@pulumi/cloudflare 4.8.0 → 4.10.0-alpha.1661535818
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/accessApplication.d.ts +44 -35
- package/accessApplication.js +3 -4
- package/accessApplication.js.map +1 -1
- package/accessBookmark.d.ts +13 -11
- package/accessBookmark.js +4 -2
- package/accessBookmark.js.map +1 -1
- package/accessCaCertificate.d.ts +15 -13
- package/accessCaCertificate.js +5 -3
- package/accessCaCertificate.js.map +1 -1
- package/accessGroup.d.ts +9 -35
- package/accessGroup.js +3 -29
- package/accessGroup.js.map +1 -1
- package/accessIdentityProvider.d.ts +20 -23
- package/accessIdentityProvider.js +8 -5
- package/accessIdentityProvider.js.map +1 -1
- package/accessMutualTlsCertificate.d.ts +12 -8
- package/accessMutualTlsCertificate.js +6 -2
- package/accessMutualTlsCertificate.js.map +1 -1
- package/accessPolicy.d.ts +14 -15
- package/accessPolicy.js +5 -3
- package/accessPolicy.js.map +1 -1
- package/accessRule.d.ts +22 -9
- package/accessRule.js +9 -3
- package/accessRule.js.map +1 -1
- package/accessServiceToken.d.ts +11 -10
- package/accessServiceToken.js +3 -2
- package/accessServiceToken.js.map +1 -1
- package/accountMember.d.ts +15 -6
- package/accountMember.js +2 -0
- package/accountMember.js.map +1 -1
- package/apiToken.d.ts +26 -1
- package/apiToken.js +6 -1
- package/apiToken.js.map +1 -1
- package/argo.d.ts +9 -8
- package/argo.js +3 -2
- package/argo.js.map +1 -1
- package/certificatePack.d.ts +34 -88
- package/certificatePack.js +14 -26
- package/certificatePack.js.map +1 -1
- package/config/vars.d.ts +3 -1
- package/config/vars.js.map +1 -1
- package/customHostname.d.ts +15 -11
- package/customHostname.js +3 -5
- package/customHostname.js.map +1 -1
- package/filter.d.ts +4 -2
- package/filter.js +4 -2
- package/filter.js.map +1 -1
- package/firewallRule.d.ts +17 -23
- package/firewallRule.js +8 -5
- package/firewallRule.js.map +1 -1
- package/getAccessIdentityProvider.d.ts +18 -0
- package/getAccessIdentityProvider.js.map +1 -1
- package/getAccountRoles.d.ts +9 -0
- package/getAccountRoles.js.map +1 -1
- package/getDevices.d.ts +9 -0
- package/getDevices.js.map +1 -1
- package/getWafGroups.d.ts +9 -0
- package/getWafGroups.js.map +1 -1
- package/getWafPackages.d.ts +9 -0
- package/getWafPackages.js.map +1 -1
- package/getWafRules.d.ts +9 -0
- package/getWafRules.js.map +1 -1
- package/getZone.d.ts +18 -0
- package/getZone.js.map +1 -1
- package/getZoneDnssec.d.ts +9 -0
- package/getZoneDnssec.js.map +1 -1
- package/healthcheck.d.ts +50 -103
- package/healthcheck.js +2 -5
- package/healthcheck.js.map +1 -1
- package/ipsecTunnel.d.ts +26 -16
- package/ipsecTunnel.js +4 -1
- package/ipsecTunnel.js.map +1 -1
- package/list.d.ts +7 -6
- package/list.js +7 -6
- package/list.js.map +1 -1
- package/loadBalancer.d.ts +16 -0
- package/loadBalancer.js +6 -0
- package/loadBalancer.js.map +1 -1
- package/loadBalancerPool.d.ts +3 -3
- package/logpushJob.d.ts +21 -57
- package/logpushJob.js.map +1 -1
- package/managedHeaders.d.ts +7 -7
- package/managedHeaders.js +1 -1
- package/notificationPolicy.d.ts +18 -40
- package/notificationPolicy.js +3 -1
- package/notificationPolicy.js.map +1 -1
- package/package.json +4 -3
- package/package.json.bak +2 -1
- package/package.json.dev +4 -3
- package/provider.d.ts +6 -2
- package/provider.js.map +1 -1
- package/ruleset.d.ts +85 -37
- package/ruleset.js +73 -10
- package/ruleset.js.map +1 -1
- package/tunnelRoute.d.ts +10 -11
- package/tunnelRoute.js +7 -5
- package/tunnelRoute.js.map +1 -1
- package/tunnelVirtualNetwork.d.ts +9 -11
- package/tunnelVirtualNetwork.js +6 -5
- package/tunnelVirtualNetwork.js.map +1 -1
- package/types/input.d.ts +391 -36
- package/types/output.d.ts +395 -31
- package/waitingRoom.d.ts +28 -19
- package/waitingRoom.js +3 -1
- package/waitingRoom.js.map +1 -1
- package/waitingRoomEvent.d.ts +13 -19
- package/waitingRoomEvent.js +1 -1
- package/waitingRoomEvent.js.map +1 -1
- package/workerCronTrigger.d.ts +1 -1
- package/workerCronTrigger.js +1 -1
- package/workerScript.d.ts +16 -1
- package/workerScript.js +14 -1
- package/workerScript.js.map +1 -1
- package/zone.d.ts +34 -23
- package/zone.js +10 -5
- package/zone.js.map +1 -1
package/accessApplication.d.ts
CHANGED
|
@@ -33,7 +33,7 @@ import { input as inputs, output as outputs } from "./types";
|
|
|
33
33
|
* name: "staging application",
|
|
34
34
|
* sessionDuration: "24h",
|
|
35
35
|
* type: "self_hosted",
|
|
36
|
-
* zoneId: "
|
|
36
|
+
* zoneId: "0da42c8d2132a9ddaf714f9e7c920711",
|
|
37
37
|
* });
|
|
38
38
|
* ```
|
|
39
39
|
*
|
|
@@ -60,7 +60,7 @@ export declare class AccessApplication extends pulumi.CustomResource {
|
|
|
60
60
|
*/
|
|
61
61
|
static isInstance(obj: any): obj is AccessApplication;
|
|
62
62
|
/**
|
|
63
|
-
* The account identifier to target for the resource.
|
|
63
|
+
* The account identifier to target for the resource. Conflicts with `zoneId`.
|
|
64
64
|
*/
|
|
65
65
|
readonly accountId: pulumi.Output<string>;
|
|
66
66
|
/**
|
|
@@ -68,7 +68,7 @@ export declare class AccessApplication extends pulumi.CustomResource {
|
|
|
68
68
|
*/
|
|
69
69
|
readonly allowedIdps: pulumi.Output<string[] | undefined>;
|
|
70
70
|
/**
|
|
71
|
-
* Option to show/hide applications in App Launcher.
|
|
71
|
+
* Option to show/hide applications in App Launcher. Defaults to `true`.
|
|
72
72
|
*/
|
|
73
73
|
readonly appLauncherVisible: pulumi.Output<boolean | undefined>;
|
|
74
74
|
/**
|
|
@@ -76,7 +76,7 @@ export declare class AccessApplication extends pulumi.CustomResource {
|
|
|
76
76
|
*/
|
|
77
77
|
readonly aud: pulumi.Output<string>;
|
|
78
78
|
/**
|
|
79
|
-
* Option to skip identity provider selection if only one is configured in `
|
|
79
|
+
* Option to skip identity provider selection if only one is configured in `allowedIdps`. Defaults to `false`.
|
|
80
80
|
*/
|
|
81
81
|
readonly autoRedirectToIdentity: pulumi.Output<boolean | undefined>;
|
|
82
82
|
/**
|
|
@@ -96,8 +96,7 @@ export declare class AccessApplication extends pulumi.CustomResource {
|
|
|
96
96
|
*/
|
|
97
97
|
readonly domain: pulumi.Output<string>;
|
|
98
98
|
/**
|
|
99
|
-
* Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an
|
|
100
|
-
* additional "binding" cookie on requests.
|
|
99
|
+
* Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an additional "binding" cookie on requests. Defaults to `false`.
|
|
101
100
|
*/
|
|
102
101
|
readonly enableBindingCookie: pulumi.Output<boolean | undefined>;
|
|
103
102
|
/**
|
|
@@ -113,27 +112,31 @@ export declare class AccessApplication extends pulumi.CustomResource {
|
|
|
113
112
|
*/
|
|
114
113
|
readonly name: pulumi.Output<string>;
|
|
115
114
|
/**
|
|
116
|
-
*
|
|
115
|
+
* SaaS configuration for the Access Application.
|
|
116
|
+
*/
|
|
117
|
+
readonly saasApp: pulumi.Output<outputs.AccessApplicationSaasApp | undefined>;
|
|
118
|
+
/**
|
|
119
|
+
* Defines the same-site cookie setting for access tokens. Available values: `none`, `lax`, `strict`.
|
|
117
120
|
*/
|
|
118
121
|
readonly sameSiteCookieAttribute: pulumi.Output<string | undefined>;
|
|
119
122
|
/**
|
|
120
|
-
* Option to return a 401 status code in service authentication rules on failed requests.
|
|
123
|
+
* Option to return a 401 status code in service authentication rules on failed requests. Defaults to `false`.
|
|
121
124
|
*/
|
|
122
125
|
readonly serviceAuth401Redirect: pulumi.Output<boolean | undefined>;
|
|
123
126
|
/**
|
|
124
|
-
* How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`
|
|
127
|
+
* How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`. Defaults to `24h`.
|
|
125
128
|
*/
|
|
126
129
|
readonly sessionDuration: pulumi.Output<string | undefined>;
|
|
127
130
|
/**
|
|
128
|
-
* Option to skip the authorization interstitial when using the CLI.
|
|
131
|
+
* Option to skip the authorization interstitial when using the CLI. Defaults to `false`.
|
|
129
132
|
*/
|
|
130
133
|
readonly skipInterstitial: pulumi.Output<boolean | undefined>;
|
|
131
134
|
/**
|
|
132
|
-
* The application type. Available values: `
|
|
135
|
+
* The application type. Available values: `selfHosted`, `saas`, `ssh`, `vnc`, `file`. Defaults to `selfHosted`.
|
|
133
136
|
*/
|
|
134
137
|
readonly type: pulumi.Output<string | undefined>;
|
|
135
138
|
/**
|
|
136
|
-
* The zone identifier to target for the resource.
|
|
139
|
+
* The zone identifier to target for the resource. Conflicts with `accountId`.
|
|
137
140
|
*/
|
|
138
141
|
readonly zoneId: pulumi.Output<string>;
|
|
139
142
|
/**
|
|
@@ -150,7 +153,7 @@ export declare class AccessApplication extends pulumi.CustomResource {
|
|
|
150
153
|
*/
|
|
151
154
|
export interface AccessApplicationState {
|
|
152
155
|
/**
|
|
153
|
-
* The account identifier to target for the resource.
|
|
156
|
+
* The account identifier to target for the resource. Conflicts with `zoneId`.
|
|
154
157
|
*/
|
|
155
158
|
accountId?: pulumi.Input<string>;
|
|
156
159
|
/**
|
|
@@ -158,7 +161,7 @@ export interface AccessApplicationState {
|
|
|
158
161
|
*/
|
|
159
162
|
allowedIdps?: pulumi.Input<pulumi.Input<string>[]>;
|
|
160
163
|
/**
|
|
161
|
-
* Option to show/hide applications in App Launcher.
|
|
164
|
+
* Option to show/hide applications in App Launcher. Defaults to `true`.
|
|
162
165
|
*/
|
|
163
166
|
appLauncherVisible?: pulumi.Input<boolean>;
|
|
164
167
|
/**
|
|
@@ -166,7 +169,7 @@ export interface AccessApplicationState {
|
|
|
166
169
|
*/
|
|
167
170
|
aud?: pulumi.Input<string>;
|
|
168
171
|
/**
|
|
169
|
-
* Option to skip identity provider selection if only one is configured in `
|
|
172
|
+
* Option to skip identity provider selection if only one is configured in `allowedIdps`. Defaults to `false`.
|
|
170
173
|
*/
|
|
171
174
|
autoRedirectToIdentity?: pulumi.Input<boolean>;
|
|
172
175
|
/**
|
|
@@ -186,8 +189,7 @@ export interface AccessApplicationState {
|
|
|
186
189
|
*/
|
|
187
190
|
domain?: pulumi.Input<string>;
|
|
188
191
|
/**
|
|
189
|
-
* Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an
|
|
190
|
-
* additional "binding" cookie on requests.
|
|
192
|
+
* Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an additional "binding" cookie on requests. Defaults to `false`.
|
|
191
193
|
*/
|
|
192
194
|
enableBindingCookie?: pulumi.Input<boolean>;
|
|
193
195
|
/**
|
|
@@ -203,27 +205,31 @@ export interface AccessApplicationState {
|
|
|
203
205
|
*/
|
|
204
206
|
name?: pulumi.Input<string>;
|
|
205
207
|
/**
|
|
206
|
-
*
|
|
208
|
+
* SaaS configuration for the Access Application.
|
|
209
|
+
*/
|
|
210
|
+
saasApp?: pulumi.Input<inputs.AccessApplicationSaasApp>;
|
|
211
|
+
/**
|
|
212
|
+
* Defines the same-site cookie setting for access tokens. Available values: `none`, `lax`, `strict`.
|
|
207
213
|
*/
|
|
208
214
|
sameSiteCookieAttribute?: pulumi.Input<string>;
|
|
209
215
|
/**
|
|
210
|
-
* Option to return a 401 status code in service authentication rules on failed requests.
|
|
216
|
+
* Option to return a 401 status code in service authentication rules on failed requests. Defaults to `false`.
|
|
211
217
|
*/
|
|
212
218
|
serviceAuth401Redirect?: pulumi.Input<boolean>;
|
|
213
219
|
/**
|
|
214
|
-
* How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`
|
|
220
|
+
* How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`. Defaults to `24h`.
|
|
215
221
|
*/
|
|
216
222
|
sessionDuration?: pulumi.Input<string>;
|
|
217
223
|
/**
|
|
218
|
-
* Option to skip the authorization interstitial when using the CLI.
|
|
224
|
+
* Option to skip the authorization interstitial when using the CLI. Defaults to `false`.
|
|
219
225
|
*/
|
|
220
226
|
skipInterstitial?: pulumi.Input<boolean>;
|
|
221
227
|
/**
|
|
222
|
-
* The application type. Available values: `
|
|
228
|
+
* The application type. Available values: `selfHosted`, `saas`, `ssh`, `vnc`, `file`. Defaults to `selfHosted`.
|
|
223
229
|
*/
|
|
224
230
|
type?: pulumi.Input<string>;
|
|
225
231
|
/**
|
|
226
|
-
* The zone identifier to target for the resource.
|
|
232
|
+
* The zone identifier to target for the resource. Conflicts with `accountId`.
|
|
227
233
|
*/
|
|
228
234
|
zoneId?: pulumi.Input<string>;
|
|
229
235
|
}
|
|
@@ -232,7 +238,7 @@ export interface AccessApplicationState {
|
|
|
232
238
|
*/
|
|
233
239
|
export interface AccessApplicationArgs {
|
|
234
240
|
/**
|
|
235
|
-
* The account identifier to target for the resource.
|
|
241
|
+
* The account identifier to target for the resource. Conflicts with `zoneId`.
|
|
236
242
|
*/
|
|
237
243
|
accountId?: pulumi.Input<string>;
|
|
238
244
|
/**
|
|
@@ -240,11 +246,11 @@ export interface AccessApplicationArgs {
|
|
|
240
246
|
*/
|
|
241
247
|
allowedIdps?: pulumi.Input<pulumi.Input<string>[]>;
|
|
242
248
|
/**
|
|
243
|
-
* Option to show/hide applications in App Launcher.
|
|
249
|
+
* Option to show/hide applications in App Launcher. Defaults to `true`.
|
|
244
250
|
*/
|
|
245
251
|
appLauncherVisible?: pulumi.Input<boolean>;
|
|
246
252
|
/**
|
|
247
|
-
* Option to skip identity provider selection if only one is configured in `
|
|
253
|
+
* Option to skip identity provider selection if only one is configured in `allowedIdps`. Defaults to `false`.
|
|
248
254
|
*/
|
|
249
255
|
autoRedirectToIdentity?: pulumi.Input<boolean>;
|
|
250
256
|
/**
|
|
@@ -262,10 +268,9 @@ export interface AccessApplicationArgs {
|
|
|
262
268
|
/**
|
|
263
269
|
* The complete URL of the asset you wish to put Cloudflare Access in front of. Can include subdomains or paths. Or both.
|
|
264
270
|
*/
|
|
265
|
-
domain
|
|
271
|
+
domain?: pulumi.Input<string>;
|
|
266
272
|
/**
|
|
267
|
-
* Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an
|
|
268
|
-
* additional "binding" cookie on requests.
|
|
273
|
+
* Option to provide increased security against compromised authorization tokens and CSRF attacks by requiring an additional "binding" cookie on requests. Defaults to `false`.
|
|
269
274
|
*/
|
|
270
275
|
enableBindingCookie?: pulumi.Input<boolean>;
|
|
271
276
|
/**
|
|
@@ -281,27 +286,31 @@ export interface AccessApplicationArgs {
|
|
|
281
286
|
*/
|
|
282
287
|
name: pulumi.Input<string>;
|
|
283
288
|
/**
|
|
284
|
-
*
|
|
289
|
+
* SaaS configuration for the Access Application.
|
|
290
|
+
*/
|
|
291
|
+
saasApp?: pulumi.Input<inputs.AccessApplicationSaasApp>;
|
|
292
|
+
/**
|
|
293
|
+
* Defines the same-site cookie setting for access tokens. Available values: `none`, `lax`, `strict`.
|
|
285
294
|
*/
|
|
286
295
|
sameSiteCookieAttribute?: pulumi.Input<string>;
|
|
287
296
|
/**
|
|
288
|
-
* Option to return a 401 status code in service authentication rules on failed requests.
|
|
297
|
+
* Option to return a 401 status code in service authentication rules on failed requests. Defaults to `false`.
|
|
289
298
|
*/
|
|
290
299
|
serviceAuth401Redirect?: pulumi.Input<boolean>;
|
|
291
300
|
/**
|
|
292
|
-
* How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`
|
|
301
|
+
* How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`. Defaults to `24h`.
|
|
293
302
|
*/
|
|
294
303
|
sessionDuration?: pulumi.Input<string>;
|
|
295
304
|
/**
|
|
296
|
-
* Option to skip the authorization interstitial when using the CLI.
|
|
305
|
+
* Option to skip the authorization interstitial when using the CLI. Defaults to `false`.
|
|
297
306
|
*/
|
|
298
307
|
skipInterstitial?: pulumi.Input<boolean>;
|
|
299
308
|
/**
|
|
300
|
-
* The application type. Available values: `
|
|
309
|
+
* The application type. Available values: `selfHosted`, `saas`, `ssh`, `vnc`, `file`. Defaults to `selfHosted`.
|
|
301
310
|
*/
|
|
302
311
|
type?: pulumi.Input<string>;
|
|
303
312
|
/**
|
|
304
|
-
* The zone identifier to target for the resource.
|
|
313
|
+
* The zone identifier to target for the resource. Conflicts with `accountId`.
|
|
305
314
|
*/
|
|
306
315
|
zoneId?: pulumi.Input<string>;
|
|
307
316
|
}
|
package/accessApplication.js
CHANGED
|
@@ -38,7 +38,7 @@ const utilities = require("./utilities");
|
|
|
38
38
|
* name: "staging application",
|
|
39
39
|
* sessionDuration: "24h",
|
|
40
40
|
* type: "self_hosted",
|
|
41
|
-
* zoneId: "
|
|
41
|
+
* zoneId: "0da42c8d2132a9ddaf714f9e7c920711",
|
|
42
42
|
* });
|
|
43
43
|
* ```
|
|
44
44
|
*
|
|
@@ -67,6 +67,7 @@ class AccessApplication extends pulumi.CustomResource {
|
|
|
67
67
|
resourceInputs["httpOnlyCookieAttribute"] = state ? state.httpOnlyCookieAttribute : undefined;
|
|
68
68
|
resourceInputs["logoUrl"] = state ? state.logoUrl : undefined;
|
|
69
69
|
resourceInputs["name"] = state ? state.name : undefined;
|
|
70
|
+
resourceInputs["saasApp"] = state ? state.saasApp : undefined;
|
|
70
71
|
resourceInputs["sameSiteCookieAttribute"] = state ? state.sameSiteCookieAttribute : undefined;
|
|
71
72
|
resourceInputs["serviceAuth401Redirect"] = state ? state.serviceAuth401Redirect : undefined;
|
|
72
73
|
resourceInputs["sessionDuration"] = state ? state.sessionDuration : undefined;
|
|
@@ -76,9 +77,6 @@ class AccessApplication extends pulumi.CustomResource {
|
|
|
76
77
|
}
|
|
77
78
|
else {
|
|
78
79
|
const args = argsOrState;
|
|
79
|
-
if ((!args || args.domain === undefined) && !opts.urn) {
|
|
80
|
-
throw new Error("Missing required property 'domain'");
|
|
81
|
-
}
|
|
82
80
|
if ((!args || args.name === undefined) && !opts.urn) {
|
|
83
81
|
throw new Error("Missing required property 'name'");
|
|
84
82
|
}
|
|
@@ -94,6 +92,7 @@ class AccessApplication extends pulumi.CustomResource {
|
|
|
94
92
|
resourceInputs["httpOnlyCookieAttribute"] = args ? args.httpOnlyCookieAttribute : undefined;
|
|
95
93
|
resourceInputs["logoUrl"] = args ? args.logoUrl : undefined;
|
|
96
94
|
resourceInputs["name"] = args ? args.name : undefined;
|
|
95
|
+
resourceInputs["saasApp"] = args ? args.saasApp : undefined;
|
|
97
96
|
resourceInputs["sameSiteCookieAttribute"] = args ? args.sameSiteCookieAttribute : undefined;
|
|
98
97
|
resourceInputs["serviceAuth401Redirect"] = args ? args.serviceAuth401Redirect : undefined;
|
|
99
98
|
resourceInputs["sessionDuration"] = args ? args.sessionDuration : undefined;
|
package/accessApplication.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"accessApplication.js","sourceRoot":"","sources":["../accessApplication.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AAEzC,yCAAyC;AAEzC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA0CG;AACH,MAAa,iBAAkB,SAAQ,MAAM,CAAC,cAAc;
|
|
1
|
+
{"version":3,"file":"accessApplication.js","sourceRoot":"","sources":["../accessApplication.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AAEzC,yCAAyC;AAEzC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA0CG;AACH,MAAa,iBAAkB,SAAQ,MAAM,CAAC,cAAc;IAqHxD,YAAY,IAAY,EAAE,WAA4D,EAAE,IAAmC;QACvH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAiD,CAAC;YAChE,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,oBAAoB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,CAAC,SAAS,CAAC;YACpF,cAAc,CAAC,KAAK,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,wBAAwB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5F,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,mBAAmB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;YAClF,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,qBAAqB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC,CAAC,SAAS,CAAC;YACtF,cAAc,CAAC,yBAAyB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9F,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,yBAAyB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9F,cAAc,CAAC,wBAAwB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5F,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChF,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;SAC/D;aAAM;YACH,MAAM,IAAI,GAAG,WAAgD,CAAC;YAC9D,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACjD,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;aACvD;YACD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,oBAAoB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,CAAC,SAAS,CAAC;YAClF,cAAc,CAAC,wBAAwB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1F,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChF,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,qBAAqB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC,SAAS,CAAC;YACpF,cAAc,CAAC,yBAAyB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5F,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,yBAAyB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5F,cAAc,CAAC,wBAAwB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1F,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,KAAK,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SAC7C;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,iBAAiB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACtE,CAAC;IAzKD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA8B,EAAE,IAAmC;QAC5H,OAAO,IAAI,iBAAiB,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACxE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,iBAAiB,CAAC,YAAY,CAAC;IAClE,CAAC;;AA1BL,8CA2KC;AA7JG,gBAAgB;AACO,8BAAY,GAAG,sDAAsD,CAAC"}
|
package/accessBookmark.d.ts
CHANGED
|
@@ -1,6 +1,8 @@
|
|
|
1
1
|
import * as pulumi from "@pulumi/pulumi";
|
|
2
2
|
/**
|
|
3
|
-
* Provides a Cloudflare Access Bookmark resource. Access Bookmark
|
|
3
|
+
* Provides a Cloudflare Access Bookmark resource. Access Bookmark
|
|
4
|
+
* applications are not protected behind Access but are displayed in
|
|
5
|
+
* the App Launcher.
|
|
4
6
|
*
|
|
5
7
|
* > It's required that an `accountId` or `zoneId` is provided and in
|
|
6
8
|
* most cases using either is fine. However, if you're using a scoped
|
|
@@ -15,7 +17,7 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
15
17
|
* import * as cloudflare from "@pulumi/cloudflare";
|
|
16
18
|
*
|
|
17
19
|
* const myBookmarkApp = new cloudflare.AccessBookmark("my_bookmark_app", {
|
|
18
|
-
* accountId: "
|
|
20
|
+
* accountId: "f037e56e89293a057740de681ac9abbe",
|
|
19
21
|
* appLauncherVisible: true,
|
|
20
22
|
* domain: "example.com",
|
|
21
23
|
* logoUrl: "https://example.com/example.png",
|
|
@@ -46,11 +48,11 @@ export declare class AccessBookmark extends pulumi.CustomResource {
|
|
|
46
48
|
*/
|
|
47
49
|
static isInstance(obj: any): obj is AccessBookmark;
|
|
48
50
|
/**
|
|
49
|
-
* The account identifier to target for the resource.
|
|
51
|
+
* The account identifier to target for the resource. Conflicts with `zoneId`.
|
|
50
52
|
*/
|
|
51
53
|
readonly accountId: pulumi.Output<string>;
|
|
52
54
|
/**
|
|
53
|
-
* Option to show/hide the bookmark in the app launcher.
|
|
55
|
+
* Option to show/hide the bookmark in the app launcher. Defaults to `true`.
|
|
54
56
|
*/
|
|
55
57
|
readonly appLauncherVisible: pulumi.Output<boolean | undefined>;
|
|
56
58
|
/**
|
|
@@ -66,7 +68,7 @@ export declare class AccessBookmark extends pulumi.CustomResource {
|
|
|
66
68
|
*/
|
|
67
69
|
readonly name: pulumi.Output<string>;
|
|
68
70
|
/**
|
|
69
|
-
* The zone identifier to target for the resource.
|
|
71
|
+
* The zone identifier to target for the resource. Conflicts with `accountId`.
|
|
70
72
|
*/
|
|
71
73
|
readonly zoneId: pulumi.Output<string>;
|
|
72
74
|
/**
|
|
@@ -83,11 +85,11 @@ export declare class AccessBookmark extends pulumi.CustomResource {
|
|
|
83
85
|
*/
|
|
84
86
|
export interface AccessBookmarkState {
|
|
85
87
|
/**
|
|
86
|
-
* The account identifier to target for the resource.
|
|
88
|
+
* The account identifier to target for the resource. Conflicts with `zoneId`.
|
|
87
89
|
*/
|
|
88
90
|
accountId?: pulumi.Input<string>;
|
|
89
91
|
/**
|
|
90
|
-
* Option to show/hide the bookmark in the app launcher.
|
|
92
|
+
* Option to show/hide the bookmark in the app launcher. Defaults to `true`.
|
|
91
93
|
*/
|
|
92
94
|
appLauncherVisible?: pulumi.Input<boolean>;
|
|
93
95
|
/**
|
|
@@ -103,7 +105,7 @@ export interface AccessBookmarkState {
|
|
|
103
105
|
*/
|
|
104
106
|
name?: pulumi.Input<string>;
|
|
105
107
|
/**
|
|
106
|
-
* The zone identifier to target for the resource.
|
|
108
|
+
* The zone identifier to target for the resource. Conflicts with `accountId`.
|
|
107
109
|
*/
|
|
108
110
|
zoneId?: pulumi.Input<string>;
|
|
109
111
|
}
|
|
@@ -112,11 +114,11 @@ export interface AccessBookmarkState {
|
|
|
112
114
|
*/
|
|
113
115
|
export interface AccessBookmarkArgs {
|
|
114
116
|
/**
|
|
115
|
-
* The account identifier to target for the resource.
|
|
117
|
+
* The account identifier to target for the resource. Conflicts with `zoneId`.
|
|
116
118
|
*/
|
|
117
119
|
accountId?: pulumi.Input<string>;
|
|
118
120
|
/**
|
|
119
|
-
* Option to show/hide the bookmark in the app launcher.
|
|
121
|
+
* Option to show/hide the bookmark in the app launcher. Defaults to `true`.
|
|
120
122
|
*/
|
|
121
123
|
appLauncherVisible?: pulumi.Input<boolean>;
|
|
122
124
|
/**
|
|
@@ -132,7 +134,7 @@ export interface AccessBookmarkArgs {
|
|
|
132
134
|
*/
|
|
133
135
|
name: pulumi.Input<string>;
|
|
134
136
|
/**
|
|
135
|
-
* The zone identifier to target for the resource.
|
|
137
|
+
* The zone identifier to target for the resource. Conflicts with `accountId`.
|
|
136
138
|
*/
|
|
137
139
|
zoneId?: pulumi.Input<string>;
|
|
138
140
|
}
|
package/accessBookmark.js
CHANGED
|
@@ -6,7 +6,9 @@ exports.AccessBookmark = void 0;
|
|
|
6
6
|
const pulumi = require("@pulumi/pulumi");
|
|
7
7
|
const utilities = require("./utilities");
|
|
8
8
|
/**
|
|
9
|
-
* Provides a Cloudflare Access Bookmark resource. Access Bookmark
|
|
9
|
+
* Provides a Cloudflare Access Bookmark resource. Access Bookmark
|
|
10
|
+
* applications are not protected behind Access but are displayed in
|
|
11
|
+
* the App Launcher.
|
|
10
12
|
*
|
|
11
13
|
* > It's required that an `accountId` or `zoneId` is provided and in
|
|
12
14
|
* most cases using either is fine. However, if you're using a scoped
|
|
@@ -21,7 +23,7 @@ const utilities = require("./utilities");
|
|
|
21
23
|
* import * as cloudflare from "@pulumi/cloudflare";
|
|
22
24
|
*
|
|
23
25
|
* const myBookmarkApp = new cloudflare.AccessBookmark("my_bookmark_app", {
|
|
24
|
-
* accountId: "
|
|
26
|
+
* accountId: "f037e56e89293a057740de681ac9abbe",
|
|
25
27
|
* appLauncherVisible: true,
|
|
26
28
|
* domain: "example.com",
|
|
27
29
|
* logoUrl: "https://example.com/example.png",
|
package/accessBookmark.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"accessBookmark.js","sourceRoot":"","sources":["../accessBookmark.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,yCAAyC;AAEzC
|
|
1
|
+
{"version":3,"file":"accessBookmark.js","sourceRoot":"","sources":["../accessBookmark.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,yCAAyC;AAEzC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AACH,MAAa,cAAe,SAAQ,MAAM,CAAC,cAAc;IA6DrD,YAAY,IAAY,EAAE,WAAsD,EAAE,IAAmC;QACjH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA8C,CAAC;YAC7D,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,oBAAoB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,CAAC,SAAS,CAAC;YACpF,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;SAC/D;aAAM;YACH,MAAM,IAAI,GAAG,WAA6C,CAAC;YAC3D,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACnD,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;aACzD;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACjD,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;aACvD;YACD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,oBAAoB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,CAAC,SAAS,CAAC;YAClF,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;SAC7D;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,cAAc,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACnE,CAAC;IAxFD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA2B,EAAE,IAAmC;QACzH,OAAO,IAAI,cAAc,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACrE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,cAAc,CAAC,YAAY,CAAC;IAC/D,CAAC;;AA1BL,wCA0FC;AA5EG,gBAAgB;AACO,2BAAY,GAAG,gDAAgD,CAAC"}
|
package/accessCaCertificate.d.ts
CHANGED
|
@@ -1,6 +1,8 @@
|
|
|
1
1
|
import * as pulumi from "@pulumi/pulumi";
|
|
2
2
|
/**
|
|
3
|
-
* Cloudflare Access can replace traditional SSH key models with
|
|
3
|
+
* Cloudflare Access can replace traditional SSH key models with
|
|
4
|
+
* short-lived certificates issued to your users based on the token
|
|
5
|
+
* generated by their Access login.
|
|
4
6
|
*
|
|
5
7
|
* > It's required that an `accountId` or `zoneId` is provided and in
|
|
6
8
|
* most cases using either is fine. However, if you're using a scoped
|
|
@@ -16,13 +18,13 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
16
18
|
*
|
|
17
19
|
* // account level
|
|
18
20
|
* const example = new cloudflare.AccessCaCertificate("example", {
|
|
19
|
-
* accountId: "
|
|
21
|
+
* accountId: "f037e56e89293a057740de681ac9abbe",
|
|
20
22
|
* applicationId: "6cd6cea3-3ef2-4542-9aea-85a0bbcd5414",
|
|
21
23
|
* });
|
|
22
24
|
* // zone level
|
|
23
25
|
* const anotherExample = new cloudflare.AccessCaCertificate("another_example", {
|
|
24
26
|
* applicationId: "fe2be0ff-7f13-4350-8c8e-a9b9795fe3c2",
|
|
25
|
-
* zoneId: "
|
|
27
|
+
* zoneId: "0da42c8d2132a9ddaf714f9e7c920711",
|
|
26
28
|
* });
|
|
27
29
|
* ```
|
|
28
30
|
*
|
|
@@ -57,7 +59,7 @@ export declare class AccessCaCertificate extends pulumi.CustomResource {
|
|
|
57
59
|
*/
|
|
58
60
|
static isInstance(obj: any): obj is AccessCaCertificate;
|
|
59
61
|
/**
|
|
60
|
-
* The account identifier to target for the resource.
|
|
62
|
+
* The account identifier to target for the resource. Conflicts with `zoneId`.
|
|
61
63
|
*/
|
|
62
64
|
readonly accountId: pulumi.Output<string>;
|
|
63
65
|
/**
|
|
@@ -65,15 +67,15 @@ export declare class AccessCaCertificate extends pulumi.CustomResource {
|
|
|
65
67
|
*/
|
|
66
68
|
readonly applicationId: pulumi.Output<string>;
|
|
67
69
|
/**
|
|
68
|
-
* Application Audience (AUD) Tag of the CA certificate
|
|
70
|
+
* Application Audience (AUD) Tag of the CA certificate.
|
|
69
71
|
*/
|
|
70
72
|
readonly aud: pulumi.Output<string>;
|
|
71
73
|
/**
|
|
72
|
-
* Cryptographic public key of the generated CA certificate
|
|
74
|
+
* Cryptographic public key of the generated CA certificate.
|
|
73
75
|
*/
|
|
74
76
|
readonly publicKey: pulumi.Output<string>;
|
|
75
77
|
/**
|
|
76
|
-
* The zone identifier to target for the resource.
|
|
78
|
+
* The zone identifier to target for the resource. Conflicts with `accountId`.
|
|
77
79
|
*/
|
|
78
80
|
readonly zoneId: pulumi.Output<string>;
|
|
79
81
|
/**
|
|
@@ -90,7 +92,7 @@ export declare class AccessCaCertificate extends pulumi.CustomResource {
|
|
|
90
92
|
*/
|
|
91
93
|
export interface AccessCaCertificateState {
|
|
92
94
|
/**
|
|
93
|
-
* The account identifier to target for the resource.
|
|
95
|
+
* The account identifier to target for the resource. Conflicts with `zoneId`.
|
|
94
96
|
*/
|
|
95
97
|
accountId?: pulumi.Input<string>;
|
|
96
98
|
/**
|
|
@@ -98,15 +100,15 @@ export interface AccessCaCertificateState {
|
|
|
98
100
|
*/
|
|
99
101
|
applicationId?: pulumi.Input<string>;
|
|
100
102
|
/**
|
|
101
|
-
* Application Audience (AUD) Tag of the CA certificate
|
|
103
|
+
* Application Audience (AUD) Tag of the CA certificate.
|
|
102
104
|
*/
|
|
103
105
|
aud?: pulumi.Input<string>;
|
|
104
106
|
/**
|
|
105
|
-
* Cryptographic public key of the generated CA certificate
|
|
107
|
+
* Cryptographic public key of the generated CA certificate.
|
|
106
108
|
*/
|
|
107
109
|
publicKey?: pulumi.Input<string>;
|
|
108
110
|
/**
|
|
109
|
-
* The zone identifier to target for the resource.
|
|
111
|
+
* The zone identifier to target for the resource. Conflicts with `accountId`.
|
|
110
112
|
*/
|
|
111
113
|
zoneId?: pulumi.Input<string>;
|
|
112
114
|
}
|
|
@@ -115,7 +117,7 @@ export interface AccessCaCertificateState {
|
|
|
115
117
|
*/
|
|
116
118
|
export interface AccessCaCertificateArgs {
|
|
117
119
|
/**
|
|
118
|
-
* The account identifier to target for the resource.
|
|
120
|
+
* The account identifier to target for the resource. Conflicts with `zoneId`.
|
|
119
121
|
*/
|
|
120
122
|
accountId?: pulumi.Input<string>;
|
|
121
123
|
/**
|
|
@@ -123,7 +125,7 @@ export interface AccessCaCertificateArgs {
|
|
|
123
125
|
*/
|
|
124
126
|
applicationId: pulumi.Input<string>;
|
|
125
127
|
/**
|
|
126
|
-
* The zone identifier to target for the resource.
|
|
128
|
+
* The zone identifier to target for the resource. Conflicts with `accountId`.
|
|
127
129
|
*/
|
|
128
130
|
zoneId?: pulumi.Input<string>;
|
|
129
131
|
}
|
package/accessCaCertificate.js
CHANGED
|
@@ -6,7 +6,9 @@ exports.AccessCaCertificate = void 0;
|
|
|
6
6
|
const pulumi = require("@pulumi/pulumi");
|
|
7
7
|
const utilities = require("./utilities");
|
|
8
8
|
/**
|
|
9
|
-
* Cloudflare Access can replace traditional SSH key models with
|
|
9
|
+
* Cloudflare Access can replace traditional SSH key models with
|
|
10
|
+
* short-lived certificates issued to your users based on the token
|
|
11
|
+
* generated by their Access login.
|
|
10
12
|
*
|
|
11
13
|
* > It's required that an `accountId` or `zoneId` is provided and in
|
|
12
14
|
* most cases using either is fine. However, if you're using a scoped
|
|
@@ -22,13 +24,13 @@ const utilities = require("./utilities");
|
|
|
22
24
|
*
|
|
23
25
|
* // account level
|
|
24
26
|
* const example = new cloudflare.AccessCaCertificate("example", {
|
|
25
|
-
* accountId: "
|
|
27
|
+
* accountId: "f037e56e89293a057740de681ac9abbe",
|
|
26
28
|
* applicationId: "6cd6cea3-3ef2-4542-9aea-85a0bbcd5414",
|
|
27
29
|
* });
|
|
28
30
|
* // zone level
|
|
29
31
|
* const anotherExample = new cloudflare.AccessCaCertificate("another_example", {
|
|
30
32
|
* applicationId: "fe2be0ff-7f13-4350-8c8e-a9b9795fe3c2",
|
|
31
|
-
* zoneId: "
|
|
33
|
+
* zoneId: "0da42c8d2132a9ddaf714f9e7c920711",
|
|
32
34
|
* });
|
|
33
35
|
* ```
|
|
34
36
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"accessCaCertificate.js","sourceRoot":"","sources":["../accessCaCertificate.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,yCAAyC;AAEzC
|
|
1
|
+
{"version":3,"file":"accessCaCertificate.js","sourceRoot":"","sources":["../accessCaCertificate.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,yCAAyC;AAEzC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA0CG;AACH,MAAa,mBAAoB,SAAQ,MAAM,CAAC,cAAc;IAyD1D,YAAY,IAAY,EAAE,WAAgE,EAAE,IAAmC;QAC3H,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAmD,CAAC;YAClE,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,KAAK,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;SAC/D;aAAM;YACH,MAAM,IAAI,GAAG,WAAkD,CAAC;YAChE,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,aAAa,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC1D,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;aAChE;YACD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,KAAK,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YAC1C,cAAc,CAAC,WAAW,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SACnD;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,mBAAmB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACxE,CAAC;IA/ED;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAgC,EAAE,IAAmC;QAC9H,OAAO,IAAI,mBAAmB,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IAC1E,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,mBAAmB,CAAC,YAAY,CAAC;IACpE,CAAC;;AA1BL,kDAiFC;AAnEG,gBAAgB;AACO,gCAAY,GAAG,0DAA0D,CAAC"}
|
package/accessGroup.d.ts
CHANGED
|
@@ -1,7 +1,9 @@
|
|
|
1
1
|
import * as pulumi from "@pulumi/pulumi";
|
|
2
2
|
import { input as inputs, output as outputs } from "./types";
|
|
3
3
|
/**
|
|
4
|
-
* Provides a Cloudflare Access Group resource. Access Groups are used
|
|
4
|
+
* Provides a Cloudflare Access Group resource. Access Groups are used
|
|
5
|
+
* in conjunction with Access Policies to restrict access to a
|
|
6
|
+
* particular resource based on group membership.
|
|
5
7
|
*
|
|
6
8
|
* > It's required that an `accountId` or `zoneId` is provided and in
|
|
7
9
|
* most cases using either is fine. However, if you're using a scoped
|
|
@@ -9,34 +11,6 @@ import { input as inputs, output as outputs } from "./types";
|
|
|
9
11
|
* scope. For example, an access token that is scoped to the "example.com"
|
|
10
12
|
* zone needs to use the `zoneId` argument.
|
|
11
13
|
*
|
|
12
|
-
* ## Example Usage
|
|
13
|
-
*
|
|
14
|
-
* ```typescript
|
|
15
|
-
* import * as pulumi from "@pulumi/pulumi";
|
|
16
|
-
* import * as cloudflare from "@pulumi/cloudflare";
|
|
17
|
-
*
|
|
18
|
-
* // Allowing access to `test@example.com` email address only
|
|
19
|
-
* const testGroupAccessGroup = new cloudflare.AccessGroup("testGroupAccessGroup", {
|
|
20
|
-
* accountId: "975ecf5a45e3bcb680dba0722a420ad9",
|
|
21
|
-
* name: "staging group",
|
|
22
|
-
* includes: [{
|
|
23
|
-
* emails: ["test@example.com"],
|
|
24
|
-
* }],
|
|
25
|
-
* });
|
|
26
|
-
* // Allowing `test@example.com` to access but only when coming from a
|
|
27
|
-
* // specific IP.
|
|
28
|
-
* const testGroupIndex_accessGroupAccessGroup = new cloudflare.AccessGroup("testGroupIndex/accessGroupAccessGroup", {
|
|
29
|
-
* accountId: "975ecf5a45e3bcb680dba0722a420ad9",
|
|
30
|
-
* name: "staging group",
|
|
31
|
-
* includes: [{
|
|
32
|
-
* emails: ["test@example.com"],
|
|
33
|
-
* }],
|
|
34
|
-
* requires: {
|
|
35
|
-
* ips: [_var.office_ip],
|
|
36
|
-
* },
|
|
37
|
-
* });
|
|
38
|
-
* ```
|
|
39
|
-
*
|
|
40
14
|
* ## Import
|
|
41
15
|
*
|
|
42
16
|
* ```sh
|
|
@@ -60,7 +34,7 @@ export declare class AccessGroup extends pulumi.CustomResource {
|
|
|
60
34
|
*/
|
|
61
35
|
static isInstance(obj: any): obj is AccessGroup;
|
|
62
36
|
/**
|
|
63
|
-
* The account identifier to target for the resource.
|
|
37
|
+
* The account identifier to target for the resource. Conflicts with `zoneId`.
|
|
64
38
|
*/
|
|
65
39
|
readonly accountId: pulumi.Output<string | undefined>;
|
|
66
40
|
readonly excludes: pulumi.Output<outputs.AccessGroupExclude[] | undefined>;
|
|
@@ -68,7 +42,7 @@ export declare class AccessGroup extends pulumi.CustomResource {
|
|
|
68
42
|
readonly name: pulumi.Output<string>;
|
|
69
43
|
readonly requires: pulumi.Output<outputs.AccessGroupRequire[] | undefined>;
|
|
70
44
|
/**
|
|
71
|
-
* The zone identifier to target for the resource.
|
|
45
|
+
* The zone identifier to target for the resource. Conflicts with `accountId`.
|
|
72
46
|
*/
|
|
73
47
|
readonly zoneId: pulumi.Output<string>;
|
|
74
48
|
/**
|
|
@@ -85,7 +59,7 @@ export declare class AccessGroup extends pulumi.CustomResource {
|
|
|
85
59
|
*/
|
|
86
60
|
export interface AccessGroupState {
|
|
87
61
|
/**
|
|
88
|
-
* The account identifier to target for the resource.
|
|
62
|
+
* The account identifier to target for the resource. Conflicts with `zoneId`.
|
|
89
63
|
*/
|
|
90
64
|
accountId?: pulumi.Input<string>;
|
|
91
65
|
excludes?: pulumi.Input<pulumi.Input<inputs.AccessGroupExclude>[]>;
|
|
@@ -93,7 +67,7 @@ export interface AccessGroupState {
|
|
|
93
67
|
name?: pulumi.Input<string>;
|
|
94
68
|
requires?: pulumi.Input<pulumi.Input<inputs.AccessGroupRequire>[]>;
|
|
95
69
|
/**
|
|
96
|
-
* The zone identifier to target for the resource.
|
|
70
|
+
* The zone identifier to target for the resource. Conflicts with `accountId`.
|
|
97
71
|
*/
|
|
98
72
|
zoneId?: pulumi.Input<string>;
|
|
99
73
|
}
|
|
@@ -102,7 +76,7 @@ export interface AccessGroupState {
|
|
|
102
76
|
*/
|
|
103
77
|
export interface AccessGroupArgs {
|
|
104
78
|
/**
|
|
105
|
-
* The account identifier to target for the resource.
|
|
79
|
+
* The account identifier to target for the resource. Conflicts with `zoneId`.
|
|
106
80
|
*/
|
|
107
81
|
accountId?: pulumi.Input<string>;
|
|
108
82
|
excludes?: pulumi.Input<pulumi.Input<inputs.AccessGroupExclude>[]>;
|
|
@@ -110,7 +84,7 @@ export interface AccessGroupArgs {
|
|
|
110
84
|
name: pulumi.Input<string>;
|
|
111
85
|
requires?: pulumi.Input<pulumi.Input<inputs.AccessGroupRequire>[]>;
|
|
112
86
|
/**
|
|
113
|
-
* The zone identifier to target for the resource.
|
|
87
|
+
* The zone identifier to target for the resource. Conflicts with `accountId`.
|
|
114
88
|
*/
|
|
115
89
|
zoneId?: pulumi.Input<string>;
|
|
116
90
|
}
|