Viewing docs for Cloudflare v4.16.0 (Older version)
published on Monday, Mar 9, 2026 by Pulumi
published on Monday, Mar 9, 2026 by Pulumi
Viewing docs for Cloudflare v4.16.0 (Older version)
published on Monday, Mar 9, 2026 by Pulumi
published on Monday, Mar 9, 2026 by Pulumi
A Zero Trust organization defines the user login experience.
Example Usage
using System.Collections.Generic;
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;
return await Deployment.RunAsync(() =>
{
var example = new Cloudflare.AccessOrganization("example", new()
{
AccountId = "f037e56e89293a057740de681ac9abbe",
AuthDomain = "example.cloudflareaccess.com",
IsUiReadOnly = false,
LoginDesigns = new[]
{
new Cloudflare.Inputs.AccessOrganizationLoginDesignArgs
{
BackgroundColor = "#ffffff",
FooterText = "My footer text",
HeaderText = "My header text",
LogoPath = "https://example.com/logo.png",
TextColor = "#000000",
},
},
Name = "example.cloudflareaccess.com",
UserSeatExpirationInactiveTime = "720h",
});
});
package main
import (
"github.com/pulumi/pulumi-cloudflare/sdk/v4/go/cloudflare"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cloudflare.NewAccessOrganization(ctx, "example", &cloudflare.AccessOrganizationArgs{
AccountId: pulumi.String("f037e56e89293a057740de681ac9abbe"),
AuthDomain: pulumi.String("example.cloudflareaccess.com"),
IsUiReadOnly: pulumi.Bool(false),
LoginDesigns: cloudflare.AccessOrganizationLoginDesignArray{
&cloudflare.AccessOrganizationLoginDesignArgs{
BackgroundColor: pulumi.String("#ffffff"),
FooterText: pulumi.String("My footer text"),
HeaderText: pulumi.String("My header text"),
LogoPath: pulumi.String("https://example.com/logo.png"),
TextColor: pulumi.String("#000000"),
},
},
Name: pulumi.String("example.cloudflareaccess.com"),
UserSeatExpirationInactiveTime: pulumi.String("720h"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudflare.AccessOrganization;
import com.pulumi.cloudflare.AccessOrganizationArgs;
import com.pulumi.cloudflare.inputs.AccessOrganizationLoginDesignArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new AccessOrganization("example", AccessOrganizationArgs.builder()
.accountId("f037e56e89293a057740de681ac9abbe")
.authDomain("example.cloudflareaccess.com")
.isUiReadOnly(false)
.loginDesigns(AccessOrganizationLoginDesignArgs.builder()
.backgroundColor("#ffffff")
.footerText("My footer text")
.headerText("My header text")
.logoPath("https://example.com/logo.png")
.textColor("#000000")
.build())
.name("example.cloudflareaccess.com")
.userSeatExpirationInactiveTime("720h")
.build());
}
}
import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";
const example = new cloudflare.AccessOrganization("example", {
accountId: "f037e56e89293a057740de681ac9abbe",
authDomain: "example.cloudflareaccess.com",
isUiReadOnly: false,
loginDesigns: [{
backgroundColor: "#ffffff",
footerText: "My footer text",
headerText: "My header text",
logoPath: "https://example.com/logo.png",
textColor: "#000000",
}],
name: "example.cloudflareaccess.com",
userSeatExpirationInactiveTime: "720h",
});
import pulumi
import pulumi_cloudflare as cloudflare
example = cloudflare.AccessOrganization("example",
account_id="f037e56e89293a057740de681ac9abbe",
auth_domain="example.cloudflareaccess.com",
is_ui_read_only=False,
login_designs=[cloudflare.AccessOrganizationLoginDesignArgs(
background_color="#ffffff",
footer_text="My footer text",
header_text="My header text",
logo_path="https://example.com/logo.png",
text_color="#000000",
)],
name="example.cloudflareaccess.com",
user_seat_expiration_inactive_time="720h")
resources:
example:
type: cloudflare:AccessOrganization
properties:
accountId: f037e56e89293a057740de681ac9abbe
authDomain: example.cloudflareaccess.com
isUiReadOnly: false
loginDesigns:
- backgroundColor: '#ffffff'
footerText: My footer text
headerText: My header text
logoPath: https://example.com/logo.png
textColor: '#000000'
name: example.cloudflareaccess.com
userSeatExpirationInactiveTime: 720h
Create AccessOrganization Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new AccessOrganization(name: string, args: AccessOrganizationArgs, opts?: CustomResourceOptions);@overload
def AccessOrganization(resource_name: str,
args: AccessOrganizationArgs,
opts: Optional[ResourceOptions] = None)
@overload
def AccessOrganization(resource_name: str,
opts: Optional[ResourceOptions] = None,
auth_domain: Optional[str] = None,
account_id: Optional[str] = None,
is_ui_read_only: Optional[bool] = None,
login_designs: Optional[Sequence[AccessOrganizationLoginDesignArgs]] = None,
name: Optional[str] = None,
user_seat_expiration_inactive_time: Optional[str] = None,
zone_id: Optional[str] = None)func NewAccessOrganization(ctx *Context, name string, args AccessOrganizationArgs, opts ...ResourceOption) (*AccessOrganization, error)public AccessOrganization(string name, AccessOrganizationArgs args, CustomResourceOptions? opts = null)
public AccessOrganization(String name, AccessOrganizationArgs args)
public AccessOrganization(String name, AccessOrganizationArgs args, CustomResourceOptions options)
type: cloudflare:AccessOrganization
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args AccessOrganizationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AccessOrganizationArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AccessOrganizationArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AccessOrganizationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AccessOrganizationArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var accessOrganizationResource = new Cloudflare.AccessOrganization("accessOrganizationResource", new()
{
AuthDomain = "string",
AccountId = "string",
IsUiReadOnly = false,
LoginDesigns = new[]
{
new Cloudflare.Inputs.AccessOrganizationLoginDesignArgs
{
BackgroundColor = "string",
FooterText = "string",
HeaderText = "string",
LogoPath = "string",
TextColor = "string",
},
},
Name = "string",
UserSeatExpirationInactiveTime = "string",
ZoneId = "string",
});
example, err := cloudflare.NewAccessOrganization(ctx, "accessOrganizationResource", &cloudflare.AccessOrganizationArgs{
AuthDomain: pulumi.String("string"),
AccountId: pulumi.String("string"),
IsUiReadOnly: pulumi.Bool(false),
LoginDesigns: cloudflare.AccessOrganizationLoginDesignArray{
&cloudflare.AccessOrganizationLoginDesignArgs{
BackgroundColor: pulumi.String("string"),
FooterText: pulumi.String("string"),
HeaderText: pulumi.String("string"),
LogoPath: pulumi.String("string"),
TextColor: pulumi.String("string"),
},
},
Name: pulumi.String("string"),
UserSeatExpirationInactiveTime: pulumi.String("string"),
ZoneId: pulumi.String("string"),
})
var accessOrganizationResource = new AccessOrganization("accessOrganizationResource", AccessOrganizationArgs.builder()
.authDomain("string")
.accountId("string")
.isUiReadOnly(false)
.loginDesigns(AccessOrganizationLoginDesignArgs.builder()
.backgroundColor("string")
.footerText("string")
.headerText("string")
.logoPath("string")
.textColor("string")
.build())
.name("string")
.userSeatExpirationInactiveTime("string")
.zoneId("string")
.build());
access_organization_resource = cloudflare.AccessOrganization("accessOrganizationResource",
auth_domain="string",
account_id="string",
is_ui_read_only=False,
login_designs=[{
"background_color": "string",
"footer_text": "string",
"header_text": "string",
"logo_path": "string",
"text_color": "string",
}],
name="string",
user_seat_expiration_inactive_time="string",
zone_id="string")
const accessOrganizationResource = new cloudflare.AccessOrganization("accessOrganizationResource", {
authDomain: "string",
accountId: "string",
isUiReadOnly: false,
loginDesigns: [{
backgroundColor: "string",
footerText: "string",
headerText: "string",
logoPath: "string",
textColor: "string",
}],
name: "string",
userSeatExpirationInactiveTime: "string",
zoneId: "string",
});
type: cloudflare:AccessOrganization
properties:
accountId: string
authDomain: string
isUiReadOnly: false
loginDesigns:
- backgroundColor: string
footerText: string
headerText: string
logoPath: string
textColor: string
name: string
userSeatExpirationInactiveTime: string
zoneId: string
AccessOrganization Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The AccessOrganization resource accepts the following input properties:
- Auth
Domain string - The unique subdomain assigned to your Zero Trust organization.
- Account
Id string - The account identifier to target for the resource. Conflicts with
zone_id. - Is
Ui boolRead Only - When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- Login
Designs List<AccessOrganization Login Design> - Name string
- The name of your Zero Trust organization.
- User
Seat stringExpiration Inactive Time - The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300msor2h45m. - Zone
Id string - The zone identifier to target for the resource. Conflicts with
account_id.
- Auth
Domain string - The unique subdomain assigned to your Zero Trust organization.
- Account
Id string - The account identifier to target for the resource. Conflicts with
zone_id. - Is
Ui boolRead Only - When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- Login
Designs []AccessOrganization Login Design Args - Name string
- The name of your Zero Trust organization.
- User
Seat stringExpiration Inactive Time - The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300msor2h45m. - Zone
Id string - The zone identifier to target for the resource. Conflicts with
account_id.
- auth
Domain String - The unique subdomain assigned to your Zero Trust organization.
- account
Id String - The account identifier to target for the resource. Conflicts with
zone_id. - is
Ui BooleanRead Only - When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- login
Designs List<AccessOrganization Login Design> - name String
- The name of your Zero Trust organization.
- user
Seat StringExpiration Inactive Time - The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300msor2h45m. - zone
Id String - The zone identifier to target for the resource. Conflicts with
account_id.
- auth
Domain string - The unique subdomain assigned to your Zero Trust organization.
- account
Id string - The account identifier to target for the resource. Conflicts with
zone_id. - is
Ui booleanRead Only - When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- login
Designs AccessOrganization Login Design[] - name string
- The name of your Zero Trust organization.
- user
Seat stringExpiration Inactive Time - The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300msor2h45m. - zone
Id string - The zone identifier to target for the resource. Conflicts with
account_id.
- auth_
domain str - The unique subdomain assigned to your Zero Trust organization.
- account_
id str - The account identifier to target for the resource. Conflicts with
zone_id. - is_
ui_ boolread_ only - When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- login_
designs Sequence[AccessOrganization Login Design Args] - name str
- The name of your Zero Trust organization.
- user_
seat_ strexpiration_ inactive_ time - The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300msor2h45m. - zone_
id str - The zone identifier to target for the resource. Conflicts with
account_id.
- auth
Domain String - The unique subdomain assigned to your Zero Trust organization.
- account
Id String - The account identifier to target for the resource. Conflicts with
zone_id. - is
Ui BooleanRead Only - When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- login
Designs List<Property Map> - name String
- The name of your Zero Trust organization.
- user
Seat StringExpiration Inactive Time - The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300msor2h45m. - zone
Id String - The zone identifier to target for the resource. Conflicts with
account_id.
Outputs
All input properties are implicitly available as output properties. Additionally, the AccessOrganization resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing AccessOrganization Resource
Get an existing AccessOrganization resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AccessOrganizationState, opts?: CustomResourceOptions): AccessOrganization@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
auth_domain: Optional[str] = None,
is_ui_read_only: Optional[bool] = None,
login_designs: Optional[Sequence[AccessOrganizationLoginDesignArgs]] = None,
name: Optional[str] = None,
user_seat_expiration_inactive_time: Optional[str] = None,
zone_id: Optional[str] = None) -> AccessOrganizationfunc GetAccessOrganization(ctx *Context, name string, id IDInput, state *AccessOrganizationState, opts ...ResourceOption) (*AccessOrganization, error)public static AccessOrganization Get(string name, Input<string> id, AccessOrganizationState? state, CustomResourceOptions? opts = null)public static AccessOrganization get(String name, Output<String> id, AccessOrganizationState state, CustomResourceOptions options)resources: _: type: cloudflare:AccessOrganization get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Account
Id string - The account identifier to target for the resource. Conflicts with
zone_id. - Auth
Domain string - The unique subdomain assigned to your Zero Trust organization.
- Is
Ui boolRead Only - When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- Login
Designs List<AccessOrganization Login Design> - Name string
- The name of your Zero Trust organization.
- User
Seat stringExpiration Inactive Time - The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300msor2h45m. - Zone
Id string - The zone identifier to target for the resource. Conflicts with
account_id.
- Account
Id string - The account identifier to target for the resource. Conflicts with
zone_id. - Auth
Domain string - The unique subdomain assigned to your Zero Trust organization.
- Is
Ui boolRead Only - When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- Login
Designs []AccessOrganization Login Design Args - Name string
- The name of your Zero Trust organization.
- User
Seat stringExpiration Inactive Time - The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300msor2h45m. - Zone
Id string - The zone identifier to target for the resource. Conflicts with
account_id.
- account
Id String - The account identifier to target for the resource. Conflicts with
zone_id. - auth
Domain String - The unique subdomain assigned to your Zero Trust organization.
- is
Ui BooleanRead Only - When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- login
Designs List<AccessOrganization Login Design> - name String
- The name of your Zero Trust organization.
- user
Seat StringExpiration Inactive Time - The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300msor2h45m. - zone
Id String - The zone identifier to target for the resource. Conflicts with
account_id.
- account
Id string - The account identifier to target for the resource. Conflicts with
zone_id. - auth
Domain string - The unique subdomain assigned to your Zero Trust organization.
- is
Ui booleanRead Only - When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- login
Designs AccessOrganization Login Design[] - name string
- The name of your Zero Trust organization.
- user
Seat stringExpiration Inactive Time - The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300msor2h45m. - zone
Id string - The zone identifier to target for the resource. Conflicts with
account_id.
- account_
id str - The account identifier to target for the resource. Conflicts with
zone_id. - auth_
domain str - The unique subdomain assigned to your Zero Trust organization.
- is_
ui_ boolread_ only - When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- login_
designs Sequence[AccessOrganization Login Design Args] - name str
- The name of your Zero Trust organization.
- user_
seat_ strexpiration_ inactive_ time - The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300msor2h45m. - zone_
id str - The zone identifier to target for the resource. Conflicts with
account_id.
- account
Id String - The account identifier to target for the resource. Conflicts with
zone_id. - auth
Domain String - The unique subdomain assigned to your Zero Trust organization.
- is
Ui BooleanRead Only - When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- login
Designs List<Property Map> - name String
- The name of your Zero Trust organization.
- user
Seat StringExpiration Inactive Time - The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300msor2h45m. - zone
Id String - The zone identifier to target for the resource. Conflicts with
account_id.
Supporting Types
AccessOrganizationLoginDesign, AccessOrganizationLoginDesignArgs
- Background
Color string - The background color on the login page.
- string
- The text at the bottom of the login page.
- Header
Text string - The text at the top of the login page.
- Logo
Path string - The URL of the logo on the login page.
- Text
Color string - The text color on the login page.
- Background
Color string - The background color on the login page.
- string
- The text at the bottom of the login page.
- Header
Text string - The text at the top of the login page.
- Logo
Path string - The URL of the logo on the login page.
- Text
Color string - The text color on the login page.
- background
Color String - The background color on the login page.
- String
- The text at the bottom of the login page.
- header
Text String - The text at the top of the login page.
- logo
Path String - The URL of the logo on the login page.
- text
Color String - The text color on the login page.
- background
Color string - The background color on the login page.
- string
- The text at the bottom of the login page.
- header
Text string - The text at the top of the login page.
- logo
Path string - The URL of the logo on the login page.
- text
Color string - The text color on the login page.
- background_
color str - The background color on the login page.
- str
- The text at the bottom of the login page.
- header_
text str - The text at the top of the login page.
- logo_
path str - The URL of the logo on the login page.
- text_
color str - The text color on the login page.
- background
Color String - The background color on the login page.
- String
- The text at the bottom of the login page.
- header
Text String - The text at the top of the login page.
- logo
Path String - The URL of the logo on the login page.
- text
Color String - The text color on the login page.
Import
$ pulumi import cloudflare:index/accessOrganization:AccessOrganization example <account_id>
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Cloudflare pulumi/pulumi-cloudflare
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
cloudflareTerraform Provider.
Viewing docs for Cloudflare v4.16.0 (Older version)
published on Monday, Mar 9, 2026 by Pulumi
published on Monday, Mar 9, 2026 by Pulumi
