Viewing docs for Cloudflare v4.16.0 (Older version)
published on Monday, Mar 9, 2026 by Pulumi
published on Monday, Mar 9, 2026 by Pulumi
Viewing docs for Cloudflare v4.16.0 (Older version)
published on Monday, Mar 9, 2026 by Pulumi
published on Monday, Mar 9, 2026 by Pulumi
Provides a Cloudflare Tunnel configuration resource.
!> When you delete a tunnel configuration, the tunnel will be deleted. You need to make sure that the tunnel is not in use before deleting the configuration.
Example Usage
using System.Collections.Generic;
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;
return await Deployment.RunAsync(() =>
{
var exampleTunnel = new Cloudflare.ArgoTunnel("exampleTunnel", new()
{
AccountId = "f037e56e89293a057740de681ac9abbe",
Name = "example_tunnel",
Secret = "<32 character secret>",
});
var exampleConfig = new Cloudflare.TunnelConfig("exampleConfig", new()
{
AccountId = "f037e56e89293a057740de681ac9abbe",
TunnelId = exampleTunnel.Id,
Config = new Cloudflare.Inputs.TunnelConfigConfigArgs
{
WarpRouting = new Cloudflare.Inputs.TunnelConfigConfigWarpRoutingArgs
{
Enabled = true,
},
OriginRequest = new Cloudflare.Inputs.TunnelConfigConfigOriginRequestArgs
{
ConnectTimeout = "1m0s",
TlsTimeout = "1m0s",
TcpKeepAlive = "1m0s",
NoHappyEyeballs = false,
KeepAliveConnections = 1024,
KeepAliveTimeout = "1m0s",
HttpHostHeader = "baz",
OriginServerName = "foobar",
CaPool = "/path/to/unsigned/ca/pool",
NoTlsVerify = false,
DisableChunkedEncoding = false,
BastionMode = false,
ProxyAddress = "10.0.0.1",
ProxyPort = 8123,
ProxyType = "socks",
IpRules = new[]
{
new Cloudflare.Inputs.TunnelConfigConfigOriginRequestIpRuleArgs
{
Prefix = "/web",
Ports = new[]
{
80,
443,
},
Allow = false,
},
},
},
IngressRules = new[]
{
new Cloudflare.Inputs.TunnelConfigConfigIngressRuleArgs
{
Hostname = "foo",
Path = "/bar",
Service = "http://10.0.0.2:8080",
},
new Cloudflare.Inputs.TunnelConfigConfigIngressRuleArgs
{
Service = "https://10.0.0.3:8081",
},
},
},
});
});
package main
import (
"github.com/pulumi/pulumi-cloudflare/sdk/v4/go/cloudflare"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleTunnel, err := cloudflare.NewArgoTunnel(ctx, "exampleTunnel", &cloudflare.ArgoTunnelArgs{
AccountId: pulumi.String("f037e56e89293a057740de681ac9abbe"),
Name: pulumi.String("example_tunnel"),
Secret: pulumi.String("<32 character secret>"),
})
if err != nil {
return err
}
_, err = cloudflare.NewTunnelConfig(ctx, "exampleConfig", &cloudflare.TunnelConfigArgs{
AccountId: pulumi.String("f037e56e89293a057740de681ac9abbe"),
TunnelId: exampleTunnel.ID(),
Config: &cloudflare.TunnelConfigConfigArgs{
WarpRouting: &cloudflare.TunnelConfigConfigWarpRoutingArgs{
Enabled: pulumi.Bool(true),
},
OriginRequest: &cloudflare.TunnelConfigConfigOriginRequestArgs{
ConnectTimeout: pulumi.String("1m0s"),
TlsTimeout: pulumi.String("1m0s"),
TcpKeepAlive: pulumi.String("1m0s"),
NoHappyEyeballs: pulumi.Bool(false),
KeepAliveConnections: pulumi.Int(1024),
KeepAliveTimeout: pulumi.String("1m0s"),
HttpHostHeader: pulumi.String("baz"),
OriginServerName: pulumi.String("foobar"),
CaPool: pulumi.String("/path/to/unsigned/ca/pool"),
NoTlsVerify: pulumi.Bool(false),
DisableChunkedEncoding: pulumi.Bool(false),
BastionMode: pulumi.Bool(false),
ProxyAddress: pulumi.String("10.0.0.1"),
ProxyPort: pulumi.Int(8123),
ProxyType: pulumi.String("socks"),
IpRules: cloudflare.TunnelConfigConfigOriginRequestIpRuleArray{
&cloudflare.TunnelConfigConfigOriginRequestIpRuleArgs{
Prefix: pulumi.String("/web"),
Ports: pulumi.IntArray{
pulumi.Int(80),
pulumi.Int(443),
},
Allow: pulumi.Bool(false),
},
},
},
IngressRules: cloudflare.TunnelConfigConfigIngressRuleArray{
&cloudflare.TunnelConfigConfigIngressRuleArgs{
Hostname: pulumi.String("foo"),
Path: pulumi.String("/bar"),
Service: pulumi.String("http://10.0.0.2:8080"),
},
&cloudflare.TunnelConfigConfigIngressRuleArgs{
Service: pulumi.String("https://10.0.0.3:8081"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudflare.ArgoTunnel;
import com.pulumi.cloudflare.ArgoTunnelArgs;
import com.pulumi.cloudflare.TunnelConfig;
import com.pulumi.cloudflare.TunnelConfigArgs;
import com.pulumi.cloudflare.inputs.TunnelConfigConfigArgs;
import com.pulumi.cloudflare.inputs.TunnelConfigConfigWarpRoutingArgs;
import com.pulumi.cloudflare.inputs.TunnelConfigConfigOriginRequestArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleTunnel = new ArgoTunnel("exampleTunnel", ArgoTunnelArgs.builder()
.accountId("f037e56e89293a057740de681ac9abbe")
.name("example_tunnel")
.secret("<32 character secret>")
.build());
var exampleConfig = new TunnelConfig("exampleConfig", TunnelConfigArgs.builder()
.accountId("f037e56e89293a057740de681ac9abbe")
.tunnelId(exampleTunnel.id())
.config(TunnelConfigConfigArgs.builder()
.warpRouting(TunnelConfigConfigWarpRoutingArgs.builder()
.enabled(true)
.build())
.originRequest(TunnelConfigConfigOriginRequestArgs.builder()
.connectTimeout("1m0s")
.tlsTimeout("1m0s")
.tcpKeepAlive("1m0s")
.noHappyEyeballs(false)
.keepAliveConnections(1024)
.keepAliveTimeout("1m0s")
.httpHostHeader("baz")
.originServerName("foobar")
.caPool("/path/to/unsigned/ca/pool")
.noTlsVerify(false)
.disableChunkedEncoding(false)
.bastionMode(false)
.proxyAddress("10.0.0.1")
.proxyPort("8123")
.proxyType("socks")
.ipRules(TunnelConfigConfigOriginRequestIpRuleArgs.builder()
.prefix("/web")
.ports(
80,
443)
.allow(false)
.build())
.build())
.ingressRules(
TunnelConfigConfigIngressRuleArgs.builder()
.hostname("foo")
.path("/bar")
.service("http://10.0.0.2:8080")
.build(),
TunnelConfigConfigIngressRuleArgs.builder()
.service("https://10.0.0.3:8081")
.build())
.build())
.build());
}
}
import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";
const exampleTunnel = new cloudflare.ArgoTunnel("exampleTunnel", {
accountId: "f037e56e89293a057740de681ac9abbe",
name: "example_tunnel",
secret: "<32 character secret>",
});
const exampleConfig = new cloudflare.TunnelConfig("exampleConfig", {
accountId: "f037e56e89293a057740de681ac9abbe",
tunnelId: exampleTunnel.id,
config: {
warpRouting: {
enabled: true,
},
originRequest: {
connectTimeout: "1m0s",
tlsTimeout: "1m0s",
tcpKeepAlive: "1m0s",
noHappyEyeballs: false,
keepAliveConnections: 1024,
keepAliveTimeout: "1m0s",
httpHostHeader: "baz",
originServerName: "foobar",
caPool: "/path/to/unsigned/ca/pool",
noTlsVerify: false,
disableChunkedEncoding: false,
bastionMode: false,
proxyAddress: "10.0.0.1",
proxyPort: 8123,
proxyType: "socks",
ipRules: [{
prefix: "/web",
ports: [
80,
443,
],
allow: false,
}],
},
ingressRules: [
{
hostname: "foo",
path: "/bar",
service: "http://10.0.0.2:8080",
},
{
service: "https://10.0.0.3:8081",
},
],
},
});
import pulumi
import pulumi_cloudflare as cloudflare
example_tunnel = cloudflare.ArgoTunnel("exampleTunnel",
account_id="f037e56e89293a057740de681ac9abbe",
name="example_tunnel",
secret="<32 character secret>")
example_config = cloudflare.TunnelConfig("exampleConfig",
account_id="f037e56e89293a057740de681ac9abbe",
tunnel_id=example_tunnel.id,
config=cloudflare.TunnelConfigConfigArgs(
warp_routing=cloudflare.TunnelConfigConfigWarpRoutingArgs(
enabled=True,
),
origin_request=cloudflare.TunnelConfigConfigOriginRequestArgs(
connect_timeout="1m0s",
tls_timeout="1m0s",
tcp_keep_alive="1m0s",
no_happy_eyeballs=False,
keep_alive_connections=1024,
keep_alive_timeout="1m0s",
http_host_header="baz",
origin_server_name="foobar",
ca_pool="/path/to/unsigned/ca/pool",
no_tls_verify=False,
disable_chunked_encoding=False,
bastion_mode=False,
proxy_address="10.0.0.1",
proxy_port=8123,
proxy_type="socks",
ip_rules=[cloudflare.TunnelConfigConfigOriginRequestIpRuleArgs(
prefix="/web",
ports=[
80,
443,
],
allow=False,
)],
),
ingress_rules=[
cloudflare.TunnelConfigConfigIngressRuleArgs(
hostname="foo",
path="/bar",
service="http://10.0.0.2:8080",
),
cloudflare.TunnelConfigConfigIngressRuleArgs(
service="https://10.0.0.3:8081",
),
],
))
resources:
exampleTunnel:
type: cloudflare:ArgoTunnel
properties:
accountId: f037e56e89293a057740de681ac9abbe
name: example_tunnel
secret: <32 character secret>
exampleConfig:
type: cloudflare:TunnelConfig
properties:
accountId: f037e56e89293a057740de681ac9abbe
tunnelId: ${exampleTunnel.id}
config:
warpRouting:
enabled: true
originRequest:
connectTimeout: 1m0s
tlsTimeout: 1m0s
tcpKeepAlive: 1m0s
noHappyEyeballs: false
keepAliveConnections: 1024
keepAliveTimeout: 1m0s
httpHostHeader: baz
originServerName: foobar
caPool: /path/to/unsigned/ca/pool
noTlsVerify: false
disableChunkedEncoding: false
bastionMode: false
proxyAddress: 10.0.0.1
proxyPort: '8123'
proxyType: socks
ipRules:
- prefix: /web
ports:
- 80
- 443
allow: false
ingressRules:
- hostname: foo
path: /bar
service: http://10.0.0.2:8080
- service: https://10.0.0.3:8081
Create TunnelConfig Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new TunnelConfig(name: string, args: TunnelConfigArgs, opts?: CustomResourceOptions);@overload
def TunnelConfig(resource_name: str,
args: TunnelConfigArgs,
opts: Optional[ResourceOptions] = None)
@overload
def TunnelConfig(resource_name: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
config: Optional[TunnelConfigConfigArgs] = None,
tunnel_id: Optional[str] = None)func NewTunnelConfig(ctx *Context, name string, args TunnelConfigArgs, opts ...ResourceOption) (*TunnelConfig, error)public TunnelConfig(string name, TunnelConfigArgs args, CustomResourceOptions? opts = null)
public TunnelConfig(String name, TunnelConfigArgs args)
public TunnelConfig(String name, TunnelConfigArgs args, CustomResourceOptions options)
type: cloudflare:TunnelConfig
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args TunnelConfigArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args TunnelConfigArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args TunnelConfigArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args TunnelConfigArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args TunnelConfigArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var tunnelConfigResource = new Cloudflare.TunnelConfig("tunnelConfigResource", new()
{
AccountId = "string",
Config = new Cloudflare.Inputs.TunnelConfigConfigArgs
{
IngressRules = new[]
{
new Cloudflare.Inputs.TunnelConfigConfigIngressRuleArgs
{
Service = "string",
Hostname = "string",
Path = "string",
},
},
OriginRequest = new Cloudflare.Inputs.TunnelConfigConfigOriginRequestArgs
{
BastionMode = false,
CaPool = "string",
ConnectTimeout = "string",
DisableChunkedEncoding = false,
HttpHostHeader = "string",
IpRules = new[]
{
new Cloudflare.Inputs.TunnelConfigConfigOriginRequestIpRuleArgs
{
Allow = false,
Ports = new[]
{
0,
},
Prefix = "string",
},
},
KeepAliveConnections = 0,
KeepAliveTimeout = "string",
NoHappyEyeballs = false,
NoTlsVerify = false,
OriginServerName = "string",
ProxyAddress = "string",
ProxyPort = 0,
ProxyType = "string",
TcpKeepAlive = "string",
TlsTimeout = "string",
},
WarpRouting = new Cloudflare.Inputs.TunnelConfigConfigWarpRoutingArgs
{
Enabled = false,
},
},
TunnelId = "string",
});
example, err := cloudflare.NewTunnelConfig(ctx, "tunnelConfigResource", &cloudflare.TunnelConfigArgs{
AccountId: pulumi.String("string"),
Config: &cloudflare.TunnelConfigConfigArgs{
IngressRules: cloudflare.TunnelConfigConfigIngressRuleArray{
&cloudflare.TunnelConfigConfigIngressRuleArgs{
Service: pulumi.String("string"),
Hostname: pulumi.String("string"),
Path: pulumi.String("string"),
},
},
OriginRequest: &cloudflare.TunnelConfigConfigOriginRequestArgs{
BastionMode: pulumi.Bool(false),
CaPool: pulumi.String("string"),
ConnectTimeout: pulumi.String("string"),
DisableChunkedEncoding: pulumi.Bool(false),
HttpHostHeader: pulumi.String("string"),
IpRules: cloudflare.TunnelConfigConfigOriginRequestIpRuleArray{
&cloudflare.TunnelConfigConfigOriginRequestIpRuleArgs{
Allow: pulumi.Bool(false),
Ports: pulumi.IntArray{
pulumi.Int(0),
},
Prefix: pulumi.String("string"),
},
},
KeepAliveConnections: pulumi.Int(0),
KeepAliveTimeout: pulumi.String("string"),
NoHappyEyeballs: pulumi.Bool(false),
NoTlsVerify: pulumi.Bool(false),
OriginServerName: pulumi.String("string"),
ProxyAddress: pulumi.String("string"),
ProxyPort: pulumi.Int(0),
ProxyType: pulumi.String("string"),
TcpKeepAlive: pulumi.String("string"),
TlsTimeout: pulumi.String("string"),
},
WarpRouting: &cloudflare.TunnelConfigConfigWarpRoutingArgs{
Enabled: pulumi.Bool(false),
},
},
TunnelId: pulumi.String("string"),
})
var tunnelConfigResource = new TunnelConfig("tunnelConfigResource", TunnelConfigArgs.builder()
.accountId("string")
.config(TunnelConfigConfigArgs.builder()
.ingressRules(TunnelConfigConfigIngressRuleArgs.builder()
.service("string")
.hostname("string")
.path("string")
.build())
.originRequest(TunnelConfigConfigOriginRequestArgs.builder()
.bastionMode(false)
.caPool("string")
.connectTimeout("string")
.disableChunkedEncoding(false)
.httpHostHeader("string")
.ipRules(TunnelConfigConfigOriginRequestIpRuleArgs.builder()
.allow(false)
.ports(0)
.prefix("string")
.build())
.keepAliveConnections(0)
.keepAliveTimeout("string")
.noHappyEyeballs(false)
.noTlsVerify(false)
.originServerName("string")
.proxyAddress("string")
.proxyPort(0)
.proxyType("string")
.tcpKeepAlive("string")
.tlsTimeout("string")
.build())
.warpRouting(TunnelConfigConfigWarpRoutingArgs.builder()
.enabled(false)
.build())
.build())
.tunnelId("string")
.build());
tunnel_config_resource = cloudflare.TunnelConfig("tunnelConfigResource",
account_id="string",
config={
"ingress_rules": [{
"service": "string",
"hostname": "string",
"path": "string",
}],
"origin_request": {
"bastion_mode": False,
"ca_pool": "string",
"connect_timeout": "string",
"disable_chunked_encoding": False,
"http_host_header": "string",
"ip_rules": [{
"allow": False,
"ports": [0],
"prefix": "string",
}],
"keep_alive_connections": 0,
"keep_alive_timeout": "string",
"no_happy_eyeballs": False,
"no_tls_verify": False,
"origin_server_name": "string",
"proxy_address": "string",
"proxy_port": 0,
"proxy_type": "string",
"tcp_keep_alive": "string",
"tls_timeout": "string",
},
"warp_routing": {
"enabled": False,
},
},
tunnel_id="string")
const tunnelConfigResource = new cloudflare.TunnelConfig("tunnelConfigResource", {
accountId: "string",
config: {
ingressRules: [{
service: "string",
hostname: "string",
path: "string",
}],
originRequest: {
bastionMode: false,
caPool: "string",
connectTimeout: "string",
disableChunkedEncoding: false,
httpHostHeader: "string",
ipRules: [{
allow: false,
ports: [0],
prefix: "string",
}],
keepAliveConnections: 0,
keepAliveTimeout: "string",
noHappyEyeballs: false,
noTlsVerify: false,
originServerName: "string",
proxyAddress: "string",
proxyPort: 0,
proxyType: "string",
tcpKeepAlive: "string",
tlsTimeout: "string",
},
warpRouting: {
enabled: false,
},
},
tunnelId: "string",
});
type: cloudflare:TunnelConfig
properties:
accountId: string
config:
ingressRules:
- hostname: string
path: string
service: string
originRequest:
bastionMode: false
caPool: string
connectTimeout: string
disableChunkedEncoding: false
httpHostHeader: string
ipRules:
- allow: false
ports:
- 0
prefix: string
keepAliveConnections: 0
keepAliveTimeout: string
noHappyEyeballs: false
noTlsVerify: false
originServerName: string
proxyAddress: string
proxyPort: 0
proxyType: string
tcpKeepAlive: string
tlsTimeout: string
warpRouting:
enabled: false
tunnelId: string
TunnelConfig Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The TunnelConfig resource accepts the following input properties:
- Account
Id string - The account identifier to target for the resource.
- Config
Tunnel
Config Config - Configuration block for Tunnel Configuration.
- Tunnel
Id string - Identifier of the Tunnel to target for this configuration.
- Account
Id string - The account identifier to target for the resource.
- Config
Tunnel
Config Config Args - Configuration block for Tunnel Configuration.
- Tunnel
Id string - Identifier of the Tunnel to target for this configuration.
- account
Id String - The account identifier to target for the resource.
- config
Tunnel
Config Config - Configuration block for Tunnel Configuration.
- tunnel
Id String - Identifier of the Tunnel to target for this configuration.
- account
Id string - The account identifier to target for the resource.
- config
Tunnel
Config Config - Configuration block for Tunnel Configuration.
- tunnel
Id string - Identifier of the Tunnel to target for this configuration.
- account_
id str - The account identifier to target for the resource.
- config
Tunnel
Config Config Args - Configuration block for Tunnel Configuration.
- tunnel_
id str - Identifier of the Tunnel to target for this configuration.
- account
Id String - The account identifier to target for the resource.
- config Property Map
- Configuration block for Tunnel Configuration.
- tunnel
Id String - Identifier of the Tunnel to target for this configuration.
Outputs
All input properties are implicitly available as output properties. Additionally, the TunnelConfig resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing TunnelConfig Resource
Get an existing TunnelConfig resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: TunnelConfigState, opts?: CustomResourceOptions): TunnelConfig@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
config: Optional[TunnelConfigConfigArgs] = None,
tunnel_id: Optional[str] = None) -> TunnelConfigfunc GetTunnelConfig(ctx *Context, name string, id IDInput, state *TunnelConfigState, opts ...ResourceOption) (*TunnelConfig, error)public static TunnelConfig Get(string name, Input<string> id, TunnelConfigState? state, CustomResourceOptions? opts = null)public static TunnelConfig get(String name, Output<String> id, TunnelConfigState state, CustomResourceOptions options)resources: _: type: cloudflare:TunnelConfig get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Account
Id string - The account identifier to target for the resource.
- Config
Tunnel
Config Config - Configuration block for Tunnel Configuration.
- Tunnel
Id string - Identifier of the Tunnel to target for this configuration.
- Account
Id string - The account identifier to target for the resource.
- Config
Tunnel
Config Config Args - Configuration block for Tunnel Configuration.
- Tunnel
Id string - Identifier of the Tunnel to target for this configuration.
- account
Id String - The account identifier to target for the resource.
- config
Tunnel
Config Config - Configuration block for Tunnel Configuration.
- tunnel
Id String - Identifier of the Tunnel to target for this configuration.
- account
Id string - The account identifier to target for the resource.
- config
Tunnel
Config Config - Configuration block for Tunnel Configuration.
- tunnel
Id string - Identifier of the Tunnel to target for this configuration.
- account_
id str - The account identifier to target for the resource.
- config
Tunnel
Config Config Args - Configuration block for Tunnel Configuration.
- tunnel_
id str - Identifier of the Tunnel to target for this configuration.
- account
Id String - The account identifier to target for the resource.
- config Property Map
- Configuration block for Tunnel Configuration.
- tunnel
Id String - Identifier of the Tunnel to target for this configuration.
Supporting Types
TunnelConfigConfig, TunnelConfigConfigArgs
- Ingress
Rules List<TunnelConfig Config Ingress Rule> - Each incoming request received by cloudflared causes cloudflared to send a request to a local service. This section configures the rules that determine which requests are sent to which local services. Read more.
- Origin
Request TunnelConfig Config Origin Request - Warp
Routing TunnelConfig Config Warp Routing - If you're exposing a private network, you need to add the
warp-routingkey and set it totrue.
- Ingress
Rules []TunnelConfig Config Ingress Rule - Each incoming request received by cloudflared causes cloudflared to send a request to a local service. This section configures the rules that determine which requests are sent to which local services. Read more.
- Origin
Request TunnelConfig Config Origin Request - Warp
Routing TunnelConfig Config Warp Routing - If you're exposing a private network, you need to add the
warp-routingkey and set it totrue.
- ingress
Rules List<TunnelConfig Config Ingress Rule> - Each incoming request received by cloudflared causes cloudflared to send a request to a local service. This section configures the rules that determine which requests are sent to which local services. Read more.
- origin
Request TunnelConfig Config Origin Request - warp
Routing TunnelConfig Config Warp Routing - If you're exposing a private network, you need to add the
warp-routingkey and set it totrue.
- ingress
Rules TunnelConfig Config Ingress Rule[] - Each incoming request received by cloudflared causes cloudflared to send a request to a local service. This section configures the rules that determine which requests are sent to which local services. Read more.
- origin
Request TunnelConfig Config Origin Request - warp
Routing TunnelConfig Config Warp Routing - If you're exposing a private network, you need to add the
warp-routingkey and set it totrue.
- ingress_
rules Sequence[TunnelConfig Config Ingress Rule] - Each incoming request received by cloudflared causes cloudflared to send a request to a local service. This section configures the rules that determine which requests are sent to which local services. Read more.
- origin_
request TunnelConfig Config Origin Request - warp_
routing TunnelConfig Config Warp Routing - If you're exposing a private network, you need to add the
warp-routingkey and set it totrue.
- ingress
Rules List<Property Map> - Each incoming request received by cloudflared causes cloudflared to send a request to a local service. This section configures the rules that determine which requests are sent to which local services. Read more.
- origin
Request Property Map - warp
Routing Property Map - If you're exposing a private network, you need to add the
warp-routingkey and set it totrue.
TunnelConfigConfigIngressRule, TunnelConfigConfigIngressRuleArgs
TunnelConfigConfigOriginRequest, TunnelConfigConfigOriginRequestArgs
- Bastion
Mode bool - Ca
Pool string - Connect
Timeout string - Disable
Chunked boolEncoding - Http
Host stringHeader - Ip
Rules List<TunnelConfig Config Origin Request Ip Rule> - Keep
Alive intConnections - Keep
Alive stringTimeout - No
Happy boolEyeballs - No
Tls boolVerify - Origin
Server stringName - Proxy
Address string - Proxy
Port int - Proxy
Type string - Tcp
Keep stringAlive - Tls
Timeout string
- Bastion
Mode bool - Ca
Pool string - Connect
Timeout string - Disable
Chunked boolEncoding - Http
Host stringHeader - Ip
Rules []TunnelConfig Config Origin Request Ip Rule - Keep
Alive intConnections - Keep
Alive stringTimeout - No
Happy boolEyeballs - No
Tls boolVerify - Origin
Server stringName - Proxy
Address string - Proxy
Port int - Proxy
Type string - Tcp
Keep stringAlive - Tls
Timeout string
- bastion
Mode Boolean - ca
Pool String - connect
Timeout String - disable
Chunked BooleanEncoding - http
Host StringHeader - ip
Rules List<TunnelConfig Config Origin Request Ip Rule> - keep
Alive IntegerConnections - keep
Alive StringTimeout - no
Happy BooleanEyeballs - no
Tls BooleanVerify - origin
Server StringName - proxy
Address String - proxy
Port Integer - proxy
Type String - tcp
Keep StringAlive - tls
Timeout String
- bastion
Mode boolean - ca
Pool string - connect
Timeout string - disable
Chunked booleanEncoding - http
Host stringHeader - ip
Rules TunnelConfig Config Origin Request Ip Rule[] - keep
Alive numberConnections - keep
Alive stringTimeout - no
Happy booleanEyeballs - no
Tls booleanVerify - origin
Server stringName - proxy
Address string - proxy
Port number - proxy
Type string - tcp
Keep stringAlive - tls
Timeout string
- bastion_
mode bool - ca_
pool str - connect_
timeout str - disable_
chunked_ boolencoding - http_
host_ strheader - ip_
rules Sequence[TunnelConfig Config Origin Request Ip Rule] - keep_
alive_ intconnections - keep_
alive_ strtimeout - no_
happy_ booleyeballs - no_
tls_ boolverify - origin_
server_ strname - proxy_
address str - proxy_
port int - proxy_
type str - tcp_
keep_ stralive - tls_
timeout str
- bastion
Mode Boolean - ca
Pool String - connect
Timeout String - disable
Chunked BooleanEncoding - http
Host StringHeader - ip
Rules List<Property Map> - keep
Alive NumberConnections - keep
Alive StringTimeout - no
Happy BooleanEyeballs - no
Tls BooleanVerify - origin
Server StringName - proxy
Address String - proxy
Port Number - proxy
Type String - tcp
Keep StringAlive - tls
Timeout String
TunnelConfigConfigOriginRequestIpRule, TunnelConfigConfigOriginRequestIpRuleArgs
TunnelConfigConfigWarpRouting, TunnelConfigConfigWarpRoutingArgs
- Enabled bool
- Enabled bool
- enabled Boolean
- enabled boolean
- enabled bool
- enabled Boolean
Package Details
- Repository
- Cloudflare pulumi/pulumi-cloudflare
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
cloudflareTerraform Provider.
Viewing docs for Cloudflare v4.16.0 (Older version)
published on Monday, Mar 9, 2026 by Pulumi
published on Monday, Mar 9, 2026 by Pulumi
