Docs
PackagesCloudflare v5.33.1 published on Wednesday, Jun 26, 2024 by Pulumi
cloudflare.AccessGroup
Explore with Pulumi AI
Provides a Cloudflare Access Group resource. Access Groups are used in conjunction with Access Policies to restrict access to a particular resource based on group membership.
It’s required that an
account_idorzone_idis provided and in most cases using either is fine. However, if you’re using a scoped access token, you must provide the argument that matches the token’s scope. For example, an access token that is scoped to the “example.com” zone needs to use thezone_idargument.
Create AccessGroup Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new AccessGroup(name: string, args: AccessGroupArgs, opts?: CustomResourceOptions);@overload
def AccessGroup(resource_name: str,
args: AccessGroupArgs,
opts: Optional[ResourceOptions] = None)
@overload
def AccessGroup(resource_name: str,
opts: Optional[ResourceOptions] = None,
includes: Optional[Sequence[AccessGroupIncludeArgs]] = None,
name: Optional[str] = None,
account_id: Optional[str] = None,
excludes: Optional[Sequence[AccessGroupExcludeArgs]] = None,
requires: Optional[Sequence[AccessGroupRequireArgs]] = None,
zone_id: Optional[str] = None)func NewAccessGroup(ctx *Context, name string, args AccessGroupArgs, opts ...ResourceOption) (*AccessGroup, error)public AccessGroup(string name, AccessGroupArgs args, CustomResourceOptions? opts = null)
public AccessGroup(String name, AccessGroupArgs args)
public AccessGroup(String name, AccessGroupArgs args, CustomResourceOptions options)
type: cloudflare:AccessGroup
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args AccessGroupArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AccessGroupArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AccessGroupArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AccessGroupArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AccessGroupArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var accessGroupResource = new Cloudflare.AccessGroup("accessGroupResource", new()
{
Includes = new[]
{
new Cloudflare.Inputs.AccessGroupIncludeArgs
{
AnyValidServiceToken = false,
AuthContexts = new[]
{
new Cloudflare.Inputs.AccessGroupIncludeAuthContextArgs
{
AcId = "string",
Id = "string",
IdentityProviderId = "string",
},
},
AuthMethod = "string",
Azures = new[]
{
new Cloudflare.Inputs.AccessGroupIncludeAzureArgs
{
IdentityProviderId = "string",
Ids = new[]
{
"string",
},
},
},
Certificate = false,
CommonName = "string",
CommonNames = new[]
{
"string",
},
DevicePostures = new[]
{
"string",
},
EmailDomains = new[]
{
"string",
},
EmailLists = new[]
{
"string",
},
Emails = new[]
{
"string",
},
Everyone = false,
ExternalEvaluation = new Cloudflare.Inputs.AccessGroupIncludeExternalEvaluationArgs
{
EvaluateUrl = "string",
KeysUrl = "string",
},
Geos = new[]
{
"string",
},
Githubs = new[]
{
new Cloudflare.Inputs.AccessGroupIncludeGithubArgs
{
IdentityProviderId = "string",
Name = "string",
Teams = new[]
{
"string",
},
},
},
Groups = new[]
{
"string",
},
Gsuites = new[]
{
new Cloudflare.Inputs.AccessGroupIncludeGsuiteArgs
{
Emails = new[]
{
"string",
},
IdentityProviderId = "string",
},
},
IpLists = new[]
{
"string",
},
Ips = new[]
{
"string",
},
LoginMethods = new[]
{
"string",
},
Oktas = new[]
{
new Cloudflare.Inputs.AccessGroupIncludeOktaArgs
{
IdentityProviderId = "string",
Names = new[]
{
"string",
},
},
},
Samls = new[]
{
new Cloudflare.Inputs.AccessGroupIncludeSamlArgs
{
AttributeName = "string",
AttributeValue = "string",
IdentityProviderId = "string",
},
},
ServiceTokens = new[]
{
"string",
},
},
},
Name = "string",
AccountId = "string",
Excludes = new[]
{
new Cloudflare.Inputs.AccessGroupExcludeArgs
{
AnyValidServiceToken = false,
AuthContexts = new[]
{
new Cloudflare.Inputs.AccessGroupExcludeAuthContextArgs
{
AcId = "string",
Id = "string",
IdentityProviderId = "string",
},
},
AuthMethod = "string",
Azures = new[]
{
new Cloudflare.Inputs.AccessGroupExcludeAzureArgs
{
IdentityProviderId = "string",
Ids = new[]
{
"string",
},
},
},
Certificate = false,
CommonName = "string",
CommonNames = new[]
{
"string",
},
DevicePostures = new[]
{
"string",
},
EmailDomains = new[]
{
"string",
},
EmailLists = new[]
{
"string",
},
Emails = new[]
{
"string",
},
Everyone = false,
ExternalEvaluation = new Cloudflare.Inputs.AccessGroupExcludeExternalEvaluationArgs
{
EvaluateUrl = "string",
KeysUrl = "string",
},
Geos = new[]
{
"string",
},
Githubs = new[]
{
new Cloudflare.Inputs.AccessGroupExcludeGithubArgs
{
IdentityProviderId = "string",
Name = "string",
Teams = new[]
{
"string",
},
},
},
Groups = new[]
{
"string",
},
Gsuites = new[]
{
new Cloudflare.Inputs.AccessGroupExcludeGsuiteArgs
{
Emails = new[]
{
"string",
},
IdentityProviderId = "string",
},
},
IpLists = new[]
{
"string",
},
Ips = new[]
{
"string",
},
LoginMethods = new[]
{
"string",
},
Oktas = new[]
{
new Cloudflare.Inputs.AccessGroupExcludeOktaArgs
{
IdentityProviderId = "string",
Names = new[]
{
"string",
},
},
},
Samls = new[]
{
new Cloudflare.Inputs.AccessGroupExcludeSamlArgs
{
AttributeName = "string",
AttributeValue = "string",
IdentityProviderId = "string",
},
},
ServiceTokens = new[]
{
"string",
},
},
},
Requires = new[]
{
new Cloudflare.Inputs.AccessGroupRequireArgs
{
AnyValidServiceToken = false,
AuthContexts = new[]
{
new Cloudflare.Inputs.AccessGroupRequireAuthContextArgs
{
AcId = "string",
Id = "string",
IdentityProviderId = "string",
},
},
AuthMethod = "string",
Azures = new[]
{
new Cloudflare.Inputs.AccessGroupRequireAzureArgs
{
IdentityProviderId = "string",
Ids = new[]
{
"string",
},
},
},
Certificate = false,
CommonName = "string",
CommonNames = new[]
{
"string",
},
DevicePostures = new[]
{
"string",
},
EmailDomains = new[]
{
"string",
},
EmailLists = new[]
{
"string",
},
Emails = new[]
{
"string",
},
Everyone = false,
ExternalEvaluation = new Cloudflare.Inputs.AccessGroupRequireExternalEvaluationArgs
{
EvaluateUrl = "string",
KeysUrl = "string",
},
Geos = new[]
{
"string",
},
Githubs = new[]
{
new Cloudflare.Inputs.AccessGroupRequireGithubArgs
{
IdentityProviderId = "string",
Name = "string",
Teams = new[]
{
"string",
},
},
},
Groups = new[]
{
"string",
},
Gsuites = new[]
{
new Cloudflare.Inputs.AccessGroupRequireGsuiteArgs
{
Emails = new[]
{
"string",
},
IdentityProviderId = "string",
},
},
IpLists = new[]
{
"string",
},
Ips = new[]
{
"string",
},
LoginMethods = new[]
{
"string",
},
Oktas = new[]
{
new Cloudflare.Inputs.AccessGroupRequireOktaArgs
{
IdentityProviderId = "string",
Names = new[]
{
"string",
},
},
},
Samls = new[]
{
new Cloudflare.Inputs.AccessGroupRequireSamlArgs
{
AttributeName = "string",
AttributeValue = "string",
IdentityProviderId = "string",
},
},
ServiceTokens = new[]
{
"string",
},
},
},
ZoneId = "string",
});
example, err := cloudflare.NewAccessGroup(ctx, "accessGroupResource", &cloudflare.AccessGroupArgs{
Includes: cloudflare.AccessGroupIncludeArray{
&cloudflare.AccessGroupIncludeArgs{
AnyValidServiceToken: pulumi.Bool(false),
AuthContexts: cloudflare.AccessGroupIncludeAuthContextArray{
&cloudflare.AccessGroupIncludeAuthContextArgs{
AcId: pulumi.String("string"),
Id: pulumi.String("string"),
IdentityProviderId: pulumi.String("string"),
},
},
AuthMethod: pulumi.String("string"),
Azures: cloudflare.AccessGroupIncludeAzureArray{
&cloudflare.AccessGroupIncludeAzureArgs{
IdentityProviderId: pulumi.String("string"),
Ids: pulumi.StringArray{
pulumi.String("string"),
},
},
},
Certificate: pulumi.Bool(false),
CommonName: pulumi.String("string"),
CommonNames: pulumi.StringArray{
pulumi.String("string"),
},
DevicePostures: pulumi.StringArray{
pulumi.String("string"),
},
EmailDomains: pulumi.StringArray{
pulumi.String("string"),
},
EmailLists: pulumi.StringArray{
pulumi.String("string"),
},
Emails: pulumi.StringArray{
pulumi.String("string"),
},
Everyone: pulumi.Bool(false),
ExternalEvaluation: &cloudflare.AccessGroupIncludeExternalEvaluationArgs{
EvaluateUrl: pulumi.String("string"),
KeysUrl: pulumi.String("string"),
},
Geos: pulumi.StringArray{
pulumi.String("string"),
},
Githubs: cloudflare.AccessGroupIncludeGithubArray{
&cloudflare.AccessGroupIncludeGithubArgs{
IdentityProviderId: pulumi.String("string"),
Name: pulumi.String("string"),
Teams: pulumi.StringArray{
pulumi.String("string"),
},
},
},
Groups: pulumi.StringArray{
pulumi.String("string"),
},
Gsuites: cloudflare.AccessGroupIncludeGsuiteArray{
&cloudflare.AccessGroupIncludeGsuiteArgs{
Emails: pulumi.StringArray{
pulumi.String("string"),
},
IdentityProviderId: pulumi.String("string"),
},
},
IpLists: pulumi.StringArray{
pulumi.String("string"),
},
Ips: pulumi.StringArray{
pulumi.String("string"),
},
LoginMethods: pulumi.StringArray{
pulumi.String("string"),
},
Oktas: cloudflare.AccessGroupIncludeOktaArray{
&cloudflare.AccessGroupIncludeOktaArgs{
IdentityProviderId: pulumi.String("string"),
Names: pulumi.StringArray{
pulumi.String("string"),
},
},
},
Samls: cloudflare.AccessGroupIncludeSamlArray{
&cloudflare.AccessGroupIncludeSamlArgs{
AttributeName: pulumi.String("string"),
AttributeValue: pulumi.String("string"),
IdentityProviderId: pulumi.String("string"),
},
},
ServiceTokens: pulumi.StringArray{
pulumi.String("string"),
},
},
},
Name: pulumi.String("string"),
AccountId: pulumi.String("string"),
Excludes: cloudflare.AccessGroupExcludeArray{
&cloudflare.AccessGroupExcludeArgs{
AnyValidServiceToken: pulumi.Bool(false),
AuthContexts: cloudflare.AccessGroupExcludeAuthContextArray{
&cloudflare.AccessGroupExcludeAuthContextArgs{
AcId: pulumi.String("string"),
Id: pulumi.String("string"),
IdentityProviderId: pulumi.String("string"),
},
},
AuthMethod: pulumi.String("string"),
Azures: cloudflare.AccessGroupExcludeAzureArray{
&cloudflare.AccessGroupExcludeAzureArgs{
IdentityProviderId: pulumi.String("string"),
Ids: pulumi.StringArray{
pulumi.String("string"),
},
},
},
Certificate: pulumi.Bool(false),
CommonName: pulumi.String("string"),
CommonNames: pulumi.StringArray{
pulumi.String("string"),
},
DevicePostures: pulumi.StringArray{
pulumi.String("string"),
},
EmailDomains: pulumi.StringArray{
pulumi.String("string"),
},
EmailLists: pulumi.StringArray{
pulumi.String("string"),
},
Emails: pulumi.StringArray{
pulumi.String("string"),
},
Everyone: pulumi.Bool(false),
ExternalEvaluation: &cloudflare.AccessGroupExcludeExternalEvaluationArgs{
EvaluateUrl: pulumi.String("string"),
KeysUrl: pulumi.String("string"),
},
Geos: pulumi.StringArray{
pulumi.String("string"),
},
Githubs: cloudflare.AccessGroupExcludeGithubArray{
&cloudflare.AccessGroupExcludeGithubArgs{
IdentityProviderId: pulumi.String("string"),
Name: pulumi.String("string"),
Teams: pulumi.StringArray{
pulumi.String("string"),
},
},
},
Groups: pulumi.StringArray{
pulumi.String("string"),
},
Gsuites: cloudflare.AccessGroupExcludeGsuiteArray{
&cloudflare.AccessGroupExcludeGsuiteArgs{
Emails: pulumi.StringArray{
pulumi.String("string"),
},
IdentityProviderId: pulumi.String("string"),
},
},
IpLists: pulumi.StringArray{
pulumi.String("string"),
},
Ips: pulumi.StringArray{
pulumi.String("string"),
},
LoginMethods: pulumi.StringArray{
pulumi.String("string"),
},
Oktas: cloudflare.AccessGroupExcludeOktaArray{
&cloudflare.AccessGroupExcludeOktaArgs{
IdentityProviderId: pulumi.String("string"),
Names: pulumi.StringArray{
pulumi.String("string"),
},
},
},
Samls: cloudflare.AccessGroupExcludeSamlArray{
&cloudflare.AccessGroupExcludeSamlArgs{
AttributeName: pulumi.String("string"),
AttributeValue: pulumi.String("string"),
IdentityProviderId: pulumi.String("string"),
},
},
ServiceTokens: pulumi.StringArray{
pulumi.String("string"),
},
},
},
Requires: cloudflare.AccessGroupRequireArray{
&cloudflare.AccessGroupRequireArgs{
AnyValidServiceToken: pulumi.Bool(false),
AuthContexts: cloudflare.AccessGroupRequireAuthContextArray{
&cloudflare.AccessGroupRequireAuthContextArgs{
AcId: pulumi.String("string"),
Id: pulumi.String("string"),
IdentityProviderId: pulumi.String("string"),
},
},
AuthMethod: pulumi.String("string"),
Azures: cloudflare.AccessGroupRequireAzureArray{
&cloudflare.AccessGroupRequireAzureArgs{
IdentityProviderId: pulumi.String("string"),
Ids: pulumi.StringArray{
pulumi.String("string"),
},
},
},
Certificate: pulumi.Bool(false),
CommonName: pulumi.String("string"),
CommonNames: pulumi.StringArray{
pulumi.String("string"),
},
DevicePostures: pulumi.StringArray{
pulumi.String("string"),
},
EmailDomains: pulumi.StringArray{
pulumi.String("string"),
},
EmailLists: pulumi.StringArray{
pulumi.String("string"),
},
Emails: pulumi.StringArray{
pulumi.String("string"),
},
Everyone: pulumi.Bool(false),
ExternalEvaluation: &cloudflare.AccessGroupRequireExternalEvaluationArgs{
EvaluateUrl: pulumi.String("string"),
KeysUrl: pulumi.String("string"),
},
Geos: pulumi.StringArray{
pulumi.String("string"),
},
Githubs: cloudflare.AccessGroupRequireGithubArray{
&cloudflare.AccessGroupRequireGithubArgs{
IdentityProviderId: pulumi.String("string"),
Name: pulumi.String("string"),
Teams: pulumi.StringArray{
pulumi.String("string"),
},
},
},
Groups: pulumi.StringArray{
pulumi.String("string"),
},
Gsuites: cloudflare.AccessGroupRequireGsuiteArray{
&cloudflare.AccessGroupRequireGsuiteArgs{
Emails: pulumi.StringArray{
pulumi.String("string"),
},
IdentityProviderId: pulumi.String("string"),
},
},
IpLists: pulumi.StringArray{
pulumi.String("string"),
},
Ips: pulumi.StringArray{
pulumi.String("string"),
},
LoginMethods: pulumi.StringArray{
pulumi.String("string"),
},
Oktas: cloudflare.AccessGroupRequireOktaArray{
&cloudflare.AccessGroupRequireOktaArgs{
IdentityProviderId: pulumi.String("string"),
Names: pulumi.StringArray{
pulumi.String("string"),
},
},
},
Samls: cloudflare.AccessGroupRequireSamlArray{
&cloudflare.AccessGroupRequireSamlArgs{
AttributeName: pulumi.String("string"),
AttributeValue: pulumi.String("string"),
IdentityProviderId: pulumi.String("string"),
},
},
ServiceTokens: pulumi.StringArray{
pulumi.String("string"),
},
},
},
ZoneId: pulumi.String("string"),
})
var accessGroupResource = new AccessGroup("accessGroupResource", AccessGroupArgs.builder()
.includes(AccessGroupIncludeArgs.builder()
.anyValidServiceToken(false)
.authContexts(AccessGroupIncludeAuthContextArgs.builder()
.acId("string")
.id("string")
.identityProviderId("string")
.build())
.authMethod("string")
.azures(AccessGroupIncludeAzureArgs.builder()
.identityProviderId("string")
.ids("string")
.build())
.certificate(false)
.commonName("string")
.commonNames("string")
.devicePostures("string")
.emailDomains("string")
.emailLists("string")
.emails("string")
.everyone(false)
.externalEvaluation(AccessGroupIncludeExternalEvaluationArgs.builder()
.evaluateUrl("string")
.keysUrl("string")
.build())
.geos("string")
.githubs(AccessGroupIncludeGithubArgs.builder()
.identityProviderId("string")
.name("string")
.teams("string")
.build())
.groups("string")
.gsuites(AccessGroupIncludeGsuiteArgs.builder()
.emails("string")
.identityProviderId("string")
.build())
.ipLists("string")
.ips("string")
.loginMethods("string")
.oktas(AccessGroupIncludeOktaArgs.builder()
.identityProviderId("string")
.names("string")
.build())
.samls(AccessGroupIncludeSamlArgs.builder()
.attributeName("string")
.attributeValue("string")
.identityProviderId("string")
.build())
.serviceTokens("string")
.build())
.name("string")
.accountId("string")
.excludes(AccessGroupExcludeArgs.builder()
.anyValidServiceToken(false)
.authContexts(AccessGroupExcludeAuthContextArgs.builder()
.acId("string")
.id("string")
.identityProviderId("string")
.build())
.authMethod("string")
.azures(AccessGroupExcludeAzureArgs.builder()
.identityProviderId("string")
.ids("string")
.build())
.certificate(false)
.commonName("string")
.commonNames("string")
.devicePostures("string")
.emailDomains("string")
.emailLists("string")
.emails("string")
.everyone(false)
.externalEvaluation(AccessGroupExcludeExternalEvaluationArgs.builder()
.evaluateUrl("string")
.keysUrl("string")
.build())
.geos("string")
.githubs(AccessGroupExcludeGithubArgs.builder()
.identityProviderId("string")
.name("string")
.teams("string")
.build())
.groups("string")
.gsuites(AccessGroupExcludeGsuiteArgs.builder()
.emails("string")
.identityProviderId("string")
.build())
.ipLists("string")
.ips("string")
.loginMethods("string")
.oktas(AccessGroupExcludeOktaArgs.builder()
.identityProviderId("string")
.names("string")
.build())
.samls(AccessGroupExcludeSamlArgs.builder()
.attributeName("string")
.attributeValue("string")
.identityProviderId("string")
.build())
.serviceTokens("string")
.build())
.requires(AccessGroupRequireArgs.builder()
.anyValidServiceToken(false)
.authContexts(AccessGroupRequireAuthContextArgs.builder()
.acId("string")
.id("string")
.identityProviderId("string")
.build())
.authMethod("string")
.azures(AccessGroupRequireAzureArgs.builder()
.identityProviderId("string")
.ids("string")
.build())
.certificate(false)
.commonName("string")
.commonNames("string")
.devicePostures("string")
.emailDomains("string")
.emailLists("string")
.emails("string")
.everyone(false)
.externalEvaluation(AccessGroupRequireExternalEvaluationArgs.builder()
.evaluateUrl("string")
.keysUrl("string")
.build())
.geos("string")
.githubs(AccessGroupRequireGithubArgs.builder()
.identityProviderId("string")
.name("string")
.teams("string")
.build())
.groups("string")
.gsuites(AccessGroupRequireGsuiteArgs.builder()
.emails("string")
.identityProviderId("string")
.build())
.ipLists("string")
.ips("string")
.loginMethods("string")
.oktas(AccessGroupRequireOktaArgs.builder()
.identityProviderId("string")
.names("string")
.build())
.samls(AccessGroupRequireSamlArgs.builder()
.attributeName("string")
.attributeValue("string")
.identityProviderId("string")
.build())
.serviceTokens("string")
.build())
.zoneId("string")
.build());
access_group_resource = cloudflare.AccessGroup("accessGroupResource",
includes=[cloudflare.AccessGroupIncludeArgs(
any_valid_service_token=False,
auth_contexts=[cloudflare.AccessGroupIncludeAuthContextArgs(
ac_id="string",
id="string",
identity_provider_id="string",
)],
auth_method="string",
azures=[cloudflare.AccessGroupIncludeAzureArgs(
identity_provider_id="string",
ids=["string"],
)],
certificate=False,
common_name="string",
common_names=["string"],
device_postures=["string"],
email_domains=["string"],
email_lists=["string"],
emails=["string"],
everyone=False,
external_evaluation=cloudflare.AccessGroupIncludeExternalEvaluationArgs(
evaluate_url="string",
keys_url="string",
),
geos=["string"],
githubs=[cloudflare.AccessGroupIncludeGithubArgs(
identity_provider_id="string",
name="string",
teams=["string"],
)],
groups=["string"],
gsuites=[cloudflare.AccessGroupIncludeGsuiteArgs(
emails=["string"],
identity_provider_id="string",
)],
ip_lists=["string"],
ips=["string"],
login_methods=["string"],
oktas=[cloudflare.AccessGroupIncludeOktaArgs(
identity_provider_id="string",
names=["string"],
)],
samls=[cloudflare.AccessGroupIncludeSamlArgs(
attribute_name="string",
attribute_value="string",
identity_provider_id="string",
)],
service_tokens=["string"],
)],
name="string",
account_id="string",
excludes=[cloudflare.AccessGroupExcludeArgs(
any_valid_service_token=False,
auth_contexts=[cloudflare.AccessGroupExcludeAuthContextArgs(
ac_id="string",
id="string",
identity_provider_id="string",
)],
auth_method="string",
azures=[cloudflare.AccessGroupExcludeAzureArgs(
identity_provider_id="string",
ids=["string"],
)],
certificate=False,
common_name="string",
common_names=["string"],
device_postures=["string"],
email_domains=["string"],
email_lists=["string"],
emails=["string"],
everyone=False,
external_evaluation=cloudflare.AccessGroupExcludeExternalEvaluationArgs(
evaluate_url="string",
keys_url="string",
),
geos=["string"],
githubs=[cloudflare.AccessGroupExcludeGithubArgs(
identity_provider_id="string",
name="string",
teams=["string"],
)],
groups=["string"],
gsuites=[cloudflare.AccessGroupExcludeGsuiteArgs(
emails=["string"],
identity_provider_id="string",
)],
ip_lists=["string"],
ips=["string"],
login_methods=["string"],
oktas=[cloudflare.AccessGroupExcludeOktaArgs(
identity_provider_id="string",
names=["string"],
)],
samls=[cloudflare.AccessGroupExcludeSamlArgs(
attribute_name="string",
attribute_value="string",
identity_provider_id="string",
)],
service_tokens=["string"],
)],
requires=[cloudflare.AccessGroupRequireArgs(
any_valid_service_token=False,
auth_contexts=[cloudflare.AccessGroupRequireAuthContextArgs(
ac_id="string",
id="string",
identity_provider_id="string",
)],
auth_method="string",
azures=[cloudflare.AccessGroupRequireAzureArgs(
identity_provider_id="string",
ids=["string"],
)],
certificate=False,
common_name="string",
common_names=["string"],
device_postures=["string"],
email_domains=["string"],
email_lists=["string"],
emails=["string"],
everyone=False,
external_evaluation=cloudflare.AccessGroupRequireExternalEvaluationArgs(
evaluate_url="string",
keys_url="string",
),
geos=["string"],
githubs=[cloudflare.AccessGroupRequireGithubArgs(
identity_provider_id="string",
name="string",
teams=["string"],
)],
groups=["string"],
gsuites=[cloudflare.AccessGroupRequireGsuiteArgs(
emails=["string"],
identity_provider_id="string",
)],
ip_lists=["string"],
ips=["string"],
login_methods=["string"],
oktas=[cloudflare.AccessGroupRequireOktaArgs(
identity_provider_id="string",
names=["string"],
)],
samls=[cloudflare.AccessGroupRequireSamlArgs(
attribute_name="string",
attribute_value="string",
identity_provider_id="string",
)],
service_tokens=["string"],
)],
zone_id="string")
const accessGroupResource = new cloudflare.AccessGroup("accessGroupResource", {
includes: [{
anyValidServiceToken: false,
authContexts: [{
acId: "string",
id: "string",
identityProviderId: "string",
}],
authMethod: "string",
azures: [{
identityProviderId: "string",
ids: ["string"],
}],
certificate: false,
commonName: "string",
commonNames: ["string"],
devicePostures: ["string"],
emailDomains: ["string"],
emailLists: ["string"],
emails: ["string"],
everyone: false,
externalEvaluation: {
evaluateUrl: "string",
keysUrl: "string",
},
geos: ["string"],
githubs: [{
identityProviderId: "string",
name: "string",
teams: ["string"],
}],
groups: ["string"],
gsuites: [{
emails: ["string"],
identityProviderId: "string",
}],
ipLists: ["string"],
ips: ["string"],
loginMethods: ["string"],
oktas: [{
identityProviderId: "string",
names: ["string"],
}],
samls: [{
attributeName: "string",
attributeValue: "string",
identityProviderId: "string",
}],
serviceTokens: ["string"],
}],
name: "string",
accountId: "string",
excludes: [{
anyValidServiceToken: false,
authContexts: [{
acId: "string",
id: "string",
identityProviderId: "string",
}],
authMethod: "string",
azures: [{
identityProviderId: "string",
ids: ["string"],
}],
certificate: false,
commonName: "string",
commonNames: ["string"],
devicePostures: ["string"],
emailDomains: ["string"],
emailLists: ["string"],
emails: ["string"],
everyone: false,
externalEvaluation: {
evaluateUrl: "string",
keysUrl: "string",
},
geos: ["string"],
githubs: [{
identityProviderId: "string",
name: "string",
teams: ["string"],
}],
groups: ["string"],
gsuites: [{
emails: ["string"],
identityProviderId: "string",
}],
ipLists: ["string"],
ips: ["string"],
loginMethods: ["string"],
oktas: [{
identityProviderId: "string",
names: ["string"],
}],
samls: [{
attributeName: "string",
attributeValue: "string",
identityProviderId: "string",
}],
serviceTokens: ["string"],
}],
requires: [{
anyValidServiceToken: false,
authContexts: [{
acId: "string",
id: "string",
identityProviderId: "string",
}],
authMethod: "string",
azures: [{
identityProviderId: "string",
ids: ["string"],
}],
certificate: false,
commonName: "string",
commonNames: ["string"],
devicePostures: ["string"],
emailDomains: ["string"],
emailLists: ["string"],
emails: ["string"],
everyone: false,
externalEvaluation: {
evaluateUrl: "string",
keysUrl: "string",
},
geos: ["string"],
githubs: [{
identityProviderId: "string",
name: "string",
teams: ["string"],
}],
groups: ["string"],
gsuites: [{
emails: ["string"],
identityProviderId: "string",
}],
ipLists: ["string"],
ips: ["string"],
loginMethods: ["string"],
oktas: [{
identityProviderId: "string",
names: ["string"],
}],
samls: [{
attributeName: "string",
attributeValue: "string",
identityProviderId: "string",
}],
serviceTokens: ["string"],
}],
zoneId: "string",
});
type: cloudflare:AccessGroup
properties:
accountId: string
excludes:
- anyValidServiceToken: false
authContexts:
- acId: string
id: string
identityProviderId: string
authMethod: string
azures:
- identityProviderId: string
ids:
- string
certificate: false
commonName: string
commonNames:
- string
devicePostures:
- string
emailDomains:
- string
emailLists:
- string
emails:
- string
everyone: false
externalEvaluation:
evaluateUrl: string
keysUrl: string
geos:
- string
githubs:
- identityProviderId: string
name: string
teams:
- string
groups:
- string
gsuites:
- emails:
- string
identityProviderId: string
ipLists:
- string
ips:
- string
loginMethods:
- string
oktas:
- identityProviderId: string
names:
- string
samls:
- attributeName: string
attributeValue: string
identityProviderId: string
serviceTokens:
- string
includes:
- anyValidServiceToken: false
authContexts:
- acId: string
id: string
identityProviderId: string
authMethod: string
azures:
- identityProviderId: string
ids:
- string
certificate: false
commonName: string
commonNames:
- string
devicePostures:
- string
emailDomains:
- string
emailLists:
- string
emails:
- string
everyone: false
externalEvaluation:
evaluateUrl: string
keysUrl: string
geos:
- string
githubs:
- identityProviderId: string
name: string
teams:
- string
groups:
- string
gsuites:
- emails:
- string
identityProviderId: string
ipLists:
- string
ips:
- string
loginMethods:
- string
oktas:
- identityProviderId: string
names:
- string
samls:
- attributeName: string
attributeValue: string
identityProviderId: string
serviceTokens:
- string
name: string
requires:
- anyValidServiceToken: false
authContexts:
- acId: string
id: string
identityProviderId: string
authMethod: string
azures:
- identityProviderId: string
ids:
- string
certificate: false
commonName: string
commonNames:
- string
devicePostures:
- string
emailDomains:
- string
emailLists:
- string
emails:
- string
everyone: false
externalEvaluation:
evaluateUrl: string
keysUrl: string
geos:
- string
githubs:
- identityProviderId: string
name: string
teams:
- string
groups:
- string
gsuites:
- emails:
- string
identityProviderId: string
ipLists:
- string
ips:
- string
loginMethods:
- string
oktas:
- identityProviderId: string
names:
- string
samls:
- attributeName: string
attributeValue: string
identityProviderId: string
serviceTokens:
- string
zoneId: string
AccessGroup Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The AccessGroup resource accepts the following input properties:
- Includes
List<Access
Group Include> - Name string
- Account
Id string - The account identifier to target for the resource. Conflicts with
zone_id. Modifying this attribute will force creation of a new resource. - Excludes
List<Access
Group Exclude> - Requires
List<Access
Group Require> - Zone
Id string - The zone identifier to target for the resource. Conflicts with
account_id.
- Includes
[]Access
Group Include Args - Name string
- Account
Id string - The account identifier to target for the resource. Conflicts with
zone_id. Modifying this attribute will force creation of a new resource. - Excludes
[]Access
Group Exclude Args - Requires
[]Access
Group Require Args - Zone
Id string - The zone identifier to target for the resource. Conflicts with
account_id.
- includes
List<Access
Group Include> - name String
- account
Id String - The account identifier to target for the resource. Conflicts with
zone_id. Modifying this attribute will force creation of a new resource. - excludes
List<Access
Group Exclude> - requires
List<Access
Group Require> - zone
Id String - The zone identifier to target for the resource. Conflicts with
account_id.
- includes
Access
Group Include[] - name string
- account
Id string - The account identifier to target for the resource. Conflicts with
zone_id. Modifying this attribute will force creation of a new resource. - excludes
Access
Group Exclude[] - requires
Access
Group Require[] - zone
Id string - The zone identifier to target for the resource. Conflicts with
account_id.
- includes
Sequence[Access
Group Include Args] - name str
- account_
id str - The account identifier to target for the resource. Conflicts with
zone_id. Modifying this attribute will force creation of a new resource. - excludes
Sequence[Access
Group Exclude Args] - requires
Sequence[Access
Group Require Args] - zone_
id str - The zone identifier to target for the resource. Conflicts with
account_id.
- includes List<Property Map>
- name String
- account
Id String - The account identifier to target for the resource. Conflicts with
zone_id. Modifying this attribute will force creation of a new resource. - excludes List<Property Map>
- requires List<Property Map>
- zone
Id String - The zone identifier to target for the resource. Conflicts with
account_id.
Outputs
All input properties are implicitly available as output properties. Additionally, the AccessGroup resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing AccessGroup Resource
Get an existing AccessGroup resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AccessGroupState, opts?: CustomResourceOptions): AccessGroup@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
excludes: Optional[Sequence[AccessGroupExcludeArgs]] = None,
includes: Optional[Sequence[AccessGroupIncludeArgs]] = None,
name: Optional[str] = None,
requires: Optional[Sequence[AccessGroupRequireArgs]] = None,
zone_id: Optional[str] = None) -> AccessGroupfunc GetAccessGroup(ctx *Context, name string, id IDInput, state *AccessGroupState, opts ...ResourceOption) (*AccessGroup, error)public static AccessGroup Get(string name, Input<string> id, AccessGroupState? state, CustomResourceOptions? opts = null)public static AccessGroup get(String name, Output<String> id, AccessGroupState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Account
Id string - The account identifier to target for the resource. Conflicts with
zone_id. Modifying this attribute will force creation of a new resource. - Excludes
List<Access
Group Exclude> - Includes
List<Access
Group Include> - Name string
- Requires
List<Access
Group Require> - Zone
Id string - The zone identifier to target for the resource. Conflicts with
account_id.
- Account
Id string - The account identifier to target for the resource. Conflicts with
zone_id. Modifying this attribute will force creation of a new resource. - Excludes
[]Access
Group Exclude Args - Includes
[]Access
Group Include Args - Name string
- Requires
[]Access
Group Require Args - Zone
Id string - The zone identifier to target for the resource. Conflicts with
account_id.
- account
Id String - The account identifier to target for the resource. Conflicts with
zone_id. Modifying this attribute will force creation of a new resource. - excludes
List<Access
Group Exclude> - includes
List<Access
Group Include> - name String
- requires
List<Access
Group Require> - zone
Id String - The zone identifier to target for the resource. Conflicts with
account_id.
- account
Id string - The account identifier to target for the resource. Conflicts with
zone_id. Modifying this attribute will force creation of a new resource. - excludes
Access
Group Exclude[] - includes
Access
Group Include[] - name string
- requires
Access
Group Require[] - zone
Id string - The zone identifier to target for the resource. Conflicts with
account_id.
- account_
id str - The account identifier to target for the resource. Conflicts with
zone_id. Modifying this attribute will force creation of a new resource. - excludes
Sequence[Access
Group Exclude Args] - includes
Sequence[Access
Group Include Args] - name str
- requires
Sequence[Access
Group Require Args] - zone_
id str - The zone identifier to target for the resource. Conflicts with
account_id.
- account
Id String - The account identifier to target for the resource. Conflicts with
zone_id. Modifying this attribute will force creation of a new resource. - excludes List<Property Map>
- includes List<Property Map>
- name String
- requires List<Property Map>
- zone
Id String - The zone identifier to target for the resource. Conflicts with
account_id.
Supporting Types
AccessGroupExclude, AccessGroupExcludeArgs
- Any
Valid boolService Token - Auth
Contexts List<AccessGroup Exclude Auth Context> - Auth
Method string - Azures
List<Access
Group Exclude Azure> - Certificate bool
- Common
Name string - Common
Names List<string> - Overflow field if you need to have multiple commonname rules in a single policy. Use in place of the singular commonname field.
- Device
Postures List<string> - Email
Domains List<string> - Email
Lists List<string> - Emails List<string>
- Everyone bool
- External
Evaluation AccessGroup Exclude External Evaluation - Geos List<string>
- Githubs
List<Access
Group Exclude Github> - Groups List<string>
- Gsuites
List<Access
Group Exclude Gsuite> - Ip
Lists List<string> - The ID of an existing IP list to reference.
- Ips List<string>
- An IPv4 or IPv6 CIDR block.
- Login
Methods List<string> - Oktas
List<Access
Group Exclude Okta> - Samls
List<Access
Group Exclude Saml> - Service
Tokens List<string>
- Any
Valid boolService Token - Auth
Contexts []AccessGroup Exclude Auth Context - Auth
Method string - Azures
[]Access
Group Exclude Azure - Certificate bool
- Common
Name string - Common
Names []string - Overflow field if you need to have multiple commonname rules in a single policy. Use in place of the singular commonname field.
- Device
Postures []string - Email
Domains []string - Email
Lists []string - Emails []string
- Everyone bool
- External
Evaluation AccessGroup Exclude External Evaluation - Geos []string
- Githubs
[]Access
Group Exclude Github - Groups []string
- Gsuites
[]Access
Group Exclude Gsuite - Ip
Lists []string - The ID of an existing IP list to reference.
- Ips []string
- An IPv4 or IPv6 CIDR block.
- Login
Methods []string - Oktas
[]Access
Group Exclude Okta - Samls
[]Access
Group Exclude Saml - Service
Tokens []string
- any
Valid BooleanService Token - auth
Contexts List<AccessGroup Exclude Auth Context> - auth
Method String - azures
List<Access
Group Exclude Azure> - certificate Boolean
- common
Name String - common
Names List<String> - Overflow field if you need to have multiple commonname rules in a single policy. Use in place of the singular commonname field.
- device
Postures List<String> - email
Domains List<String> - email
Lists List<String> - emails List<String>
- everyone Boolean
- external
Evaluation AccessGroup Exclude External Evaluation - geos List<String>
- githubs
List<Access
Group Exclude Github> - groups List<String>
- gsuites
List<Access
Group Exclude Gsuite> - ip
Lists List<String> - The ID of an existing IP list to reference.
- ips List<String>
- An IPv4 or IPv6 CIDR block.
- login
Methods List<String> - oktas
List<Access
Group Exclude Okta> - samls
List<Access
Group Exclude Saml> - service
Tokens List<String>
- any
Valid booleanService Token - auth
Contexts AccessGroup Exclude Auth Context[] - auth
Method string - azures
Access
Group Exclude Azure[] - certificate boolean
- common
Name string - common
Names string[] - Overflow field if you need to have multiple commonname rules in a single policy. Use in place of the singular commonname field.
- device
Postures string[] - email
Domains string[] - email
Lists string[] - emails string[]
- everyone boolean
- external
Evaluation AccessGroup Exclude External Evaluation - geos string[]
- githubs
Access
Group Exclude Github[] - groups string[]
- gsuites
Access
Group Exclude Gsuite[] - ip
Lists string[] - The ID of an existing IP list to reference.
- ips string[]
- An IPv4 or IPv6 CIDR block.
- login
Methods string[] - oktas
Access
Group Exclude Okta[] - samls
Access
Group Exclude Saml[] - service
Tokens string[]
- any_
valid_ boolservice_ token - auth_
contexts Sequence[AccessGroup Exclude Auth Context] - auth_
method str - azures
Sequence[Access
Group Exclude Azure] - certificate bool
- common_
name str - common_
names Sequence[str] - Overflow field if you need to have multiple commonname rules in a single policy. Use in place of the singular commonname field.
- device_
postures Sequence[str] - email_
domains Sequence[str] - email_
lists Sequence[str] - emails Sequence[str]
- everyone bool
- external_
evaluation AccessGroup Exclude External Evaluation - geos Sequence[str]
- githubs
Sequence[Access
Group Exclude Github] - groups Sequence[str]
- gsuites
Sequence[Access
Group Exclude Gsuite] - ip_
lists Sequence[str] - The ID of an existing IP list to reference.
- ips Sequence[str]
- An IPv4 or IPv6 CIDR block.
- login_
methods Sequence[str] - oktas
Sequence[Access
Group Exclude Okta] - samls
Sequence[Access
Group Exclude Saml] - service_
tokens Sequence[str]
- any
Valid BooleanService Token - auth
Contexts List<Property Map> - auth
Method String - azures List<Property Map>
- certificate Boolean
- common
Name String - common
Names List<String> - Overflow field if you need to have multiple commonname rules in a single policy. Use in place of the singular commonname field.
- device
Postures List<String> - email
Domains List<String> - email
Lists List<String> - emails List<String>
- everyone Boolean
- external
Evaluation Property Map - geos List<String>
- githubs List<Property Map>
- groups List<String>
- gsuites List<Property Map>
- ip
Lists List<String> - The ID of an existing IP list to reference.
- ips List<String>
- An IPv4 or IPv6 CIDR block.
- login
Methods List<String> - oktas List<Property Map>
- samls List<Property Map>
- service
Tokens List<String>
AccessGroupExcludeAuthContext, AccessGroupExcludeAuthContextArgs
- Ac
Id string - The ACID of the Authentication Context.
- Id string
- The ID of the Authentication Context.
- Identity
Provider stringId - The ID of the Azure Identity provider.
- Ac
Id string - The ACID of the Authentication Context.
- Id string
- The ID of the Authentication Context.
- Identity
Provider stringId - The ID of the Azure Identity provider.
- ac
Id String - The ACID of the Authentication Context.
- id String
- The ID of the Authentication Context.
- identity
Provider StringId - The ID of the Azure Identity provider.
- ac
Id string - The ACID of the Authentication Context.
- id string
- The ID of the Authentication Context.
- identity
Provider stringId - The ID of the Azure Identity provider.
- ac_
id str - The ACID of the Authentication Context.
- id str
- The ID of the Authentication Context.
- identity_
provider_ strid - The ID of the Azure Identity provider.
- ac
Id String - The ACID of the Authentication Context.
- id String
- The ID of the Authentication Context.
- identity
Provider StringId - The ID of the Azure Identity provider.
AccessGroupExcludeAzure, AccessGroupExcludeAzureArgs
- Identity
Provider stringId - The ID of the Azure Identity provider.
- Ids List<string>
- The ID of the Azure group or user.
- Identity
Provider stringId - The ID of the Azure Identity provider.
- Ids []string
- The ID of the Azure group or user.
- identity
Provider StringId - The ID of the Azure Identity provider.
- ids List<String>
- The ID of the Azure group or user.
- identity
Provider stringId - The ID of the Azure Identity provider.
- ids string[]
- The ID of the Azure group or user.
- identity_
provider_ strid - The ID of the Azure Identity provider.
- ids Sequence[str]
- The ID of the Azure group or user.
- identity
Provider StringId - The ID of the Azure Identity provider.
- ids List<String>
- The ID of the Azure group or user.
AccessGroupExcludeExternalEvaluation, AccessGroupExcludeExternalEvaluationArgs
- Evaluate
Url string - Keys
Url string
- Evaluate
Url string - Keys
Url string
- evaluate
Url String - keys
Url String
- evaluate
Url string - keys
Url string
- evaluate_
url str - keys_
url str
- evaluate
Url String - keys
Url String
AccessGroupExcludeGithub, AccessGroupExcludeGithubArgs
- Identity
Provider stringId - Name string
- Teams List<string>
- Identity
Provider stringId - Name string
- Teams []string
- identity
Provider StringId - name String
- teams List<String>
- identity
Provider stringId - name string
- teams string[]
- identity_
provider_ strid - name str
- teams Sequence[str]
- identity
Provider StringId - name String
- teams List<String>
AccessGroupExcludeGsuite, AccessGroupExcludeGsuiteArgs
- Emails List<string>
- Identity
Provider stringId
- Emails []string
- Identity
Provider stringId
- emails List<String>
- identity
Provider StringId
- emails string[]
- identity
Provider stringId
- emails Sequence[str]
- identity_
provider_ strid
- emails List<String>
- identity
Provider StringId
AccessGroupExcludeOkta, AccessGroupExcludeOktaArgs
- Identity
Provider stringId - Names List<string>
- Identity
Provider stringId - Names []string
- identity
Provider StringId - names List<String>
- identity
Provider stringId - names string[]
- identity_
provider_ strid - names Sequence[str]
- identity
Provider StringId - names List<String>
AccessGroupExcludeSaml, AccessGroupExcludeSamlArgs
- Attribute
Name string - Attribute
Value string - Identity
Provider stringId
- Attribute
Name string - Attribute
Value string - Identity
Provider stringId
- attribute
Name String - attribute
Value String - identity
Provider StringId
- attribute
Name string - attribute
Value string - identity
Provider stringId
- attribute
Name String - attribute
Value String - identity
Provider StringId
AccessGroupInclude, AccessGroupIncludeArgs
- Any
Valid boolService Token - Auth
Contexts List<AccessGroup Include Auth Context> - Auth
Method string - Azures
List<Access
Group Include Azure> - Certificate bool
- Common
Name string - Common
Names List<string> - Overflow field if you need to have multiple commonname rules in a single policy. Use in place of the singular commonname field.
- Device
Postures List<string> - Email
Domains List<string> - Email
Lists List<string> - Emails List<string>
- Everyone bool
- External
Evaluation AccessGroup Include External Evaluation - Geos List<string>
- Githubs
List<Access
Group Include Github> - Groups List<string>
- Gsuites
List<Access
Group Include Gsuite> - Ip
Lists List<string> - The ID of an existing IP list to reference.
- Ips List<string>
- An IPv4 or IPv6 CIDR block.
- Login
Methods List<string> - Oktas
List<Access
Group Include Okta> - Samls
List<Access
Group Include Saml> - Service
Tokens List<string>
- Any
Valid boolService Token - Auth
Contexts []AccessGroup Include Auth Context - Auth
Method string - Azures
[]Access
Group Include Azure - Certificate bool
- Common
Name string - Common
Names []string - Overflow field if you need to have multiple commonname rules in a single policy. Use in place of the singular commonname field.
- Device
Postures []string - Email
Domains []string - Email
Lists []string - Emails []string
- Everyone bool
- External
Evaluation AccessGroup Include External Evaluation - Geos []string
- Githubs
[]Access
Group Include Github - Groups []string
- Gsuites
[]Access
Group Include Gsuite - Ip
Lists []string - The ID of an existing IP list to reference.
- Ips []string
- An IPv4 or IPv6 CIDR block.
- Login
Methods []string - Oktas
[]Access
Group Include Okta - Samls
[]Access
Group Include Saml - Service
Tokens []string
- any
Valid BooleanService Token - auth
Contexts List<AccessGroup Include Auth Context> - auth
Method String - azures
List<Access
Group Include Azure> - certificate Boolean
- common
Name String - common
Names List<String> - Overflow field if you need to have multiple commonname rules in a single policy. Use in place of the singular commonname field.
- device
Postures List<String> - email
Domains List<String> - email
Lists List<String> - emails List<String>
- everyone Boolean
- external
Evaluation AccessGroup Include External Evaluation - geos List<String>
- githubs
List<Access
Group Include Github> - groups List<String>
- gsuites
List<Access
Group Include Gsuite> - ip
Lists List<String> - The ID of an existing IP list to reference.
- ips List<String>
- An IPv4 or IPv6 CIDR block.
- login
Methods List<String> - oktas
List<Access
Group Include Okta> - samls
List<Access
Group Include Saml> - service
Tokens List<String>
- any
Valid booleanService Token - auth
Contexts AccessGroup Include Auth Context[] - auth
Method string - azures
Access
Group Include Azure[] - certificate boolean
- common
Name string - common
Names string[] - Overflow field if you need to have multiple commonname rules in a single policy. Use in place of the singular commonname field.
- device
Postures string[] - email
Domains string[] - email
Lists string[] - emails string[]
- everyone boolean
- external
Evaluation AccessGroup Include External Evaluation - geos string[]
- githubs
Access
Group Include Github[] - groups string[]
- gsuites
Access
Group Include Gsuite[] - ip
Lists string[] - The ID of an existing IP list to reference.
- ips string[]
- An IPv4 or IPv6 CIDR block.
- login
Methods string[] - oktas
Access
Group Include Okta[] - samls
Access
Group Include Saml[] - service
Tokens string[]
- any_
valid_ boolservice_ token - auth_
contexts Sequence[AccessGroup Include Auth Context] - auth_
method str - azures
Sequence[Access
Group Include Azure] - certificate bool
- common_
name str - common_
names Sequence[str] - Overflow field if you need to have multiple commonname rules in a single policy. Use in place of the singular commonname field.
- device_
postures Sequence[str] - email_
domains Sequence[str] - email_
lists Sequence[str] - emails Sequence[str]
- everyone bool
- external_
evaluation AccessGroup Include External Evaluation - geos Sequence[str]
- githubs
Sequence[Access
Group Include Github] - groups Sequence[str]
- gsuites
Sequence[Access
Group Include Gsuite] - ip_
lists Sequence[str] - The ID of an existing IP list to reference.
- ips Sequence[str]
- An IPv4 or IPv6 CIDR block.
- login_
methods Sequence[str] - oktas
Sequence[Access
Group Include Okta] - samls
Sequence[Access
Group Include Saml] - service_
tokens Sequence[str]
- any
Valid BooleanService Token - auth
Contexts List<Property Map> - auth
Method String - azures List<Property Map>
- certificate Boolean
- common
Name String - common
Names List<String> - Overflow field if you need to have multiple commonname rules in a single policy. Use in place of the singular commonname field.
- device
Postures List<String> - email
Domains List<String> - email
Lists List<String> - emails List<String>
- everyone Boolean
- external
Evaluation Property Map - geos List<String>
- githubs List<Property Map>
- groups List<String>
- gsuites List<Property Map>
- ip
Lists List<String> - The ID of an existing IP list to reference.
- ips List<String>
- An IPv4 or IPv6 CIDR block.
- login
Methods List<String> - oktas List<Property Map>
- samls List<Property Map>
- service
Tokens List<String>
AccessGroupIncludeAuthContext, AccessGroupIncludeAuthContextArgs
- Ac
Id string - The ACID of the Authentication Context.
- Id string
- The ID of the Authentication Context.
- Identity
Provider stringId - The ID of the Azure Identity provider.
- Ac
Id string - The ACID of the Authentication Context.
- Id string
- The ID of the Authentication Context.
- Identity
Provider stringId - The ID of the Azure Identity provider.
- ac
Id String - The ACID of the Authentication Context.
- id String
- The ID of the Authentication Context.
- identity
Provider StringId - The ID of the Azure Identity provider.
- ac
Id string - The ACID of the Authentication Context.
- id string
- The ID of the Authentication Context.
- identity
Provider stringId - The ID of the Azure Identity provider.
- ac_
id str - The ACID of the Authentication Context.
- id str
- The ID of the Authentication Context.
- identity_
provider_ strid - The ID of the Azure Identity provider.
- ac
Id String - The ACID of the Authentication Context.
- id String
- The ID of the Authentication Context.
- identity
Provider StringId - The ID of the Azure Identity provider.
AccessGroupIncludeAzure, AccessGroupIncludeAzureArgs
- Identity
Provider stringId - The ID of the Azure Identity provider.
- Ids List<string>
- The ID of the Azure group or user.
- Identity
Provider stringId - The ID of the Azure Identity provider.
- Ids []string
- The ID of the Azure group or user.
- identity
Provider StringId - The ID of the Azure Identity provider.
- ids List<String>
- The ID of the Azure group or user.
- identity
Provider stringId - The ID of the Azure Identity provider.
- ids string[]
- The ID of the Azure group or user.
- identity_
provider_ strid - The ID of the Azure Identity provider.
- ids Sequence[str]
- The ID of the Azure group or user.
- identity
Provider StringId - The ID of the Azure Identity provider.
- ids List<String>
- The ID of the Azure group or user.
AccessGroupIncludeExternalEvaluation, AccessGroupIncludeExternalEvaluationArgs
- Evaluate
Url string - Keys
Url string
- Evaluate
Url string - Keys
Url string
- evaluate
Url String - keys
Url String
- evaluate
Url string - keys
Url string
- evaluate_
url str - keys_
url str
- evaluate
Url String - keys
Url String
AccessGroupIncludeGithub, AccessGroupIncludeGithubArgs
- Identity
Provider stringId - Name string
- Teams List<string>
- Identity
Provider stringId - Name string
- Teams []string
- identity
Provider StringId - name String
- teams List<String>
- identity
Provider stringId - name string
- teams string[]
- identity_
provider_ strid - name str
- teams Sequence[str]
- identity
Provider StringId - name String
- teams List<String>
AccessGroupIncludeGsuite, AccessGroupIncludeGsuiteArgs
- Emails List<string>
- Identity
Provider stringId
- Emails []string
- Identity
Provider stringId
- emails List<String>
- identity
Provider StringId
- emails string[]
- identity
Provider stringId
- emails Sequence[str]
- identity_
provider_ strid
- emails List<String>
- identity
Provider StringId
AccessGroupIncludeOkta, AccessGroupIncludeOktaArgs
- Identity
Provider stringId - Names List<string>
- Identity
Provider stringId - Names []string
- identity
Provider StringId - names List<String>
- identity
Provider stringId - names string[]
- identity_
provider_ strid - names Sequence[str]
- identity
Provider StringId - names List<String>
AccessGroupIncludeSaml, AccessGroupIncludeSamlArgs
- Attribute
Name string - Attribute
Value string - Identity
Provider stringId
- Attribute
Name string - Attribute
Value string - Identity
Provider stringId
- attribute
Name String - attribute
Value String - identity
Provider StringId
- attribute
Name string - attribute
Value string - identity
Provider stringId
- attribute
Name String - attribute
Value String - identity
Provider StringId
AccessGroupRequire, AccessGroupRequireArgs
- Any
Valid boolService Token - Auth
Contexts List<AccessGroup Require Auth Context> - Auth
Method string - Azures
List<Access
Group Require Azure> - Certificate bool
- Common
Name string - Common
Names List<string> - Overflow field if you need to have multiple commonname rules in a single policy. Use in place of the singular commonname field.
- Device
Postures List<string> - Email
Domains List<string> - Email
Lists List<string> - Emails List<string>
- Everyone bool
- External
Evaluation AccessGroup Require External Evaluation - Geos List<string>
- Githubs
List<Access
Group Require Github> - Groups List<string>
- Gsuites
List<Access
Group Require Gsuite> - Ip
Lists List<string> - The ID of an existing IP list to reference.
- Ips List<string>
- An IPv4 or IPv6 CIDR block.
- Login
Methods List<string> - Oktas
List<Access
Group Require Okta> - Samls
List<Access
Group Require Saml> - Service
Tokens List<string>
- Any
Valid boolService Token - Auth
Contexts []AccessGroup Require Auth Context - Auth
Method string - Azures
[]Access
Group Require Azure - Certificate bool
- Common
Name string - Common
Names []string - Overflow field if you need to have multiple commonname rules in a single policy. Use in place of the singular commonname field.
- Device
Postures []string - Email
Domains []string - Email
Lists []string - Emails []string
- Everyone bool
- External
Evaluation AccessGroup Require External Evaluation - Geos []string
- Githubs
[]Access
Group Require Github - Groups []string
- Gsuites
[]Access
Group Require Gsuite - Ip
Lists []string - The ID of an existing IP list to reference.
- Ips []string
- An IPv4 or IPv6 CIDR block.
- Login
Methods []string - Oktas
[]Access
Group Require Okta - Samls
[]Access
Group Require Saml - Service
Tokens []string
- any
Valid BooleanService Token - auth
Contexts List<AccessGroup Require Auth Context> - auth
Method String - azures
List<Access
Group Require Azure> - certificate Boolean
- common
Name String - common
Names List<String> - Overflow field if you need to have multiple commonname rules in a single policy. Use in place of the singular commonname field.
- device
Postures List<String> - email
Domains List<String> - email
Lists List<String> - emails List<String>
- everyone Boolean
- external
Evaluation AccessGroup Require External Evaluation - geos List<String>
- githubs
List<Access
Group Require Github> - groups List<String>
- gsuites
List<Access
Group Require Gsuite> - ip
Lists List<String> - The ID of an existing IP list to reference.
- ips List<String>
- An IPv4 or IPv6 CIDR block.
- login
Methods List<String> - oktas
List<Access
Group Require Okta> - samls
List<Access
Group Require Saml> - service
Tokens List<String>
- any
Valid booleanService Token - auth
Contexts AccessGroup Require Auth Context[] - auth
Method string - azures
Access
Group Require Azure[] - certificate boolean
- common
Name string - common
Names string[] - Overflow field if you need to have multiple commonname rules in a single policy. Use in place of the singular commonname field.
- device
Postures string[] - email
Domains string[] - email
Lists string[] - emails string[]
- everyone boolean
- external
Evaluation AccessGroup Require External Evaluation - geos string[]
- githubs
Access
Group Require Github[] - groups string[]
- gsuites
Access
Group Require Gsuite[] - ip
Lists string[] - The ID of an existing IP list to reference.
- ips string[]
- An IPv4 or IPv6 CIDR block.
- login
Methods string[] - oktas
Access
Group Require Okta[] - samls
Access
Group Require Saml[] - service
Tokens string[]
- any_
valid_ boolservice_ token - auth_
contexts Sequence[AccessGroup Require Auth Context] - auth_
method str - azures
Sequence[Access
Group Require Azure] - certificate bool
- common_
name str - common_
names Sequence[str] - Overflow field if you need to have multiple commonname rules in a single policy. Use in place of the singular commonname field.
- device_
postures Sequence[str] - email_
domains Sequence[str] - email_
lists Sequence[str] - emails Sequence[str]
- everyone bool
- external_
evaluation AccessGroup Require External Evaluation - geos Sequence[str]
- githubs
Sequence[Access
Group Require Github] - groups Sequence[str]
- gsuites
Sequence[Access
Group Require Gsuite] - ip_
lists Sequence[str] - The ID of an existing IP list to reference.
- ips Sequence[str]
- An IPv4 or IPv6 CIDR block.
- login_
methods Sequence[str] - oktas
Sequence[Access
Group Require Okta] - samls
Sequence[Access
Group Require Saml] - service_
tokens Sequence[str]
- any
Valid BooleanService Token - auth
Contexts List<Property Map> - auth
Method String - azures List<Property Map>
- certificate Boolean
- common
Name String - common
Names List<String> - Overflow field if you need to have multiple commonname rules in a single policy. Use in place of the singular commonname field.
- device
Postures List<String> - email
Domains List<String> - email
Lists List<String> - emails List<String>
- everyone Boolean
- external
Evaluation Property Map - geos List<String>
- githubs List<Property Map>
- groups List<String>
- gsuites List<Property Map>
- ip
Lists List<String> - The ID of an existing IP list to reference.
- ips List<String>
- An IPv4 or IPv6 CIDR block.
- login
Methods List<String> - oktas List<Property Map>
- samls List<Property Map>
- service
Tokens List<String>
AccessGroupRequireAuthContext, AccessGroupRequireAuthContextArgs
- Ac
Id string - The ACID of the Authentication Context.
- Id string
- The ID of the Authentication Context.
- Identity
Provider stringId - The ID of the Azure Identity provider.
- Ac
Id string - The ACID of the Authentication Context.
- Id string
- The ID of the Authentication Context.
- Identity
Provider stringId - The ID of the Azure Identity provider.
- ac
Id String - The ACID of the Authentication Context.
- id String
- The ID of the Authentication Context.
- identity
Provider StringId - The ID of the Azure Identity provider.
- ac
Id string - The ACID of the Authentication Context.
- id string
- The ID of the Authentication Context.
- identity
Provider stringId - The ID of the Azure Identity provider.
- ac_
id str - The ACID of the Authentication Context.
- id str
- The ID of the Authentication Context.
- identity_
provider_ strid - The ID of the Azure Identity provider.
- ac
Id String - The ACID of the Authentication Context.
- id String
- The ID of the Authentication Context.
- identity
Provider StringId - The ID of the Azure Identity provider.
AccessGroupRequireAzure, AccessGroupRequireAzureArgs
- Identity
Provider stringId - The ID of the Azure Identity provider.
- Ids List<string>
- The ID of the Azure group or user.
- Identity
Provider stringId - The ID of the Azure Identity provider.
- Ids []string
- The ID of the Azure group or user.
- identity
Provider StringId - The ID of the Azure Identity provider.
- ids List<String>
- The ID of the Azure group or user.
- identity
Provider stringId - The ID of the Azure Identity provider.
- ids string[]
- The ID of the Azure group or user.
- identity_
provider_ strid - The ID of the Azure Identity provider.
- ids Sequence[str]
- The ID of the Azure group or user.
- identity
Provider StringId - The ID of the Azure Identity provider.
- ids List<String>
- The ID of the Azure group or user.
AccessGroupRequireExternalEvaluation, AccessGroupRequireExternalEvaluationArgs
- Evaluate
Url string - Keys
Url string
- Evaluate
Url string - Keys
Url string
- evaluate
Url String - keys
Url String
- evaluate
Url string - keys
Url string
- evaluate_
url str - keys_
url str
- evaluate
Url String - keys
Url String
AccessGroupRequireGithub, AccessGroupRequireGithubArgs
- Identity
Provider stringId - Name string
- Teams List<string>
- Identity
Provider stringId - Name string
- Teams []string
- identity
Provider StringId - name String
- teams List<String>
- identity
Provider stringId - name string
- teams string[]
- identity_
provider_ strid - name str
- teams Sequence[str]
- identity
Provider StringId - name String
- teams List<String>
AccessGroupRequireGsuite, AccessGroupRequireGsuiteArgs
- Emails List<string>
- Identity
Provider stringId
- Emails []string
- Identity
Provider stringId
- emails List<String>
- identity
Provider StringId
- emails string[]
- identity
Provider stringId
- emails Sequence[str]
- identity_
provider_ strid
- emails List<String>
- identity
Provider StringId
AccessGroupRequireOkta, AccessGroupRequireOktaArgs
- Identity
Provider stringId - Names List<string>
- Identity
Provider stringId - Names []string
- identity
Provider StringId - names List<String>
- identity
Provider stringId - names string[]
- identity_
provider_ strid - names Sequence[str]
- identity
Provider StringId - names List<String>
AccessGroupRequireSaml, AccessGroupRequireSamlArgs
- Attribute
Name string - Attribute
Value string - Identity
Provider stringId
- Attribute
Name string - Attribute
Value string - Identity
Provider stringId
- attribute
Name String - attribute
Value String - identity
Provider StringId
- attribute
Name string - attribute
Value string - identity
Provider stringId
- attribute
Name String - attribute
Value String - identity
Provider StringId
Import
$ pulumi import cloudflare:index/accessGroup:AccessGroup example <account_id>/<group_id>
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Cloudflare pulumi/pulumi-cloudflare
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
cloudflareTerraform Provider.