@gradientedge/cdk-utils 8.140.0 → 8.141.0

package/dist/src/lib/cloudflare/common/construct.d.ts

@@ -1,11 +1,12 @@
 import { TerraformStack } from 'cdktf';
 import { Construct } from 'constructs';
-import { CloudflareApiShieldManager, CloudflareFilterManager, CloudflareFirewallManager, CloudflareWorkerManager, CloudflareZoneManager } from '../services';
+import { CloudflareAccessManager, CloudflareApiShieldManager, CloudflareFilterManager, CloudflareFirewallManager, CloudflareWorkerManager, CloudflareZoneManager } from '../services';
 import { CommonCloudflareStackProps } from './types';
 export declare class CommonCloudflareConstruct extends TerraformStack {
     props: CommonCloudflareStackProps;
     id: string;
     fullyQualifiedDomainName: string;
+    accessManager: CloudflareAccessManager;
     apiShieldManager: CloudflareApiShieldManager;
     filterManager: CloudflareFilterManager;
     firewallManager: CloudflareFirewallManager;

package/dist/src/lib/cloudflare/common/construct.js

@@ -8,6 +8,7 @@ const services_1 = require("../services");
 class CommonCloudflareConstruct extends cdktf_1.TerraformStack {
     id;
     fullyQualifiedDomainName;
+    accessManager;
     apiShieldManager;
     filterManager;
     firewallManager;
@@ -17,6 +18,7 @@ class CommonCloudflareConstruct extends cdktf_1.TerraformStack {
         super(scope, id);
         this.props = props;
         this.id = id;
+        this.accessManager = new services_1.CloudflareAccessManager();
         this.apiShieldManager = new services_1.CloudflareApiShieldManager();
         this.filterManager = new services_1.CloudflareFilterManager();
         this.firewallManager = new services_1.CloudflareFirewallManager();

package/dist/src/lib/cloudflare/services/access/index.d.ts

@@ -0,0 +1,2 @@
+export * from './main';
+export * from './types';

package/dist/src/lib/cloudflare/services/access/index.js

@@ -0,0 +1,18 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./main"), exports);
+__exportStar(require("./types"), exports);

package/dist/src/lib/cloudflare/services/access/main.d.ts

@@ -0,0 +1,120 @@
+import { AccessApplication } from '@cdktf/provider-cloudflare/lib/access-application';
+import { AccessCaCertificate } from '@cdktf/provider-cloudflare/lib/access-ca-certificate';
+import { AccessCustomPage } from '@cdktf/provider-cloudflare/lib/access-custom-page';
+import { AccessGroup } from '@cdktf/provider-cloudflare/lib/access-group';
+import { AccessIdentityProvider } from '@cdktf/provider-cloudflare/lib/access-identity-provider';
+import { AccessMutualTlsCertificate } from '@cdktf/provider-cloudflare/lib/access-mutual-tls-certificate';
+import { CommonCloudflareConstruct } from '../../common';
+import { AccessApplicationProps, AccessCaCertificateProps, AccessCustomPageProps, AccessGroupProps, AccessIdentityProviderProps, AccessMutualTlsCertificateProps, AccessOrganizationProps, AccessPolicyProps, AccessRuleProps, AccessServiceTokenProps, AccessTagProps } from './types';
+import { AccessOrganization } from '@cdktf/provider-cloudflare/lib/access-organization';
+import { AccessPolicy } from '@cdktf/provider-cloudflare/lib/access-policy';
+import { AccessRule } from '@cdktf/provider-cloudflare/lib/access-rule';
+import { AccessServiceToken } from '@cdktf/provider-cloudflare/lib/access-service-token';
+import { AccessTag } from '@cdktf/provider-cloudflare/lib/access-tag';
+/**
+ * @classdesc Provides operations on Cloudflare Access
+ * - A new instance of this class is injected into {@link CommonCloudflareConstruct} constructor.
+ * - If a custom construct extends {@link CommonCloudflareConstruct}, an instance is available within the context.
+ * @example
+ * ```
+ * import { CommonCloudflareConstruct, CommonCloudflareConstruct } from '@gradientedge/cdk-utils'
+ *
+ * class CustomConstruct extends CommonCloudflareConstruct {
+ *   constructor(parent: Construct, id: string, props: CommonCloudflareStackProps) {
+ *     super(parent, id, props)
+ *     this.props = props
+ *     this.accessManager.createApiShield('MyAppAccess', this, props)
+ *   }
+ * }
+ * ```
+ */
+export declare class CloudflareAccessManager {
+    /**
+     * @summary Method to create a new Cloudflare Application Access
+     * @param id scoped id of the resource
+     * @param scope scope in which this resource is defined
+     * @param props access application properties
+     * @see [CDKTF Access Application Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessApplication.typescript.md}
+     */
+    createAccessApplication(id: string, scope: CommonCloudflareConstruct, props: AccessApplicationProps): AccessApplication;
+    /**
+     * @summary Method to create a new Cloudflare Application Access CA Certificate
+     * @param id scoped id of the resource
+     * @param scope scope in which this resource is defined
+     * @param props access ca certificate properties
+     * @see [CDKTF Access Ca Certificate Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessCaCertificate.typescript.md}
+     */
+    createAccessCaCertificate(id: string, scope: CommonCloudflareConstruct, props: AccessCaCertificateProps): AccessCaCertificate;
+    /**
+     * @summary Method to create a new Cloudflare Application Access Custom Page
+     * @param id scoped id of the resource
+     * @param scope scope in which this resource is defined
+     * @param props access custom page properties
+     * @see [CDKTF Access Custom Page Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessCustomPage.typescript.md}
+     */
+    createAccessCustomPage(id: string, scope: CommonCloudflareConstruct, props: AccessCustomPageProps): AccessCustomPage;
+    /**
+     * @summary Method to create a new Cloudflare Application Access Group
+     * @param id scoped id of the resource
+     * @param scope scope in which this resource is defined
+     * @param props access group properties
+     * @see [CDKTF Access Group Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessGroup.typescript.md}
+     */
+    createAccessGroup(id: string, scope: CommonCloudflareConstruct, props: AccessGroupProps): AccessGroup;
+    /**
+     * @summary Method to create a new Cloudflare Application Access Identity Provider
+     * @param id scoped id of the resource
+     * @param scope scope in which this resource is defined
+     * @param props access identity provider properties
+     * @see [CDKTF Access Identity Provider Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessIdentityProvider.typescript.md}
+     */
+    createAccessIdentityProvider(id: string, scope: CommonCloudflareConstruct, props: AccessIdentityProviderProps): AccessIdentityProvider;
+    /**
+     * @summary Method to create a new Cloudflare Application Access Mutual Tls Certificate
+     * @param id scoped id of the resource
+     * @param scope scope in which this resource is defined
+     * @param props access mutual tls certificate properties
+     * @see [CDKTF Access Mutual Tls Certificate Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessMutualTlsCertificate.typescript.md}
+     */
+    createAccessMutualTlsCertificate(id: string, scope: CommonCloudflareConstruct, props: AccessMutualTlsCertificateProps): AccessMutualTlsCertificate;
+    /**
+     * @summary Method to create a new Cloudflare Application Access Organisation
+     * @param id scoped id of the resource
+     * @param scope scope in which this resource is defined
+     * @param props access organisation properties
+     * @see [CDKTF Access Organisation Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessOrganization.typescript.md}
+     */
+    createAccessOrganization(id: string, scope: CommonCloudflareConstruct, props: AccessOrganizationProps): AccessOrganization;
+    /**
+     * @summary Method to create a new Cloudflare Application Access Policy
+     * @param id scoped id of the resource
+     * @param scope scope in which this resource is defined
+     * @param props access policy properties
+     * @see [CDKTF Access Policy Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessPolicy.typescript.md}
+     */
+    createAccessPolicy(id: string, scope: CommonCloudflareConstruct, props: AccessPolicyProps): AccessPolicy;
+    /**
+     * @summary Method to create a new Cloudflare Application Access Rule
+     * @param id scoped id of the resource
+     * @param scope scope in which this resource is defined
+     * @param props access rule properties
+     * @see [CDKTF Access Rule Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessRule.typescript.md}
+     */
+    createAccessRule(id: string, scope: CommonCloudflareConstruct, props: AccessRuleProps): AccessRule;
+    /**
+     * @summary Method to create a new Cloudflare Application Access Service Token
+     * @param id scoped id of the resource
+     * @param scope scope in which this resource is defined
+     * @param props access service token properties
+     * @see [CDKTF Access Service Token Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessServiceToken.typescript.md}
+     */
+    createAccessServiceToken(id: string, scope: CommonCloudflareConstruct, props: AccessServiceTokenProps): AccessServiceToken;
+    /**
+     * @summary Method to create a new Cloudflare Application Access Tag
+     * @param id scoped id of the resource
+     * @param scope scope in which this resource is defined
+     * @param props access tag properties
+     * @see [CDKTF Access Tag Token Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessTag.typescript.md}
+     */
+    createAccessTag(id: string, scope: CommonCloudflareConstruct, props: AccessTagProps): AccessTag;
+}

package/dist/src/lib/cloudflare/services/access/main.js

@@ -0,0 +1,276 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CloudflareAccessManager = void 0;
+const access_application_1 = require("@cdktf/provider-cloudflare/lib/access-application");
+const access_ca_certificate_1 = require("@cdktf/provider-cloudflare/lib/access-ca-certificate");
+const access_custom_page_1 = require("@cdktf/provider-cloudflare/lib/access-custom-page");
+const access_group_1 = require("@cdktf/provider-cloudflare/lib/access-group");
+const access_identity_provider_1 = require("@cdktf/provider-cloudflare/lib/access-identity-provider");
+const access_mutual_tls_certificate_1 = require("@cdktf/provider-cloudflare/lib/access-mutual-tls-certificate");
+const utils_1 = require("../../utils");
+const access_organization_1 = require("@cdktf/provider-cloudflare/lib/access-organization");
+const access_policy_1 = require("@cdktf/provider-cloudflare/lib/access-policy");
+const access_rule_1 = require("@cdktf/provider-cloudflare/lib/access-rule");
+const access_service_token_1 = require("@cdktf/provider-cloudflare/lib/access-service-token");
+const access_tag_1 = require("@cdktf/provider-cloudflare/lib/access-tag");
+/**
+ * @classdesc Provides operations on Cloudflare Access
+ * - A new instance of this class is injected into {@link CommonCloudflareConstruct} constructor.
+ * - If a custom construct extends {@link CommonCloudflareConstruct}, an instance is available within the context.
+ * @example
+ * ```
+ * import { CommonCloudflareConstruct, CommonCloudflareConstruct } from '@gradientedge/cdk-utils'
+ *
+ * class CustomConstruct extends CommonCloudflareConstruct {
+ *   constructor(parent: Construct, id: string, props: CommonCloudflareStackProps) {
+ *     super(parent, id, props)
+ *     this.props = props
+ *     this.accessManager.createApiShield('MyAppAccess', this, props)
+ *   }
+ * }
+ * ```
+ */
+class CloudflareAccessManager {
+    /**
+     * @summary Method to create a new Cloudflare Application Access
+     * @param id scoped id of the resource
+     * @param scope scope in which this resource is defined
+     * @param props access application properties
+     * @see [CDKTF Access Application Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessApplication.typescript.md}
+     */
+    createAccessApplication(id, scope, props) {
+        if (!props)
+            throw `Props undefined for ${id}`;
+        const zoneId = props.zoneId
+            ? props.zoneId
+            : scope.zoneManager.resolveZone(`${id}-data-zone`, scope, { name: scope.props.domainName })?.id;
+        const accessApplication = new access_application_1.AccessApplication(scope, `${id}`, {
+            ...props,
+            domain: `${props.domain}-${scope.props.domainName}`,
+            name: `${props.name}-${scope.props.stage}`,
+            zoneId,
+        });
+        (0, utils_1.createCloudflareTfOutput)(`${id}-accessApplicationFriendlyUniqueId`, scope, accessApplication.friendlyUniqueId);
+        (0, utils_1.createCloudflareTfOutput)(`${id}-accessApplicationId`, scope, accessApplication.id);
+        return accessApplication;
+    }
+    /**
+     * @summary Method to create a new Cloudflare Application Access CA Certificate
+     * @param id scoped id of the resource
+     * @param scope scope in which this resource is defined
+     * @param props access ca certificate properties
+     * @see [CDKTF Access Ca Certificate Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessCaCertificate.typescript.md}
+     */
+    createAccessCaCertificate(id, scope, props) {
+        if (!props)
+            throw `Props undefined for ${id}`;
+        const zoneId = props.zoneId
+            ? props.zoneId
+            : scope.zoneManager.resolveZone(`${id}-data-zone`, scope, { name: scope.props.domainName })?.id;
+        const accessCaCertificate = new access_ca_certificate_1.AccessCaCertificate(scope, `${id}`, {
+            ...props,
+            zoneId,
+        });
+        (0, utils_1.createCloudflareTfOutput)(`${id}-accessCaCertificateFriendlyUniqueId`, scope, accessCaCertificate.friendlyUniqueId);
+        (0, utils_1.createCloudflareTfOutput)(`${id}-accessCaCertificateId`, scope, accessCaCertificate.id);
+        return accessCaCertificate;
+    }
+    /**
+     * @summary Method to create a new Cloudflare Application Access Custom Page
+     * @param id scoped id of the resource
+     * @param scope scope in which this resource is defined
+     * @param props access custom page properties
+     * @see [CDKTF Access Custom Page Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessCustomPage.typescript.md}
+     */
+    createAccessCustomPage(id, scope, props) {
+        if (!props)
+            throw `Props undefined for ${id}`;
+        const zoneId = props.zoneId
+            ? props.zoneId
+            : scope.zoneManager.resolveZone(`${id}-data-zone`, scope, { name: scope.props.domainName })?.id;
+        const accessCustomPage = new access_custom_page_1.AccessCustomPage(scope, `${id}`, {
+            ...props,
+            name: `${props.name}-${scope.props.stage}`,
+            zoneId,
+        });
+        (0, utils_1.createCloudflareTfOutput)(`${id}-accessCustomPageFriendlyUniqueId`, scope, accessCustomPage.friendlyUniqueId);
+        (0, utils_1.createCloudflareTfOutput)(`${id}-accessCustomPageId`, scope, accessCustomPage.id);
+        return accessCustomPage;
+    }
+    /**
+     * @summary Method to create a new Cloudflare Application Access Group
+     * @param id scoped id of the resource
+     * @param scope scope in which this resource is defined
+     * @param props access group properties
+     * @see [CDKTF Access Group Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessGroup.typescript.md}
+     */
+    createAccessGroup(id, scope, props) {
+        if (!props)
+            throw `Props undefined for ${id}`;
+        const zoneId = props.zoneId
+            ? props.zoneId
+            : scope.zoneManager.resolveZone(`${id}-data-zone`, scope, { name: scope.props.domainName })?.id;
+        const accessGroup = new access_group_1.AccessGroup(scope, `${id}`, {
+            ...props,
+            name: `${props.name}-${scope.props.stage}`,
+            zoneId,
+        });
+        (0, utils_1.createCloudflareTfOutput)(`${id}-accessGroupFriendlyUniqueId`, scope, accessGroup.friendlyUniqueId);
+        (0, utils_1.createCloudflareTfOutput)(`${id}-accessGroupId`, scope, accessGroup.id);
+        return accessGroup;
+    }
+    /**
+     * @summary Method to create a new Cloudflare Application Access Identity Provider
+     * @param id scoped id of the resource
+     * @param scope scope in which this resource is defined
+     * @param props access identity provider properties
+     * @see [CDKTF Access Identity Provider Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessIdentityProvider.typescript.md}
+     */
+    createAccessIdentityProvider(id, scope, props) {
+        if (!props)
+            throw `Props undefined for ${id}`;
+        const zoneId = props.zoneId
+            ? props.zoneId
+            : scope.zoneManager.resolveZone(`${id}-data-zone`, scope, { name: scope.props.domainName })?.id;
+        const accessIdentityProvider = new access_identity_provider_1.AccessIdentityProvider(scope, `${id}`, {
+            ...props,
+            name: `${props.name}-${scope.props.stage}`,
+            zoneId,
+        });
+        (0, utils_1.createCloudflareTfOutput)(`${id}-accessIdentityProviderFriendlyUniqueId`, scope, accessIdentityProvider.friendlyUniqueId);
+        (0, utils_1.createCloudflareTfOutput)(`${id}-accessIdentityProviderId`, scope, accessIdentityProvider.id);
+        return accessIdentityProvider;
+    }
+    /**
+     * @summary Method to create a new Cloudflare Application Access Mutual Tls Certificate
+     * @param id scoped id of the resource
+     * @param scope scope in which this resource is defined
+     * @param props access mutual tls certificate properties
+     * @see [CDKTF Access Mutual Tls Certificate Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessMutualTlsCertificate.typescript.md}
+     */
+    createAccessMutualTlsCertificate(id, scope, props) {
+        if (!props)
+            throw `Props undefined for ${id}`;
+        const zoneId = props.zoneId
+            ? props.zoneId
+            : scope.zoneManager.resolveZone(`${id}-data-zone`, scope, { name: scope.props.domainName })?.id;
+        const accessMutualTlsCertificate = new access_mutual_tls_certificate_1.AccessMutualTlsCertificate(scope, `${id}`, {
+            ...props,
+            name: `${props.name}-${scope.props.stage}`,
+            zoneId,
+        });
+        (0, utils_1.createCloudflareTfOutput)(`${id}-accessMutualTlsCertificateFriendlyUniqueId`, scope, accessMutualTlsCertificate.friendlyUniqueId);
+        (0, utils_1.createCloudflareTfOutput)(`${id}-accessMutualTlsCertificateId`, scope, accessMutualTlsCertificate.id);
+        return accessMutualTlsCertificate;
+    }
+    /**
+     * @summary Method to create a new Cloudflare Application Access Organisation
+     * @param id scoped id of the resource
+     * @param scope scope in which this resource is defined
+     * @param props access organisation properties
+     * @see [CDKTF Access Organisation Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessOrganization.typescript.md}
+     */
+    createAccessOrganization(id, scope, props) {
+        if (!props)
+            throw `Props undefined for ${id}`;
+        const zoneId = props.zoneId
+            ? props.zoneId
+            : scope.zoneManager.resolveZone(`${id}-data-zone`, scope, { name: scope.props.domainName })?.id;
+        const accessOrganization = new access_organization_1.AccessOrganization(scope, `${id}`, {
+            ...props,
+            name: `${props.name}-${scope.props.stage}`,
+            zoneId,
+        });
+        (0, utils_1.createCloudflareTfOutput)(`${id}-accessOrganizationFriendlyUniqueId`, scope, accessOrganization.friendlyUniqueId);
+        (0, utils_1.createCloudflareTfOutput)(`${id}-accessOrganizationId`, scope, accessOrganization.id);
+        return accessOrganization;
+    }
+    /**
+     * @summary Method to create a new Cloudflare Application Access Policy
+     * @param id scoped id of the resource
+     * @param scope scope in which this resource is defined
+     * @param props access policy properties
+     * @see [CDKTF Access Policy Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessPolicy.typescript.md}
+     */
+    createAccessPolicy(id, scope, props) {
+        if (!props)
+            throw `Props undefined for ${id}`;
+        const zoneId = props.zoneId
+            ? props.zoneId
+            : scope.zoneManager.resolveZone(`${id}-data-zone`, scope, { name: scope.props.domainName })?.id;
+        const accessPolicy = new access_policy_1.AccessPolicy(scope, `${id}`, {
+            ...props,
+            name: `${props.name}-${scope.props.stage}`,
+            zoneId,
+        });
+        (0, utils_1.createCloudflareTfOutput)(`${id}-accessPolicyFriendlyUniqueId`, scope, accessPolicy.friendlyUniqueId);
+        (0, utils_1.createCloudflareTfOutput)(`${id}-accessPolicyId`, scope, accessPolicy.id);
+        return accessPolicy;
+    }
+    /**
+     * @summary Method to create a new Cloudflare Application Access Rule
+     * @param id scoped id of the resource
+     * @param scope scope in which this resource is defined
+     * @param props access rule properties
+     * @see [CDKTF Access Rule Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessRule.typescript.md}
+     */
+    createAccessRule(id, scope, props) {
+        if (!props)
+            throw `Props undefined for ${id}`;
+        const zoneId = props.zoneId
+            ? props.zoneId
+            : scope.zoneManager.resolveZone(`${id}-data-zone`, scope, { name: scope.props.domainName })?.id;
+        const accessRule = new access_rule_1.AccessRule(scope, `${id}`, {
+            ...props,
+            zoneId,
+        });
+        (0, utils_1.createCloudflareTfOutput)(`${id}-accessRuleFriendlyUniqueId`, scope, accessRule.friendlyUniqueId);
+        (0, utils_1.createCloudflareTfOutput)(`${id}-accessRuleId`, scope, accessRule.id);
+        return accessRule;
+    }
+    /**
+     * @summary Method to create a new Cloudflare Application Access Service Token
+     * @param id scoped id of the resource
+     * @param scope scope in which this resource is defined
+     * @param props access service token properties
+     * @see [CDKTF Access Service Token Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessServiceToken.typescript.md}
+     */
+    createAccessServiceToken(id, scope, props) {
+        if (!props)
+            throw `Props undefined for ${id}`;
+        const zoneId = props.zoneId
+            ? props.zoneId
+            : scope.zoneManager.resolveZone(`${id}-data-zone`, scope, { name: scope.props.domainName })?.id;
+        const accessServiceToken = new access_service_token_1.AccessServiceToken(scope, `${id}`, {
+            ...props,
+            name: `${props.name}-${scope.props.stage}`,
+            zoneId,
+        });
+        (0, utils_1.createCloudflareTfOutput)(`${id}-accessServiceTokenFriendlyUniqueId`, scope, accessServiceToken.friendlyUniqueId);
+        (0, utils_1.createCloudflareTfOutput)(`${id}-accessServiceTokenId`, scope, accessServiceToken.id);
+        return accessServiceToken;
+    }
+    /**
+     * @summary Method to create a new Cloudflare Application Access Tag
+     * @param id scoped id of the resource
+     * @param scope scope in which this resource is defined
+     * @param props access tag properties
+     * @see [CDKTF Access Tag Token Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessTag.typescript.md}
+     */
+    createAccessTag(id, scope, props) {
+        if (!props)
+            throw `Props undefined for ${id}`;
+        const zoneId = props.zoneId
+            ? props.zoneId
+            : scope.zoneManager.resolveZone(`${id}-data-zone`, scope, { name: scope.props.domainName })?.id;
+        const accessTag = new access_tag_1.AccessTag(scope, `${id}`, {
+            ...props,
+            name: `${props.name}-${scope.props.stage}`,
+            zoneId,
+        });
+        (0, utils_1.createCloudflareTfOutput)(`${id}-accessTagFriendlyUniqueId`, scope, accessTag.friendlyUniqueId);
+        (0, utils_1.createCloudflareTfOutput)(`${id}-accessTagId`, scope, accessTag.id);
+        return accessTag;
+    }
+}
+exports.CloudflareAccessManager = CloudflareAccessManager;

package/dist/src/lib/cloudflare/services/access/types.d.ts

@@ -0,0 +1,33 @@
+import { AccessApplicationConfig } from '@cdktf/provider-cloudflare/lib/access-application';
+import { AccessCaCertificateConfig } from '@cdktf/provider-cloudflare/lib/access-ca-certificate';
+import { AccessCustomPageConfig } from '@cdktf/provider-cloudflare/lib/access-custom-page';
+import { AccessGroupConfig } from '@cdktf/provider-cloudflare/lib/access-group';
+import { AccessIdentityProviderConfig } from '@cdktf/provider-cloudflare/lib/access-identity-provider';
+import { AccessMutualTlsCertificateConfig } from '@cdktf/provider-cloudflare/lib/access-mutual-tls-certificate';
+import { AccessOrganizationConfig } from '@cdktf/provider-cloudflare/lib/access-organization';
+import { AccessPolicyConfig } from '@cdktf/provider-cloudflare/lib/access-policy';
+import { AccessRuleConfig } from '@cdktf/provider-cloudflare/lib/access-rule';
+import { AccessServiceTokenConfig } from '@cdktf/provider-cloudflare/lib/access-service-token';
+import { AccessTagConfig } from '@cdktf/provider-cloudflare/lib/access-tag';
+export interface AccessApplicationProps extends AccessApplicationConfig {
+}
+export interface AccessCaCertificateProps extends AccessCaCertificateConfig {
+}
+export interface AccessCustomPageProps extends AccessCustomPageConfig {
+}
+export interface AccessGroupProps extends AccessGroupConfig {
+}
+export interface AccessIdentityProviderProps extends AccessIdentityProviderConfig {
+}
+export interface AccessMutualTlsCertificateProps extends AccessMutualTlsCertificateConfig {
+}
+export interface AccessOrganizationProps extends AccessOrganizationConfig {
+}
+export interface AccessPolicyProps extends AccessPolicyConfig {
+}
+export interface AccessRuleProps extends AccessRuleConfig {
+}
+export interface AccessServiceTokenProps extends AccessServiceTokenConfig {
+}
+export interface AccessTagProps extends AccessTagConfig {
+}

package/dist/src/lib/cloudflare/services/access/types.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/src/lib/cloudflare/services/index.d.ts

@@ -1,3 +1,4 @@
+export * from './access';
 export * from './api-shield';
 export * from './filter';
 export * from './firewall';

package/dist/src/lib/cloudflare/services/index.js

@@ -14,6 +14,7 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./access"), exports);
 __exportStar(require("./api-shield"), exports);
 __exportStar(require("./filter"), exports);
 __exportStar(require("./firewall"), exports);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@gradientedge/cdk-utils",
-  "version": "8.140.0",
+  "version": "8.141.0",
   "description": "Utilities for AWS CDK provisioning",
   "main": "dist/index.js",
   "engines": {

package/src/lib/cloudflare/common/construct.ts

@@ -3,6 +3,7 @@ import { TerraformStack } from 'cdktf'
 import { Construct } from 'constructs'
 import { isDevStage, isPrdStage, isTestStage, isUatStage } from '../../common'
 import {
+  CloudflareAccessManager,
   CloudflareApiShieldManager,
   CloudflareFilterManager,
   CloudflareFirewallManager,
@@ -15,6 +16,7 @@ export class CommonCloudflareConstruct extends TerraformStack {
   declare props: CommonCloudflareStackProps
   id: string
   fullyQualifiedDomainName: string
+  accessManager: CloudflareAccessManager
   apiShieldManager: CloudflareApiShieldManager
   filterManager: CloudflareFilterManager
   firewallManager: CloudflareFirewallManager
@@ -26,6 +28,7 @@ export class CommonCloudflareConstruct extends TerraformStack {
     this.props = props
     this.id = id
 
+    this.accessManager = new CloudflareAccessManager()
     this.apiShieldManager = new CloudflareApiShieldManager()
     this.filterManager = new CloudflareFilterManager()
     this.firewallManager = new CloudflareFirewallManager()

package/src/lib/cloudflare/services/access/index.ts

@@ -0,0 +1,2 @@
+export * from './main'
+export * from './types'

package/src/lib/cloudflare/services/access/main.ts

@@ -0,0 +1,346 @@
+import { AccessApplication } from '@cdktf/provider-cloudflare/lib/access-application'
+import { AccessCaCertificate } from '@cdktf/provider-cloudflare/lib/access-ca-certificate'
+import { AccessCustomPage } from '@cdktf/provider-cloudflare/lib/access-custom-page'
+import { AccessGroup } from '@cdktf/provider-cloudflare/lib/access-group'
+import { AccessIdentityProvider } from '@cdktf/provider-cloudflare/lib/access-identity-provider'
+import { AccessMutualTlsCertificate } from '@cdktf/provider-cloudflare/lib/access-mutual-tls-certificate'
+import { CommonCloudflareConstruct } from '../../common'
+import { createCloudflareTfOutput } from '../../utils'
+import {
+  AccessApplicationProps,
+  AccessCaCertificateProps,
+  AccessCustomPageProps,
+  AccessGroupProps,
+  AccessIdentityProviderProps,
+  AccessMutualTlsCertificateProps,
+  AccessOrganizationProps,
+  AccessPolicyProps,
+  AccessRuleProps,
+  AccessServiceTokenProps,
+  AccessTagProps,
+} from './types'
+import { AccessOrganization } from '@cdktf/provider-cloudflare/lib/access-organization'
+import { AccessPolicy } from '@cdktf/provider-cloudflare/lib/access-policy'
+import { AccessRule } from '@cdktf/provider-cloudflare/lib/access-rule'
+import { AccessServiceToken } from '@cdktf/provider-cloudflare/lib/access-service-token'
+import { AccessTag } from '@cdktf/provider-cloudflare/lib/access-tag'
+
+/**
+ * @classdesc Provides operations on Cloudflare Access
+ * - A new instance of this class is injected into {@link CommonCloudflareConstruct} constructor.
+ * - If a custom construct extends {@link CommonCloudflareConstruct}, an instance is available within the context.
+ * @example
+ * ```
+ * import { CommonCloudflareConstruct, CommonCloudflareConstruct } from '@gradientedge/cdk-utils'
+ *
+ * class CustomConstruct extends CommonCloudflareConstruct {
+ *   constructor(parent: Construct, id: string, props: CommonCloudflareStackProps) {
+ *     super(parent, id, props)
+ *     this.props = props
+ *     this.accessManager.createApiShield('MyAppAccess', this, props)
+ *   }
+ * }
+ * ```
+ */
+export class CloudflareAccessManager {
+  /**
+   * @summary Method to create a new Cloudflare Application Access
+   * @param id scoped id of the resource
+   * @param scope scope in which this resource is defined
+   * @param props access application properties
+   * @see [CDKTF Access Application Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessApplication.typescript.md}
+   */
+  public createAccessApplication(id: string, scope: CommonCloudflareConstruct, props: AccessApplicationProps) {
+    if (!props) throw `Props undefined for ${id}`
+
+    const zoneId = props.zoneId
+      ? props.zoneId
+      : scope.zoneManager.resolveZone(`${id}-data-zone`, scope, { name: scope.props.domainName })?.id
+
+    const accessApplication = new AccessApplication(scope, `${id}`, {
+      ...props,
+      domain: `${props.domain}-${scope.props.domainName}`,
+      name: `${props.name}-${scope.props.stage}`,
+      zoneId,
+    })
+
+    createCloudflareTfOutput(`${id}-accessApplicationFriendlyUniqueId`, scope, accessApplication.friendlyUniqueId)
+    createCloudflareTfOutput(`${id}-accessApplicationId`, scope, accessApplication.id)
+
+    return accessApplication
+  }
+
+  /**
+   * @summary Method to create a new Cloudflare Application Access CA Certificate
+   * @param id scoped id of the resource
+   * @param scope scope in which this resource is defined
+   * @param props access ca certificate properties
+   * @see [CDKTF Access Ca Certificate Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessCaCertificate.typescript.md}
+   */
+  public createAccessCaCertificate(id: string, scope: CommonCloudflareConstruct, props: AccessCaCertificateProps) {
+    if (!props) throw `Props undefined for ${id}`
+
+    const zoneId = props.zoneId
+      ? props.zoneId
+      : scope.zoneManager.resolveZone(`${id}-data-zone`, scope, { name: scope.props.domainName })?.id
+
+    const accessCaCertificate = new AccessCaCertificate(scope, `${id}`, {
+      ...props,
+      zoneId,
+    })
+
+    createCloudflareTfOutput(`${id}-accessCaCertificateFriendlyUniqueId`, scope, accessCaCertificate.friendlyUniqueId)
+    createCloudflareTfOutput(`${id}-accessCaCertificateId`, scope, accessCaCertificate.id)
+
+    return accessCaCertificate
+  }
+
+  /**
+   * @summary Method to create a new Cloudflare Application Access Custom Page
+   * @param id scoped id of the resource
+   * @param scope scope in which this resource is defined
+   * @param props access custom page properties
+   * @see [CDKTF Access Custom Page Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessCustomPage.typescript.md}
+   */
+  public createAccessCustomPage(id: string, scope: CommonCloudflareConstruct, props: AccessCustomPageProps) {
+    if (!props) throw `Props undefined for ${id}`
+
+    const zoneId = props.zoneId
+      ? props.zoneId
+      : scope.zoneManager.resolveZone(`${id}-data-zone`, scope, { name: scope.props.domainName })?.id
+
+    const accessCustomPage = new AccessCustomPage(scope, `${id}`, {
+      ...props,
+      name: `${props.name}-${scope.props.stage}`,
+      zoneId,
+    })
+
+    createCloudflareTfOutput(`${id}-accessCustomPageFriendlyUniqueId`, scope, accessCustomPage.friendlyUniqueId)
+    createCloudflareTfOutput(`${id}-accessCustomPageId`, scope, accessCustomPage.id)
+
+    return accessCustomPage
+  }
+
+  /**
+   * @summary Method to create a new Cloudflare Application Access Group
+   * @param id scoped id of the resource
+   * @param scope scope in which this resource is defined
+   * @param props access group properties
+   * @see [CDKTF Access Group Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessGroup.typescript.md}
+   */
+  public createAccessGroup(id: string, scope: CommonCloudflareConstruct, props: AccessGroupProps) {
+    if (!props) throw `Props undefined for ${id}`
+
+    const zoneId = props.zoneId
+      ? props.zoneId
+      : scope.zoneManager.resolveZone(`${id}-data-zone`, scope, { name: scope.props.domainName })?.id
+
+    const accessGroup = new AccessGroup(scope, `${id}`, {
+      ...props,
+      name: `${props.name}-${scope.props.stage}`,
+      zoneId,
+    })
+
+    createCloudflareTfOutput(`${id}-accessGroupFriendlyUniqueId`, scope, accessGroup.friendlyUniqueId)
+    createCloudflareTfOutput(`${id}-accessGroupId`, scope, accessGroup.id)
+
+    return accessGroup
+  }
+
+  /**
+   * @summary Method to create a new Cloudflare Application Access Identity Provider
+   * @param id scoped id of the resource
+   * @param scope scope in which this resource is defined
+   * @param props access identity provider properties
+   * @see [CDKTF Access Identity Provider Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessIdentityProvider.typescript.md}
+   */
+  public createAccessIdentityProvider(
+    id: string,
+    scope: CommonCloudflareConstruct,
+    props: AccessIdentityProviderProps
+  ) {
+    if (!props) throw `Props undefined for ${id}`
+
+    const zoneId = props.zoneId
+      ? props.zoneId
+      : scope.zoneManager.resolveZone(`${id}-data-zone`, scope, { name: scope.props.domainName })?.id
+
+    const accessIdentityProvider = new AccessIdentityProvider(scope, `${id}`, {
+      ...props,
+      name: `${props.name}-${scope.props.stage}`,
+      zoneId,
+    })
+
+    createCloudflareTfOutput(
+      `${id}-accessIdentityProviderFriendlyUniqueId`,
+      scope,
+      accessIdentityProvider.friendlyUniqueId
+    )
+    createCloudflareTfOutput(`${id}-accessIdentityProviderId`, scope, accessIdentityProvider.id)
+
+    return accessIdentityProvider
+  }
+
+  /**
+   * @summary Method to create a new Cloudflare Application Access Mutual Tls Certificate
+   * @param id scoped id of the resource
+   * @param scope scope in which this resource is defined
+   * @param props access mutual tls certificate properties
+   * @see [CDKTF Access Mutual Tls Certificate Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessMutualTlsCertificate.typescript.md}
+   */
+  public createAccessMutualTlsCertificate(
+    id: string,
+    scope: CommonCloudflareConstruct,
+    props: AccessMutualTlsCertificateProps
+  ) {
+    if (!props) throw `Props undefined for ${id}`
+
+    const zoneId = props.zoneId
+      ? props.zoneId
+      : scope.zoneManager.resolveZone(`${id}-data-zone`, scope, { name: scope.props.domainName })?.id
+
+    const accessMutualTlsCertificate = new AccessMutualTlsCertificate(scope, `${id}`, {
+      ...props,
+      name: `${props.name}-${scope.props.stage}`,
+      zoneId,
+    })
+
+    createCloudflareTfOutput(
+      `${id}-accessMutualTlsCertificateFriendlyUniqueId`,
+      scope,
+      accessMutualTlsCertificate.friendlyUniqueId
+    )
+    createCloudflareTfOutput(`${id}-accessMutualTlsCertificateId`, scope, accessMutualTlsCertificate.id)
+
+    return accessMutualTlsCertificate
+  }
+
+  /**
+   * @summary Method to create a new Cloudflare Application Access Organisation
+   * @param id scoped id of the resource
+   * @param scope scope in which this resource is defined
+   * @param props access organisation properties
+   * @see [CDKTF Access Organisation Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessOrganization.typescript.md}
+   */
+  public createAccessOrganization(id: string, scope: CommonCloudflareConstruct, props: AccessOrganizationProps) {
+    if (!props) throw `Props undefined for ${id}`
+
+    const zoneId = props.zoneId
+      ? props.zoneId
+      : scope.zoneManager.resolveZone(`${id}-data-zone`, scope, { name: scope.props.domainName })?.id
+
+    const accessOrganization = new AccessOrganization(scope, `${id}`, {
+      ...props,
+      name: `${props.name}-${scope.props.stage}`,
+      zoneId,
+    })
+
+    createCloudflareTfOutput(`${id}-accessOrganizationFriendlyUniqueId`, scope, accessOrganization.friendlyUniqueId)
+    createCloudflareTfOutput(`${id}-accessOrganizationId`, scope, accessOrganization.id)
+
+    return accessOrganization
+  }
+
+  /**
+   * @summary Method to create a new Cloudflare Application Access Policy
+   * @param id scoped id of the resource
+   * @param scope scope in which this resource is defined
+   * @param props access policy properties
+   * @see [CDKTF Access Policy Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessPolicy.typescript.md}
+   */
+  public createAccessPolicy(id: string, scope: CommonCloudflareConstruct, props: AccessPolicyProps) {
+    if (!props) throw `Props undefined for ${id}`
+
+    const zoneId = props.zoneId
+      ? props.zoneId
+      : scope.zoneManager.resolveZone(`${id}-data-zone`, scope, { name: scope.props.domainName })?.id
+
+    const accessPolicy = new AccessPolicy(scope, `${id}`, {
+      ...props,
+      name: `${props.name}-${scope.props.stage}`,
+      zoneId,
+    })
+
+    createCloudflareTfOutput(`${id}-accessPolicyFriendlyUniqueId`, scope, accessPolicy.friendlyUniqueId)
+    createCloudflareTfOutput(`${id}-accessPolicyId`, scope, accessPolicy.id)
+
+    return accessPolicy
+  }
+
+  /**
+   * @summary Method to create a new Cloudflare Application Access Rule
+   * @param id scoped id of the resource
+   * @param scope scope in which this resource is defined
+   * @param props access rule properties
+   * @see [CDKTF Access Rule Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessRule.typescript.md}
+   */
+  public createAccessRule(id: string, scope: CommonCloudflareConstruct, props: AccessRuleProps) {
+    if (!props) throw `Props undefined for ${id}`
+
+    const zoneId = props.zoneId
+      ? props.zoneId
+      : scope.zoneManager.resolveZone(`${id}-data-zone`, scope, { name: scope.props.domainName })?.id
+
+    const accessRule = new AccessRule(scope, `${id}`, {
+      ...props,
+      zoneId,
+    })
+
+    createCloudflareTfOutput(`${id}-accessRuleFriendlyUniqueId`, scope, accessRule.friendlyUniqueId)
+    createCloudflareTfOutput(`${id}-accessRuleId`, scope, accessRule.id)
+
+    return accessRule
+  }
+
+  /**
+   * @summary Method to create a new Cloudflare Application Access Service Token
+   * @param id scoped id of the resource
+   * @param scope scope in which this resource is defined
+   * @param props access service token properties
+   * @see [CDKTF Access Service Token Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessServiceToken.typescript.md}
+   */
+  public createAccessServiceToken(id: string, scope: CommonCloudflareConstruct, props: AccessServiceTokenProps) {
+    if (!props) throw `Props undefined for ${id}`
+
+    const zoneId = props.zoneId
+      ? props.zoneId
+      : scope.zoneManager.resolveZone(`${id}-data-zone`, scope, { name: scope.props.domainName })?.id
+
+    const accessServiceToken = new AccessServiceToken(scope, `${id}`, {
+      ...props,
+      name: `${props.name}-${scope.props.stage}`,
+      zoneId,
+    })
+
+    createCloudflareTfOutput(`${id}-accessServiceTokenFriendlyUniqueId`, scope, accessServiceToken.friendlyUniqueId)
+    createCloudflareTfOutput(`${id}-accessServiceTokenId`, scope, accessServiceToken.id)
+
+    return accessServiceToken
+  }
+
+  /**
+   * @summary Method to create a new Cloudflare Application Access Tag
+   * @param id scoped id of the resource
+   * @param scope scope in which this resource is defined
+   * @param props access tag properties
+   * @see [CDKTF Access Tag Token Module]{@link https://github.com/cdktf/cdktf-provider-cloudflare/blob/main/docs/accessTag.typescript.md}
+   */
+  public createAccessTag(id: string, scope: CommonCloudflareConstruct, props: AccessTagProps) {
+    if (!props) throw `Props undefined for ${id}`
+
+    const zoneId = props.zoneId
+      ? props.zoneId
+      : scope.zoneManager.resolveZone(`${id}-data-zone`, scope, { name: scope.props.domainName })?.id
+
+    const accessTag = new AccessTag(scope, `${id}`, {
+      ...props,
+      name: `${props.name}-${scope.props.stage}`,
+      zoneId,
+    })
+
+    createCloudflareTfOutput(`${id}-accessTagFriendlyUniqueId`, scope, accessTag.friendlyUniqueId)
+    createCloudflareTfOutput(`${id}-accessTagId`, scope, accessTag.id)
+
+    return accessTag
+  }
+}

package/src/lib/cloudflare/services/access/types.ts

@@ -0,0 +1,23 @@
+import { AccessApplicationConfig } from '@cdktf/provider-cloudflare/lib/access-application'
+import { AccessCaCertificateConfig } from '@cdktf/provider-cloudflare/lib/access-ca-certificate'
+import { AccessCustomPageConfig } from '@cdktf/provider-cloudflare/lib/access-custom-page'
+import { AccessGroupConfig } from '@cdktf/provider-cloudflare/lib/access-group'
+import { AccessIdentityProviderConfig } from '@cdktf/provider-cloudflare/lib/access-identity-provider'
+import { AccessMutualTlsCertificateConfig } from '@cdktf/provider-cloudflare/lib/access-mutual-tls-certificate'
+import { AccessOrganizationConfig } from '@cdktf/provider-cloudflare/lib/access-organization'
+import { AccessPolicyConfig } from '@cdktf/provider-cloudflare/lib/access-policy'
+import { AccessRuleConfig } from '@cdktf/provider-cloudflare/lib/access-rule'
+import { AccessServiceTokenConfig } from '@cdktf/provider-cloudflare/lib/access-service-token'
+import { AccessTagConfig } from '@cdktf/provider-cloudflare/lib/access-tag'
+
+export interface AccessApplicationProps extends AccessApplicationConfig {}
+export interface AccessCaCertificateProps extends AccessCaCertificateConfig {}
+export interface AccessCustomPageProps extends AccessCustomPageConfig {}
+export interface AccessGroupProps extends AccessGroupConfig {}
+export interface AccessIdentityProviderProps extends AccessIdentityProviderConfig {}
+export interface AccessMutualTlsCertificateProps extends AccessMutualTlsCertificateConfig {}
+export interface AccessOrganizationProps extends AccessOrganizationConfig {}
+export interface AccessPolicyProps extends AccessPolicyConfig {}
+export interface AccessRuleProps extends AccessRuleConfig {}
+export interface AccessServiceTokenProps extends AccessServiceTokenConfig {}
+export interface AccessTagProps extends AccessTagConfig {}

package/src/lib/cloudflare/services/index.ts

@@ -1,3 +1,4 @@
+export * from './access'
 export * from './api-shield'
 export * from './filter'
 export * from './firewall'