@sst-provider/cloudflare5 5.16.0 → 5.18.0

package/bin/types/input.d.ts

@@ -262,6 +262,99 @@ export interface AddressMapMembership {
      */
     kind?: pulumi.Input<string>;
 }
+export interface AiSearchInstanceCustomMetadata {
+    /**
+     * Available values: "text", "number", "boolean".
+     */
+    dataType: pulumi.Input<string>;
+    fieldName: pulumi.Input<string>;
+}
+export interface AiSearchInstanceMetadata {
+    createdFromAisearchWizard?: pulumi.Input<boolean>;
+    workerDomain?: pulumi.Input<string>;
+}
+export interface AiSearchInstancePublicEndpointParams {
+    authorizedHosts?: pulumi.Input<pulumi.Input<string>[]>;
+    chatCompletionsEndpoint?: pulumi.Input<inputs.AiSearchInstancePublicEndpointParamsChatCompletionsEndpoint>;
+    enabled?: pulumi.Input<boolean>;
+    mcp?: pulumi.Input<inputs.AiSearchInstancePublicEndpointParamsMcp>;
+    rateLimit?: pulumi.Input<inputs.AiSearchInstancePublicEndpointParamsRateLimit>;
+    searchEndpoint?: pulumi.Input<inputs.AiSearchInstancePublicEndpointParamsSearchEndpoint>;
+}
+export interface AiSearchInstancePublicEndpointParamsChatCompletionsEndpoint {
+    /**
+     * Disable chat completions endpoint for this public endpoint
+     */
+    disabled?: pulumi.Input<boolean>;
+}
+export interface AiSearchInstancePublicEndpointParamsMcp {
+    description?: pulumi.Input<string>;
+    /**
+     * Disable MCP endpoint for this public endpoint
+     */
+    disabled?: pulumi.Input<boolean>;
+}
+export interface AiSearchInstancePublicEndpointParamsRateLimit {
+    periodMs?: pulumi.Input<number>;
+    requests?: pulumi.Input<number>;
+    /**
+     * Available values: "fixed", "sliding".
+     */
+    technique?: pulumi.Input<string>;
+}
+export interface AiSearchInstancePublicEndpointParamsSearchEndpoint {
+    /**
+     * Disable search endpoint for this public endpoint
+     */
+    disabled?: pulumi.Input<boolean>;
+}
+export interface AiSearchInstanceRetrievalOptions {
+    /**
+     * Controls how keyword search terms are matched.<span pulumi-lang-nodejs=" exactMatch " pulumi-lang-dotnet=" ExactMatch " pulumi-lang-go=" exactMatch " pulumi-lang-python=" exact_match " pulumi-lang-yaml=" exactMatch " pulumi-lang-java=" exactMatch "> exact_match </span>requires all terms to appear (AND);<span pulumi-lang-nodejs=" fuzzyMatch " pulumi-lang-dotnet=" FuzzyMatch " pulumi-lang-go=" fuzzyMatch " pulumi-lang-python=" fuzzy_match " pulumi-lang-yaml=" fuzzyMatch " pulumi-lang-java=" fuzzyMatch "> fuzzy_match </span>returns results containing any term (OR). Defaults to exact_match.
+     * Available values: <span pulumi-lang-nodejs=""exactMatch"" pulumi-lang-dotnet=""ExactMatch"" pulumi-lang-go=""exactMatch"" pulumi-lang-python=""exact_match"" pulumi-lang-yaml=""exactMatch"" pulumi-lang-java=""exactMatch"">"exact_match"</span>, <span pulumi-lang-nodejs=""fuzzyMatch"" pulumi-lang-dotnet=""FuzzyMatch"" pulumi-lang-go=""fuzzyMatch"" pulumi-lang-python=""fuzzy_match"" pulumi-lang-yaml=""fuzzyMatch"" pulumi-lang-java=""fuzzyMatch"">"fuzzy_match"</span>.
+     */
+    keywordMatchMode?: pulumi.Input<string>;
+}
+export interface AiSearchInstanceSourceParams {
+    /**
+     * List of path patterns to exclude. Uses micromatch glob syntax: * matches within a path segment, ** matches across path segments (e.g., /admin/** matches /admin/users and /admin/settings/advanced)
+     */
+    excludeItems?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * List of path patterns to include. Uses micromatch glob syntax: * matches within a path segment, ** matches across path segments (e.g., /blog/** matches /blog/post and /blog/2024/post)
+     */
+    includeItems?: pulumi.Input<pulumi.Input<string>[]>;
+    prefix?: pulumi.Input<string>;
+    r2Jurisdiction?: pulumi.Input<string>;
+    webCrawler?: pulumi.Input<inputs.AiSearchInstanceSourceParamsWebCrawler>;
+}
+export interface AiSearchInstanceSourceParamsWebCrawler {
+    parseOptions?: pulumi.Input<inputs.AiSearchInstanceSourceParamsWebCrawlerParseOptions>;
+    /**
+     * Available values: "sitemap", "feed-rss".
+     */
+    parseType?: pulumi.Input<string>;
+    storeOptions?: pulumi.Input<inputs.AiSearchInstanceSourceParamsWebCrawlerStoreOptions>;
+}
+export interface AiSearchInstanceSourceParamsWebCrawlerParseOptions {
+    includeHeaders?: pulumi.Input<{
+        [key: string]: pulumi.Input<string>;
+    }>;
+    includeImages?: pulumi.Input<boolean>;
+    /**
+     * List of specific sitemap URLs to use for crawling. Only valid when<span pulumi-lang-nodejs=" parseType " pulumi-lang-dotnet=" ParseType " pulumi-lang-go=" parseType " pulumi-lang-python=" parse_type " pulumi-lang-yaml=" parseType " pulumi-lang-java=" parseType "> parse_type </span>is 'sitemap'.
+     */
+    specificSitemaps?: pulumi.Input<pulumi.Input<string>[]>;
+    useBrowserRendering?: pulumi.Input<boolean>;
+}
+export interface AiSearchInstanceSourceParamsWebCrawlerStoreOptions {
+    r2Jurisdiction?: pulumi.Input<string>;
+    storageId: pulumi.Input<string>;
+    /**
+     * Available values: "r2".
+     */
+    storageType?: pulumi.Input<string>;
+}
 export interface ApiShieldAuthIdCharacteristic {
     /**
      * The name of the characteristic field, i.e., the header or cookie name. When using type "jwt", this must be a claim location expressed as `$(token_config_id):$(json_path)`, where <span pulumi-lang-nodejs="`tokenConfigId`" pulumi-lang-dotnet="`TokenConfigId`" pulumi-lang-go="`tokenConfigId`" pulumi-lang-python="`token_config_id`" pulumi-lang-yaml="`tokenConfigId`" pulumi-lang-java="`tokenConfigId`">`token_config_id`</span> is the ID of the token configuration used in validating the JWT, and <span pulumi-lang-nodejs="`jsonPath`" pulumi-lang-dotnet="`JsonPath`" pulumi-lang-go="`jsonPath`" pulumi-lang-python="`json_path`" pulumi-lang-yaml="`jsonPath`" pulumi-lang-java="`jsonPath`">`json_path`</span> is a RFC 9535 JSONPath expression.
@@ -608,6 +701,40 @@ export interface CertificatePackCertificateGeoRestrictions {
      */
     label?: pulumi.Input<string>;
 }
+export interface CertificatePackDcvDelegationRecord {
+    /**
+     * The CNAME record hostname for DCV delegation.
+     */
+    cname?: pulumi.Input<string>;
+    /**
+     * The CNAME record target value for DCV delegation.
+     */
+    cnameTarget?: pulumi.Input<string>;
+    /**
+     * The set of email addresses that the certificate authority (CA) will use to complete domain validation.
+     */
+    emails?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * The content that the certificate authority (CA) will expect to find at the<span pulumi-lang-nodejs=" httpUrl " pulumi-lang-dotnet=" HttpUrl " pulumi-lang-go=" httpUrl " pulumi-lang-python=" http_url " pulumi-lang-yaml=" httpUrl " pulumi-lang-java=" httpUrl "> http_url </span>during the domain validation.
+     */
+    httpBody?: pulumi.Input<string>;
+    /**
+     * The url that will be checked during domain validation.
+     */
+    httpUrl?: pulumi.Input<string>;
+    /**
+     * Status of the validation record.
+     */
+    status?: pulumi.Input<string>;
+    /**
+     * The hostname that the certificate authority (CA) will check for a TXT record during domain validation .
+     */
+    txtName?: pulumi.Input<string>;
+    /**
+     * The TXT record that the certificate authority (CA) will check during domain validation.
+     */
+    txtValue?: pulumi.Input<string>;
+}
 export interface CertificatePackValidationError {
     /**
      * A domain validation error.
@@ -615,6 +742,14 @@ export interface CertificatePackValidationError {
     message?: pulumi.Input<string>;
 }
 export interface CertificatePackValidationRecord {
+    /**
+     * The CNAME record hostname for DCV delegation.
+     */
+    cname?: pulumi.Input<string>;
+    /**
+     * The CNAME record target value for DCV delegation.
+     */
+    cnameTarget?: pulumi.Input<string>;
     /**
      * The set of email addresses that the certificate authority (CA) will use to complete domain validation.
      */
@@ -627,6 +762,10 @@ export interface CertificatePackValidationRecord {
      * The url that will be checked during domain validation.
      */
     httpUrl?: pulumi.Input<string>;
+    /**
+     * Status of the validation record.
+     */
+    status?: pulumi.Input<string>;
     /**
      * The hostname that the certificate authority (CA) will check for a TXT record during domain validation .
      */
@@ -636,6 +775,10 @@ export interface CertificatePackValidationRecord {
      */
     txtValue?: pulumi.Input<string>;
 }
+export interface ClientCertificateCertificateAuthority {
+    id?: pulumi.Input<string>;
+    name?: pulumi.Input<string>;
+}
 export interface CloudConnectorRulesRule {
     description?: pulumi.Input<string>;
     enabled?: pulumi.Input<boolean>;
@@ -1560,6 +1703,18 @@ export interface GetAccountTokenFilterArgs {
      */
     direction?: pulumi.Input<string>;
 }
+export interface GetAiSearchInstanceFilter {
+    /**
+     * Search by id
+     */
+    search?: string;
+}
+export interface GetAiSearchInstanceFilterArgs {
+    /**
+     * Search by id
+     */
+    search?: pulumi.Input<string>;
+}
 export interface GetApiShieldOperationFilter {
     /**
      * Direction to order results.
@@ -1631,6 +1786,11 @@ export interface GetApiTokenFilterArgs {
     direction?: pulumi.Input<string>;
 }
 export interface GetCertificatePackFilter {
+    /**
+     * Specify the deployment environment for the certificate packs.
+     * Available values: "staging", "production".
+     */
+    deploy?: string;
     /**
      * Include Certificate Packs of all statuses, not just active ones.
      * Available values: "all".
@@ -1638,12 +1798,47 @@ export interface GetCertificatePackFilter {
     status?: string;
 }
 export interface GetCertificatePackFilterArgs {
+    /**
+     * Specify the deployment environment for the certificate packs.
+     * Available values: "staging", "production".
+     */
+    deploy?: pulumi.Input<string>;
     /**
      * Include Certificate Packs of all statuses, not just active ones.
      * Available values: "all".
      */
     status?: pulumi.Input<string>;
 }
+export interface GetClientCertificateFilter {
+    /**
+     * Limit to the number of records returned.
+     */
+    limit?: number;
+    /**
+     * Offset the results
+     */
+    offset?: number;
+    /**
+     * Client Certitifcate Status to filter results by.
+     * Available values: "all", "active", <span pulumi-lang-nodejs=""pendingReactivation"" pulumi-lang-dotnet=""PendingReactivation"" pulumi-lang-go=""pendingReactivation"" pulumi-lang-python=""pending_reactivation"" pulumi-lang-yaml=""pendingReactivation"" pulumi-lang-java=""pendingReactivation"">"pending_reactivation"</span>, <span pulumi-lang-nodejs=""pendingRevocation"" pulumi-lang-dotnet=""PendingRevocation"" pulumi-lang-go=""pendingRevocation"" pulumi-lang-python=""pending_revocation"" pulumi-lang-yaml=""pendingRevocation"" pulumi-lang-java=""pendingRevocation"">"pending_revocation"</span>, "revoked".
+     */
+    status?: string;
+}
+export interface GetClientCertificateFilterArgs {
+    /**
+     * Limit to the number of records returned.
+     */
+    limit?: pulumi.Input<number>;
+    /**
+     * Offset the results
+     */
+    offset?: pulumi.Input<number>;
+    /**
+     * Client Certitifcate Status to filter results by.
+     * Available values: "all", "active", <span pulumi-lang-nodejs=""pendingReactivation"" pulumi-lang-dotnet=""PendingReactivation"" pulumi-lang-go=""pendingReactivation"" pulumi-lang-python=""pending_reactivation"" pulumi-lang-yaml=""pendingReactivation"" pulumi-lang-java=""pendingReactivation"">"pending_reactivation"</span>, <span pulumi-lang-nodejs=""pendingRevocation"" pulumi-lang-dotnet=""PendingRevocation"" pulumi-lang-go=""pendingRevocation"" pulumi-lang-python=""pending_revocation"" pulumi-lang-yaml=""pendingRevocation"" pulumi-lang-java=""pendingRevocation"">"pending_revocation"</span>, "revoked".
+     */
+    status?: pulumi.Input<string>;
+}
 export interface GetCloudforceOneRequestFilter {
     /**
      * Retrieve requests completed after this time.
@@ -1794,6 +1989,26 @@ export interface GetCustomHostnameFilterArgs {
      */
     ssl?: pulumi.Input<number>;
 }
+export interface GetCustomOriginTrustStoreFilter {
+    /**
+     * Limit to the number of records returned.
+     */
+    limit?: number;
+    /**
+     * Offset the results
+     */
+    offset?: number;
+}
+export interface GetCustomOriginTrustStoreFilterArgs {
+    /**
+     * Limit to the number of records returned.
+     */
+    limit?: pulumi.Input<number>;
+    /**
+     * Offset the results
+     */
+    offset?: pulumi.Input<number>;
+}
 export interface GetCustomSslFilter {
     /**
      * Whether to match all search requirements or at least one (any).
@@ -2864,6 +3079,18 @@ export interface GetTurnstileWidgetFilter {
      * Available values: "asc", "desc".
      */
     direction?: string;
+    /**
+     * Filter widgets by field using case-insensitive substring matching.
+     * Format: `field:value`
+     *
+     * Supported fields:
+     * - <span pulumi-lang-nodejs="`name`" pulumi-lang-dotnet="`Name`" pulumi-lang-go="`name`" pulumi-lang-python="`name`" pulumi-lang-yaml="`name`" pulumi-lang-java="`name`">`name`</span> - Filter by widget name (e.g., `filter=name:login-form`)
+     * - <span pulumi-lang-nodejs="`sitekey`" pulumi-lang-dotnet="`Sitekey`" pulumi-lang-go="`sitekey`" pulumi-lang-python="`sitekey`" pulumi-lang-yaml="`sitekey`" pulumi-lang-java="`sitekey`">`sitekey`</span> - Filter by sitekey (e.g., `filter=sitekey:0x4AAA`)
+     *
+     * Returns 400 Bad Request if the field is unsupported or format is invalid.
+     * An empty filter value returns all results.
+     */
+    filter?: string;
     /**
      * Field to order widgets by.
      * Available values: "id", "sitekey", "name", <span pulumi-lang-nodejs=""createdOn"" pulumi-lang-dotnet=""CreatedOn"" pulumi-lang-go=""createdOn"" pulumi-lang-python=""created_on"" pulumi-lang-yaml=""createdOn"" pulumi-lang-java=""createdOn"">"created_on"</span>, <span pulumi-lang-nodejs=""modifiedOn"" pulumi-lang-dotnet=""ModifiedOn"" pulumi-lang-go=""modifiedOn"" pulumi-lang-python=""modified_on"" pulumi-lang-yaml=""modifiedOn"" pulumi-lang-java=""modifiedOn"">"modified_on"</span>.
@@ -2876,6 +3103,18 @@ export interface GetTurnstileWidgetFilterArgs {
      * Available values: "asc", "desc".
      */
     direction?: pulumi.Input<string>;
+    /**
+     * Filter widgets by field using case-insensitive substring matching.
+     * Format: `field:value`
+     *
+     * Supported fields:
+     * - <span pulumi-lang-nodejs="`name`" pulumi-lang-dotnet="`Name`" pulumi-lang-go="`name`" pulumi-lang-python="`name`" pulumi-lang-yaml="`name`" pulumi-lang-java="`name`">`name`</span> - Filter by widget name (e.g., `filter=name:login-form`)
+     * - <span pulumi-lang-nodejs="`sitekey`" pulumi-lang-dotnet="`Sitekey`" pulumi-lang-go="`sitekey`" pulumi-lang-python="`sitekey`" pulumi-lang-yaml="`sitekey`" pulumi-lang-java="`sitekey`">`sitekey`</span> - Filter by sitekey (e.g., `filter=sitekey:0x4AAA`)
+     *
+     * Returns 400 Bad Request if the field is unsupported or format is invalid.
+     * An empty filter value returns all results.
+     */
+    filter?: pulumi.Input<string>;
     /**
      * Field to order widgets by.
      * Available values: "id", "sitekey", "name", <span pulumi-lang-nodejs=""createdOn"" pulumi-lang-dotnet=""CreatedOn"" pulumi-lang-go=""createdOn"" pulumi-lang-python=""created_on"" pulumi-lang-yaml=""createdOn"" pulumi-lang-java=""createdOn"">"created_on"</span>, <span pulumi-lang-nodejs=""modifiedOn"" pulumi-lang-dotnet=""ModifiedOn"" pulumi-lang-go=""modifiedOn"" pulumi-lang-python=""modified_on"" pulumi-lang-yaml=""modifiedOn"" pulumi-lang-java=""modifiedOn"">"modified_on"</span>.
@@ -3304,13 +3543,35 @@ export interface GetZeroTrustAccessServiceTokenFilterArgs {
      */
     search?: pulumi.Input<string>;
 }
+export interface GetZeroTrustDexTestFilter {
+    /**
+     * Filter by test type
+     * Available values: "http", "traceroute".
+     */
+    kind?: string;
+    /**
+     * Filter by test name
+     */
+    testName?: string;
+}
+export interface GetZeroTrustDexTestFilterArgs {
+    /**
+     * Filter by test type
+     * Available values: "http", "traceroute".
+     */
+    kind?: pulumi.Input<string>;
+    /**
+     * Filter by test name
+     */
+    testName?: pulumi.Input<string>;
+}
 export interface GetZeroTrustDexTestTargetPolicy {
     /**
      * Whether the DEX rule is the account default
      */
     default?: boolean;
     /**
-     * The id of the DEX rule
+     * API Resource UUID tag.
      */
     id?: string;
     /**
@@ -3324,7 +3585,7 @@ export interface GetZeroTrustDexTestTargetPolicyArgs {
      */
     default?: pulumi.Input<boolean>;
     /**
-     * The id of the DEX rule
+     * API Resource UUID tag.
      */
     id?: pulumi.Input<string>;
     /**
@@ -6321,13 +6582,10 @@ export interface QueueConsumer {
     consumerId?: pulumi.Input<string>;
     createdOn?: pulumi.Input<string>;
     /**
-     * A Resource identifier.
+     * Name of the dead letter queue, or empty string if not configured
      */
-    queueId?: pulumi.Input<string>;
-    /**
-     * Name of a Worker
-     */
-    script?: pulumi.Input<string>;
+    deadLetterQueue?: pulumi.Input<string>;
+    queueName?: pulumi.Input<string>;
     /**
      * Name of a Worker
      */
@@ -6690,7 +6948,7 @@ export interface RateLimitMatchResponse {
 export interface RulesetRule {
     /**
      * The action to perform when the rule matches.
-     * Available values: "block", "challenge", <span pulumi-lang-nodejs=""compressResponse"" pulumi-lang-dotnet=""CompressResponse"" pulumi-lang-go=""compressResponse"" pulumi-lang-python=""compress_response"" pulumi-lang-yaml=""compressResponse"" pulumi-lang-java=""compressResponse"">"compress_response"</span>, <span pulumi-lang-nodejs=""ddosDynamic"" pulumi-lang-dotnet=""DdosDynamic"" pulumi-lang-go=""ddosDynamic"" pulumi-lang-python=""ddos_dynamic"" pulumi-lang-yaml=""ddosDynamic"" pulumi-lang-java=""ddosDynamic"">"ddos_dynamic"</span>, "execute", <span pulumi-lang-nodejs=""forceConnectionClose"" pulumi-lang-dotnet=""ForceConnectionClose"" pulumi-lang-go=""forceConnectionClose"" pulumi-lang-python=""force_connection_close"" pulumi-lang-yaml=""forceConnectionClose"" pulumi-lang-java=""forceConnectionClose"">"force_connection_close"</span>, <span pulumi-lang-nodejs=""jsChallenge"" pulumi-lang-dotnet=""JsChallenge"" pulumi-lang-go=""jsChallenge"" pulumi-lang-python=""js_challenge"" pulumi-lang-yaml=""jsChallenge"" pulumi-lang-java=""jsChallenge"">"js_challenge"</span>, "log", <span pulumi-lang-nodejs=""logCustomField"" pulumi-lang-dotnet=""LogCustomField"" pulumi-lang-go=""logCustomField"" pulumi-lang-python=""log_custom_field"" pulumi-lang-yaml=""logCustomField"" pulumi-lang-java=""logCustomField"">"log_custom_field"</span>, <span pulumi-lang-nodejs=""managedChallenge"" pulumi-lang-dotnet=""ManagedChallenge"" pulumi-lang-go=""managedChallenge"" pulumi-lang-python=""managed_challenge"" pulumi-lang-yaml=""managedChallenge"" pulumi-lang-java=""managedChallenge"">"managed_challenge"</span>, "redirect", "rewrite", "route", "score", <span pulumi-lang-nodejs=""serveError"" pulumi-lang-dotnet=""ServeError"" pulumi-lang-go=""serveError"" pulumi-lang-python=""serve_error"" pulumi-lang-yaml=""serveError"" pulumi-lang-java=""serveError"">"serve_error"</span>, <span pulumi-lang-nodejs=""setCacheSettings"" pulumi-lang-dotnet=""SetCacheSettings"" pulumi-lang-go=""setCacheSettings"" pulumi-lang-python=""set_cache_settings"" pulumi-lang-yaml=""setCacheSettings"" pulumi-lang-java=""setCacheSettings"">"set_cache_settings"</span>, <span pulumi-lang-nodejs=""setConfig"" pulumi-lang-dotnet=""SetConfig"" pulumi-lang-go=""setConfig"" pulumi-lang-python=""set_config"" pulumi-lang-yaml=""setConfig"" pulumi-lang-java=""setConfig"">"set_config"</span>, "skip".
+     * Available values: "block", "challenge", <span pulumi-lang-nodejs=""compressResponse"" pulumi-lang-dotnet=""CompressResponse"" pulumi-lang-go=""compressResponse"" pulumi-lang-python=""compress_response"" pulumi-lang-yaml=""compressResponse"" pulumi-lang-java=""compressResponse"">"compress_response"</span>, <span pulumi-lang-nodejs=""ddosDynamic"" pulumi-lang-dotnet=""DdosDynamic"" pulumi-lang-go=""ddosDynamic"" pulumi-lang-python=""ddos_dynamic"" pulumi-lang-yaml=""ddosDynamic"" pulumi-lang-java=""ddosDynamic"">"ddos_dynamic"</span>, "execute", <span pulumi-lang-nodejs=""forceConnectionClose"" pulumi-lang-dotnet=""ForceConnectionClose"" pulumi-lang-go=""forceConnectionClose"" pulumi-lang-python=""force_connection_close"" pulumi-lang-yaml=""forceConnectionClose"" pulumi-lang-java=""forceConnectionClose"">"force_connection_close"</span>, <span pulumi-lang-nodejs=""jsChallenge"" pulumi-lang-dotnet=""JsChallenge"" pulumi-lang-go=""jsChallenge"" pulumi-lang-python=""js_challenge"" pulumi-lang-yaml=""jsChallenge"" pulumi-lang-java=""jsChallenge"">"js_challenge"</span>, "log", <span pulumi-lang-nodejs=""logCustomField"" pulumi-lang-dotnet=""LogCustomField"" pulumi-lang-go=""logCustomField"" pulumi-lang-python=""log_custom_field"" pulumi-lang-yaml=""logCustomField"" pulumi-lang-java=""logCustomField"">"log_custom_field"</span>, <span pulumi-lang-nodejs=""managedChallenge"" pulumi-lang-dotnet=""ManagedChallenge"" pulumi-lang-go=""managedChallenge"" pulumi-lang-python=""managed_challenge"" pulumi-lang-yaml=""managedChallenge"" pulumi-lang-java=""managedChallenge"">"managed_challenge"</span>, "redirect", "rewrite", "route", "score", <span pulumi-lang-nodejs=""serveError"" pulumi-lang-dotnet=""ServeError"" pulumi-lang-go=""serveError"" pulumi-lang-python=""serve_error"" pulumi-lang-yaml=""serveError"" pulumi-lang-java=""serveError"">"serve_error"</span>, <span pulumi-lang-nodejs=""setCacheControl"" pulumi-lang-dotnet=""SetCacheControl"" pulumi-lang-go=""setCacheControl"" pulumi-lang-python=""set_cache_control"" pulumi-lang-yaml=""setCacheControl"" pulumi-lang-java=""setCacheControl"">"set_cache_control"</span>, <span pulumi-lang-nodejs=""setCacheSettings"" pulumi-lang-dotnet=""SetCacheSettings"" pulumi-lang-go=""setCacheSettings"" pulumi-lang-python=""set_cache_settings"" pulumi-lang-yaml=""setCacheSettings"" pulumi-lang-java=""setCacheSettings"">"set_cache_settings"</span>, <span pulumi-lang-nodejs=""setCacheTags"" pulumi-lang-dotnet=""SetCacheTags"" pulumi-lang-go=""setCacheTags"" pulumi-lang-python=""set_cache_tags"" pulumi-lang-yaml=""setCacheTags"" pulumi-lang-java=""setCacheTags"">"set_cache_tags"</span>, <span pulumi-lang-nodejs=""setConfig"" pulumi-lang-dotnet=""SetConfig"" pulumi-lang-go=""setConfig"" pulumi-lang-python=""set_config"" pulumi-lang-yaml=""setConfig"" pulumi-lang-java=""setConfig"">"set_config"</span>, "skip".
      */
     action: pulumi.Input<string>;
     /**
@@ -6804,6 +7062,10 @@ export interface RulesetRuleActionParameters {
      * Whether to enable Email Obfuscation.
      */
     emailObfuscation?: pulumi.Input<boolean>;
+    /**
+     * An expression to generate cache tags for<span pulumi-lang-nodejs=" setCacheTags " pulumi-lang-dotnet=" SetCacheTags " pulumi-lang-go=" setCacheTags " pulumi-lang-python=" set_cache_tags " pulumi-lang-yaml=" setCacheTags " pulumi-lang-java=" setCacheTags "> set_cache_tags </span>action.
+     */
+    expression?: pulumi.Input<string>;
     /**
      * Whether to enable Cloudflare Fonts.
      */
@@ -6834,6 +7096,10 @@ export interface RulesetRuleActionParameters {
      * The ID of the ruleset to execute.
      */
     id?: pulumi.Input<string>;
+    /**
+     * Set the immutable cache control directive.
+     */
+    immutable?: pulumi.Input<inputs.RulesetRuleActionParametersImmutable>;
     /**
      * A delta to change the score by, which can be either positive or negative.
      */
@@ -6842,10 +7108,39 @@ export interface RulesetRuleActionParameters {
      * The configuration to use for matched data logging.
      */
     matchedData?: pulumi.Input<inputs.RulesetRuleActionParametersMatchedData>;
+    /**
+     * Set the max-age cache control directive.
+     */
+    maxAge?: pulumi.Input<inputs.RulesetRuleActionParametersMaxAge>;
     /**
      * Whether to enable Mirage.
      */
     mirage?: pulumi.Input<boolean>;
+    /**
+     * Set the must-revalidate cache control directive.
+     */
+    mustRevalidate?: pulumi.Input<inputs.RulesetRuleActionParametersMustRevalidate>;
+    /**
+     * Set the must-understand cache control directive.
+     */
+    mustUnderstand?: pulumi.Input<inputs.RulesetRuleActionParametersMustUnderstand>;
+    /**
+     * Set the no-cache cache control directive.
+     */
+    noCache?: pulumi.Input<inputs.RulesetRuleActionParametersNoCache>;
+    /**
+     * Set the no-store cache control directive.
+     */
+    noStore?: pulumi.Input<inputs.RulesetRuleActionParametersNoStore>;
+    /**
+     * Set the no-transform cache control directive.
+     */
+    noTransform?: pulumi.Input<inputs.RulesetRuleActionParametersNoTransform>;
+    /**
+     * The operation to perform for<span pulumi-lang-nodejs=" setCacheTags " pulumi-lang-dotnet=" SetCacheTags " pulumi-lang-go=" setCacheTags " pulumi-lang-python=" set_cache_tags " pulumi-lang-yaml=" setCacheTags " pulumi-lang-java=" setCacheTags "> set_cache_tags </span>action.
+     * Available values: "set", "add", "remove".
+     */
+    operation?: pulumi.Input<string>;
     /**
      * Whether to enable Opportunistic Encryption.
      */
@@ -6868,7 +7163,7 @@ export interface RulesetRuleActionParameters {
     overrides?: pulumi.Input<inputs.RulesetRuleActionParametersOverrides>;
     /**
      * A list of phases to skip the execution of. This option is incompatible with the rulesets option.
-     * Available values: <span pulumi-lang-nodejs=""ddosL4"" pulumi-lang-dotnet=""DdosL4"" pulumi-lang-go=""ddosL4"" pulumi-lang-python=""ddos_l4"" pulumi-lang-yaml=""ddosL4"" pulumi-lang-java=""ddosL4"">"ddos_l4"</span>, <span pulumi-lang-nodejs=""ddosL7"" pulumi-lang-dotnet=""DdosL7"" pulumi-lang-go=""ddosL7"" pulumi-lang-python=""ddos_l7"" pulumi-lang-yaml=""ddosL7"" pulumi-lang-java=""ddosL7"">"ddos_l7"</span>, <span pulumi-lang-nodejs=""httpConfigSettings"" pulumi-lang-dotnet=""HttpConfigSettings"" pulumi-lang-go=""httpConfigSettings"" pulumi-lang-python=""http_config_settings"" pulumi-lang-yaml=""httpConfigSettings"" pulumi-lang-java=""httpConfigSettings"">"http_config_settings"</span>, <span pulumi-lang-nodejs=""httpCustomErrors"" pulumi-lang-dotnet=""HttpCustomErrors"" pulumi-lang-go=""httpCustomErrors"" pulumi-lang-python=""http_custom_errors"" pulumi-lang-yaml=""httpCustomErrors"" pulumi-lang-java=""httpCustomErrors"">"http_custom_errors"</span>, <span pulumi-lang-nodejs=""httpLogCustomFields"" pulumi-lang-dotnet=""HttpLogCustomFields"" pulumi-lang-go=""httpLogCustomFields"" pulumi-lang-python=""http_log_custom_fields"" pulumi-lang-yaml=""httpLogCustomFields"" pulumi-lang-java=""httpLogCustomFields"">"http_log_custom_fields"</span>, <span pulumi-lang-nodejs=""httpRatelimit"" pulumi-lang-dotnet=""HttpRatelimit"" pulumi-lang-go=""httpRatelimit"" pulumi-lang-python=""http_ratelimit"" pulumi-lang-yaml=""httpRatelimit"" pulumi-lang-java=""httpRatelimit"">"http_ratelimit"</span>, <span pulumi-lang-nodejs=""httpRequestCacheSettings"" pulumi-lang-dotnet=""HttpRequestCacheSettings"" pulumi-lang-go=""httpRequestCacheSettings"" pulumi-lang-python=""http_request_cache_settings"" pulumi-lang-yaml=""httpRequestCacheSettings"" pulumi-lang-java=""httpRequestCacheSettings"">"http_request_cache_settings"</span>, <span pulumi-lang-nodejs=""httpRequestDynamicRedirect"" pulumi-lang-dotnet=""HttpRequestDynamicRedirect"" pulumi-lang-go=""httpRequestDynamicRedirect"" pulumi-lang-python=""http_request_dynamic_redirect"" pulumi-lang-yaml=""httpRequestDynamicRedirect"" pulumi-lang-java=""httpRequestDynamicRedirect"">"http_request_dynamic_redirect"</span>, <span pulumi-lang-nodejs=""httpRequestFirewallCustom"" pulumi-lang-dotnet=""HttpRequestFirewallCustom"" pulumi-lang-go=""httpRequestFirewallCustom"" pulumi-lang-python=""http_request_firewall_custom"" pulumi-lang-yaml=""httpRequestFirewallCustom"" pulumi-lang-java=""httpRequestFirewallCustom"">"http_request_firewall_custom"</span>, <span pulumi-lang-nodejs=""httpRequestFirewallManaged"" pulumi-lang-dotnet=""HttpRequestFirewallManaged"" pulumi-lang-go=""httpRequestFirewallManaged"" pulumi-lang-python=""http_request_firewall_managed"" pulumi-lang-yaml=""httpRequestFirewallManaged"" pulumi-lang-java=""httpRequestFirewallManaged"">"http_request_firewall_managed"</span>, <span pulumi-lang-nodejs=""httpRequestLateTransform"" pulumi-lang-dotnet=""HttpRequestLateTransform"" pulumi-lang-go=""httpRequestLateTransform"" pulumi-lang-python=""http_request_late_transform"" pulumi-lang-yaml=""httpRequestLateTransform"" pulumi-lang-java=""httpRequestLateTransform"">"http_request_late_transform"</span>, <span pulumi-lang-nodejs=""httpRequestOrigin"" pulumi-lang-dotnet=""HttpRequestOrigin"" pulumi-lang-go=""httpRequestOrigin"" pulumi-lang-python=""http_request_origin"" pulumi-lang-yaml=""httpRequestOrigin"" pulumi-lang-java=""httpRequestOrigin"">"http_request_origin"</span>, <span pulumi-lang-nodejs=""httpRequestRedirect"" pulumi-lang-dotnet=""HttpRequestRedirect"" pulumi-lang-go=""httpRequestRedirect"" pulumi-lang-python=""http_request_redirect"" pulumi-lang-yaml=""httpRequestRedirect"" pulumi-lang-java=""httpRequestRedirect"">"http_request_redirect"</span>, <span pulumi-lang-nodejs=""httpRequestSanitize"" pulumi-lang-dotnet=""HttpRequestSanitize"" pulumi-lang-go=""httpRequestSanitize"" pulumi-lang-python=""http_request_sanitize"" pulumi-lang-yaml=""httpRequestSanitize"" pulumi-lang-java=""httpRequestSanitize"">"http_request_sanitize"</span>, <span pulumi-lang-nodejs=""httpRequestSbfm"" pulumi-lang-dotnet=""HttpRequestSbfm"" pulumi-lang-go=""httpRequestSbfm"" pulumi-lang-python=""http_request_sbfm"" pulumi-lang-yaml=""httpRequestSbfm"" pulumi-lang-java=""httpRequestSbfm"">"http_request_sbfm"</span>, <span pulumi-lang-nodejs=""httpRequestTransform"" pulumi-lang-dotnet=""HttpRequestTransform"" pulumi-lang-go=""httpRequestTransform"" pulumi-lang-python=""http_request_transform"" pulumi-lang-yaml=""httpRequestTransform"" pulumi-lang-java=""httpRequestTransform"">"http_request_transform"</span>, <span pulumi-lang-nodejs=""httpResponseCompression"" pulumi-lang-dotnet=""HttpResponseCompression"" pulumi-lang-go=""httpResponseCompression"" pulumi-lang-python=""http_response_compression"" pulumi-lang-yaml=""httpResponseCompression"" pulumi-lang-java=""httpResponseCompression"">"http_response_compression"</span>, <span pulumi-lang-nodejs=""httpResponseFirewallManaged"" pulumi-lang-dotnet=""HttpResponseFirewallManaged"" pulumi-lang-go=""httpResponseFirewallManaged"" pulumi-lang-python=""http_response_firewall_managed"" pulumi-lang-yaml=""httpResponseFirewallManaged"" pulumi-lang-java=""httpResponseFirewallManaged"">"http_response_firewall_managed"</span>, <span pulumi-lang-nodejs=""httpResponseHeadersTransform"" pulumi-lang-dotnet=""HttpResponseHeadersTransform"" pulumi-lang-go=""httpResponseHeadersTransform"" pulumi-lang-python=""http_response_headers_transform"" pulumi-lang-yaml=""httpResponseHeadersTransform"" pulumi-lang-java=""httpResponseHeadersTransform"">"http_response_headers_transform"</span>, <span pulumi-lang-nodejs=""magicTransit"" pulumi-lang-dotnet=""MagicTransit"" pulumi-lang-go=""magicTransit"" pulumi-lang-python=""magic_transit"" pulumi-lang-yaml=""magicTransit"" pulumi-lang-java=""magicTransit"">"magic_transit"</span>, <span pulumi-lang-nodejs=""magicTransitIdsManaged"" pulumi-lang-dotnet=""MagicTransitIdsManaged"" pulumi-lang-go=""magicTransitIdsManaged"" pulumi-lang-python=""magic_transit_ids_managed"" pulumi-lang-yaml=""magicTransitIdsManaged"" pulumi-lang-java=""magicTransitIdsManaged"">"magic_transit_ids_managed"</span>, <span pulumi-lang-nodejs=""magicTransitManaged"" pulumi-lang-dotnet=""MagicTransitManaged"" pulumi-lang-go=""magicTransitManaged"" pulumi-lang-python=""magic_transit_managed"" pulumi-lang-yaml=""magicTransitManaged"" pulumi-lang-java=""magicTransitManaged"">"magic_transit_managed"</span>, <span pulumi-lang-nodejs=""magicTransitRatelimit"" pulumi-lang-dotnet=""MagicTransitRatelimit"" pulumi-lang-go=""magicTransitRatelimit"" pulumi-lang-python=""magic_transit_ratelimit"" pulumi-lang-yaml=""magicTransitRatelimit"" pulumi-lang-java=""magicTransitRatelimit"">"magic_transit_ratelimit"</span>.
+     * Available values: <span pulumi-lang-nodejs=""ddosL4"" pulumi-lang-dotnet=""DdosL4"" pulumi-lang-go=""ddosL4"" pulumi-lang-python=""ddos_l4"" pulumi-lang-yaml=""ddosL4"" pulumi-lang-java=""ddosL4"">"ddos_l4"</span>, <span pulumi-lang-nodejs=""ddosL7"" pulumi-lang-dotnet=""DdosL7"" pulumi-lang-go=""ddosL7"" pulumi-lang-python=""ddos_l7"" pulumi-lang-yaml=""ddosL7"" pulumi-lang-java=""ddosL7"">"ddos_l7"</span>, <span pulumi-lang-nodejs=""httpConfigSettings"" pulumi-lang-dotnet=""HttpConfigSettings"" pulumi-lang-go=""httpConfigSettings"" pulumi-lang-python=""http_config_settings"" pulumi-lang-yaml=""httpConfigSettings"" pulumi-lang-java=""httpConfigSettings"">"http_config_settings"</span>, <span pulumi-lang-nodejs=""httpCustomErrors"" pulumi-lang-dotnet=""HttpCustomErrors"" pulumi-lang-go=""httpCustomErrors"" pulumi-lang-python=""http_custom_errors"" pulumi-lang-yaml=""httpCustomErrors"" pulumi-lang-java=""httpCustomErrors"">"http_custom_errors"</span>, <span pulumi-lang-nodejs=""httpLogCustomFields"" pulumi-lang-dotnet=""HttpLogCustomFields"" pulumi-lang-go=""httpLogCustomFields"" pulumi-lang-python=""http_log_custom_fields"" pulumi-lang-yaml=""httpLogCustomFields"" pulumi-lang-java=""httpLogCustomFields"">"http_log_custom_fields"</span>, <span pulumi-lang-nodejs=""httpRatelimit"" pulumi-lang-dotnet=""HttpRatelimit"" pulumi-lang-go=""httpRatelimit"" pulumi-lang-python=""http_ratelimit"" pulumi-lang-yaml=""httpRatelimit"" pulumi-lang-java=""httpRatelimit"">"http_ratelimit"</span>, <span pulumi-lang-nodejs=""httpRequestCacheSettings"" pulumi-lang-dotnet=""HttpRequestCacheSettings"" pulumi-lang-go=""httpRequestCacheSettings"" pulumi-lang-python=""http_request_cache_settings"" pulumi-lang-yaml=""httpRequestCacheSettings"" pulumi-lang-java=""httpRequestCacheSettings"">"http_request_cache_settings"</span>, <span pulumi-lang-nodejs=""httpRequestDynamicRedirect"" pulumi-lang-dotnet=""HttpRequestDynamicRedirect"" pulumi-lang-go=""httpRequestDynamicRedirect"" pulumi-lang-python=""http_request_dynamic_redirect"" pulumi-lang-yaml=""httpRequestDynamicRedirect"" pulumi-lang-java=""httpRequestDynamicRedirect"">"http_request_dynamic_redirect"</span>, <span pulumi-lang-nodejs=""httpRequestFirewallCustom"" pulumi-lang-dotnet=""HttpRequestFirewallCustom"" pulumi-lang-go=""httpRequestFirewallCustom"" pulumi-lang-python=""http_request_firewall_custom"" pulumi-lang-yaml=""httpRequestFirewallCustom"" pulumi-lang-java=""httpRequestFirewallCustom"">"http_request_firewall_custom"</span>, <span pulumi-lang-nodejs=""httpRequestFirewallManaged"" pulumi-lang-dotnet=""HttpRequestFirewallManaged"" pulumi-lang-go=""httpRequestFirewallManaged"" pulumi-lang-python=""http_request_firewall_managed"" pulumi-lang-yaml=""httpRequestFirewallManaged"" pulumi-lang-java=""httpRequestFirewallManaged"">"http_request_firewall_managed"</span>, <span pulumi-lang-nodejs=""httpRequestLateTransform"" pulumi-lang-dotnet=""HttpRequestLateTransform"" pulumi-lang-go=""httpRequestLateTransform"" pulumi-lang-python=""http_request_late_transform"" pulumi-lang-yaml=""httpRequestLateTransform"" pulumi-lang-java=""httpRequestLateTransform"">"http_request_late_transform"</span>, <span pulumi-lang-nodejs=""httpRequestOrigin"" pulumi-lang-dotnet=""HttpRequestOrigin"" pulumi-lang-go=""httpRequestOrigin"" pulumi-lang-python=""http_request_origin"" pulumi-lang-yaml=""httpRequestOrigin"" pulumi-lang-java=""httpRequestOrigin"">"http_request_origin"</span>, <span pulumi-lang-nodejs=""httpRequestRedirect"" pulumi-lang-dotnet=""HttpRequestRedirect"" pulumi-lang-go=""httpRequestRedirect"" pulumi-lang-python=""http_request_redirect"" pulumi-lang-yaml=""httpRequestRedirect"" pulumi-lang-java=""httpRequestRedirect"">"http_request_redirect"</span>, <span pulumi-lang-nodejs=""httpRequestSanitize"" pulumi-lang-dotnet=""HttpRequestSanitize"" pulumi-lang-go=""httpRequestSanitize"" pulumi-lang-python=""http_request_sanitize"" pulumi-lang-yaml=""httpRequestSanitize"" pulumi-lang-java=""httpRequestSanitize"">"http_request_sanitize"</span>, <span pulumi-lang-nodejs=""httpRequestSbfm"" pulumi-lang-dotnet=""HttpRequestSbfm"" pulumi-lang-go=""httpRequestSbfm"" pulumi-lang-python=""http_request_sbfm"" pulumi-lang-yaml=""httpRequestSbfm"" pulumi-lang-java=""httpRequestSbfm"">"http_request_sbfm"</span>, <span pulumi-lang-nodejs=""httpRequestTransform"" pulumi-lang-dotnet=""HttpRequestTransform"" pulumi-lang-go=""httpRequestTransform"" pulumi-lang-python=""http_request_transform"" pulumi-lang-yaml=""httpRequestTransform"" pulumi-lang-java=""httpRequestTransform"">"http_request_transform"</span>, <span pulumi-lang-nodejs=""httpResponseCacheSettings"" pulumi-lang-dotnet=""HttpResponseCacheSettings"" pulumi-lang-go=""httpResponseCacheSettings"" pulumi-lang-python=""http_response_cache_settings"" pulumi-lang-yaml=""httpResponseCacheSettings"" pulumi-lang-java=""httpResponseCacheSettings"">"http_response_cache_settings"</span>, <span pulumi-lang-nodejs=""httpResponseCompression"" pulumi-lang-dotnet=""HttpResponseCompression"" pulumi-lang-go=""httpResponseCompression"" pulumi-lang-python=""http_response_compression"" pulumi-lang-yaml=""httpResponseCompression"" pulumi-lang-java=""httpResponseCompression"">"http_response_compression"</span>, <span pulumi-lang-nodejs=""httpResponseFirewallManaged"" pulumi-lang-dotnet=""HttpResponseFirewallManaged"" pulumi-lang-go=""httpResponseFirewallManaged"" pulumi-lang-python=""http_response_firewall_managed"" pulumi-lang-yaml=""httpResponseFirewallManaged"" pulumi-lang-java=""httpResponseFirewallManaged"">"http_response_firewall_managed"</span>, <span pulumi-lang-nodejs=""httpResponseHeadersTransform"" pulumi-lang-dotnet=""HttpResponseHeadersTransform"" pulumi-lang-go=""httpResponseHeadersTransform"" pulumi-lang-python=""http_response_headers_transform"" pulumi-lang-yaml=""httpResponseHeadersTransform"" pulumi-lang-java=""httpResponseHeadersTransform"">"http_response_headers_transform"</span>, <span pulumi-lang-nodejs=""magicTransit"" pulumi-lang-dotnet=""MagicTransit"" pulumi-lang-go=""magicTransit"" pulumi-lang-python=""magic_transit"" pulumi-lang-yaml=""magicTransit"" pulumi-lang-java=""magicTransit"">"magic_transit"</span>, <span pulumi-lang-nodejs=""magicTransitIdsManaged"" pulumi-lang-dotnet=""MagicTransitIdsManaged"" pulumi-lang-go=""magicTransitIdsManaged"" pulumi-lang-python=""magic_transit_ids_managed"" pulumi-lang-yaml=""magicTransitIdsManaged"" pulumi-lang-java=""magicTransitIdsManaged"">"magic_transit_ids_managed"</span>, <span pulumi-lang-nodejs=""magicTransitManaged"" pulumi-lang-dotnet=""MagicTransitManaged"" pulumi-lang-go=""magicTransitManaged"" pulumi-lang-python=""magic_transit_managed"" pulumi-lang-yaml=""magicTransitManaged"" pulumi-lang-java=""magicTransitManaged"">"magic_transit_managed"</span>, <span pulumi-lang-nodejs=""magicTransitRatelimit"" pulumi-lang-dotnet=""MagicTransitRatelimit"" pulumi-lang-go=""magicTransitRatelimit"" pulumi-lang-python=""magic_transit_ratelimit"" pulumi-lang-yaml=""magicTransitRatelimit"" pulumi-lang-java=""magicTransitRatelimit"">"magic_transit_ratelimit"</span>.
      */
     phases?: pulumi.Input<pulumi.Input<string>[]>;
     /**
@@ -6876,11 +7171,23 @@ export interface RulesetRuleActionParameters {
      * Available values: "off", "lossless", "lossy", "webp".
      */
     polish?: pulumi.Input<string>;
+    /**
+     * Set the private cache control directive.
+     */
+    private?: pulumi.Input<inputs.RulesetRuleActionParametersPrivate>;
     /**
      * A list of legacy security products to skip the execution of.
      * Available values: "bic", "hot", "rateLimit", "securityLevel", "uaBlock", "waf", "zoneLockdown".
      */
     products?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * Set the proxy-revalidate cache control directive.
+     */
+    proxyRevalidate?: pulumi.Input<inputs.RulesetRuleActionParametersProxyRevalidate>;
+    /**
+     * Set the public cache control directive.
+     */
+    public?: pulumi.Input<inputs.RulesetRuleActionParametersPublic>;
     /**
      * The raw response fields to log.
      */
@@ -6934,6 +7241,10 @@ export interface RulesetRuleActionParameters {
      * A list of ruleset IDs to skip the execution of. This option is incompatible with the ruleset and phases options.
      */
     rulesets?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * Set the s-maxage cache control directive.
+     */
+    sMaxage?: pulumi.Input<inputs.RulesetRuleActionParametersSMaxage>;
     /**
      * The Security Level to configure.
      * Available values: "off", <span pulumi-lang-nodejs=""essentiallyOff"" pulumi-lang-dotnet=""EssentiallyOff"" pulumi-lang-go=""essentiallyOff"" pulumi-lang-python=""essentially_off"" pulumi-lang-yaml=""essentiallyOff"" pulumi-lang-java=""essentiallyOff"">"essentially_off"</span>, "low", "medium", "high", <span pulumi-lang-nodejs=""underAttack"" pulumi-lang-dotnet=""UnderAttack"" pulumi-lang-go=""underAttack"" pulumi-lang-python=""under_attack"" pulumi-lang-yaml=""underAttack"" pulumi-lang-java=""underAttack"">"under_attack"</span>.
@@ -6956,10 +7267,30 @@ export interface RulesetRuleActionParameters {
      * Available values: "off", "flexible", "full", "strict", <span pulumi-lang-nodejs=""originPull"" pulumi-lang-dotnet=""OriginPull"" pulumi-lang-go=""originPull"" pulumi-lang-python=""origin_pull"" pulumi-lang-yaml=""originPull"" pulumi-lang-java=""originPull"">"origin_pull"</span>.
      */
     ssl?: pulumi.Input<string>;
+    /**
+     * Set the stale-if-error cache control directive.
+     */
+    staleIfError?: pulumi.Input<inputs.RulesetRuleActionParametersStaleIfError>;
+    /**
+     * Set the stale-while-revalidate cache control directive.
+     */
+    staleWhileRevalidate?: pulumi.Input<inputs.RulesetRuleActionParametersStaleWhileRevalidate>;
     /**
      * The status code to use for the error.
      */
     statusCode?: pulumi.Input<number>;
+    /**
+     * Whether to strip the ETag header from the response.
+     */
+    stripEtags?: pulumi.Input<boolean>;
+    /**
+     * Whether to strip the Last-Modified header from the response.
+     */
+    stripLastModified?: pulumi.Input<boolean>;
+    /**
+     * Whether to strip the Set-Cookie header from the response.
+     */
+    stripSetCookie?: pulumi.Input<boolean>;
     /**
      * Whether to enable Signed Exchanges (SXG).
      */
@@ -6972,6 +7303,10 @@ export interface RulesetRuleActionParameters {
      * A URI rewrite.
      */
     uri?: pulumi.Input<inputs.RulesetRuleActionParametersUri>;
+    /**
+     * The cache tag values for<span pulumi-lang-nodejs=" setCacheTags " pulumi-lang-dotnet=" SetCacheTags " pulumi-lang-go=" setCacheTags " pulumi-lang-python=" set_cache_tags " pulumi-lang-yaml=" setCacheTags " pulumi-lang-java=" setCacheTags "> set_cache_tags </span>action.
+     */
+    values?: pulumi.Input<pulumi.Input<string>[]>;
 }
 export interface RulesetRuleActionParametersAlgorithm {
     /**
@@ -7229,12 +7564,97 @@ export interface RulesetRuleActionParametersHeaders {
      */
     value?: pulumi.Input<string>;
 }
+export interface RulesetRuleActionParametersImmutable {
+    /**
+     * Whether to apply the directive only to Cloudflare's cache.
+     */
+    cloudflareOnly?: pulumi.Input<boolean>;
+    /**
+     * The operation to perform.
+     * Available values: "set", "remove".
+     */
+    operation: pulumi.Input<string>;
+}
 export interface RulesetRuleActionParametersMatchedData {
     /**
      * The public key to encrypt matched data logs with.
      */
     publicKey: pulumi.Input<string>;
 }
+export interface RulesetRuleActionParametersMaxAge {
+    /**
+     * Whether to apply the directive only to Cloudflare's cache.
+     */
+    cloudflareOnly?: pulumi.Input<boolean>;
+    /**
+     * The operation to perform.
+     * Available values: "set", "remove".
+     */
+    operation: pulumi.Input<string>;
+    /**
+     * The value for the directive in seconds.
+     */
+    value?: pulumi.Input<number>;
+}
+export interface RulesetRuleActionParametersMustRevalidate {
+    /**
+     * Whether to apply the directive only to Cloudflare's cache.
+     */
+    cloudflareOnly?: pulumi.Input<boolean>;
+    /**
+     * The operation to perform.
+     * Available values: "set", "remove".
+     */
+    operation: pulumi.Input<string>;
+}
+export interface RulesetRuleActionParametersMustUnderstand {
+    /**
+     * Whether to apply the directive only to Cloudflare's cache.
+     */
+    cloudflareOnly?: pulumi.Input<boolean>;
+    /**
+     * The operation to perform.
+     * Available values: "set", "remove".
+     */
+    operation: pulumi.Input<string>;
+}
+export interface RulesetRuleActionParametersNoCache {
+    /**
+     * Whether to apply the directive only to Cloudflare's cache.
+     */
+    cloudflareOnly?: pulumi.Input<boolean>;
+    /**
+     * The operation to perform.
+     * Available values: "set", "remove".
+     */
+    operation: pulumi.Input<string>;
+    /**
+     * The qualifiers for the directive.
+     */
+    qualifiers?: pulumi.Input<pulumi.Input<string>[]>;
+}
+export interface RulesetRuleActionParametersNoStore {
+    /**
+     * Whether to apply the directive only to Cloudflare's cache.
+     */
+    cloudflareOnly?: pulumi.Input<boolean>;
+    /**
+     * The operation to perform.
+     * Available values: "set", "remove".
+     */
+    operation: pulumi.Input<string>;
+}
+export interface RulesetRuleActionParametersNoTransform {
+    /**
+     * Whether to apply the directive only to Cloudflare's cache.
+     */
+    cloudflareOnly?: pulumi.Input<boolean>;
+    /**
+     * The operation to perform.
+     * Available values: "set", "remove".
+     */
+    operation: pulumi.Input<string>;
+}
 export interface RulesetRuleActionParametersOrigin {
     /**
      * A resolved host to route to.
@@ -7310,6 +7730,43 @@ export interface RulesetRuleActionParametersOverridesRule {
      */
     sensitivityLevel?: pulumi.Input<string>;
 }
+export interface RulesetRuleActionParametersPrivate {
+    /**
+     * Whether to apply the directive only to Cloudflare's cache.
+     */
+    cloudflareOnly?: pulumi.Input<boolean>;
+    /**
+     * The operation to perform.
+     * Available values: "set", "remove".
+     */
+    operation: pulumi.Input<string>;
+    /**
+     * The qualifiers for the directive.
+     */
+    qualifiers?: pulumi.Input<pulumi.Input<string>[]>;
+}
+export interface RulesetRuleActionParametersProxyRevalidate {
+    /**
+     * Whether to apply the directive only to Cloudflare's cache.
+     */
+    cloudflareOnly?: pulumi.Input<boolean>;
+    /**
+     * The operation to perform.
+     * Available values: "set", "remove".
+     */
+    operation: pulumi.Input<string>;
+}
+export interface RulesetRuleActionParametersPublic {
+    /**
+     * Whether to apply the directive only to Cloudflare's cache.
+     */
+    cloudflareOnly?: pulumi.Input<boolean>;
+    /**
+     * The operation to perform.
+     * Available values: "set", "remove".
+     */
+    operation: pulumi.Input<string>;
+}
 export interface RulesetRuleActionParametersRawResponseField {
     /**
      * The name of the response header.
@@ -7350,6 +7807,21 @@ export interface RulesetRuleActionParametersResponseField {
      */
     preserveDuplicates?: pulumi.Input<boolean>;
 }
+export interface RulesetRuleActionParametersSMaxage {
+    /**
+     * Whether to apply the directive only to Cloudflare's cache.
+     */
+    cloudflareOnly?: pulumi.Input<boolean>;
+    /**
+     * The operation to perform.
+     * Available values: "set", "remove".
+     */
+    operation: pulumi.Input<string>;
+    /**
+     * The value for the directive in seconds.
+     */
+    value?: pulumi.Input<number>;
+}
 export interface RulesetRuleActionParametersServeStale {
     /**
      * Whether Cloudflare should disable serving stale content while getting the latest content from the origin.
@@ -7362,6 +7834,36 @@ export interface RulesetRuleActionParametersSni {
      */
     value: pulumi.Input<string>;
 }
+export interface RulesetRuleActionParametersStaleIfError {
+    /**
+     * Whether to apply the directive only to Cloudflare's cache.
+     */
+    cloudflareOnly?: pulumi.Input<boolean>;
+    /**
+     * The operation to perform.
+     * Available values: "set", "remove".
+     */
+    operation: pulumi.Input<string>;
+    /**
+     * The value for the directive in seconds.
+     */
+    value?: pulumi.Input<number>;
+}
+export interface RulesetRuleActionParametersStaleWhileRevalidate {
+    /**
+     * Whether to apply the directive only to Cloudflare's cache.
+     */
+    cloudflareOnly?: pulumi.Input<boolean>;
+    /**
+     * The operation to perform.
+     * Available values: "set", "remove".
+     */
+    operation: pulumi.Input<string>;
+    /**
+     * The value for the directive in seconds.
+     */
+    value?: pulumi.Input<number>;
+}
 export interface RulesetRuleActionParametersTransformedRequestField {
     /**
      * The name of the header.
@@ -7454,33 +7956,33 @@ export interface SnippetFile {
 }
 export interface SnippetMetadata {
     /**
-     * Name of the file that contains the main module of the snippet.
+     * Specify the name of the file that contains the main module of the snippet.
      */
     mainModule: pulumi.Input<string>;
 }
 export interface SnippetRulesRule {
     /**
-     * An informative description of the rule.
+     * Provide an informative description of the rule.
      */
     description?: pulumi.Input<string>;
     /**
-     * Whether the rule should be executed.
+     * Indicate whether to execute the rule.
      */
     enabled?: pulumi.Input<boolean>;
     /**
-     * The expression defining which traffic will match the rule.
+     * Define the expression that determines which traffic matches the rule.
      */
     expression: pulumi.Input<string>;
     /**
-     * The unique ID of the rule.
+     * Specify the unique ID of the rule.
      */
     id?: pulumi.Input<string>;
     /**
-     * The timestamp of when the rule was last modified.
+     * Specify the timestamp of when the rule was last modified.
      */
     lastUpdated?: pulumi.Input<string>;
     /**
-     * The identifying name of the snippet.
+     * Identify the snippet.
      */
     snippetName: pulumi.Input<string>;
 }
@@ -8208,6 +8710,10 @@ export interface WorkerVersionBinding {
      * Name of Worker to bind to.
      */
     service?: pulumi.Input<string>;
+    /**
+     * The rate limit configuration.
+     */
+    simple?: pulumi.Input<inputs.WorkerVersionBindingSimple>;
     /**
      * ID of the store containing the secret.
      */
@@ -8218,7 +8724,7 @@ export interface WorkerVersionBinding {
     text?: pulumi.Input<string>;
     /**
      * The kind of resource that the binding provides.
-     * Available values: "ai", <span pulumi-lang-nodejs=""analyticsEngine"" pulumi-lang-dotnet=""AnalyticsEngine"" pulumi-lang-go=""analyticsEngine"" pulumi-lang-python=""analytics_engine"" pulumi-lang-yaml=""analyticsEngine"" pulumi-lang-java=""analyticsEngine"">"analytics_engine"</span>, "assets", "browser", "d1", <span pulumi-lang-nodejs=""dataBlob"" pulumi-lang-dotnet=""DataBlob"" pulumi-lang-go=""dataBlob"" pulumi-lang-python=""data_blob"" pulumi-lang-yaml=""dataBlob"" pulumi-lang-java=""dataBlob"">"data_blob"</span>, <span pulumi-lang-nodejs=""dispatchNamespace"" pulumi-lang-dotnet=""DispatchNamespace"" pulumi-lang-go=""dispatchNamespace"" pulumi-lang-python=""dispatch_namespace"" pulumi-lang-yaml=""dispatchNamespace"" pulumi-lang-java=""dispatchNamespace"">"dispatch_namespace"</span>, <span pulumi-lang-nodejs=""durableObjectNamespace"" pulumi-lang-dotnet=""DurableObjectNamespace"" pulumi-lang-go=""durableObjectNamespace"" pulumi-lang-python=""durable_object_namespace"" pulumi-lang-yaml=""durableObjectNamespace"" pulumi-lang-java=""durableObjectNamespace"">"durable_object_namespace"</span>, "hyperdrive", "inherit", "images", "json", <span pulumi-lang-nodejs=""kvNamespace"" pulumi-lang-dotnet=""KvNamespace"" pulumi-lang-go=""kvNamespace"" pulumi-lang-python=""kv_namespace"" pulumi-lang-yaml=""kvNamespace"" pulumi-lang-java=""kvNamespace"">"kv_namespace"</span>, <span pulumi-lang-nodejs=""mtlsCertificate"" pulumi-lang-dotnet=""MtlsCertificate"" pulumi-lang-go=""mtlsCertificate"" pulumi-lang-python=""mtls_certificate"" pulumi-lang-yaml=""mtlsCertificate"" pulumi-lang-java=""mtlsCertificate"">"mtls_certificate"</span>, <span pulumi-lang-nodejs=""plainText"" pulumi-lang-dotnet=""PlainText"" pulumi-lang-go=""plainText"" pulumi-lang-python=""plain_text"" pulumi-lang-yaml=""plainText"" pulumi-lang-java=""plainText"">"plain_text"</span>, "pipelines", "queue", <span pulumi-lang-nodejs=""r2Bucket"" pulumi-lang-dotnet=""R2Bucket"" pulumi-lang-go=""r2Bucket"" pulumi-lang-python=""r2_bucket"" pulumi-lang-yaml=""r2Bucket"" pulumi-lang-java=""r2Bucket"">"r2_bucket"</span>, <span pulumi-lang-nodejs=""secretText"" pulumi-lang-dotnet=""SecretText"" pulumi-lang-go=""secretText"" pulumi-lang-python=""secret_text"" pulumi-lang-yaml=""secretText"" pulumi-lang-java=""secretText"">"secret_text"</span>, <span pulumi-lang-nodejs=""sendEmail"" pulumi-lang-dotnet=""SendEmail"" pulumi-lang-go=""sendEmail"" pulumi-lang-python=""send_email"" pulumi-lang-yaml=""sendEmail"" pulumi-lang-java=""sendEmail"">"send_email"</span>, "service", <span pulumi-lang-nodejs=""textBlob"" pulumi-lang-dotnet=""TextBlob"" pulumi-lang-go=""textBlob"" pulumi-lang-python=""text_blob"" pulumi-lang-yaml=""textBlob"" pulumi-lang-java=""textBlob"">"text_blob"</span>, "vectorize", <span pulumi-lang-nodejs=""versionMetadata"" pulumi-lang-dotnet=""VersionMetadata"" pulumi-lang-go=""versionMetadata"" pulumi-lang-python=""version_metadata"" pulumi-lang-yaml=""versionMetadata"" pulumi-lang-java=""versionMetadata"">"version_metadata"</span>, <span pulumi-lang-nodejs=""secretsStoreSecret"" pulumi-lang-dotnet=""SecretsStoreSecret"" pulumi-lang-go=""secretsStoreSecret"" pulumi-lang-python=""secrets_store_secret"" pulumi-lang-yaml=""secretsStoreSecret"" pulumi-lang-java=""secretsStoreSecret"">"secrets_store_secret"</span>, <span pulumi-lang-nodejs=""secretKey"" pulumi-lang-dotnet=""SecretKey"" pulumi-lang-go=""secretKey"" pulumi-lang-python=""secret_key"" pulumi-lang-yaml=""secretKey"" pulumi-lang-java=""secretKey"">"secret_key"</span>, "workflow", <span pulumi-lang-nodejs=""wasmModule"" pulumi-lang-dotnet=""WasmModule"" pulumi-lang-go=""wasmModule"" pulumi-lang-python=""wasm_module"" pulumi-lang-yaml=""wasmModule"" pulumi-lang-java=""wasmModule"">"wasm_module"</span>.
+     * Available values: "ai", <span pulumi-lang-nodejs=""analyticsEngine"" pulumi-lang-dotnet=""AnalyticsEngine"" pulumi-lang-go=""analyticsEngine"" pulumi-lang-python=""analytics_engine"" pulumi-lang-yaml=""analyticsEngine"" pulumi-lang-java=""analyticsEngine"">"analytics_engine"</span>, "assets", "browser", "d1", <span pulumi-lang-nodejs=""dataBlob"" pulumi-lang-dotnet=""DataBlob"" pulumi-lang-go=""dataBlob"" pulumi-lang-python=""data_blob"" pulumi-lang-yaml=""dataBlob"" pulumi-lang-java=""dataBlob"">"data_blob"</span>, <span pulumi-lang-nodejs=""dispatchNamespace"" pulumi-lang-dotnet=""DispatchNamespace"" pulumi-lang-go=""dispatchNamespace"" pulumi-lang-python=""dispatch_namespace"" pulumi-lang-yaml=""dispatchNamespace"" pulumi-lang-java=""dispatchNamespace"">"dispatch_namespace"</span>, <span pulumi-lang-nodejs=""durableObjectNamespace"" pulumi-lang-dotnet=""DurableObjectNamespace"" pulumi-lang-go=""durableObjectNamespace"" pulumi-lang-python=""durable_object_namespace"" pulumi-lang-yaml=""durableObjectNamespace"" pulumi-lang-java=""durableObjectNamespace"">"durable_object_namespace"</span>, "hyperdrive", "inherit", "images", "json", <span pulumi-lang-nodejs=""kvNamespace"" pulumi-lang-dotnet=""KvNamespace"" pulumi-lang-go=""kvNamespace"" pulumi-lang-python=""kv_namespace"" pulumi-lang-yaml=""kvNamespace"" pulumi-lang-java=""kvNamespace"">"kv_namespace"</span>, <span pulumi-lang-nodejs=""mtlsCertificate"" pulumi-lang-dotnet=""MtlsCertificate"" pulumi-lang-go=""mtlsCertificate"" pulumi-lang-python=""mtls_certificate"" pulumi-lang-yaml=""mtlsCertificate"" pulumi-lang-java=""mtlsCertificate"">"mtls_certificate"</span>, <span pulumi-lang-nodejs=""plainText"" pulumi-lang-dotnet=""PlainText"" pulumi-lang-go=""plainText"" pulumi-lang-python=""plain_text"" pulumi-lang-yaml=""plainText"" pulumi-lang-java=""plainText"">"plain_text"</span>, "pipelines", "queue", "ratelimit", <span pulumi-lang-nodejs=""r2Bucket"" pulumi-lang-dotnet=""R2Bucket"" pulumi-lang-go=""r2Bucket"" pulumi-lang-python=""r2_bucket"" pulumi-lang-yaml=""r2Bucket"" pulumi-lang-java=""r2Bucket"">"r2_bucket"</span>, <span pulumi-lang-nodejs=""secretText"" pulumi-lang-dotnet=""SecretText"" pulumi-lang-go=""secretText"" pulumi-lang-python=""secret_text"" pulumi-lang-yaml=""secretText"" pulumi-lang-java=""secretText"">"secret_text"</span>, <span pulumi-lang-nodejs=""sendEmail"" pulumi-lang-dotnet=""SendEmail"" pulumi-lang-go=""sendEmail"" pulumi-lang-python=""send_email"" pulumi-lang-yaml=""sendEmail"" pulumi-lang-java=""sendEmail"">"send_email"</span>, "service", <span pulumi-lang-nodejs=""textBlob"" pulumi-lang-dotnet=""TextBlob"" pulumi-lang-go=""textBlob"" pulumi-lang-python=""text_blob"" pulumi-lang-yaml=""textBlob"" pulumi-lang-java=""textBlob"">"text_blob"</span>, "vectorize", <span pulumi-lang-nodejs=""versionMetadata"" pulumi-lang-dotnet=""VersionMetadata"" pulumi-lang-go=""versionMetadata"" pulumi-lang-python=""version_metadata"" pulumi-lang-yaml=""versionMetadata"" pulumi-lang-java=""versionMetadata"">"version_metadata"</span>, <span pulumi-lang-nodejs=""secretsStoreSecret"" pulumi-lang-dotnet=""SecretsStoreSecret"" pulumi-lang-go=""secretsStoreSecret"" pulumi-lang-python=""secrets_store_secret"" pulumi-lang-yaml=""secretsStoreSecret"" pulumi-lang-java=""secretsStoreSecret"">"secrets_store_secret"</span>, <span pulumi-lang-nodejs=""secretKey"" pulumi-lang-dotnet=""SecretKey"" pulumi-lang-go=""secretKey"" pulumi-lang-python=""secret_key"" pulumi-lang-yaml=""secretKey"" pulumi-lang-java=""secretKey"">"secret_key"</span>, "workflow", <span pulumi-lang-nodejs=""wasmModule"" pulumi-lang-dotnet=""WasmModule"" pulumi-lang-go=""wasmModule"" pulumi-lang-python=""wasm_module"" pulumi-lang-yaml=""wasmModule"" pulumi-lang-java=""wasmModule"">"wasm_module"</span>.
      */
     type: pulumi.Input<string>;
     /**
@@ -8238,13 +8744,23 @@ export interface WorkerVersionBindingOutbound {
     /**
      * Pass information from the Dispatch Worker to the Outbound Worker through the parameters.
      */
-    params?: pulumi.Input<pulumi.Input<string>[]>;
+    params?: pulumi.Input<pulumi.Input<inputs.WorkerVersionBindingOutboundParam>[]>;
     /**
      * Outbound worker.
      */
     worker?: pulumi.Input<inputs.WorkerVersionBindingOutboundWorker>;
 }
+export interface WorkerVersionBindingOutboundParam {
+    /**
+     * Name of the parameter.
+     */
+    name: pulumi.Input<string>;
+}
 export interface WorkerVersionBindingOutboundWorker {
+    /**
+     * Entrypoint to invoke on the outbound worker.
+     */
+    entrypoint?: pulumi.Input<string>;
     /**
      * Environment of the outbound worker.
      */
@@ -8254,6 +8770,16 @@ export interface WorkerVersionBindingOutboundWorker {
      */
     service?: pulumi.Input<string>;
 }
+export interface WorkerVersionBindingSimple {
+    /**
+     * The limit (requests per period).
+     */
+    limit: pulumi.Input<number>;
+    /**
+     * The period in seconds.
+     */
+    period: pulumi.Input<number>;
+}
 export interface WorkerVersionLimits {
     /**
      * CPU time limit in milliseconds.
@@ -8358,10 +8884,40 @@ export interface WorkerVersionModule {
 }
 export interface WorkerVersionPlacement {
     /**
-     * Placement mode for the version.
-     * Available values: "smart".
+     * TCP host and port for targeted placement.
+     */
+    host?: pulumi.Input<string>;
+    /**
+     * HTTP hostname for targeted placement.
+     */
+    hostname?: pulumi.Input<string>;
+    /**
+     * Enables [Smart Placement](https://developers.cloudflare.com/workers/configuration/smart-placement).
+     * Available values: "smart", "targeted".
      */
     mode?: pulumi.Input<string>;
+    /**
+     * Cloud region for targeted placement in format 'provider:region'.
+     */
+    region?: pulumi.Input<string>;
+    /**
+     * Array of placement targets (currently limited to single target).
+     */
+    targets?: pulumi.Input<pulumi.Input<inputs.WorkerVersionPlacementTarget>[]>;
+}
+export interface WorkerVersionPlacementTarget {
+    /**
+     * TCP host:port for targeted placement.
+     */
+    host?: pulumi.Input<string>;
+    /**
+     * HTTP hostname for targeted placement.
+     */
+    hostname?: pulumi.Input<string>;
+    /**
+     * Cloud region in format 'provider:region'.
+     */
+    region?: pulumi.Input<string>;
 }
 export interface WorkersCronTriggerSchedule {
     createdOn?: pulumi.Input<string>;
@@ -8541,6 +9097,10 @@ export interface WorkersScriptBinding {
      * Name of Worker to bind to.
      */
     service?: pulumi.Input<string>;
+    /**
+     * A simple rate limit.
+     */
+    simple?: pulumi.Input<inputs.WorkersScriptBindingSimple>;
     /**
      * ID of the store containing the secret.
      */
@@ -8587,6 +9147,16 @@ export interface WorkersScriptBindingOutboundWorker {
      */
     service?: pulumi.Input<string>;
 }
+export interface WorkersScriptBindingSimple {
+    /**
+     * The rate limit value.
+     */
+    limit: pulumi.Input<number>;
+    /**
+     * The rate limit period in seconds.
+     */
+    period: pulumi.Input<number>;
+}
 export interface WorkersScriptLimits {
     /**
      * The amount of CPU time this Worker can use in milliseconds.
@@ -8728,7 +9298,7 @@ export interface WorkersScriptPlacement {
     lastAnalyzedAt?: pulumi.Input<string>;
     /**
      * Enables [Smart Placement](https://developers.cloudflare.com/workers/configuration/smart-placement).
-     * Available values: "smart".
+     * Available values: "smart", "targeted".
      */
     mode?: pulumi.Input<string>;
     /**
@@ -8740,6 +9310,24 @@ export interface WorkersScriptPlacement {
      * Available values: "SUCCESS", "UNSUPPORTED_APPLICATION", "INSUFFICIENT_INVOCATIONS".
      */
     status?: pulumi.Input<string>;
+    /**
+     * Array of placement targets (currently limited to single target).
+     */
+    targets?: pulumi.Input<pulumi.Input<inputs.WorkersScriptPlacementTarget>[]>;
+}
+export interface WorkersScriptPlacementTarget {
+    /**
+     * TCP host:port for targeted placement.
+     */
+    host?: pulumi.Input<string>;
+    /**
+     * HTTP hostname for targeted placement.
+     */
+    hostname?: pulumi.Input<string>;
+    /**
+     * Cloud region in format 'provider:region'.
+     */
+    region?: pulumi.Input<string>;
 }
 export interface WorkersScriptTailConsumer {
     /**
@@ -8922,11 +9510,25 @@ export interface ZeroTrustAccessApplicationPolicy {
     requires?: pulumi.Input<pulumi.Input<inputs.ZeroTrustAccessApplicationPolicyRequire>[]>;
 }
 export interface ZeroTrustAccessApplicationPolicyConnectionRules {
+    /**
+     * The RDP-specific rules that define clipboard behavior for RDP connections.
+     */
+    rdp?: pulumi.Input<inputs.ZeroTrustAccessApplicationPolicyConnectionRulesRdp>;
     /**
      * The SSH-specific rules that define how users may connect to the targets secured by your application.
      */
     ssh?: pulumi.Input<inputs.ZeroTrustAccessApplicationPolicyConnectionRulesSsh>;
 }
+export interface ZeroTrustAccessApplicationPolicyConnectionRulesRdp {
+    /**
+     * Clipboard formats allowed when copying from local machine to remote RDP session.
+     */
+    allowedClipboardLocalToRemoteFormats?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * Clipboard formats allowed when copying from remote RDP session to local machine.
+     */
+    allowedClipboardRemoteToLocalFormats?: pulumi.Input<pulumi.Input<string>[]>;
+}
 export interface ZeroTrustAccessApplicationPolicyConnectionRulesSsh {
     /**
      * Enables using Identity Provider email alias as SSH username.
@@ -10707,6 +11309,22 @@ export interface ZeroTrustAccessPolicyApprovalGroup {
      */
     emailListUuid?: pulumi.Input<string>;
 }
+export interface ZeroTrustAccessPolicyConnectionRules {
+    /**
+     * The RDP-specific rules that define clipboard behavior for RDP connections.
+     */
+    rdp?: pulumi.Input<inputs.ZeroTrustAccessPolicyConnectionRulesRdp>;
+}
+export interface ZeroTrustAccessPolicyConnectionRulesRdp {
+    /**
+     * Clipboard formats allowed when copying from local machine to remote RDP session.
+     */
+    allowedClipboardLocalToRemoteFormats?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * Clipboard formats allowed when copying from remote RDP session to local machine.
+     */
+    allowedClipboardRemoteToLocalFormats?: pulumi.Input<pulumi.Input<string>[]>;
+}
 export interface ZeroTrustAccessPolicyExclude {
     /**
      * An empty object which matches on all service tokens.
@@ -11131,6 +11749,20 @@ export interface ZeroTrustAccessPolicyIncludeServiceToken {
      */
     tokenId: pulumi.Input<string>;
 }
+export interface ZeroTrustAccessPolicyMfaConfig {
+    /**
+     * Lists the MFA methods that users can authenticate with.
+     */
+    allowedAuthenticators?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * Indicates whether to bypass MFA for this resource. This option is available at the application and policy level.
+     */
+    mfaBypass?: pulumi.Input<boolean>;
+    /**
+     * Defines the duration of an MFA session. Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). Examples:<span pulumi-lang-nodejs="`5m`" pulumi-lang-dotnet="`5m`" pulumi-lang-go="`5m`" pulumi-lang-python="`5m`" pulumi-lang-yaml="`5m`" pulumi-lang-java="`5m`">`5m`</span> or <span pulumi-lang-nodejs="`24h`" pulumi-lang-dotnet="`24h`" pulumi-lang-go="`24h`" pulumi-lang-python="`24h`" pulumi-lang-yaml="`24h`" pulumi-lang-java="`24h`">`24h`</span>.
+     */
+    sessionDuration?: pulumi.Input<string>;
+}
 export interface ZeroTrustAccessPolicyRequire {
     /**
      * An empty object which matches on all service tokens.
@@ -11722,6 +12354,31 @@ export interface ZeroTrustDevicePostureRuleMatch {
      */
     platform?: pulumi.Input<string>;
 }
+export interface ZeroTrustDexRuleTargetedTest {
+    /**
+     * The configuration object which contains the details for the WARP client to conduct the test.
+     */
+    data?: pulumi.Input<inputs.ZeroTrustDexRuleTargetedTestData>;
+    enabled?: pulumi.Input<boolean>;
+    name?: pulumi.Input<string>;
+    testId?: pulumi.Input<string>;
+}
+export interface ZeroTrustDexRuleTargetedTestData {
+    /**
+     * The desired endpoint to test.
+     */
+    host?: pulumi.Input<string>;
+    /**
+     * The type of test.
+     * Available values: "http", "traceroute".
+     */
+    kind?: pulumi.Input<string>;
+    /**
+     * The HTTP request method type.
+     * Available values: "GET".
+     */
+    method?: pulumi.Input<string>;
+}
 export interface ZeroTrustDexTestData {
     /**
      * The desired endpoint to test.
@@ -11788,19 +12445,20 @@ export interface ZeroTrustDlpCustomProfileContextAwareness {
     /**
      * If true, scan the context of predefined entries to only return matches surrounded by keywords.
      */
-    enabled: pulumi.Input<boolean>;
+    enabled?: pulumi.Input<boolean>;
     /**
      * Content types to exclude from context analysis and return all matches.
      */
-    skip: pulumi.Input<inputs.ZeroTrustDlpCustomProfileContextAwarenessSkip>;
+    skip?: pulumi.Input<inputs.ZeroTrustDlpCustomProfileContextAwarenessSkip>;
 }
 export interface ZeroTrustDlpCustomProfileContextAwarenessSkip {
     /**
      * If the content type is a file, skip context analysis and return all matches.
      */
-    files: pulumi.Input<boolean>;
+    files?: pulumi.Input<boolean>;
 }
 export interface ZeroTrustDlpCustomProfileEntry {
+    description?: pulumi.Input<string>;
     enabled: pulumi.Input<boolean>;
     entryId?: pulumi.Input<string>;
     name: pulumi.Input<string>;
@@ -12778,6 +13436,16 @@ export interface ZeroTrustOrganizationLoginDesign {
      */
     textColor?: pulumi.Input<string>;
 }
+export interface ZeroTrustOrganizationMfaConfig {
+    /**
+     * Lists the MFA methods that users can authenticate with.
+     */
+    allowedAuthenticators?: pulumi.Input<pulumi.Input<string>[]>;
+    /**
+     * Defines the duration of an MFA session. Must be in minutes (m) or hours (h). Minimum: 0m. Maximum: 720h (30 days). Examples:<span pulumi-lang-nodejs="`5m`" pulumi-lang-dotnet="`5m`" pulumi-lang-go="`5m`" pulumi-lang-python="`5m`" pulumi-lang-yaml="`5m`" pulumi-lang-java="`5m`">`5m`</span> or <span pulumi-lang-nodejs="`24h`" pulumi-lang-dotnet="`24h`" pulumi-lang-go="`24h`" pulumi-lang-python="`24h`" pulumi-lang-yaml="`24h`" pulumi-lang-java="`24h`">`24h`</span>.
+     */
+    sessionDuration?: pulumi.Input<string>;
+}
 export interface ZeroTrustRiskBehaviorBehaviors {
     enabled: pulumi.Input<boolean>;
     /**
@@ -13267,3 +13935,4 @@ export interface ZoneTenantUnit {
      */
     id?: pulumi.Input<string>;
 }
+//# sourceMappingURL=input.d.ts.map