Viewing docs for Cloudflare v6.15.0
published on Saturday, May 2, 2026 by Pulumi
published on Saturday, May 2, 2026 by Pulumi
Viewing docs for Cloudflare v6.15.0
published on Saturday, May 2, 2026 by Pulumi
published on Saturday, May 2, 2026 by Pulumi
Accepted Permissions
Zone Settings ReadZone Settings Write
If using the
sslRecommenderzone setting, use theenabledattribute instead ofvalue.
Available Setting IDs
The following table lists all valid settingId values. Some settings may require a specific Cloudflare plan level. For more details, see the API documentation.
| Setting ID | Value Type | Description |
|---|---|---|
0rtt | "on" / "off" | 0-RTT session resumption enabled for this zone. |
advancedDdos | "on" / "off" | Advanced protection from Distributed Denial of Service (DDoS) attacks on your… |
aegis | Object | Aegis provides dedicated egress IPs (from Cloudflare to your origin) for your… |
alwaysOnline | "on" / "off" | When enabled, Cloudflare serves limited copies of web pages available from th… |
alwaysUseHttps | "on" / "off" | Reply to all requests for URLs that use “http” with a 301 redirect to the equ… |
automaticHttpsRewrites | "on" / "off" | Enable the Automatic HTTPS Rewrites feature for this zone. |
automaticPlatformOptimization | Object | [Automatic Platform Optimization for WordPress](https://developers.cloudflare… |
brotli | "on" / "off" | When the client requesting an asset supports the Brotli compression algorithm… |
browserCacheTtl | Number | Browser Cache TTL (in seconds) specifies how long Cloudflare-cached resources… |
browserCheck | "on" / "off" | Browser Integrity Check is similar to Bad Behavior and looks for common HTTP … |
cacheLevel | "aggressive", "basic", "simplified" | Cache Level functions based off the setting level. The basic setting will cac… |
challengeTtl | Number (14 values) | Specify how long a visitor is allowed access to your site after successfully … |
ciphers | Array of string | An allowlist of ciphers for TLS termination. These ciphers must be in the Bor… |
cnameFlattening | "flattenAtRoot", "flattenAll" | Whether or not cname flattening is on. |
contentConverter | "on" / "off" | When enabled and the client sends an Accept header requesting text/markdown, … |
developmentMode | "on" / "off" | Development Mode temporarily allows you to enter development mode for your we… |
earlyHints | "on" / "off" | When enabled, Cloudflare will attempt to speed up overall page loads by servi… |
edgeCacheTtl | Number (21 values) | Time (in seconds) that a resource will be ensured to remain on Cloudflare’s c… |
emailObfuscation | "on" / "off" | Encrypt email adresses on your web page from bots, while keeping them visible… |
h2Prioritization | "on", "off", "custom" | HTTP/2 Edge Prioritization optimises the delivery of resources served through… |
hotlinkProtection | "on" / "off" | When enabled, the Hotlink Protection option ensures that other sites cannot s… |
http2 | "on" / "off" | HTTP2 enabled for this zone. |
http3 | "on" / "off" | HTTP3 enabled for this zone. |
imageResizing | "on", "off", "open" | Image Transformations provides on-demand resizing, conversion and optimizatio… |
ipGeolocation | "on" / "off" | Enable IP Geolocation to have Cloudflare geolocate visitors to your website a… |
ipv6 | "on" / "off" | Enable IPv6 on all subdomains that are Cloudflare enabled. (https://support…. |
maxUpload | Number (18 values) | Maximum size of an allowable upload. |
minTlsVersion | "1.0", "1.1", "1.2", "1.3" | Only accepts HTTPS requests that use at least the TLS protocol version specif… |
mirage | "on" / "off" | Automatically optimize image loading for website visitors on mobile devices. … |
nel | Object | Enable Network Error Logging reporting on your zone. (Beta) |
opportunisticEncryption | "on" / "off" | Enables the Opportunistic Encryption feature for a zone. |
opportunisticOnion | "on" / "off" | Add an Alt-Svc header to all legitimate requests from Tor, allowing the conne… |
orangeToOrange | "on" / "off" | Orange to Orange (O2O) allows zones on Cloudflare to CNAME to other zones als… |
originErrorPagePassThru | "on" / "off" | Cloudflare will proxy customer error pages on any 502,504 errors on origin se… |
originH2MaxStreams | Number | Origin H2 Max Streams configures the max number of concurrent requests that C… |
originMaxHttpVersion | "2", "1" | Origin Max HTTP Setting Version sets the highest HTTP version Cloudflare will… |
polish | "off", "lossless", "lossy" | Removes metadata and compresses your images for faster page load times. Basic… |
prefetchPreload | "on" / "off" | Cloudflare will prefetch any URLs that are included in the response headers. … |
privacyPass | "on" / "off" | Privacy Pass v1 was a browser extension developed by the Privacy Pass Team to… |
proxyReadTimeout | Number | Maximum time between two read operations from origin. |
pseudoIpv4 | "off", "addHeader", "overwriteHeader" | The value set for the Pseudo IPv4 setting. |
redirectsForAiTraining | "on" / "off" | When enabled, Cloudflare will redirect verified AI training crawlers to canon… |
replaceInsecureJs | "on" / "off" | Automatically replace insecure JavaScript libraries with safer and faster alt… |
responseBuffering | "on" / "off" | Enables or disables buffering of responses from the proxied server. Cloudflar… |
rocketLoader | "on" / "off" | Rocket Loader is a general-purpose asynchronous JavaScript optimisation that … |
securityHeader | Object | Cloudflare security header for a zone. |
securityLevel | "off", "essentiallyOff", "low", "medium", "high", "underAttack" | Choose the appropriate security profile for your website, which will automati… |
serverSideExclude | "on" / "off" | If there is sensitive content on your website that you want visible to real v… |
sha1Support | "on" / "off" | Allow SHA1 support. |
sortQueryStringForCache | "on" / "off" | Cloudflare will treat files with the same query strings as the same file in c… |
ssl | "off", "flexible", "full", "strict" | SSL encrypts your visitor’s connection and safeguards credit card numbers and… |
sslRecommender | Uses enabled attr | Enrollment in the SSL/TLS Recommender service which tries to detect and recom… |
tls12Only | "on" / "off" | Only allows TLS1.2. |
tls13 | "on", "off", "zrt" | Enables Crypto TLS 1.3 feature for a zone. |
tlsClientAuth | "on" / "off" | TLS Client Auth requires Cloudflare to connect to your origin server using a … |
transformations | "on", "off", "open" | Media Transformations provides on-demand resizing, conversion and optimizatio… |
transformationsAllowedOrigins | String | Media Transformations Allowed Origins restricts transformations for images an… |
trueClientIpHeader | "on" / "off" | Allows customer to continue to use True Client IP (Akamai feature) in the hea… |
waf | "on" / "off" | The WAF examines HTTP requests to your website. It inspects both GET and POS… |
webp | "on" / "off" | When the client requesting the image supports the WebP image codec, and WebP … |
websockets | "on" / "off" | WebSockets are open connections sustained between the client and the origin s… |
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";
// Basic on/off setting
const alwaysOnline = new cloudflare.ZoneSetting("always_online", {
zoneId: "023e105f4ecef8ad9ca31a8372d0c353",
settingId: "always_online",
value: "on",
});
// String value with specific choices
const minTlsVersion = new cloudflare.ZoneSetting("min_tls_version", {
zoneId: "023e105f4ecef8ad9ca31a8372d0c353",
settingId: "min_tls_version",
value: "1.2",
});
// Numeric value
const browserCacheTtl = new cloudflare.ZoneSetting("browser_cache_ttl", {
zoneId: "023e105f4ecef8ad9ca31a8372d0c353",
settingId: "browser_cache_ttl",
value: 14400,
});
// Array/List value
const ciphers = new cloudflare.ZoneSetting("ciphers", {
zoneId: "023e105f4ecef8ad9ca31a8372d0c353",
settingId: "ciphers",
value: [
"ECDHE-ECDSA-AES128-GCM-SHA256",
"ECDHE-ECDSA-CHACHA20-POLY1305",
],
});
// Nested object value
const securityHeader = new cloudflare.ZoneSetting("security_header", {
zoneId: "023e105f4ecef8ad9ca31a8372d0c353",
settingId: "security_header",
value: {
strictTransportSecurity: {
enabled: true,
includeSubdomains: true,
maxAge: 86400,
nosniff: true,
preload: false,
},
},
});
// Special case: ssl_recommender uses 'enabled' instead of 'value'
const sslRecommender = new cloudflare.ZoneSetting("ssl_recommender", {
zoneId: "023e105f4ecef8ad9ca31a8372d0c353",
settingId: "ssl_recommender",
enabled: true,
});
import pulumi
import pulumi_cloudflare as cloudflare
# Basic on/off setting
always_online = cloudflare.ZoneSetting("always_online",
zone_id="023e105f4ecef8ad9ca31a8372d0c353",
setting_id="always_online",
value="on")
# String value with specific choices
min_tls_version = cloudflare.ZoneSetting("min_tls_version",
zone_id="023e105f4ecef8ad9ca31a8372d0c353",
setting_id="min_tls_version",
value="1.2")
# Numeric value
browser_cache_ttl = cloudflare.ZoneSetting("browser_cache_ttl",
zone_id="023e105f4ecef8ad9ca31a8372d0c353",
setting_id="browser_cache_ttl",
value=14400)
# Array/List value
ciphers = cloudflare.ZoneSetting("ciphers",
zone_id="023e105f4ecef8ad9ca31a8372d0c353",
setting_id="ciphers",
value=[
"ECDHE-ECDSA-AES128-GCM-SHA256",
"ECDHE-ECDSA-CHACHA20-POLY1305",
])
# Nested object value
security_header = cloudflare.ZoneSetting("security_header",
zone_id="023e105f4ecef8ad9ca31a8372d0c353",
setting_id="security_header",
value={
"strictTransportSecurity": {
"enabled": True,
"includeSubdomains": True,
"maxAge": 86400,
"nosniff": True,
"preload": False,
},
})
# Special case: ssl_recommender uses 'enabled' instead of 'value'
ssl_recommender = cloudflare.ZoneSetting("ssl_recommender",
zone_id="023e105f4ecef8ad9ca31a8372d0c353",
setting_id="ssl_recommender",
enabled=True)
package main
import (
"github.com/pulumi/pulumi-cloudflare/sdk/v6/go/cloudflare"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// Basic on/off setting
_, err := cloudflare.NewZoneSetting(ctx, "always_online", &cloudflare.ZoneSettingArgs{
ZoneId: pulumi.String("023e105f4ecef8ad9ca31a8372d0c353"),
SettingId: pulumi.String("always_online"),
Value: pulumi.Any("on"),
})
if err != nil {
return err
}
// String value with specific choices
_, err = cloudflare.NewZoneSetting(ctx, "min_tls_version", &cloudflare.ZoneSettingArgs{
ZoneId: pulumi.String("023e105f4ecef8ad9ca31a8372d0c353"),
SettingId: pulumi.String("min_tls_version"),
Value: pulumi.Any("1.2"),
})
if err != nil {
return err
}
// Numeric value
_, err = cloudflare.NewZoneSetting(ctx, "browser_cache_ttl", &cloudflare.ZoneSettingArgs{
ZoneId: pulumi.String("023e105f4ecef8ad9ca31a8372d0c353"),
SettingId: pulumi.String("browser_cache_ttl"),
Value: pulumi.Any(14400),
})
if err != nil {
return err
}
// Array/List value
_, err = cloudflare.NewZoneSetting(ctx, "ciphers", &cloudflare.ZoneSettingArgs{
ZoneId: pulumi.String("023e105f4ecef8ad9ca31a8372d0c353"),
SettingId: pulumi.String("ciphers"),
Value: pulumi.Any{
"ECDHE-ECDSA-AES128-GCM-SHA256",
"ECDHE-ECDSA-CHACHA20-POLY1305",
},
})
if err != nil {
return err
}
// Nested object value
_, err = cloudflare.NewZoneSetting(ctx, "security_header", &cloudflare.ZoneSettingArgs{
ZoneId: pulumi.String("023e105f4ecef8ad9ca31a8372d0c353"),
SettingId: pulumi.String("security_header"),
Value: pulumi.Any(map[string]interface{}{
"strictTransportSecurity": map[string]interface{}{
"enabled": true,
"includeSubdomains": true,
"maxAge": 86400,
"nosniff": true,
"preload": false,
},
}),
})
if err != nil {
return err
}
// Special case: ssl_recommender uses 'enabled' instead of 'value'
_, err = cloudflare.NewZoneSetting(ctx, "ssl_recommender", &cloudflare.ZoneSettingArgs{
ZoneId: pulumi.String("023e105f4ecef8ad9ca31a8372d0c353"),
SettingId: pulumi.String("ssl_recommender"),
Enabled: pulumi.Bool(true),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;
return await Deployment.RunAsync(() =>
{
// Basic on/off setting
var alwaysOnline = new Cloudflare.Index.ZoneSetting("always_online", new()
{
ZoneId = "023e105f4ecef8ad9ca31a8372d0c353",
SettingId = "always_online",
Value = "on",
});
// String value with specific choices
var minTlsVersion = new Cloudflare.Index.ZoneSetting("min_tls_version", new()
{
ZoneId = "023e105f4ecef8ad9ca31a8372d0c353",
SettingId = "min_tls_version",
Value = "1.2",
});
// Numeric value
var browserCacheTtl = new Cloudflare.Index.ZoneSetting("browser_cache_ttl", new()
{
ZoneId = "023e105f4ecef8ad9ca31a8372d0c353",
SettingId = "browser_cache_ttl",
Value = 14400,
});
// Array/List value
var ciphers = new Cloudflare.Index.ZoneSetting("ciphers", new()
{
ZoneId = "023e105f4ecef8ad9ca31a8372d0c353",
SettingId = "ciphers",
Value = new[]
{
"ECDHE-ECDSA-AES128-GCM-SHA256",
"ECDHE-ECDSA-CHACHA20-POLY1305",
},
});
// Nested object value
var securityHeader = new Cloudflare.Index.ZoneSetting("security_header", new()
{
ZoneId = "023e105f4ecef8ad9ca31a8372d0c353",
SettingId = "security_header",
Value = new Dictionary<string, object?>
{
["strictTransportSecurity"] = new Dictionary<string, object?>
{
["enabled"] = true,
["includeSubdomains"] = true,
["maxAge"] = 86400,
["nosniff"] = true,
["preload"] = false,
},
},
});
// Special case: ssl_recommender uses 'enabled' instead of 'value'
var sslRecommender = new Cloudflare.Index.ZoneSetting("ssl_recommender", new()
{
ZoneId = "023e105f4ecef8ad9ca31a8372d0c353",
SettingId = "ssl_recommender",
Enabled = true,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudflare.ZoneSetting;
import com.pulumi.cloudflare.ZoneSettingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// Basic on/off setting
var alwaysOnline = new ZoneSetting("alwaysOnline", ZoneSettingArgs.builder()
.zoneId("023e105f4ecef8ad9ca31a8372d0c353")
.settingId("always_online")
.value("on")
.build());
// String value with specific choices
var minTlsVersion = new ZoneSetting("minTlsVersion", ZoneSettingArgs.builder()
.zoneId("023e105f4ecef8ad9ca31a8372d0c353")
.settingId("min_tls_version")
.value("1.2")
.build());
// Numeric value
var browserCacheTtl = new ZoneSetting("browserCacheTtl", ZoneSettingArgs.builder()
.zoneId("023e105f4ecef8ad9ca31a8372d0c353")
.settingId("browser_cache_ttl")
.value(14400)
.build());
// Array/List value
var ciphers = new ZoneSetting("ciphers", ZoneSettingArgs.builder()
.zoneId("023e105f4ecef8ad9ca31a8372d0c353")
.settingId("ciphers")
.value(
"ECDHE-ECDSA-AES128-GCM-SHA256",
"ECDHE-ECDSA-CHACHA20-POLY1305")
.build());
// Nested object value
var securityHeader = new ZoneSetting("securityHeader", ZoneSettingArgs.builder()
.zoneId("023e105f4ecef8ad9ca31a8372d0c353")
.settingId("security_header")
.value(Map.of("strictTransportSecurity", Map.ofEntries(
Map.entry("enabled", true),
Map.entry("includeSubdomains", true),
Map.entry("maxAge", 86400),
Map.entry("nosniff", true),
Map.entry("preload", false)
)))
.build());
// Special case: ssl_recommender uses 'enabled' instead of 'value'
var sslRecommender = new ZoneSetting("sslRecommender", ZoneSettingArgs.builder()
.zoneId("023e105f4ecef8ad9ca31a8372d0c353")
.settingId("ssl_recommender")
.enabled(true)
.build());
}
}
resources:
# Basic on/off setting
alwaysOnline:
type: cloudflare:ZoneSetting
name: always_online
properties:
zoneId: 023e105f4ecef8ad9ca31a8372d0c353
settingId: always_online
value: on
# String value with specific choices
minTlsVersion:
type: cloudflare:ZoneSetting
name: min_tls_version
properties:
zoneId: 023e105f4ecef8ad9ca31a8372d0c353
settingId: min_tls_version
value: '1.2'
# Numeric value
browserCacheTtl:
type: cloudflare:ZoneSetting
name: browser_cache_ttl
properties:
zoneId: 023e105f4ecef8ad9ca31a8372d0c353
settingId: browser_cache_ttl
value: 14400 # 4 hours in seconds
# Array/List value
ciphers:
type: cloudflare:ZoneSetting
properties:
zoneId: 023e105f4ecef8ad9ca31a8372d0c353
settingId: ciphers
value:
- ECDHE-ECDSA-AES128-GCM-SHA256
- ECDHE-ECDSA-CHACHA20-POLY1305
# Nested object value
securityHeader:
type: cloudflare:ZoneSetting
name: security_header
properties:
zoneId: 023e105f4ecef8ad9ca31a8372d0c353
settingId: security_header
value:
strictTransportSecurity:
enabled: true
includeSubdomains: true
maxAge: 86400
nosniff: true
preload: false
# Special case: ssl_recommender uses 'enabled' instead of 'value'
sslRecommender:
type: cloudflare:ZoneSetting
name: ssl_recommender
properties:
zoneId: 023e105f4ecef8ad9ca31a8372d0c353
settingId: ssl_recommender
enabled: true
Additional Examples
String Value with Choices
import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";
// Minimum TLS Version
const minTls = new cloudflare.ZoneSetting("min_tls", {
zoneId: "023e105f4ecef8ad9ca31a8372d0c353",
settingId: "min_tls_version",
value: "1.2",
});
// SSL/TLS Mode
const ssl = new cloudflare.ZoneSetting("ssl", {
zoneId: "023e105f4ecef8ad9ca31a8372d0c353",
settingId: "ssl",
value: "strict",
});
// Security Level
const securityLevel = new cloudflare.ZoneSetting("security_level", {
zoneId: "023e105f4ecef8ad9ca31a8372d0c353",
settingId: "security_level",
value: "medium",
});
// Cache Level
const cacheLevel = new cloudflare.ZoneSetting("cache_level", {
zoneId: "023e105f4ecef8ad9ca31a8372d0c353",
settingId: "cache_level",
value: "aggressive",
});
import pulumi
import pulumi_cloudflare as cloudflare
# Minimum TLS Version
min_tls = cloudflare.ZoneSetting("min_tls",
zone_id="023e105f4ecef8ad9ca31a8372d0c353",
setting_id="min_tls_version",
value="1.2")
# SSL/TLS Mode
ssl = cloudflare.ZoneSetting("ssl",
zone_id="023e105f4ecef8ad9ca31a8372d0c353",
setting_id="ssl",
value="strict")
# Security Level
security_level = cloudflare.ZoneSetting("security_level",
zone_id="023e105f4ecef8ad9ca31a8372d0c353",
setting_id="security_level",
value="medium")
# Cache Level
cache_level = cloudflare.ZoneSetting("cache_level",
zone_id="023e105f4ecef8ad9ca31a8372d0c353",
setting_id="cache_level",
value="aggressive")
package main
import (
"github.com/pulumi/pulumi-cloudflare/sdk/v6/go/cloudflare"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// Minimum TLS Version
_, err := cloudflare.NewZoneSetting(ctx, "min_tls", &cloudflare.ZoneSettingArgs{
ZoneId: pulumi.String("023e105f4ecef8ad9ca31a8372d0c353"),
SettingId: pulumi.String("min_tls_version"),
Value: pulumi.Any("1.2"),
})
if err != nil {
return err
}
// SSL/TLS Mode
_, err = cloudflare.NewZoneSetting(ctx, "ssl", &cloudflare.ZoneSettingArgs{
ZoneId: pulumi.String("023e105f4ecef8ad9ca31a8372d0c353"),
SettingId: pulumi.String("ssl"),
Value: pulumi.Any("strict"),
})
if err != nil {
return err
}
// Security Level
_, err = cloudflare.NewZoneSetting(ctx, "security_level", &cloudflare.ZoneSettingArgs{
ZoneId: pulumi.String("023e105f4ecef8ad9ca31a8372d0c353"),
SettingId: pulumi.String("security_level"),
Value: pulumi.Any("medium"),
})
if err != nil {
return err
}
// Cache Level
_, err = cloudflare.NewZoneSetting(ctx, "cache_level", &cloudflare.ZoneSettingArgs{
ZoneId: pulumi.String("023e105f4ecef8ad9ca31a8372d0c353"),
SettingId: pulumi.String("cache_level"),
Value: pulumi.Any("aggressive"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;
return await Deployment.RunAsync(() =>
{
// Minimum TLS Version
var minTls = new Cloudflare.Index.ZoneSetting("min_tls", new()
{
ZoneId = "023e105f4ecef8ad9ca31a8372d0c353",
SettingId = "min_tls_version",
Value = "1.2",
});
// SSL/TLS Mode
var ssl = new Cloudflare.Index.ZoneSetting("ssl", new()
{
ZoneId = "023e105f4ecef8ad9ca31a8372d0c353",
SettingId = "ssl",
Value = "strict",
});
// Security Level
var securityLevel = new Cloudflare.Index.ZoneSetting("security_level", new()
{
ZoneId = "023e105f4ecef8ad9ca31a8372d0c353",
SettingId = "security_level",
Value = "medium",
});
// Cache Level
var cacheLevel = new Cloudflare.Index.ZoneSetting("cache_level", new()
{
ZoneId = "023e105f4ecef8ad9ca31a8372d0c353",
SettingId = "cache_level",
Value = "aggressive",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudflare.ZoneSetting;
import com.pulumi.cloudflare.ZoneSettingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// Minimum TLS Version
var minTls = new ZoneSetting("minTls", ZoneSettingArgs.builder()
.zoneId("023e105f4ecef8ad9ca31a8372d0c353")
.settingId("min_tls_version")
.value("1.2")
.build());
// SSL/TLS Mode
var ssl = new ZoneSetting("ssl", ZoneSettingArgs.builder()
.zoneId("023e105f4ecef8ad9ca31a8372d0c353")
.settingId("ssl")
.value("strict")
.build());
// Security Level
var securityLevel = new ZoneSetting("securityLevel", ZoneSettingArgs.builder()
.zoneId("023e105f4ecef8ad9ca31a8372d0c353")
.settingId("security_level")
.value("medium")
.build());
// Cache Level
var cacheLevel = new ZoneSetting("cacheLevel", ZoneSettingArgs.builder()
.zoneId("023e105f4ecef8ad9ca31a8372d0c353")
.settingId("cache_level")
.value("aggressive")
.build());
}
}
resources:
# Minimum TLS Version
minTls:
type: cloudflare:ZoneSetting
name: min_tls
properties:
zoneId: 023e105f4ecef8ad9ca31a8372d0c353
settingId: min_tls_version
value: '1.2'
# SSL/TLS Mode
ssl:
type: cloudflare:ZoneSetting
properties:
zoneId: 023e105f4ecef8ad9ca31a8372d0c353
settingId: ssl
value: strict
# Security Level
securityLevel:
type: cloudflare:ZoneSetting
name: security_level
properties:
zoneId: 023e105f4ecef8ad9ca31a8372d0c353
settingId: security_level
value: medium
# Cache Level
cacheLevel:
type: cloudflare:ZoneSetting
name: cache_level
properties:
zoneId: 023e105f4ecef8ad9ca31a8372d0c353
settingId: cache_level
value: aggressive
Numeric Values
import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";
// Browser Cache TTL
const browserCacheTtl = new cloudflare.ZoneSetting("browser_cache_ttl", {
zoneId: "023e105f4ecef8ad9ca31a8372d0c353",
settingId: "browser_cache_ttl",
value: 14400,
});
// Challenge TTL
const challengeTtl = new cloudflare.ZoneSetting("challenge_ttl", {
zoneId: "023e105f4ecef8ad9ca31a8372d0c353",
settingId: "challenge_ttl",
value: 1800,
});
// Max Upload Size
const maxUpload = new cloudflare.ZoneSetting("max_upload", {
zoneId: "023e105f4ecef8ad9ca31a8372d0c353",
settingId: "max_upload",
value: 100,
});
import pulumi
import pulumi_cloudflare as cloudflare
# Browser Cache TTL
browser_cache_ttl = cloudflare.ZoneSetting("browser_cache_ttl",
zone_id="023e105f4ecef8ad9ca31a8372d0c353",
setting_id="browser_cache_ttl",
value=14400)
# Challenge TTL
challenge_ttl = cloudflare.ZoneSetting("challenge_ttl",
zone_id="023e105f4ecef8ad9ca31a8372d0c353",
setting_id="challenge_ttl",
value=1800)
# Max Upload Size
max_upload = cloudflare.ZoneSetting("max_upload",
zone_id="023e105f4ecef8ad9ca31a8372d0c353",
setting_id="max_upload",
value=100)
package main
import (
"github.com/pulumi/pulumi-cloudflare/sdk/v6/go/cloudflare"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// Browser Cache TTL
_, err := cloudflare.NewZoneSetting(ctx, "browser_cache_ttl", &cloudflare.ZoneSettingArgs{
ZoneId: pulumi.String("023e105f4ecef8ad9ca31a8372d0c353"),
SettingId: pulumi.String("browser_cache_ttl"),
Value: pulumi.Any(14400),
})
if err != nil {
return err
}
// Challenge TTL
_, err = cloudflare.NewZoneSetting(ctx, "challenge_ttl", &cloudflare.ZoneSettingArgs{
ZoneId: pulumi.String("023e105f4ecef8ad9ca31a8372d0c353"),
SettingId: pulumi.String("challenge_ttl"),
Value: pulumi.Any(1800),
})
if err != nil {
return err
}
// Max Upload Size
_, err = cloudflare.NewZoneSetting(ctx, "max_upload", &cloudflare.ZoneSettingArgs{
ZoneId: pulumi.String("023e105f4ecef8ad9ca31a8372d0c353"),
SettingId: pulumi.String("max_upload"),
Value: pulumi.Any(100),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;
return await Deployment.RunAsync(() =>
{
// Browser Cache TTL
var browserCacheTtl = new Cloudflare.Index.ZoneSetting("browser_cache_ttl", new()
{
ZoneId = "023e105f4ecef8ad9ca31a8372d0c353",
SettingId = "browser_cache_ttl",
Value = 14400,
});
// Challenge TTL
var challengeTtl = new Cloudflare.Index.ZoneSetting("challenge_ttl", new()
{
ZoneId = "023e105f4ecef8ad9ca31a8372d0c353",
SettingId = "challenge_ttl",
Value = 1800,
});
// Max Upload Size
var maxUpload = new Cloudflare.Index.ZoneSetting("max_upload", new()
{
ZoneId = "023e105f4ecef8ad9ca31a8372d0c353",
SettingId = "max_upload",
Value = 100,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudflare.ZoneSetting;
import com.pulumi.cloudflare.ZoneSettingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// Browser Cache TTL
var browserCacheTtl = new ZoneSetting("browserCacheTtl", ZoneSettingArgs.builder()
.zoneId("023e105f4ecef8ad9ca31a8372d0c353")
.settingId("browser_cache_ttl")
.value(14400)
.build());
// Challenge TTL
var challengeTtl = new ZoneSetting("challengeTtl", ZoneSettingArgs.builder()
.zoneId("023e105f4ecef8ad9ca31a8372d0c353")
.settingId("challenge_ttl")
.value(1800)
.build());
// Max Upload Size
var maxUpload = new ZoneSetting("maxUpload", ZoneSettingArgs.builder()
.zoneId("023e105f4ecef8ad9ca31a8372d0c353")
.settingId("max_upload")
.value(100)
.build());
}
}
resources:
# Browser Cache TTL
browserCacheTtl:
type: cloudflare:ZoneSetting
name: browser_cache_ttl
properties:
zoneId: 023e105f4ecef8ad9ca31a8372d0c353
settingId: browser_cache_ttl
value: 14400 # Seconds (4 hours). Common values: 30, 60, 120, 300, 1200, 1800, 3600, 7200, 10800, 14400, 18000, 28800, 43200, 57600, 72000, 86400, 172800, 259200, 345600, 432000, 691200, 1382400, 2073600, 2678400, 5356800, 16070400, 31536000
# Challenge TTL
challengeTtl:
type: cloudflare:ZoneSetting
name: challenge_ttl
properties:
zoneId: 023e105f4ecef8ad9ca31a8372d0c353
settingId: challenge_ttl
value: 1800 # Seconds (30 minutes). Range: 300-2592000
# Max Upload Size
maxUpload:
type: cloudflare:ZoneSetting
name: max_upload
properties:
zoneId: 023e105f4ecef8ad9ca31a8372d0c353
settingId: max_upload
value: 100 # MB. Range: 1-5000 (depending on plan)
Special Cases
import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";
// 0-RTT (Zero Round Trip Time)
const zeroRtt = new cloudflare.ZoneSetting("zero_rtt", {
zoneId: "023e105f4ecef8ad9ca31a8372d0c353",
settingId: "0rtt",
value: "on",
});
// Network Error Logging (NEL)
const nel = new cloudflare.ZoneSetting("nel", {
zoneId: "023e105f4ecef8ad9ca31a8372d0c353",
settingId: "nel",
value: {
enabled: true,
},
});
import pulumi
import pulumi_cloudflare as cloudflare
# 0-RTT (Zero Round Trip Time)
zero_rtt = cloudflare.ZoneSetting("zero_rtt",
zone_id="023e105f4ecef8ad9ca31a8372d0c353",
setting_id="0rtt",
value="on")
# Network Error Logging (NEL)
nel = cloudflare.ZoneSetting("nel",
zone_id="023e105f4ecef8ad9ca31a8372d0c353",
setting_id="nel",
value={
"enabled": True,
})
package main
import (
"github.com/pulumi/pulumi-cloudflare/sdk/v6/go/cloudflare"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// 0-RTT (Zero Round Trip Time)
_, err := cloudflare.NewZoneSetting(ctx, "zero_rtt", &cloudflare.ZoneSettingArgs{
ZoneId: pulumi.String("023e105f4ecef8ad9ca31a8372d0c353"),
SettingId: pulumi.String("0rtt"),
Value: pulumi.Any("on"),
})
if err != nil {
return err
}
// Network Error Logging (NEL)
_, err = cloudflare.NewZoneSetting(ctx, "nel", &cloudflare.ZoneSettingArgs{
ZoneId: pulumi.String("023e105f4ecef8ad9ca31a8372d0c353"),
SettingId: pulumi.String("nel"),
Value: pulumi.Any(map[string]interface{}{
"enabled": true,
}),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;
return await Deployment.RunAsync(() =>
{
// 0-RTT (Zero Round Trip Time)
var zeroRtt = new Cloudflare.Index.ZoneSetting("zero_rtt", new()
{
ZoneId = "023e105f4ecef8ad9ca31a8372d0c353",
SettingId = "0rtt",
Value = "on",
});
// Network Error Logging (NEL)
var nel = new Cloudflare.Index.ZoneSetting("nel", new()
{
ZoneId = "023e105f4ecef8ad9ca31a8372d0c353",
SettingId = "nel",
Value = new Dictionary<string, object?>
{
["enabled"] = true,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudflare.ZoneSetting;
import com.pulumi.cloudflare.ZoneSettingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// 0-RTT (Zero Round Trip Time)
var zeroRtt = new ZoneSetting("zeroRtt", ZoneSettingArgs.builder()
.zoneId("023e105f4ecef8ad9ca31a8372d0c353")
.settingId("0rtt")
.value("on")
.build());
// Network Error Logging (NEL)
var nel = new ZoneSetting("nel", ZoneSettingArgs.builder()
.zoneId("023e105f4ecef8ad9ca31a8372d0c353")
.settingId("nel")
.value(Map.of("enabled", true))
.build());
}
}
resources:
# 0-RTT (Zero Round Trip Time)
zeroRtt:
type: cloudflare:ZoneSetting
name: zero_rtt
properties:
zoneId: 023e105f4ecef8ad9ca31a8372d0c353
settingId: 0rtt
value: on
# Network Error Logging (NEL)
nel:
type: cloudflare:ZoneSetting
properties:
zoneId: 023e105f4ecef8ad9ca31a8372d0c353
settingId: nel
value:
enabled: true
Common Configuration Sets
Security Hardening Configuration
import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";
// Enable HTTPS everywhere
const alwaysUseHttps = new cloudflare.ZoneSetting("always_use_https", {
zoneId: zoneId,
settingId: "always_use_https",
value: "on",
});
// Automatic HTTPS Rewrites
const automaticHttpsRewrites = new cloudflare.ZoneSetting("automatic_https_rewrites", {
zoneId: zoneId,
settingId: "automatic_https_rewrites",
value: "on",
});
// Minimum TLS 1.2
const minTlsVersion = new cloudflare.ZoneSetting("min_tls_version", {
zoneId: zoneId,
settingId: "min_tls_version",
value: "1.2",
});
// Enable TLS 1.3
const tls13 = new cloudflare.ZoneSetting("tls_1_3", {
zoneId: zoneId,
settingId: "tls_1_3",
value: "on",
});
// Strict SSL
const ssl = new cloudflare.ZoneSetting("ssl", {
zoneId: zoneId,
settingId: "ssl",
value: "strict",
});
import pulumi
import pulumi_cloudflare as cloudflare
# Enable HTTPS everywhere
always_use_https = cloudflare.ZoneSetting("always_use_https",
zone_id=zone_id,
setting_id="always_use_https",
value="on")
# Automatic HTTPS Rewrites
automatic_https_rewrites = cloudflare.ZoneSetting("automatic_https_rewrites",
zone_id=zone_id,
setting_id="automatic_https_rewrites",
value="on")
# Minimum TLS 1.2
min_tls_version = cloudflare.ZoneSetting("min_tls_version",
zone_id=zone_id,
setting_id="min_tls_version",
value="1.2")
# Enable TLS 1.3
tls13 = cloudflare.ZoneSetting("tls_1_3",
zone_id=zone_id,
setting_id="tls_1_3",
value="on")
# Strict SSL
ssl = cloudflare.ZoneSetting("ssl",
zone_id=zone_id,
setting_id="ssl",
value="strict")
package main
import (
"github.com/pulumi/pulumi-cloudflare/sdk/v6/go/cloudflare"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// Enable HTTPS everywhere
_, err := cloudflare.NewZoneSetting(ctx, "always_use_https", &cloudflare.ZoneSettingArgs{
ZoneId: pulumi.Any(zoneId),
SettingId: pulumi.String("always_use_https"),
Value: pulumi.Any("on"),
})
if err != nil {
return err
}
// Automatic HTTPS Rewrites
_, err = cloudflare.NewZoneSetting(ctx, "automatic_https_rewrites", &cloudflare.ZoneSettingArgs{
ZoneId: pulumi.Any(zoneId),
SettingId: pulumi.String("automatic_https_rewrites"),
Value: pulumi.Any("on"),
})
if err != nil {
return err
}
// Minimum TLS 1.2
_, err = cloudflare.NewZoneSetting(ctx, "min_tls_version", &cloudflare.ZoneSettingArgs{
ZoneId: pulumi.Any(zoneId),
SettingId: pulumi.String("min_tls_version"),
Value: pulumi.Any("1.2"),
})
if err != nil {
return err
}
// Enable TLS 1.3
_, err = cloudflare.NewZoneSetting(ctx, "tls_1_3", &cloudflare.ZoneSettingArgs{
ZoneId: pulumi.Any(zoneId),
SettingId: pulumi.String("tls_1_3"),
Value: pulumi.Any("on"),
})
if err != nil {
return err
}
// Strict SSL
_, err = cloudflare.NewZoneSetting(ctx, "ssl", &cloudflare.ZoneSettingArgs{
ZoneId: pulumi.Any(zoneId),
SettingId: pulumi.String("ssl"),
Value: pulumi.Any("strict"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;
return await Deployment.RunAsync(() =>
{
// Enable HTTPS everywhere
var alwaysUseHttps = new Cloudflare.Index.ZoneSetting("always_use_https", new()
{
ZoneId = zoneId,
SettingId = "always_use_https",
Value = "on",
});
// Automatic HTTPS Rewrites
var automaticHttpsRewrites = new Cloudflare.Index.ZoneSetting("automatic_https_rewrites", new()
{
ZoneId = zoneId,
SettingId = "automatic_https_rewrites",
Value = "on",
});
// Minimum TLS 1.2
var minTlsVersion = new Cloudflare.Index.ZoneSetting("min_tls_version", new()
{
ZoneId = zoneId,
SettingId = "min_tls_version",
Value = "1.2",
});
// Enable TLS 1.3
var tls13 = new Cloudflare.Index.ZoneSetting("tls_1_3", new()
{
ZoneId = zoneId,
SettingId = "tls_1_3",
Value = "on",
});
// Strict SSL
var ssl = new Cloudflare.Index.ZoneSetting("ssl", new()
{
ZoneId = zoneId,
SettingId = "ssl",
Value = "strict",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudflare.ZoneSetting;
import com.pulumi.cloudflare.ZoneSettingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// Enable HTTPS everywhere
var alwaysUseHttps = new ZoneSetting("alwaysUseHttps", ZoneSettingArgs.builder()
.zoneId(zoneId)
.settingId("always_use_https")
.value("on")
.build());
// Automatic HTTPS Rewrites
var automaticHttpsRewrites = new ZoneSetting("automaticHttpsRewrites", ZoneSettingArgs.builder()
.zoneId(zoneId)
.settingId("automatic_https_rewrites")
.value("on")
.build());
// Minimum TLS 1.2
var minTlsVersion = new ZoneSetting("minTlsVersion", ZoneSettingArgs.builder()
.zoneId(zoneId)
.settingId("min_tls_version")
.value("1.2")
.build());
// Enable TLS 1.3
var tls13 = new ZoneSetting("tls13", ZoneSettingArgs.builder()
.zoneId(zoneId)
.settingId("tls_1_3")
.value("on")
.build());
// Strict SSL
var ssl = new ZoneSetting("ssl", ZoneSettingArgs.builder()
.zoneId(zoneId)
.settingId("ssl")
.value("strict")
.build());
}
}
resources:
# Enable HTTPS everywhere
alwaysUseHttps:
type: cloudflare:ZoneSetting
name: always_use_https
properties:
zoneId: ${zoneId}
settingId: always_use_https
value: on
# Automatic HTTPS Rewrites
automaticHttpsRewrites:
type: cloudflare:ZoneSetting
name: automatic_https_rewrites
properties:
zoneId: ${zoneId}
settingId: automatic_https_rewrites
value: on
# Minimum TLS 1.2
minTlsVersion:
type: cloudflare:ZoneSetting
name: min_tls_version
properties:
zoneId: ${zoneId}
settingId: min_tls_version
value: '1.2'
# Enable TLS 1.3
tls13:
type: cloudflare:ZoneSetting
name: tls_1_3
properties:
zoneId: ${zoneId}
settingId: tls_1_3
value: on
# Strict SSL
ssl:
type: cloudflare:ZoneSetting
properties:
zoneId: ${zoneId}
settingId: ssl
value: strict
Performance Optimization Configuration
import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";
// Enable HTTP/3
const http3 = new cloudflare.ZoneSetting("http3", {
zoneId: zoneId,
settingId: "http3",
value: "on",
});
// Enable Brotli Compression
const brotli = new cloudflare.ZoneSetting("brotli", {
zoneId: zoneId,
settingId: "brotli",
value: "on",
});
// Early Hints
const earlyHints = new cloudflare.ZoneSetting("early_hints", {
zoneId: zoneId,
settingId: "early_hints",
value: "on",
});
// Aggressive Caching
const cacheLevel = new cloudflare.ZoneSetting("cache_level", {
zoneId: zoneId,
settingId: "cache_level",
value: "aggressive",
});
// Browser Cache TTL
const browserCache = new cloudflare.ZoneSetting("browser_cache", {
zoneId: zoneId,
settingId: "browser_cache_ttl",
value: 14400,
});
import pulumi
import pulumi_cloudflare as cloudflare
# Enable HTTP/3
http3 = cloudflare.ZoneSetting("http3",
zone_id=zone_id,
setting_id="http3",
value="on")
# Enable Brotli Compression
brotli = cloudflare.ZoneSetting("brotli",
zone_id=zone_id,
setting_id="brotli",
value="on")
# Early Hints
early_hints = cloudflare.ZoneSetting("early_hints",
zone_id=zone_id,
setting_id="early_hints",
value="on")
# Aggressive Caching
cache_level = cloudflare.ZoneSetting("cache_level",
zone_id=zone_id,
setting_id="cache_level",
value="aggressive")
# Browser Cache TTL
browser_cache = cloudflare.ZoneSetting("browser_cache",
zone_id=zone_id,
setting_id="browser_cache_ttl",
value=14400)
package main
import (
"github.com/pulumi/pulumi-cloudflare/sdk/v6/go/cloudflare"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// Enable HTTP/3
_, err := cloudflare.NewZoneSetting(ctx, "http3", &cloudflare.ZoneSettingArgs{
ZoneId: pulumi.Any(zoneId),
SettingId: pulumi.String("http3"),
Value: pulumi.Any("on"),
})
if err != nil {
return err
}
// Enable Brotli Compression
_, err = cloudflare.NewZoneSetting(ctx, "brotli", &cloudflare.ZoneSettingArgs{
ZoneId: pulumi.Any(zoneId),
SettingId: pulumi.String("brotli"),
Value: pulumi.Any("on"),
})
if err != nil {
return err
}
// Early Hints
_, err = cloudflare.NewZoneSetting(ctx, "early_hints", &cloudflare.ZoneSettingArgs{
ZoneId: pulumi.Any(zoneId),
SettingId: pulumi.String("early_hints"),
Value: pulumi.Any("on"),
})
if err != nil {
return err
}
// Aggressive Caching
_, err = cloudflare.NewZoneSetting(ctx, "cache_level", &cloudflare.ZoneSettingArgs{
ZoneId: pulumi.Any(zoneId),
SettingId: pulumi.String("cache_level"),
Value: pulumi.Any("aggressive"),
})
if err != nil {
return err
}
// Browser Cache TTL
_, err = cloudflare.NewZoneSetting(ctx, "browser_cache", &cloudflare.ZoneSettingArgs{
ZoneId: pulumi.Any(zoneId),
SettingId: pulumi.String("browser_cache_ttl"),
Value: pulumi.Any(14400),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;
return await Deployment.RunAsync(() =>
{
// Enable HTTP/3
var http3 = new Cloudflare.Index.ZoneSetting("http3", new()
{
ZoneId = zoneId,
SettingId = "http3",
Value = "on",
});
// Enable Brotli Compression
var brotli = new Cloudflare.Index.ZoneSetting("brotli", new()
{
ZoneId = zoneId,
SettingId = "brotli",
Value = "on",
});
// Early Hints
var earlyHints = new Cloudflare.Index.ZoneSetting("early_hints", new()
{
ZoneId = zoneId,
SettingId = "early_hints",
Value = "on",
});
// Aggressive Caching
var cacheLevel = new Cloudflare.Index.ZoneSetting("cache_level", new()
{
ZoneId = zoneId,
SettingId = "cache_level",
Value = "aggressive",
});
// Browser Cache TTL
var browserCache = new Cloudflare.Index.ZoneSetting("browser_cache", new()
{
ZoneId = zoneId,
SettingId = "browser_cache_ttl",
Value = 14400,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudflare.ZoneSetting;
import com.pulumi.cloudflare.ZoneSettingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// Enable HTTP/3
var http3 = new ZoneSetting("http3", ZoneSettingArgs.builder()
.zoneId(zoneId)
.settingId("http3")
.value("on")
.build());
// Enable Brotli Compression
var brotli = new ZoneSetting("brotli", ZoneSettingArgs.builder()
.zoneId(zoneId)
.settingId("brotli")
.value("on")
.build());
// Early Hints
var earlyHints = new ZoneSetting("earlyHints", ZoneSettingArgs.builder()
.zoneId(zoneId)
.settingId("early_hints")
.value("on")
.build());
// Aggressive Caching
var cacheLevel = new ZoneSetting("cacheLevel", ZoneSettingArgs.builder()
.zoneId(zoneId)
.settingId("cache_level")
.value("aggressive")
.build());
// Browser Cache TTL
var browserCache = new ZoneSetting("browserCache", ZoneSettingArgs.builder()
.zoneId(zoneId)
.settingId("browser_cache_ttl")
.value(14400)
.build());
}
}
resources:
# Enable HTTP/3
http3:
type: cloudflare:ZoneSetting
properties:
zoneId: ${zoneId}
settingId: http3
value: on
# Enable Brotli Compression
brotli:
type: cloudflare:ZoneSetting
properties:
zoneId: ${zoneId}
settingId: brotli
value: on
# Early Hints
earlyHints:
type: cloudflare:ZoneSetting
name: early_hints
properties:
zoneId: ${zoneId}
settingId: early_hints
value: on
# Aggressive Caching
cacheLevel:
type: cloudflare:ZoneSetting
name: cache_level
properties:
zoneId: ${zoneId}
settingId: cache_level
value: aggressive
# Browser Cache TTL
browserCache:
type: cloudflare:ZoneSetting
name: browser_cache
properties:
zoneId: ${zoneId}
settingId: browser_cache_ttl
value: 14400 # 4 hours
Create ZoneSetting Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new ZoneSetting(name: string, args: ZoneSettingArgs, opts?: CustomResourceOptions);@overload
def ZoneSetting(resource_name: str,
args: ZoneSettingArgs,
opts: Optional[ResourceOptions] = None)
@overload
def ZoneSetting(resource_name: str,
opts: Optional[ResourceOptions] = None,
setting_id: Optional[str] = None,
value: Optional[Any] = None,
enabled: Optional[bool] = None,
zone_id: Optional[str] = None)func NewZoneSetting(ctx *Context, name string, args ZoneSettingArgs, opts ...ResourceOption) (*ZoneSetting, error)public ZoneSetting(string name, ZoneSettingArgs args, CustomResourceOptions? opts = null)
public ZoneSetting(String name, ZoneSettingArgs args)
public ZoneSetting(String name, ZoneSettingArgs args, CustomResourceOptions options)
type: cloudflare:ZoneSetting
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ZoneSettingArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ZoneSettingArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ZoneSettingArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ZoneSettingArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ZoneSettingArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var zoneSettingResource = new Cloudflare.ZoneSetting("zoneSettingResource", new()
{
SettingId = "string",
Value = "any",
Enabled = false,
ZoneId = "string",
});
example, err := cloudflare.NewZoneSetting(ctx, "zoneSettingResource", &cloudflare.ZoneSettingArgs{
SettingId: pulumi.String("string"),
Value: pulumi.Any("any"),
Enabled: pulumi.Bool(false),
ZoneId: pulumi.String("string"),
})
var zoneSettingResource = new ZoneSetting("zoneSettingResource", ZoneSettingArgs.builder()
.settingId("string")
.value("any")
.enabled(false)
.zoneId("string")
.build());
zone_setting_resource = cloudflare.ZoneSetting("zoneSettingResource",
setting_id="string",
value="any",
enabled=False,
zone_id="string")
const zoneSettingResource = new cloudflare.ZoneSetting("zoneSettingResource", {
settingId: "string",
value: "any",
enabled: false,
zoneId: "string",
});
type: cloudflare:ZoneSetting
properties:
enabled: false
settingId: string
value: any
zoneId: string
ZoneSetting Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The ZoneSetting resource accepts the following input properties:
- setting_
id str - Setting name
- value Any
- Current value of the zone setting.
- enabled bool
- ssl-recommender enrollment setting.
- zone_
id str - Identifier
Outputs
All input properties are implicitly available as output properties. Additionally, the ZoneSetting resource produces the following output properties:
- Editable bool
- Whether or not this setting can be modified for this zone (based on your Cloudflare plan level).
- Id string
- The provider-assigned unique ID for this managed resource.
- Modified
On string - last time this setting was modified.
- Time
Remaining double - Value of the zone setting. Notes: The interval (in seconds) from when development mode expires (positive integer) or last expired (negative integer) for the domain. If development mode has never been enabled, this value is false.
- Editable bool
- Whether or not this setting can be modified for this zone (based on your Cloudflare plan level).
- Id string
- The provider-assigned unique ID for this managed resource.
- Modified
On string - last time this setting was modified.
- Time
Remaining float64 - Value of the zone setting. Notes: The interval (in seconds) from when development mode expires (positive integer) or last expired (negative integer) for the domain. If development mode has never been enabled, this value is false.
- editable Boolean
- Whether or not this setting can be modified for this zone (based on your Cloudflare plan level).
- id String
- The provider-assigned unique ID for this managed resource.
- modified
On String - last time this setting was modified.
- time
Remaining Double - Value of the zone setting. Notes: The interval (in seconds) from when development mode expires (positive integer) or last expired (negative integer) for the domain. If development mode has never been enabled, this value is false.
- editable boolean
- Whether or not this setting can be modified for this zone (based on your Cloudflare plan level).
- id string
- The provider-assigned unique ID for this managed resource.
- modified
On string - last time this setting was modified.
- time
Remaining number - Value of the zone setting. Notes: The interval (in seconds) from when development mode expires (positive integer) or last expired (negative integer) for the domain. If development mode has never been enabled, this value is false.
- editable bool
- Whether or not this setting can be modified for this zone (based on your Cloudflare plan level).
- id str
- The provider-assigned unique ID for this managed resource.
- modified_
on str - last time this setting was modified.
- time_
remaining float - Value of the zone setting. Notes: The interval (in seconds) from when development mode expires (positive integer) or last expired (negative integer) for the domain. If development mode has never been enabled, this value is false.
- editable Boolean
- Whether or not this setting can be modified for this zone (based on your Cloudflare plan level).
- id String
- The provider-assigned unique ID for this managed resource.
- modified
On String - last time this setting was modified.
- time
Remaining Number - Value of the zone setting. Notes: The interval (in seconds) from when development mode expires (positive integer) or last expired (negative integer) for the domain. If development mode has never been enabled, this value is false.
Look up Existing ZoneSetting Resource
Get an existing ZoneSetting resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ZoneSettingState, opts?: CustomResourceOptions): ZoneSetting@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
editable: Optional[bool] = None,
enabled: Optional[bool] = None,
modified_on: Optional[str] = None,
setting_id: Optional[str] = None,
time_remaining: Optional[float] = None,
value: Optional[Any] = None,
zone_id: Optional[str] = None) -> ZoneSettingfunc GetZoneSetting(ctx *Context, name string, id IDInput, state *ZoneSettingState, opts ...ResourceOption) (*ZoneSetting, error)public static ZoneSetting Get(string name, Input<string> id, ZoneSettingState? state, CustomResourceOptions? opts = null)public static ZoneSetting get(String name, Output<String> id, ZoneSettingState state, CustomResourceOptions options)resources: _: type: cloudflare:ZoneSetting get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Editable bool
- Whether or not this setting can be modified for this zone (based on your Cloudflare plan level).
- Enabled bool
- ssl-recommender enrollment setting.
- Modified
On string - last time this setting was modified.
- Setting
Id string - Setting name
- Time
Remaining double - Value of the zone setting. Notes: The interval (in seconds) from when development mode expires (positive integer) or last expired (negative integer) for the domain. If development mode has never been enabled, this value is false.
- Value object
- Current value of the zone setting.
- Zone
Id string - Identifier
- Editable bool
- Whether or not this setting can be modified for this zone (based on your Cloudflare plan level).
- Enabled bool
- ssl-recommender enrollment setting.
- Modified
On string - last time this setting was modified.
- Setting
Id string - Setting name
- Time
Remaining float64 - Value of the zone setting. Notes: The interval (in seconds) from when development mode expires (positive integer) or last expired (negative integer) for the domain. If development mode has never been enabled, this value is false.
- Value interface{}
- Current value of the zone setting.
- Zone
Id string - Identifier
- editable Boolean
- Whether or not this setting can be modified for this zone (based on your Cloudflare plan level).
- enabled Boolean
- ssl-recommender enrollment setting.
- modified
On String - last time this setting was modified.
- setting
Id String - Setting name
- time
Remaining Double - Value of the zone setting. Notes: The interval (in seconds) from when development mode expires (positive integer) or last expired (negative integer) for the domain. If development mode has never been enabled, this value is false.
- value Object
- Current value of the zone setting.
- zone
Id String - Identifier
- editable boolean
- Whether or not this setting can be modified for this zone (based on your Cloudflare plan level).
- enabled boolean
- ssl-recommender enrollment setting.
- modified
On string - last time this setting was modified.
- setting
Id string - Setting name
- time
Remaining number - Value of the zone setting. Notes: The interval (in seconds) from when development mode expires (positive integer) or last expired (negative integer) for the domain. If development mode has never been enabled, this value is false.
- value any
- Current value of the zone setting.
- zone
Id string - Identifier
- editable bool
- Whether or not this setting can be modified for this zone (based on your Cloudflare plan level).
- enabled bool
- ssl-recommender enrollment setting.
- modified_
on str - last time this setting was modified.
- setting_
id str - Setting name
- time_
remaining float - Value of the zone setting. Notes: The interval (in seconds) from when development mode expires (positive integer) or last expired (negative integer) for the domain. If development mode has never been enabled, this value is false.
- value Any
- Current value of the zone setting.
- zone_
id str - Identifier
- editable Boolean
- Whether or not this setting can be modified for this zone (based on your Cloudflare plan level).
- enabled Boolean
- ssl-recommender enrollment setting.
- modified
On String - last time this setting was modified.
- setting
Id String - Setting name
- time
Remaining Number - Value of the zone setting. Notes: The interval (in seconds) from when development mode expires (positive integer) or last expired (negative integer) for the domain. If development mode has never been enabled, this value is false.
- value Any
- Current value of the zone setting.
- zone
Id String - Identifier
Import
$ pulumi import cloudflare:index/zoneSetting:ZoneSetting example '<zone_id>/<setting_id>'
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Cloudflare pulumi/pulumi-cloudflare
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
cloudflareTerraform Provider.
Viewing docs for Cloudflare v6.15.0
published on Saturday, May 2, 2026 by Pulumi
published on Saturday, May 2, 2026 by Pulumi
