@pulumi/cloudflare 5.50.0-alpha.1744436206 → 6.0.0

package/zeroTrustDeviceCustomProfile.d.ts

@@ -0,0 +1,356 @@
+import * as pulumi from "@pulumi/pulumi";
+import * as inputs from "./types/input";
+import * as outputs from "./types/output";
+/**
+ * ## Example Usage
+ *
+ * ```typescript
+ * import * as pulumi from "@pulumi/pulumi";
+ * import * as cloudflare from "@pulumi/cloudflare";
+ *
+ * const exampleZeroTrustDeviceCustomProfile = new cloudflare.ZeroTrustDeviceCustomProfile("example_zero_trust_device_custom_profile", {
+ *     accountId: "699d98642c564d2e855e9661899b7252",
+ *     match: "user.identity == \"test@cloudflare.com\"",
+ *     name: "Allow Developers",
+ *     precedence: 100,
+ *     allowModeSwitch: true,
+ *     allowUpdates: true,
+ *     allowedToLeave: true,
+ *     autoConnect: 0,
+ *     captivePortal: 180,
+ *     description: "Policy for test teams.",
+ *     disableAutoFallback: true,
+ *     enabled: true,
+ *     excludes: [{
+ *         address: "192.0.2.0/24",
+ *         description: "Exclude testing domains from the tunnel",
+ *         host: "*.example.com",
+ *     }],
+ *     excludeOfficeIps: true,
+ *     includes: [{
+ *         address: "192.0.2.0/24",
+ *         description: "Exclude testing domains from the tunnel",
+ *         host: "*.example.com",
+ *     }],
+ *     lanAllowMinutes: 30,
+ *     lanAllowSubnetSize: 24,
+ *     registerInterfaceIpWithDns: true,
+ *     serviceModeV2: {
+ *         mode: "proxy",
+ *         port: 3000,
+ *     },
+ *     supportUrl: "https://1.1.1.1/help",
+ *     switchLocked: true,
+ *     tunnelProtocol: "wireguard",
+ * });
+ * ```
+ *
+ * ## Import
+ *
+ * ```sh
+ * $ pulumi import cloudflare:index/zeroTrustDeviceCustomProfile:ZeroTrustDeviceCustomProfile example '<account_id>/<policy_id>'
+ * ```
+ */
+export declare class ZeroTrustDeviceCustomProfile extends pulumi.CustomResource {
+    /**
+     * Get an existing ZeroTrustDeviceCustomProfile resource's state with the given name, ID, and optional extra
+     * properties used to qualify the lookup.
+     *
+     * @param name The _unique_ name of the resulting resource.
+     * @param id The _unique_ provider ID of the resource to lookup.
+     * @param state Any extra arguments used during the lookup.
+     * @param opts Optional settings to control the behavior of the CustomResource.
+     */
+    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ZeroTrustDeviceCustomProfileState, opts?: pulumi.CustomResourceOptions): ZeroTrustDeviceCustomProfile;
+    /**
+     * Returns true if the given object is an instance of ZeroTrustDeviceCustomProfile.  This is designed to work even
+     * when multiple copies of the Pulumi SDK have been loaded into the same process.
+     */
+    static isInstance(obj: any): obj is ZeroTrustDeviceCustomProfile;
+    readonly accountId: pulumi.Output<string>;
+    /**
+     * Whether to allow the user to switch WARP between modes.
+     */
+    readonly allowModeSwitch: pulumi.Output<boolean | undefined>;
+    /**
+     * Whether to receive update notifications when a new version of the client is available.
+     */
+    readonly allowUpdates: pulumi.Output<boolean | undefined>;
+    /**
+     * Whether to allow devices to leave the organization.
+     */
+    readonly allowedToLeave: pulumi.Output<boolean | undefined>;
+    /**
+     * The amount of time in seconds to reconnect after having been disabled.
+     */
+    readonly autoConnect: pulumi.Output<number | undefined>;
+    /**
+     * Turn on the captive portal after the specified amount of time.
+     */
+    readonly captivePortal: pulumi.Output<number | undefined>;
+    /**
+     * Whether the policy is the default policy for an account.
+     */
+    readonly default: pulumi.Output<boolean>;
+    /**
+     * A description of the policy.
+     */
+    readonly description: pulumi.Output<string | undefined>;
+    /**
+     * If the `dnsServer` field of a fallback domain is not present, the client will fall back to a best guess of the default/system DNS resolvers unless this policy option is set to `true`.
+     */
+    readonly disableAutoFallback: pulumi.Output<boolean | undefined>;
+    /**
+     * Whether the policy will be applied to matching devices.
+     */
+    readonly enabled: pulumi.Output<boolean | undefined>;
+    /**
+     * Whether to add Microsoft IPs to Split Tunnel exclusions.
+     */
+    readonly excludeOfficeIps: pulumi.Output<boolean | undefined>;
+    /**
+     * List of routes excluded in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
+     */
+    readonly excludes: pulumi.Output<outputs.ZeroTrustDeviceCustomProfileExclude[]>;
+    readonly fallbackDomains: pulumi.Output<outputs.ZeroTrustDeviceCustomProfileFallbackDomain[]>;
+    readonly gatewayUniqueId: pulumi.Output<string>;
+    /**
+     * List of routes included in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
+     */
+    readonly includes: pulumi.Output<outputs.ZeroTrustDeviceCustomProfileInclude[]>;
+    /**
+     * The amount of time in minutes a user is allowed access to their LAN. A value of 0 will allow LAN access until the next WARP reconnection, such as a reboot or a laptop waking from sleep. Note that this field is omitted from the response if null or unset.
+     */
+    readonly lanAllowMinutes: pulumi.Output<number | undefined>;
+    /**
+     * The size of the subnet for the local access network. Note that this field is omitted from the response if null or unset.
+     */
+    readonly lanAllowSubnetSize: pulumi.Output<number | undefined>;
+    /**
+     * The wirefilter expression to match devices.
+     */
+    readonly match: pulumi.Output<string>;
+    /**
+     * The name of the device settings profile.
+     */
+    readonly name: pulumi.Output<string>;
+    /**
+     * Device ID.
+     */
+    readonly policyId: pulumi.Output<string>;
+    /**
+     * The precedence of the policy. Lower values indicate higher precedence. Policies will be evaluated in ascending order of this field.
+     */
+    readonly precedence: pulumi.Output<number>;
+    /**
+     * Determines if the operating system will register WARP's local interface IP with your on-premises DNS server.
+     */
+    readonly registerInterfaceIpWithDns: pulumi.Output<boolean | undefined>;
+    readonly serviceModeV2: pulumi.Output<outputs.ZeroTrustDeviceCustomProfileServiceModeV2>;
+    /**
+     * The URL to launch when the Send Feedback button is clicked.
+     */
+    readonly supportUrl: pulumi.Output<string | undefined>;
+    /**
+     * Whether to allow the user to turn off the WARP switch and disconnect the client.
+     */
+    readonly switchLocked: pulumi.Output<boolean | undefined>;
+    readonly targetTests: pulumi.Output<outputs.ZeroTrustDeviceCustomProfileTargetTest[]>;
+    /**
+     * Determines which tunnel protocol to use.
+     */
+    readonly tunnelProtocol: pulumi.Output<string | undefined>;
+    /**
+     * Create a ZeroTrustDeviceCustomProfile resource with the given unique name, arguments, and options.
+     *
+     * @param name The _unique_ name of the resource.
+     * @param args The arguments to use to populate this resource's properties.
+     * @param opts A bag of options that control this resource's behavior.
+     */
+    constructor(name: string, args: ZeroTrustDeviceCustomProfileArgs, opts?: pulumi.CustomResourceOptions);
+}
+/**
+ * Input properties used for looking up and filtering ZeroTrustDeviceCustomProfile resources.
+ */
+export interface ZeroTrustDeviceCustomProfileState {
+    accountId?: pulumi.Input<string>;
+    /**
+     * Whether to allow the user to switch WARP between modes.
+     */
+    allowModeSwitch?: pulumi.Input<boolean>;
+    /**
+     * Whether to receive update notifications when a new version of the client is available.
+     */
+    allowUpdates?: pulumi.Input<boolean>;
+    /**
+     * Whether to allow devices to leave the organization.
+     */
+    allowedToLeave?: pulumi.Input<boolean>;
+    /**
+     * The amount of time in seconds to reconnect after having been disabled.
+     */
+    autoConnect?: pulumi.Input<number>;
+    /**
+     * Turn on the captive portal after the specified amount of time.
+     */
+    captivePortal?: pulumi.Input<number>;
+    /**
+     * Whether the policy is the default policy for an account.
+     */
+    default?: pulumi.Input<boolean>;
+    /**
+     * A description of the policy.
+     */
+    description?: pulumi.Input<string>;
+    /**
+     * If the `dnsServer` field of a fallback domain is not present, the client will fall back to a best guess of the default/system DNS resolvers unless this policy option is set to `true`.
+     */
+    disableAutoFallback?: pulumi.Input<boolean>;
+    /**
+     * Whether the policy will be applied to matching devices.
+     */
+    enabled?: pulumi.Input<boolean>;
+    /**
+     * Whether to add Microsoft IPs to Split Tunnel exclusions.
+     */
+    excludeOfficeIps?: pulumi.Input<boolean>;
+    /**
+     * List of routes excluded in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
+     */
+    excludes?: pulumi.Input<pulumi.Input<inputs.ZeroTrustDeviceCustomProfileExclude>[]>;
+    fallbackDomains?: pulumi.Input<pulumi.Input<inputs.ZeroTrustDeviceCustomProfileFallbackDomain>[]>;
+    gatewayUniqueId?: pulumi.Input<string>;
+    /**
+     * List of routes included in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
+     */
+    includes?: pulumi.Input<pulumi.Input<inputs.ZeroTrustDeviceCustomProfileInclude>[]>;
+    /**
+     * The amount of time in minutes a user is allowed access to their LAN. A value of 0 will allow LAN access until the next WARP reconnection, such as a reboot or a laptop waking from sleep. Note that this field is omitted from the response if null or unset.
+     */
+    lanAllowMinutes?: pulumi.Input<number>;
+    /**
+     * The size of the subnet for the local access network. Note that this field is omitted from the response if null or unset.
+     */
+    lanAllowSubnetSize?: pulumi.Input<number>;
+    /**
+     * The wirefilter expression to match devices.
+     */
+    match?: pulumi.Input<string>;
+    /**
+     * The name of the device settings profile.
+     */
+    name?: pulumi.Input<string>;
+    /**
+     * Device ID.
+     */
+    policyId?: pulumi.Input<string>;
+    /**
+     * The precedence of the policy. Lower values indicate higher precedence. Policies will be evaluated in ascending order of this field.
+     */
+    precedence?: pulumi.Input<number>;
+    /**
+     * Determines if the operating system will register WARP's local interface IP with your on-premises DNS server.
+     */
+    registerInterfaceIpWithDns?: pulumi.Input<boolean>;
+    serviceModeV2?: pulumi.Input<inputs.ZeroTrustDeviceCustomProfileServiceModeV2>;
+    /**
+     * The URL to launch when the Send Feedback button is clicked.
+     */
+    supportUrl?: pulumi.Input<string>;
+    /**
+     * Whether to allow the user to turn off the WARP switch and disconnect the client.
+     */
+    switchLocked?: pulumi.Input<boolean>;
+    targetTests?: pulumi.Input<pulumi.Input<inputs.ZeroTrustDeviceCustomProfileTargetTest>[]>;
+    /**
+     * Determines which tunnel protocol to use.
+     */
+    tunnelProtocol?: pulumi.Input<string>;
+}
+/**
+ * The set of arguments for constructing a ZeroTrustDeviceCustomProfile resource.
+ */
+export interface ZeroTrustDeviceCustomProfileArgs {
+    accountId: pulumi.Input<string>;
+    /**
+     * Whether to allow the user to switch WARP between modes.
+     */
+    allowModeSwitch?: pulumi.Input<boolean>;
+    /**
+     * Whether to receive update notifications when a new version of the client is available.
+     */
+    allowUpdates?: pulumi.Input<boolean>;
+    /**
+     * Whether to allow devices to leave the organization.
+     */
+    allowedToLeave?: pulumi.Input<boolean>;
+    /**
+     * The amount of time in seconds to reconnect after having been disabled.
+     */
+    autoConnect?: pulumi.Input<number>;
+    /**
+     * Turn on the captive portal after the specified amount of time.
+     */
+    captivePortal?: pulumi.Input<number>;
+    /**
+     * A description of the policy.
+     */
+    description?: pulumi.Input<string>;
+    /**
+     * If the `dnsServer` field of a fallback domain is not present, the client will fall back to a best guess of the default/system DNS resolvers unless this policy option is set to `true`.
+     */
+    disableAutoFallback?: pulumi.Input<boolean>;
+    /**
+     * Whether the policy will be applied to matching devices.
+     */
+    enabled?: pulumi.Input<boolean>;
+    /**
+     * Whether to add Microsoft IPs to Split Tunnel exclusions.
+     */
+    excludeOfficeIps?: pulumi.Input<boolean>;
+    /**
+     * List of routes excluded in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
+     */
+    excludes?: pulumi.Input<pulumi.Input<inputs.ZeroTrustDeviceCustomProfileExclude>[]>;
+    /**
+     * List of routes included in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
+     */
+    includes?: pulumi.Input<pulumi.Input<inputs.ZeroTrustDeviceCustomProfileInclude>[]>;
+    /**
+     * The amount of time in minutes a user is allowed access to their LAN. A value of 0 will allow LAN access until the next WARP reconnection, such as a reboot or a laptop waking from sleep. Note that this field is omitted from the response if null or unset.
+     */
+    lanAllowMinutes?: pulumi.Input<number>;
+    /**
+     * The size of the subnet for the local access network. Note that this field is omitted from the response if null or unset.
+     */
+    lanAllowSubnetSize?: pulumi.Input<number>;
+    /**
+     * The wirefilter expression to match devices.
+     */
+    match: pulumi.Input<string>;
+    /**
+     * The name of the device settings profile.
+     */
+    name: pulumi.Input<string>;
+    /**
+     * The precedence of the policy. Lower values indicate higher precedence. Policies will be evaluated in ascending order of this field.
+     */
+    precedence: pulumi.Input<number>;
+    /**
+     * Determines if the operating system will register WARP's local interface IP with your on-premises DNS server.
+     */
+    registerInterfaceIpWithDns?: pulumi.Input<boolean>;
+    serviceModeV2?: pulumi.Input<inputs.ZeroTrustDeviceCustomProfileServiceModeV2>;
+    /**
+     * The URL to launch when the Send Feedback button is clicked.
+     */
+    supportUrl?: pulumi.Input<string>;
+    /**
+     * Whether to allow the user to turn off the WARP switch and disconnect the client.
+     */
+    switchLocked?: pulumi.Input<boolean>;
+    /**
+     * Determines which tunnel protocol to use.
+     */
+    tunnelProtocol?: pulumi.Input<string>;
+}

package/{deviceSettingsPolicy.js → zeroTrustDeviceCustomProfile.js}

@@ -2,52 +2,62 @@
 // *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
 // *** Do not edit by hand unless you're certain you know what you are doing! ***
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.DeviceSettingsPolicy = void 0;
+exports.ZeroTrustDeviceCustomProfile = void 0;
 const pulumi = require("@pulumi/pulumi");
 const utilities = require("./utilities");
 /**
- * Provides a Cloudflare Device Settings Policy resource. Device policies configure settings applied to WARP devices.
- *
  * ## Example Usage
  *
  * ```typescript
  * import * as pulumi from "@pulumi/pulumi";
  * import * as cloudflare from "@pulumi/cloudflare";
  *
- * const developerWarpPolicy = new cloudflare.DeviceSettingsPolicy("developer_warp_policy", {
- *     accountId: "f037e56e89293a057740de681ac9abbe",
- *     name: "Developers WARP settings policy",
- *     description: "Developers WARP settings policy description",
- *     precedence: 10,
- *     match: "any(identity.groups.name[*] in {\"Developers\"})",
- *     "default": false,
- *     enabled: true,
+ * const exampleZeroTrustDeviceCustomProfile = new cloudflare.ZeroTrustDeviceCustomProfile("example_zero_trust_device_custom_profile", {
+ *     accountId: "699d98642c564d2e855e9661899b7252",
+ *     match: "user.identity == \"test@cloudflare.com\"",
+ *     name: "Allow Developers",
+ *     precedence: 100,
  *     allowModeSwitch: true,
  *     allowUpdates: true,
  *     allowedToLeave: true,
  *     autoConnect: 0,
- *     captivePortal: 5,
+ *     captivePortal: 180,
+ *     description: "Policy for test teams.",
  *     disableAutoFallback: true,
- *     supportUrl: "https://cloudflare.com",
+ *     enabled: true,
+ *     excludes: [{
+ *         address: "192.0.2.0/24",
+ *         description: "Exclude testing domains from the tunnel",
+ *         host: "*.example.com",
+ *     }],
+ *     excludeOfficeIps: true,
+ *     includes: [{
+ *         address: "192.0.2.0/24",
+ *         description: "Exclude testing domains from the tunnel",
+ *         host: "*.example.com",
+ *     }],
+ *     lanAllowMinutes: 30,
+ *     lanAllowSubnetSize: 24,
+ *     registerInterfaceIpWithDns: true,
+ *     serviceModeV2: {
+ *         mode: "proxy",
+ *         port: 3000,
+ *     },
+ *     supportUrl: "https://1.1.1.1/help",
  *     switchLocked: true,
- *     serviceModeV2Mode: "warp",
- *     serviceModeV2Port: 3000,
- *     excludeOfficeIps: false,
  *     tunnelProtocol: "wireguard",
  * });
  * ```
  *
  * ## Import
  *
- * For default device settings policies you must use "default" as the policy ID.
- *
  * ```sh
- * $ pulumi import cloudflare:index/deviceSettingsPolicy:DeviceSettingsPolicy example <account_id>/<device_policy_id>
+ * $ pulumi import cloudflare:index/zeroTrustDeviceCustomProfile:ZeroTrustDeviceCustomProfile example '<account_id>/<policy_id>'
  * ```
  */
-class DeviceSettingsPolicy extends pulumi.CustomResource {
+class ZeroTrustDeviceCustomProfile extends pulumi.CustomResource {
     /**
-     * Get an existing DeviceSettingsPolicy resource's state with the given name, ID, and optional extra
+     * Get an existing ZeroTrustDeviceCustomProfile resource's state with the given name, ID, and optional extra
      * properties used to qualify the lookup.
      *
      * @param name The _unique_ name of the resulting resource.
@@ -56,17 +66,17 @@ class DeviceSettingsPolicy extends pulumi.CustomResource {
      * @param opts Optional settings to control the behavior of the CustomResource.
      */
     static get(name, id, state, opts) {
-        return new DeviceSettingsPolicy(name, state, Object.assign(Object.assign({}, opts), { id: id }));
+        return new ZeroTrustDeviceCustomProfile(name, state, Object.assign(Object.assign({}, opts), { id: id }));
     }
     /**
-     * Returns true if the given object is an instance of DeviceSettingsPolicy.  This is designed to work even
+     * Returns true if the given object is an instance of ZeroTrustDeviceCustomProfile.  This is designed to work even
      * when multiple copies of the Pulumi SDK have been loaded into the same process.
      */
     static isInstance(obj) {
         if (obj === undefined || obj === null) {
             return false;
         }
-        return obj['__pulumiType'] === DeviceSettingsPolicy.__pulumiType;
+        return obj['__pulumiType'] === ZeroTrustDeviceCustomProfile.__pulumiType;
     }
     constructor(name, argsOrState, opts) {
         let resourceInputs = {};
@@ -84,13 +94,21 @@ class DeviceSettingsPolicy extends pulumi.CustomResource {
             resourceInputs["disableAutoFallback"] = state ? state.disableAutoFallback : undefined;
             resourceInputs["enabled"] = state ? state.enabled : undefined;
             resourceInputs["excludeOfficeIps"] = state ? state.excludeOfficeIps : undefined;
+            resourceInputs["excludes"] = state ? state.excludes : undefined;
+            resourceInputs["fallbackDomains"] = state ? state.fallbackDomains : undefined;
+            resourceInputs["gatewayUniqueId"] = state ? state.gatewayUniqueId : undefined;
+            resourceInputs["includes"] = state ? state.includes : undefined;
+            resourceInputs["lanAllowMinutes"] = state ? state.lanAllowMinutes : undefined;
+            resourceInputs["lanAllowSubnetSize"] = state ? state.lanAllowSubnetSize : undefined;
             resourceInputs["match"] = state ? state.match : undefined;
             resourceInputs["name"] = state ? state.name : undefined;
+            resourceInputs["policyId"] = state ? state.policyId : undefined;
             resourceInputs["precedence"] = state ? state.precedence : undefined;
-            resourceInputs["serviceModeV2Mode"] = state ? state.serviceModeV2Mode : undefined;
-            resourceInputs["serviceModeV2Port"] = state ? state.serviceModeV2Port : undefined;
+            resourceInputs["registerInterfaceIpWithDns"] = state ? state.registerInterfaceIpWithDns : undefined;
+            resourceInputs["serviceModeV2"] = state ? state.serviceModeV2 : undefined;
             resourceInputs["supportUrl"] = state ? state.supportUrl : undefined;
             resourceInputs["switchLocked"] = state ? state.switchLocked : undefined;
+            resourceInputs["targetTests"] = state ? state.targetTests : undefined;
             resourceInputs["tunnelProtocol"] = state ? state.tunnelProtocol : undefined;
         }
         else {
@@ -98,37 +116,50 @@ class DeviceSettingsPolicy extends pulumi.CustomResource {
             if ((!args || args.accountId === undefined) && !opts.urn) {
                 throw new Error("Missing required property 'accountId'");
             }
-            if ((!args || args.description === undefined) && !opts.urn) {
-                throw new Error("Missing required property 'description'");
+            if ((!args || args.match === undefined) && !opts.urn) {
+                throw new Error("Missing required property 'match'");
             }
             if ((!args || args.name === undefined) && !opts.urn) {
                 throw new Error("Missing required property 'name'");
             }
+            if ((!args || args.precedence === undefined) && !opts.urn) {
+                throw new Error("Missing required property 'precedence'");
+            }
             resourceInputs["accountId"] = args ? args.accountId : undefined;
             resourceInputs["allowModeSwitch"] = args ? args.allowModeSwitch : undefined;
             resourceInputs["allowUpdates"] = args ? args.allowUpdates : undefined;
             resourceInputs["allowedToLeave"] = args ? args.allowedToLeave : undefined;
             resourceInputs["autoConnect"] = args ? args.autoConnect : undefined;
             resourceInputs["captivePortal"] = args ? args.captivePortal : undefined;
-            resourceInputs["default"] = args ? args.default : undefined;
             resourceInputs["description"] = args ? args.description : undefined;
             resourceInputs["disableAutoFallback"] = args ? args.disableAutoFallback : undefined;
             resourceInputs["enabled"] = args ? args.enabled : undefined;
             resourceInputs["excludeOfficeIps"] = args ? args.excludeOfficeIps : undefined;
+            resourceInputs["excludes"] = args ? args.excludes : undefined;
+            resourceInputs["includes"] = args ? args.includes : undefined;
+            resourceInputs["lanAllowMinutes"] = args ? args.lanAllowMinutes : undefined;
+            resourceInputs["lanAllowSubnetSize"] = args ? args.lanAllowSubnetSize : undefined;
             resourceInputs["match"] = args ? args.match : undefined;
             resourceInputs["name"] = args ? args.name : undefined;
             resourceInputs["precedence"] = args ? args.precedence : undefined;
-            resourceInputs["serviceModeV2Mode"] = args ? args.serviceModeV2Mode : undefined;
-            resourceInputs["serviceModeV2Port"] = args ? args.serviceModeV2Port : undefined;
+            resourceInputs["registerInterfaceIpWithDns"] = args ? args.registerInterfaceIpWithDns : undefined;
+            resourceInputs["serviceModeV2"] = args ? args.serviceModeV2 : undefined;
             resourceInputs["supportUrl"] = args ? args.supportUrl : undefined;
             resourceInputs["switchLocked"] = args ? args.switchLocked : undefined;
             resourceInputs["tunnelProtocol"] = args ? args.tunnelProtocol : undefined;
+            resourceInputs["default"] = undefined /*out*/;
+            resourceInputs["fallbackDomains"] = undefined /*out*/;
+            resourceInputs["gatewayUniqueId"] = undefined /*out*/;
+            resourceInputs["policyId"] = undefined /*out*/;
+            resourceInputs["targetTests"] = undefined /*out*/;
         }
         opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
-        super(DeviceSettingsPolicy.__pulumiType, name, resourceInputs, opts);
+        const aliasOpts = { aliases: [{ type: "cloudflare:index/deviceSettingsPolicy:DeviceSettingsPolicy" }, { type: "cloudflare:index/splitTunnel:SplitTunnel" }] };
+        opts = pulumi.mergeOptions(opts, aliasOpts);
+        super(ZeroTrustDeviceCustomProfile.__pulumiType, name, resourceInputs, opts);
     }
 }
-exports.DeviceSettingsPolicy = DeviceSettingsPolicy;
+exports.ZeroTrustDeviceCustomProfile = ZeroTrustDeviceCustomProfile;
 /** @internal */
-DeviceSettingsPolicy.__pulumiType = 'cloudflare:index/deviceSettingsPolicy:DeviceSettingsPolicy';
-//# sourceMappingURL=deviceSettingsPolicy.js.map
+ZeroTrustDeviceCustomProfile.__pulumiType = 'cloudflare:index/zeroTrustDeviceCustomProfile:ZeroTrustDeviceCustomProfile';
+//# sourceMappingURL=zeroTrustDeviceCustomProfile.js.map

package/zeroTrustDeviceCustomProfile.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"zeroTrustDeviceCustomProfile.js","sourceRoot":"","sources":["../zeroTrustDeviceCustomProfile.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AAGzC,yCAAyC;AAEzC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiDG;AACH,MAAa,4BAA6B,SAAQ,MAAM,CAAC,cAAc;IACnE;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAyC,EAAE,IAAmC;QACvI,OAAO,IAAI,4BAA4B,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACnF,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,4BAA4B,CAAC,YAAY,CAAC;IAC7E,CAAC;IAwGD,YAAY,IAAY,EAAE,WAAkF,EAAE,IAAmC;QAC7I,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA4D,CAAC;YAC3E,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,qBAAqB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC,CAAC,SAAS,CAAC;YACtF,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChF,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,oBAAoB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,CAAC,SAAS,CAAC;YACpF,cAAc,CAAC,OAAO,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,4BAA4B,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAC,CAAC,SAAS,CAAC;YACpG,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;SAC/E;aAAM;YACH,MAAM,IAAI,GAAG,WAA2D,CAAC;YACzE,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACtD,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;aAC5D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAClD,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;aACxD;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACjD,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;aACvD;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACvD,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;aAC7D;YACD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,qBAAqB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC,SAAS,CAAC;YACpF,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,oBAAoB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,CAAC,SAAS,CAAC;YAClF,cAAc,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,4BAA4B,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC,CAAC,SAAS,CAAC;YAClG,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,SAAS,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YAC9C,cAAc,CAAC,iBAAiB,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YACtD,cAAc,CAAC,iBAAiB,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YACtD,cAAc,CAAC,UAAU,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YAC/C,cAAc,CAAC,aAAa,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SACrD;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,MAAM,SAAS,GAAG,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,4DAA4D,EAAE,EAAE,EAAE,IAAI,EAAE,0CAA0C,EAAE,CAAC,EAAE,CAAC;QAC9J,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;QAC5C,KAAK,CAAC,4BAA4B,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACjF,CAAC;;AAhNL,oEAiNC;AAnMG,gBAAgB;AACO,yCAAY,GAAG,4EAA4E,CAAC"}

package/zeroTrustDeviceCustomProfileLocalDomainFallback.d.ts

@@ -0,0 +1,89 @@
+import * as pulumi from "@pulumi/pulumi";
+import * as inputs from "./types/input";
+import * as outputs from "./types/output";
+/**
+ * ## Example Usage
+ *
+ * ## Import
+ *
+ * ```sh
+ * $ pulumi import cloudflare:index/zeroTrustDeviceCustomProfileLocalDomainFallback:ZeroTrustDeviceCustomProfileLocalDomainFallback example '<account_id>/<policy_id>'
+ * ```
+ */
+export declare class ZeroTrustDeviceCustomProfileLocalDomainFallback extends pulumi.CustomResource {
+    /**
+     * Get an existing ZeroTrustDeviceCustomProfileLocalDomainFallback resource's state with the given name, ID, and optional extra
+     * properties used to qualify the lookup.
+     *
+     * @param name The _unique_ name of the resulting resource.
+     * @param id The _unique_ provider ID of the resource to lookup.
+     * @param state Any extra arguments used during the lookup.
+     * @param opts Optional settings to control the behavior of the CustomResource.
+     */
+    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ZeroTrustDeviceCustomProfileLocalDomainFallbackState, opts?: pulumi.CustomResourceOptions): ZeroTrustDeviceCustomProfileLocalDomainFallback;
+    /**
+     * Returns true if the given object is an instance of ZeroTrustDeviceCustomProfileLocalDomainFallback.  This is designed to work even
+     * when multiple copies of the Pulumi SDK have been loaded into the same process.
+     */
+    static isInstance(obj: any): obj is ZeroTrustDeviceCustomProfileLocalDomainFallback;
+    readonly accountId: pulumi.Output<string>;
+    /**
+     * A description of the fallback domain, displayed in the client UI.
+     */
+    readonly description: pulumi.Output<string>;
+    /**
+     * A list of IP addresses to handle domain resolution.
+     */
+    readonly dnsServers: pulumi.Output<string[]>;
+    readonly domains: pulumi.Output<outputs.ZeroTrustDeviceCustomProfileLocalDomainFallbackDomain[]>;
+    /**
+     * Device ID.
+     */
+    readonly policyId: pulumi.Output<string>;
+    /**
+     * The domain suffix to match when resolving locally.
+     */
+    readonly suffix: pulumi.Output<string>;
+    /**
+     * Create a ZeroTrustDeviceCustomProfileLocalDomainFallback resource with the given unique name, arguments, and options.
+     *
+     * @param name The _unique_ name of the resource.
+     * @param args The arguments to use to populate this resource's properties.
+     * @param opts A bag of options that control this resource's behavior.
+     */
+    constructor(name: string, args: ZeroTrustDeviceCustomProfileLocalDomainFallbackArgs, opts?: pulumi.CustomResourceOptions);
+}
+/**
+ * Input properties used for looking up and filtering ZeroTrustDeviceCustomProfileLocalDomainFallback resources.
+ */
+export interface ZeroTrustDeviceCustomProfileLocalDomainFallbackState {
+    accountId?: pulumi.Input<string>;
+    /**
+     * A description of the fallback domain, displayed in the client UI.
+     */
+    description?: pulumi.Input<string>;
+    /**
+     * A list of IP addresses to handle domain resolution.
+     */
+    dnsServers?: pulumi.Input<pulumi.Input<string>[]>;
+    domains?: pulumi.Input<pulumi.Input<inputs.ZeroTrustDeviceCustomProfileLocalDomainFallbackDomain>[]>;
+    /**
+     * Device ID.
+     */
+    policyId?: pulumi.Input<string>;
+    /**
+     * The domain suffix to match when resolving locally.
+     */
+    suffix?: pulumi.Input<string>;
+}
+/**
+ * The set of arguments for constructing a ZeroTrustDeviceCustomProfileLocalDomainFallback resource.
+ */
+export interface ZeroTrustDeviceCustomProfileLocalDomainFallbackArgs {
+    accountId: pulumi.Input<string>;
+    domains: pulumi.Input<pulumi.Input<inputs.ZeroTrustDeviceCustomProfileLocalDomainFallbackDomain>[]>;
+    /**
+     * Device ID.
+     */
+    policyId: pulumi.Input<string>;
+}