@pulumi/cloudflare 6.1.0-alpha.1744817152 → 6.1.0

package/streamLiveInput.d.ts

@@ -21,7 +21,7 @@ export declare class StreamLiveInput extends pulumi.CustomResource {
      */
     static isInstance(obj: any): obj is StreamLiveInput;
     /**
-     * Identifier
+     * Identifier.
      */
     readonly accountId: pulumi.Output<string>;
     /**
@@ -99,7 +99,7 @@ export declare class StreamLiveInput extends pulumi.CustomResource {
  */
 export interface StreamLiveInputState {
     /**
-     * Identifier
+     * Identifier.
      */
     accountId?: pulumi.Input<string>;
     /**
@@ -169,7 +169,7 @@ export interface StreamLiveInputState {
  */
 export interface StreamLiveInputArgs {
     /**
-     * Identifier
+     * Identifier.
      */
     accountId: pulumi.Input<string>;
     /**

package/teamsRule.d.ts

@@ -31,7 +31,7 @@ export declare class TeamsRule extends pulumi.CustomResource {
     readonly accountId: pulumi.Output<string>;
     /**
      * The action to preform when the associated traffic, identity, and device posture expressions are either absent or evaluate to `true`.
-     * Available values: "on", "off", "allow", "block", "scan", "noscan", "safesearch", "ytrestricted", "isolate", "noisolate", "override", "l4Override", "egress", "resolve", "quarantine".
+     * Available values: "on", "off", "allow", "block", "scan", "noscan", "safesearch", "ytrestricted", "isolate", "noisolate", "override", "l4Override", "egress", "resolve", "quarantine", "redirect".
      */
     readonly action: pulumi.Output<string>;
     readonly createdAt: pulumi.Output<string>;
@@ -107,7 +107,7 @@ export interface TeamsRuleState {
     accountId?: pulumi.Input<string>;
     /**
      * The action to preform when the associated traffic, identity, and device posture expressions are either absent or evaluate to `true`.
-     * Available values: "on", "off", "allow", "block", "scan", "noscan", "safesearch", "ytrestricted", "isolate", "noisolate", "override", "l4Override", "egress", "resolve", "quarantine".
+     * Available values: "on", "off", "allow", "block", "scan", "noscan", "safesearch", "ytrestricted", "isolate", "noisolate", "override", "l4Override", "egress", "resolve", "quarantine", "redirect".
      */
     action?: pulumi.Input<string>;
     createdAt?: pulumi.Input<string>;
@@ -174,7 +174,7 @@ export interface TeamsRuleArgs {
     accountId: pulumi.Input<string>;
     /**
      * The action to preform when the associated traffic, identity, and device posture expressions are either absent or evaluate to `true`.
-     * Available values: "on", "off", "allow", "block", "scan", "noscan", "safesearch", "ytrestricted", "isolate", "noisolate", "override", "l4Override", "egress", "resolve", "quarantine".
+     * Available values: "on", "off", "allow", "block", "scan", "noscan", "safesearch", "ytrestricted", "isolate", "noisolate", "override", "l4Override", "egress", "resolve", "quarantine", "redirect".
      */
     action: pulumi.Input<string>;
     /**

package/tunnel.d.ts

@@ -11,7 +11,7 @@ import * as outputs from "./types/output";
  * const exampleZeroTrustTunnelCloudflared = new cloudflare.ZeroTrustTunnelCloudflared("example_zero_trust_tunnel_cloudflared", {
  *     accountId: "699d98642c564d2e855e9661899b7252",
  *     name: "blog",
- *     configSrc: "local",
+ *     configSrc: "cloudflare",
  *     tunnelSecret: "AQIDBAUGBwgBAgMEBQYHCAECAwQFBgcIAQIDBAUGBwg=",
  * });
  * ```

package/tunnel.js

@@ -15,7 +15,7 @@ const utilities = require("./utilities");
  * const exampleZeroTrustTunnelCloudflared = new cloudflare.ZeroTrustTunnelCloudflared("example_zero_trust_tunnel_cloudflared", {
  *     accountId: "699d98642c564d2e855e9661899b7252",
  *     name: "blog",
- *     configSrc: "local",
+ *     configSrc: "cloudflare",
  *     tunnelSecret: "AQIDBAUGBwgBAgMEBQYHCAECAwQFBgcIAQIDBAUGBwg=",
  * });
  * ```

package/tunnelConfig.d.ts

@@ -29,7 +29,7 @@ export declare class TunnelConfig extends pulumi.CustomResource {
      */
     static isInstance(obj: any): obj is TunnelConfig;
     /**
-     * Identifier
+     * Identifier.
      */
     readonly accountId: pulumi.Output<string>;
     /**
@@ -65,7 +65,7 @@ export declare class TunnelConfig extends pulumi.CustomResource {
  */
 export interface TunnelConfigState {
     /**
-     * Identifier
+     * Identifier.
      */
     accountId?: pulumi.Input<string>;
     /**
@@ -92,7 +92,7 @@ export interface TunnelConfigState {
  */
 export interface TunnelConfigArgs {
     /**
-     * Identifier
+     * Identifier.
      */
     accountId: pulumi.Input<string>;
     /**

package/turnstileWidget.d.ts

@@ -13,10 +13,10 @@ import * as pulumi from "@pulumi/pulumi";
  *         "cloudflare.com",
  *         "blog.example.com",
  *     ],
- *     mode: "non-interactive",
+ *     mode: "invisible",
  *     name: "blog.cloudflare.com login form",
  *     botFightMode: false,
- *     clearanceLevel: "no_clearance",
+ *     clearanceLevel: "interactive",
  *     ephemeralId: false,
  *     offlabel: false,
  *     region: "world",

package/turnstileWidget.js

@@ -19,10 +19,10 @@ const utilities = require("./utilities");
  *         "cloudflare.com",
  *         "blog.example.com",
  *     ],
- *     mode: "non-interactive",
+ *     mode: "invisible",
  *     name: "blog.cloudflare.com login form",
  *     botFightMode: false,
- *     clearanceLevel: "no_clearance",
+ *     clearanceLevel: "interactive",
  *     ephemeralId: false,
  *     offlabel: false,
  *     region: "world",

package/types/input.d.ts

@@ -2528,6 +2528,8 @@ export interface AccountSettings {
     abuseContactEmail?: pulumi.Input<string>;
     /**
      * Specifies the default nameservers to be used for new zones added to this account.
+     *
+     * @deprecated This attribute is deprecated.
      */
     defaultNameservers?: pulumi.Input<string>;
     /**
@@ -2540,6 +2542,8 @@ export interface AccountSettings {
      * nameservers by default.
      *
      * Deprecated in favor of [DNS Settings](https://developers.cloudflare.com/api/operations/dns-settings-for-an-account-update-dns-settings).
+     *
+     * @deprecated This attribute is deprecated.
      */
     useAccountCustomNsByDefault?: pulumi.Input<boolean>;
 }
@@ -3449,6 +3453,8 @@ export interface DlpCustomProfileEntryPattern {
     regex: pulumi.Input<string>;
     /**
      * Available values: "luhn".
+     *
+     * @deprecated This attribute is deprecated.
      */
     validation?: pulumi.Input<string>;
 }
@@ -3501,6 +3507,8 @@ export interface DlpCustomProfileProfileEntryPattern {
     regex: pulumi.Input<string>;
     /**
      * Available values: "luhn".
+     *
+     * @deprecated This attribute is deprecated.
      */
     validation?: pulumi.Input<string>;
 }
@@ -6336,7 +6344,7 @@ export interface LogpushJobOutputOptions {
      */
     recordSuffix?: pulumi.Input<string>;
     /**
-     * String to use as template for each record instead of the default comma-separated list. All fields used in the template must be present in `fieldNames` as well, otherwise they will end up as null. Format as a Go `text/template` without any standard functions, like conditionals, loops, sub-templates, etc.
+     * String to use as template for each record instead of the default json key value mapping. All fields used in the template must be present in `fieldNames` as well, otherwise they will end up as null. Format as a Go `text/template` without any standard functions, like conditionals, loops, sub-templates, etc.
      */
     recordTemplate?: pulumi.Input<string>;
     /**
@@ -7297,7 +7305,7 @@ export interface ObservatoryScheduledTestTest {
      */
     desktopReport?: pulumi.Input<inputs.ObservatoryScheduledTestTestDesktopReport>;
     /**
-     * UUID
+     * UUID.
      */
     id?: pulumi.Input<string>;
     /**
@@ -8387,6 +8395,10 @@ export interface QueueSettings {
      * Number of seconds to delay delivery of all messages to consumers.
      */
     deliveryDelay?: pulumi.Input<number>;
+    /**
+     * Indicates if message delivery to consumers is currently paused.
+     */
+    deliveryPaused?: pulumi.Input<boolean>;
     /**
      * Number of seconds after which an unconsumed message will be delayed.
      */
@@ -9994,6 +10006,8 @@ export interface TeamsAccountSettings {
     certificate?: pulumi.Input<inputs.TeamsAccountSettingsCertificate>;
     /**
      * Custom certificate settings for BYO-PKI. (deprecated and replaced by `certificate`)
+     *
+     * @deprecated This attribute is deprecated.
      */
     customCertificate?: pulumi.Input<inputs.TeamsAccountSettingsCustomCertificate>;
     /**
@@ -10057,7 +10071,7 @@ export interface TeamsAccountSettingsAntivirusNotificationSettings {
 }
 export interface TeamsAccountSettingsBlockPage {
     /**
-     * Block page background color in #rrggbb format.
+     * If mode is customized*block*page: block page background color in #rrggbb format.
      */
     backgroundColor?: pulumi.Input<string>;
     /**
@@ -10065,33 +10079,46 @@ export interface TeamsAccountSettingsBlockPage {
      */
     enabled?: pulumi.Input<boolean>;
     /**
-     * Block page footer text.
+     * If mode is customized*block*page: block page footer text.
      */
     footerText?: pulumi.Input<string>;
     /**
-     * Block page header text.
+     * If mode is customized*block*page: block page header text.
      */
     headerText?: pulumi.Input<string>;
     /**
-     * Full URL to the logo file.
+     * If mode is redirect*uri: when enabled, context will be appended to target*uri as query parameters.
+     */
+    includeContext?: pulumi.Input<boolean>;
+    /**
+     * If mode is customized*block*page: full URL to the logo file.
      */
     logoPath?: pulumi.Input<string>;
     /**
-     * Admin email for users to contact.
+     * If mode is customized*block*page: admin email for users to contact.
      */
     mailtoAddress?: pulumi.Input<string>;
     /**
-     * Subject line for emails created from block page.
+     * If mode is customized*block*page: subject line for emails created from block page.
      */
     mailtoSubject?: pulumi.Input<string>;
     /**
-     * Block page title.
+     * Controls whether the user is redirected to a Cloudflare-hosted block page or to a customer-provided URI.
+     * Available values: "customized*block*page", "redirectUri".
+     */
+    mode?: pulumi.Input<string>;
+    /**
+     * If mode is customized*block*page: block page title.
      */
     name?: pulumi.Input<string>;
     /**
-     * Suppress detailed info at the bottom of the block page.
+     * If mode is customized*block*page: suppress detailed info at the bottom of the block page.
      */
     suppressFooter?: pulumi.Input<boolean>;
+    /**
+     * If mode is redirect_uri: URI to which the user should be redirected.
+     */
+    targetUri?: pulumi.Input<string>;
 }
 export interface TeamsAccountSettingsBodyScanning {
     /**
@@ -10344,6 +10371,10 @@ export interface TeamsRuleRuleSettings {
      * Settings that apply to quarantine rules
      */
     quarantine?: pulumi.Input<inputs.TeamsRuleRuleSettingsQuarantine>;
+    /**
+     * Settings that apply to redirect rules
+     */
+    redirect?: pulumi.Input<inputs.TeamsRuleRuleSettingsRedirect>;
     /**
      * Configure to forward the query to the internal DNS service, passing the specified 'view*id' as input. Cannot be set when 'dns*resolvers' are specified or 'resolve*dns*through*cloudflare' is set. Only valid when a rule's action is set to 'resolve'.
      */
@@ -10520,6 +10551,20 @@ export interface TeamsRuleRuleSettingsQuarantine {
      */
     fileTypes?: pulumi.Input<pulumi.Input<string>[]>;
 }
+export interface TeamsRuleRuleSettingsRedirect {
+    /**
+     * If true, context information will be passed as query parameters
+     */
+    includeContext?: pulumi.Input<boolean>;
+    /**
+     * If true, the path and query parameters from the original request will be appended to target_uri
+     */
+    preservePathAndQuery?: pulumi.Input<boolean>;
+    /**
+     * URI to which the user will be redirected
+     */
+    targetUri: pulumi.Input<string>;
+}
 export interface TeamsRuleRuleSettingsResolveDnsInternally {
     /**
      * The fallback behavior to apply when the internal DNS response code is different from 'NOERROR' or when the response data only contains CNAME records for 'A' or 'AAAA' queries.
@@ -10884,6 +10929,14 @@ export interface WorkerScriptAssets {
     jwt?: pulumi.Input<string>;
 }
 export interface WorkerScriptAssetsConfig {
+    /**
+     * The contents of a _headers file (used to attach custom headers on asset responses)
+     */
+    _headers?: pulumi.Input<string>;
+    /**
+     * The contents of a _redirects file (used to apply redirects or proxy paths ahead of asset serving)
+     */
+    _redirects?: pulumi.Input<string>;
     /**
      * Determines the redirects and rewrites of requests for HTML content.
      * Available values: "auto-trailing-slash", "force-trailing-slash", "drop-trailing-slash", "none".
@@ -10900,6 +10953,8 @@ export interface WorkerScriptAssetsConfig {
     runWorkerFirst?: pulumi.Input<boolean>;
     /**
      * When true and the incoming request matches an asset, that will be served instead of invoking the Worker script. When false, requests will always invoke the Worker script.
+     *
+     * @deprecated This attribute is deprecated.
      */
     serveDirectly?: pulumi.Input<boolean>;
 }
@@ -11141,11 +11196,21 @@ export interface WorkersDeploymentVersion {
 }
 export interface WorkersRouteError {
     code?: pulumi.Input<number>;
+    documentationUrl?: pulumi.Input<string>;
     message?: pulumi.Input<string>;
+    source?: pulumi.Input<inputs.WorkersRouteErrorSource>;
+}
+export interface WorkersRouteErrorSource {
+    pointer?: pulumi.Input<string>;
 }
 export interface WorkersRouteMessage {
     code?: pulumi.Input<number>;
+    documentationUrl?: pulumi.Input<string>;
     message?: pulumi.Input<string>;
+    source?: pulumi.Input<inputs.WorkersRouteMessageSource>;
+}
+export interface WorkersRouteMessageSource {
+    pointer?: pulumi.Input<string>;
 }
 export interface WorkersScriptAssets {
     /**
@@ -11158,6 +11223,14 @@ export interface WorkersScriptAssets {
     jwt?: pulumi.Input<string>;
 }
 export interface WorkersScriptAssetsConfig {
+    /**
+     * The contents of a _headers file (used to attach custom headers on asset responses)
+     */
+    _headers?: pulumi.Input<string>;
+    /**
+     * The contents of a _redirects file (used to apply redirects or proxy paths ahead of asset serving)
+     */
+    _redirects?: pulumi.Input<string>;
     /**
      * Determines the redirects and rewrites of requests for HTML content.
      * Available values: "auto-trailing-slash", "force-trailing-slash", "drop-trailing-slash", "none".
@@ -11174,6 +11247,8 @@ export interface WorkersScriptAssetsConfig {
     runWorkerFirst?: pulumi.Input<boolean>;
     /**
      * When true and the incoming request matches an asset, that will be served instead of invoking the Worker script. When false, requests will always invoke the Worker script.
+     *
+     * @deprecated This attribute is deprecated.
      */
     serveDirectly?: pulumi.Input<boolean>;
 }
@@ -13740,11 +13815,11 @@ export interface ZeroTrustDeviceCustomProfileExclude {
     /**
      * The address in CIDR format to exclude from the tunnel. If `address` is present, `host` must not be present.
      */
-    address: pulumi.Input<string>;
+    address?: pulumi.Input<string>;
     /**
      * A description of the Split Tunnel item, displayed in the client UI.
      */
-    description: pulumi.Input<string>;
+    description?: pulumi.Input<string>;
     /**
      * The domain name to exclude from the tunnel. If `host` is present, `address` must not be present.
      */
@@ -13766,15 +13841,15 @@ export interface ZeroTrustDeviceCustomProfileFallbackDomain {
 }
 export interface ZeroTrustDeviceCustomProfileInclude {
     /**
-     * The address in CIDR format to exclude from the tunnel. If `address` is present, `host` must not be present.
+     * The address in CIDR format to include in the tunnel. If `address` is present, `host` must not be present.
      */
-    address: pulumi.Input<string>;
+    address?: pulumi.Input<string>;
     /**
      * A description of the Split Tunnel item, displayed in the client UI.
      */
-    description: pulumi.Input<string>;
+    description?: pulumi.Input<string>;
     /**
-     * The domain name to exclude from the tunnel. If `host` is present, `address` must not be present.
+     * The domain name to include in the tunnel. If `host` is present, `address` must not be present.
      */
     host?: pulumi.Input<string>;
 }
@@ -13816,11 +13891,11 @@ export interface ZeroTrustDeviceDefaultProfileExclude {
     /**
      * The address in CIDR format to exclude from the tunnel. If `address` is present, `host` must not be present.
      */
-    address: pulumi.Input<string>;
+    address?: pulumi.Input<string>;
     /**
      * A description of the Split Tunnel item, displayed in the client UI.
      */
-    description: pulumi.Input<string>;
+    description?: pulumi.Input<string>;
     /**
      * The domain name to exclude from the tunnel. If `host` is present, `address` must not be present.
      */
@@ -13842,15 +13917,15 @@ export interface ZeroTrustDeviceDefaultProfileFallbackDomain {
 }
 export interface ZeroTrustDeviceDefaultProfileInclude {
     /**
-     * The address in CIDR format to exclude from the tunnel. If `address` is present, `host` must not be present.
+     * The address in CIDR format to include in the tunnel. If `address` is present, `host` must not be present.
      */
-    address: pulumi.Input<string>;
+    address?: pulumi.Input<string>;
     /**
      * A description of the Split Tunnel item, displayed in the client UI.
      */
-    description: pulumi.Input<string>;
+    description?: pulumi.Input<string>;
     /**
-     * The domain name to exclude from the tunnel. If `host` is present, `address` must not be present.
+     * The domain name to include in the tunnel. If `host` is present, `address` must not be present.
      */
     host?: pulumi.Input<string>;
 }
@@ -14161,6 +14236,8 @@ export interface ZeroTrustDlpCustomProfileEntryPattern {
     regex: pulumi.Input<string>;
     /**
      * Available values: "luhn".
+     *
+     * @deprecated This attribute is deprecated.
      */
     validation?: pulumi.Input<string>;
 }
@@ -14213,6 +14290,8 @@ export interface ZeroTrustDlpCustomProfileProfileEntryPattern {
     regex: pulumi.Input<string>;
     /**
      * Available values: "luhn".
+     *
+     * @deprecated This attribute is deprecated.
      */
     validation?: pulumi.Input<string>;
 }
@@ -14302,6 +14381,8 @@ export interface ZeroTrustDlpEntryPattern {
     regex: pulumi.Input<string>;
     /**
      * Available values: "luhn".
+     *
+     * @deprecated This attribute is deprecated.
      */
     validation?: pulumi.Input<string>;
 }
@@ -14396,18 +14477,39 @@ export interface ZeroTrustDnsLocationNetwork {
     network: pulumi.Input<string>;
 }
 export interface ZeroTrustGatewayLoggingSettingsByRuleType {
+    dns?: pulumi.Input<inputs.ZeroTrustGatewayLoggingSettingsByRuleTypeDns>;
+    http?: pulumi.Input<inputs.ZeroTrustGatewayLoggingSettingsByRuleTypeHttp>;
+    l4?: pulumi.Input<inputs.ZeroTrustGatewayLoggingSettingsByRuleTypeL4>;
+}
+export interface ZeroTrustGatewayLoggingSettingsByRuleTypeDns {
+    /**
+     * Log all requests to this service.
+     */
+    logAll?: pulumi.Input<boolean>;
+    /**
+     * Log only blocking requests to this service.
+     */
+    logBlocks?: pulumi.Input<boolean>;
+}
+export interface ZeroTrustGatewayLoggingSettingsByRuleTypeHttp {
     /**
-     * Logging settings for DNS firewall.
+     * Log all requests to this service.
      */
-    dns?: pulumi.Input<string>;
+    logAll?: pulumi.Input<boolean>;
     /**
-     * Logging settings for HTTP/HTTPS firewall.
+     * Log only blocking requests to this service.
      */
-    http?: pulumi.Input<string>;
+    logBlocks?: pulumi.Input<boolean>;
+}
+export interface ZeroTrustGatewayLoggingSettingsByRuleTypeL4 {
+    /**
+     * Log all requests to this service.
+     */
+    logAll?: pulumi.Input<boolean>;
     /**
-     * Logging settings for Network firewall.
+     * Log only blocking requests to this service.
      */
-    l4?: pulumi.Input<string>;
+    logBlocks?: pulumi.Input<boolean>;
 }
 export interface ZeroTrustGatewayPolicyExpiration {
     /**
@@ -14507,6 +14609,10 @@ export interface ZeroTrustGatewayPolicyRuleSettings {
      * Settings that apply to quarantine rules
      */
     quarantine?: pulumi.Input<inputs.ZeroTrustGatewayPolicyRuleSettingsQuarantine>;
+    /**
+     * Settings that apply to redirect rules
+     */
+    redirect?: pulumi.Input<inputs.ZeroTrustGatewayPolicyRuleSettingsRedirect>;
     /**
      * Configure to forward the query to the internal DNS service, passing the specified 'view*id' as input. Cannot be set when 'dns*resolvers' are specified or 'resolve*dns*through*cloudflare' is set. Only valid when a rule's action is set to 'resolve'.
      */
@@ -14683,6 +14789,20 @@ export interface ZeroTrustGatewayPolicyRuleSettingsQuarantine {
      */
     fileTypes?: pulumi.Input<pulumi.Input<string>[]>;
 }
+export interface ZeroTrustGatewayPolicyRuleSettingsRedirect {
+    /**
+     * If true, context information will be passed as query parameters
+     */
+    includeContext?: pulumi.Input<boolean>;
+    /**
+     * If true, the path and query parameters from the original request will be appended to target_uri
+     */
+    preservePathAndQuery?: pulumi.Input<boolean>;
+    /**
+     * URI to which the user will be redirected
+     */
+    targetUri: pulumi.Input<string>;
+}
 export interface ZeroTrustGatewayPolicyRuleSettingsResolveDnsInternally {
     /**
      * The fallback behavior to apply when the internal DNS response code is different from 'NOERROR' or when the response data only contains CNAME records for 'A' or 'AAAA' queries.
@@ -14762,6 +14882,8 @@ export interface ZeroTrustGatewaySettingsSettings {
     certificate?: pulumi.Input<inputs.ZeroTrustGatewaySettingsSettingsCertificate>;
     /**
      * Custom certificate settings for BYO-PKI. (deprecated and replaced by `certificate`)
+     *
+     * @deprecated This attribute is deprecated.
      */
     customCertificate?: pulumi.Input<inputs.ZeroTrustGatewaySettingsSettingsCustomCertificate>;
     /**
@@ -14825,7 +14947,7 @@ export interface ZeroTrustGatewaySettingsSettingsAntivirusNotificationSettings {
 }
 export interface ZeroTrustGatewaySettingsSettingsBlockPage {
     /**
-     * Block page background color in #rrggbb format.
+     * If mode is customized*block*page: block page background color in #rrggbb format.
      */
     backgroundColor?: pulumi.Input<string>;
     /**
@@ -14833,33 +14955,46 @@ export interface ZeroTrustGatewaySettingsSettingsBlockPage {
      */
     enabled?: pulumi.Input<boolean>;
     /**
-     * Block page footer text.
+     * If mode is customized*block*page: block page footer text.
      */
     footerText?: pulumi.Input<string>;
     /**
-     * Block page header text.
+     * If mode is customized*block*page: block page header text.
      */
     headerText?: pulumi.Input<string>;
     /**
-     * Full URL to the logo file.
+     * If mode is redirect*uri: when enabled, context will be appended to target*uri as query parameters.
+     */
+    includeContext?: pulumi.Input<boolean>;
+    /**
+     * If mode is customized*block*page: full URL to the logo file.
      */
     logoPath?: pulumi.Input<string>;
     /**
-     * Admin email for users to contact.
+     * If mode is customized*block*page: admin email for users to contact.
      */
     mailtoAddress?: pulumi.Input<string>;
     /**
-     * Subject line for emails created from block page.
+     * If mode is customized*block*page: subject line for emails created from block page.
      */
     mailtoSubject?: pulumi.Input<string>;
     /**
-     * Block page title.
+     * Controls whether the user is redirected to a Cloudflare-hosted block page or to a customer-provided URI.
+     * Available values: "customized*block*page", "redirectUri".
+     */
+    mode?: pulumi.Input<string>;
+    /**
+     * If mode is customized*block*page: block page title.
      */
     name?: pulumi.Input<string>;
     /**
-     * Suppress detailed info at the bottom of the block page.
+     * If mode is customized*block*page: suppress detailed info at the bottom of the block page.
      */
     suppressFooter?: pulumi.Input<boolean>;
+    /**
+     * If mode is redirect_uri: URI to which the user should be redirected.
+     */
+    targetUri?: pulumi.Input<string>;
 }
 export interface ZeroTrustGatewaySettingsSettingsBodyScanning {
     /**