str
    The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
    description str
    A description about the lockdown entry. Typically used as a reminder or explanation for the lockdown.
    paused bool
    Boolean of whether this zone lockdown is currently paused. Defaults to false.
    priority int
    configurations List<Property Map>
    A list of IP addresses or IP ranges to match the request against specified in target, value pairs.
    urls List<String>
    A list of simple wildcard patterns to match requests against. The order of the urls is unimportant.
    zoneId String
    The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
    description String
    A description about the lockdown entry. Typically used as a reminder or explanation for the lockdown.
    paused Boolean
    Boolean of whether this zone lockdown is currently paused. Defaults to false.
    priority Number

    Outputs

    All input properties are implicitly available as output properties. Additionally, the ZoneLockdown resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing ZoneLockdown Resource

    Get an existing ZoneLockdown resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: ZoneLockdownState, opts?: CustomResourceOptions): ZoneLockdown
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            configurations: Optional[Sequence[ZoneLockdownConfigurationArgs]] = None,
            description: Optional[str] = None,
            paused: Optional[bool] = None,
            priority: Optional[int] = None,
            urls: Optional[Sequence[str]] = None,
            zone_id: Optional[str] = None) -> ZoneLockdown
    func GetZoneLockdown(ctx *Context, name string, id IDInput, state *ZoneLockdownState, opts ...ResourceOption) (*ZoneLockdown, error)
    public static ZoneLockdown Get(string name, Input<string> id, ZoneLockdownState? state, CustomResourceOptions? opts = null)
    public static ZoneLockdown get(String name, Output<String> id, ZoneLockdownState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Configurations List<ZoneLockdownConfiguration>
    A list of IP addresses or IP ranges to match the request against specified in target, value pairs.
    Description string
    A description about the lockdown entry. Typically used as a reminder or explanation for the lockdown.
    Paused bool
    Boolean of whether this zone lockdown is currently paused. Defaults to false.
    Priority int
    Urls List<string>
    A list of simple wildcard patterns to match requests against. The order of the urls is unimportant.
    ZoneId string
    The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
    Configurations []ZoneLockdownConfigurationArgs
    A list of IP addresses or IP ranges to match the request against specified in target, value pairs.
    Description string
    A description about the lockdown entry. Typically used as a reminder or explanation for the lockdown.
    Paused bool
    Boolean of whether this zone lockdown is currently paused. Defaults to false.
    Priority int
    Urls []string
    A list of simple wildcard patterns to match requests against. The order of the urls is unimportant.
    ZoneId string
    The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
    configurations List<ZoneLockdownConfiguration>
    A list of IP addresses or IP ranges to match the request against specified in target, value pairs.
    description String
    A description about the lockdown entry. Typically used as a reminder or explanation for the lockdown.
    paused Boolean
    Boolean of whether this zone lockdown is currently paused. Defaults to false.
    priority Integer
    urls List<String>
    A list of simple wildcard patterns to match requests against. The order of the urls is unimportant.
    zoneId String
    The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
    configurations ZoneLockdownConfiguration[]
    A list of IP addresses or IP ranges to match the request against specified in target, value pairs.
    description string
    A description about the lockdown entry. Typically used as a reminder or explanation for the lockdown.
    paused boolean
    Boolean of whether this zone lockdown is currently paused. Defaults to false.
    priority number
    urls string[]
    A list of simple wildcard patterns to match requests against. The order of the urls is unimportant.
    zoneId string
    The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
    configurations Sequence[ZoneLockdownConfigurationArgs]
    A list of IP addresses or IP ranges to match the request against specified in target, value pairs.
    description str
    A description about the lockdown entry. Typically used as a reminder or explanation for the lockdown.
    paused bool
    Boolean of whether this zone lockdown is currently paused. Defaults to false.
    priority int
    urls Sequence[str]
    A list of simple wildcard patterns to match requests against. The order of the urls is unimportant.
    zone_id str
    The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.
    configurations List<Property Map>
    A list of IP addresses or IP ranges to match the request against specified in target, value pairs.
    description String
    A description about the lockdown entry. Typically used as a reminder or explanation for the lockdown.
    paused Boolean
    Boolean of whether this zone lockdown is currently paused. Defaults to false.
    priority Number
    urls List<String>
    A list of simple wildcard patterns to match requests against. The order of the urls is unimportant.
    zoneId String
    The zone identifier to target for the resource. Modifying this attribute will force creation of a new resource.

    Supporting Types

    ZoneLockdownConfiguration, ZoneLockdownConfigurationArgs

    Target string
    The request property to target. Available values: ip, ip_range.
    Value string
    The value to target. Depends on target's type. IP addresses should just be standard IPv4/IPv6 notation i.e. 192.0.2.1 or 2001:db8::/32 and IP ranges in CIDR format i.e. 192.0.2.0/24.
    Target string
    The request property to target. Available values: ip, ip_range.
    Value string
    The value to target. Depends on target's type. IP addresses should just be standard IPv4/IPv6 notation i.e. 192.0.2.1 or 2001:db8::/32 and IP ranges in CIDR format i.e. 192.0.2.0/24.
    target String
    The request property to target. Available values: ip, ip_range.
    value String
    The value to target. Depends on target's type. IP addresses should just be standard IPv4/IPv6 notation i.e. 192.0.2.1 or 2001:db8::/32 and IP ranges in CIDR format i.e. 192.0.2.0/24.
    target string
    The request property to target. Available values: ip, ip_range.
    value string
    The value to target. Depends on target's type. IP addresses should just be standard IPv4/IPv6 notation i.e. 192.0.2.1 or 2001:db8::/32 and IP ranges in CIDR format i.e. 192.0.2.0/24.
    target str
    The request property to target. Available values: ip, ip_range.
    value str
    The value to target. Depends on target's type. IP addresses should just be standard IPv4/IPv6 notation i.e. 192.0.2.1 or 2001:db8::/32 and IP ranges in CIDR format i.e. 192.0.2.0/24.
    target String
    The request property to target. Available values: ip, ip_range.
    value String
    The value to target. Depends on target's type. IP addresses should just be standard IPv4/IPv6 notation i.e. 192.0.2.1 or 2001:db8::/32 and IP ranges in CIDR format i.e. 192.0.2.0/24.

    Import

    $ pulumi import cloudflare:index/zoneLockdown:ZoneLockdown example <zone_id>/<lockdown_id>
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Cloudflare pulumi/pulumi-cloudflare
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the cloudflare Terraform Provider.
    cloudflare logo
    Cloudflare v5.34.0 published on Friday, Jul 12, 2024 by Pulumi