This page documents the language specification for the cloudflare package. If you're looking for help working with the inputs, outputs, or functions of cloudflare resources in a Pulumi program, please see the resource documentation for examples and API reference.
Pulumi Cloudflare¶
This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-cloudflare repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-cloudflare repo.
- class
pulumi_cloudflare.AccessApplication(resource_name, opts=None, domain=None, name=None, session_duration=None, zone_id=None, __props__=None, __name__=None, __opts__=None)¶ Provides a Cloudflare Access Application resource. Access Applications are used to restrict access to a whole application using an authorisation gateway managed by Cloudflare.
import pulumi import pulumi_cloudflare as cloudflare staging_app = cloudflare.AccessApplication("stagingApp", domain="staging.example.com", name="staging application", session_duration="24h", zone_id="1d5fdc9e88c8a8c4518b068cd94331fe")
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
domain (pulumi.Input[str]) – The complete URL of the asset you wish to put Cloudflare Access in front of. Can include subdomains or paths. Or both.
name (pulumi.Input[str]) – Friendly name of the Access Application.
session_duration (pulumi.Input[str]) – How often a user will be forced to re-authorise. Must be one of
30m,6h,12h,24h,168h,730h.zone_id (pulumi.Input[str]) – The DNS zone to which the access rule should be added.
aud: pulumi.Output[str] = None¶Application Audience (AUD) Tag of the application
domain: pulumi.Output[str] = None¶The complete URL of the asset you wish to put Cloudflare Access in front of. Can include subdomains or paths. Or both.
name: pulumi.Output[str] = None¶Friendly name of the Access Application.
session_duration: pulumi.Output[str] = None¶How often a user will be forced to re-authorise. Must be one of
30m,6h,12h,24h,168h,730h.
zone_id: pulumi.Output[str] = None¶The DNS zone to which the access rule should be added.
- static
get(resource_name, id, opts=None, aud=None, domain=None, name=None, session_duration=None, zone_id=None)¶ Get an existing AccessApplication resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
aud (pulumi.Input[str]) – Application Audience (AUD) Tag of the application
domain (pulumi.Input[str]) – The complete URL of the asset you wish to put Cloudflare Access in front of. Can include subdomains or paths. Or both.
name (pulumi.Input[str]) – Friendly name of the Access Application.
session_duration (pulumi.Input[str]) – How often a user will be forced to re-authorise. Must be one of
30m,6h,12h,24h,168h,730h.zone_id (pulumi.Input[str]) – The DNS zone to which the access rule should be added.
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.AccessGroup(resource_name, opts=None, account_id=None, excludes=None, includes=None, name=None, requires=None, __props__=None, __name__=None, __opts__=None)¶ Provides a Cloudflare Access Group resource. Access Groups are used in conjunction with Access Policies to restrict access to a particular resource based on group membership.
import pulumi import pulumi_cloudflare as cloudflare # Allowing access to `test@example.com` email address only test_group_access_group = cloudflare.AccessGroup("testGroupAccessGroup", account_id="975ecf5a45e3bcb680dba0722a420ad9", name="staging group", include=[{ "emails": ["test@example.com"], }]) # Allowing `test@example.com` to access but only when coming from a # specific IP. test_group_index_access_group_access_group = cloudflare.AccessGroup("testGroupIndex/accessGroupAccessGroup", account_id="975ecf5a45e3bcb680dba0722a420ad9", name="staging group", include=[{ "emails": ["test@example.com"], }], requires={ "ips": [var["office_ip"]], })
require,excludeandincludearguments share the available conditions which can be applied. The conditions are:ip- (Optional) A list of IP addresses or ranges. Example:ip = ["1.2.3.4", "10.0.0.0/2"]email- (Optional) A list of email addresses. Example:email = ["test@example.com"]email_domain- (Optional) A list of email domains. Example:email_domain = ["example.com"]service_token- (Optional) A list of service token ids. Example:service_token = [cloudflare_access_service_token.demo.id]any_valid_service_token- (Optional) Boolean indicating if allow all tokens to be granted. Example:any_valid_service_token = truegroup- (Optional) A list of access group ids. Example:group = [cloudflare_access_group.demo.id]everyone- (Optional) Boolean indicating permitting access for all requests. Example:everyone = truecertificate- (Optional) Whether to use mTLS certificate authentication.common_name- (Optional) Use a certificate common name to authenticate with.gsuite- (Optional) Use GSuite as the authentication mechanism. Example:# ... other configuration include { gsuite { email = "admins@example.com" identity_provider_id = "ca298b82-93b5-41bf-bc2d-10493f09b761" } }github- (Optional) Use a GitHub team as theincludecondition. Example:# ... other configuration include { github { name = "my-github-team-name" identity_provider_id = "ca298b82-93b5-41bf-bc2d-10493f09b761" } }azure- (Optional) Use Azure AD as theincludecondition. Example:# ... other configuration include { azure { id = "86773093-5feb-48dd-814b-7ccd3676ff50e" identity_provider_id = "ca298b82-93b5-41bf-bc2d-10493f09b761" } }okta- (Optional) Use Okta as theincludecondition. Example:# ... other configuration include { okta { name = "admins" identity_provider_id = "ca298b82-93b5-41bf-bc2d-10493f09b761" } }saml- (Optional) Use an external SAML setup as theincludecondition. Example:# ... other configuration include { saml { attribute_name = "group" attribute_value = "admins" identity_provider_id = "ca298b82-93b5-41bf-bc2d-10493f09b761" } }
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
account_id (pulumi.Input[str]) – The ID of the account the group is associated with.
excludes (pulumi.Input[list]) – A series of access conditions, see below for full list.
includes (pulumi.Input[list]) – A series of access conditions, see below for full list.
name (pulumi.Input[str]) – Friendly name of the Access Group.
requires (pulumi.Input[list]) – A series of access conditions, see below for full list.
The excludes object supports the following:
anyValidServiceToken(pulumi.Input[bool])azures(pulumi.Input[list])id(pulumi.Input[str])identityProviderId(pulumi.Input[str])
certificate(pulumi.Input[bool])commonName(pulumi.Input[str])emailDomains(pulumi.Input[list])emails(pulumi.Input[list])everyone(pulumi.Input[bool])githubs(pulumi.Input[list])identityProviderId(pulumi.Input[str])name(pulumi.Input[str]) - Friendly name of the Access Group.
groups(pulumi.Input[list])gsuites(pulumi.Input[list])email(pulumi.Input[str])identityProviderId(pulumi.Input[str])
ips(pulumi.Input[list])oktas(pulumi.Input[list])identityProviderId(pulumi.Input[str])name(pulumi.Input[str]) - Friendly name of the Access Group.
samls(pulumi.Input[list])attributeName(pulumi.Input[str])attributeValue(pulumi.Input[str])identityProviderId(pulumi.Input[str])
serviceTokens(pulumi.Input[list])
The includes object supports the following:
anyValidServiceToken(pulumi.Input[bool])azures(pulumi.Input[list])id(pulumi.Input[str])identityProviderId(pulumi.Input[str])
certificate(pulumi.Input[bool])commonName(pulumi.Input[str])emailDomains(pulumi.Input[list])emails(pulumi.Input[list])everyone(pulumi.Input[bool])githubs(pulumi.Input[list])identityProviderId(pulumi.Input[str])name(pulumi.Input[str]) - Friendly name of the Access Group.
groups(pulumi.Input[list])gsuites(pulumi.Input[list])email(pulumi.Input[str])identityProviderId(pulumi.Input[str])
ips(pulumi.Input[list])oktas(pulumi.Input[list])identityProviderId(pulumi.Input[str])name(pulumi.Input[str]) - Friendly name of the Access Group.
samls(pulumi.Input[list])attributeName(pulumi.Input[str])attributeValue(pulumi.Input[str])identityProviderId(pulumi.Input[str])
serviceTokens(pulumi.Input[list])
The requires object supports the following:
anyValidServiceToken(pulumi.Input[bool])azures(pulumi.Input[list])id(pulumi.Input[str])identityProviderId(pulumi.Input[str])
certificate(pulumi.Input[bool])commonName(pulumi.Input[str])emailDomains(pulumi.Input[list])emails(pulumi.Input[list])everyone(pulumi.Input[bool])githubs(pulumi.Input[list])identityProviderId(pulumi.Input[str])name(pulumi.Input[str]) - Friendly name of the Access Group.
groups(pulumi.Input[list])gsuites(pulumi.Input[list])email(pulumi.Input[str])identityProviderId(pulumi.Input[str])
ips(pulumi.Input[list])oktas(pulumi.Input[list])identityProviderId(pulumi.Input[str])name(pulumi.Input[str]) - Friendly name of the Access Group.
samls(pulumi.Input[list])attributeName(pulumi.Input[str])attributeValue(pulumi.Input[str])identityProviderId(pulumi.Input[str])
serviceTokens(pulumi.Input[list])
account_id: pulumi.Output[str] = None¶The ID of the account the group is associated with.
excludes: pulumi.Output[list] = None¶A series of access conditions, see below for full list.
anyValidServiceToken(bool)azures(list)id(str)identityProviderId(str)
certificate(bool)commonName(str)emailDomains(list)emails(list)everyone(bool)githubs(list)identityProviderId(str)name(str) - Friendly name of the Access Group.
groups(list)gsuites(list)email(str)identityProviderId(str)
ips(list)oktas(list)identityProviderId(str)name(str) - Friendly name of the Access Group.
samls(list)attributeName(str)attributeValue(str)identityProviderId(str)
serviceTokens(list)
includes: pulumi.Output[list] = None¶A series of access conditions, see below for full list.
anyValidServiceToken(bool)azures(list)id(str)identityProviderId(str)
certificate(bool)commonName(str)emailDomains(list)emails(list)everyone(bool)githubs(list)identityProviderId(str)name(str) - Friendly name of the Access Group.
groups(list)gsuites(list)email(str)identityProviderId(str)
ips(list)oktas(list)identityProviderId(str)name(str) - Friendly name of the Access Group.
samls(list)attributeName(str)attributeValue(str)identityProviderId(str)
serviceTokens(list)
name: pulumi.Output[str] = None¶Friendly name of the Access Group.
requires: pulumi.Output[list] = None¶A series of access conditions, see below for full list.
anyValidServiceToken(bool)azures(list)id(str)identityProviderId(str)
certificate(bool)commonName(str)emailDomains(list)emails(list)everyone(bool)githubs(list)identityProviderId(str)name(str) - Friendly name of the Access Group.
groups(list)gsuites(list)email(str)identityProviderId(str)
ips(list)oktas(list)identityProviderId(str)name(str) - Friendly name of the Access Group.
samls(list)attributeName(str)attributeValue(str)identityProviderId(str)
serviceTokens(list)
- static
get(resource_name, id, opts=None, account_id=None, excludes=None, includes=None, name=None, requires=None)¶ Get an existing AccessGroup resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
account_id (pulumi.Input[str]) – The ID of the account the group is associated with.
excludes (pulumi.Input[list]) – A series of access conditions, see below for full list.
includes (pulumi.Input[list]) – A series of access conditions, see below for full list.
name (pulumi.Input[str]) – Friendly name of the Access Group.
requires (pulumi.Input[list]) – A series of access conditions, see below for full list.
The excludes object supports the following:
anyValidServiceToken(pulumi.Input[bool])azures(pulumi.Input[list])id(pulumi.Input[str])identityProviderId(pulumi.Input[str])
certificate(pulumi.Input[bool])commonName(pulumi.Input[str])emailDomains(pulumi.Input[list])emails(pulumi.Input[list])everyone(pulumi.Input[bool])githubs(pulumi.Input[list])identityProviderId(pulumi.Input[str])name(pulumi.Input[str]) - Friendly name of the Access Group.
groups(pulumi.Input[list])gsuites(pulumi.Input[list])email(pulumi.Input[str])identityProviderId(pulumi.Input[str])
ips(pulumi.Input[list])oktas(pulumi.Input[list])identityProviderId(pulumi.Input[str])name(pulumi.Input[str]) - Friendly name of the Access Group.
samls(pulumi.Input[list])attributeName(pulumi.Input[str])attributeValue(pulumi.Input[str])identityProviderId(pulumi.Input[str])
serviceTokens(pulumi.Input[list])
The includes object supports the following:
anyValidServiceToken(pulumi.Input[bool])azures(pulumi.Input[list])id(pulumi.Input[str])identityProviderId(pulumi.Input[str])
certificate(pulumi.Input[bool])commonName(pulumi.Input[str])emailDomains(pulumi.Input[list])emails(pulumi.Input[list])everyone(pulumi.Input[bool])githubs(pulumi.Input[list])identityProviderId(pulumi.Input[str])name(pulumi.Input[str]) - Friendly name of the Access Group.
groups(pulumi.Input[list])gsuites(pulumi.Input[list])email(pulumi.Input[str])identityProviderId(pulumi.Input[str])
ips(pulumi.Input[list])oktas(pulumi.Input[list])identityProviderId(pulumi.Input[str])name(pulumi.Input[str]) - Friendly name of the Access Group.
samls(pulumi.Input[list])attributeName(pulumi.Input[str])attributeValue(pulumi.Input[str])identityProviderId(pulumi.Input[str])
serviceTokens(pulumi.Input[list])
The requires object supports the following:
anyValidServiceToken(pulumi.Input[bool])azures(pulumi.Input[list])id(pulumi.Input[str])identityProviderId(pulumi.Input[str])
certificate(pulumi.Input[bool])commonName(pulumi.Input[str])emailDomains(pulumi.Input[list])emails(pulumi.Input[list])everyone(pulumi.Input[bool])githubs(pulumi.Input[list])identityProviderId(pulumi.Input[str])name(pulumi.Input[str]) - Friendly name of the Access Group.
groups(pulumi.Input[list])gsuites(pulumi.Input[list])email(pulumi.Input[str])identityProviderId(pulumi.Input[str])
ips(pulumi.Input[list])oktas(pulumi.Input[list])identityProviderId(pulumi.Input[str])name(pulumi.Input[str]) - Friendly name of the Access Group.
samls(pulumi.Input[list])attributeName(pulumi.Input[str])attributeValue(pulumi.Input[str])identityProviderId(pulumi.Input[str])
serviceTokens(pulumi.Input[list])
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.AccessIdentityProvider(resource_name, opts=None, account_id=None, configs=None, name=None, type=None, __props__=None, __name__=None, __opts__=None)¶ Provides a Cloudflare Access Identity Provider resource. Identity Providers are used as an authentication or authorisation source within Access.
import pulumi import pulumi_cloudflare as cloudflare # one time pin pin_login = cloudflare.AccessIdentityProvider("pinLogin", account_id="1d5fdc9e88c8a8c4518b068cd94331fe", name="PIN login", type="onetimepin") # oauth github_oauth = cloudflare.AccessIdentityProvider("githubOauth", account_id="1d5fdc9e88c8a8c4518b068cd94331fe", configs=[{ "client_id": "example", "client_secret": "secret_key", }], name="GitHub OAuth", type="github") # saml jumpcloud_saml = cloudflare.AccessIdentityProvider("jumpcloudSaml", account_id="1d5fdc9e88c8a8c4518b068cd94331fe", configs=[{ "attributes": [ "email", "username", ], "idpPublicCert": """MIIDpDCCAoygAwIBAgIGAV2ka+55MA0GCSqGSIb3DQEBCwUAMIGSMQswCQ...GF/Q2/MHadws97cZg uTnQyuOqPuHbnN83d/2l1NSYKCbHt24o """, "issuerUrl": "jumpcloud", "signRequest": False, "ssoTargetUrl": "https://sso.myexample.jumpcloud.com/saml2/cloudflareaccess", }], name="JumpCloud SAML", type="saml")
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
configs (pulumi.Input[list]) – Provider configuration from the [developer documentation][access_identity_provider_guide].
name (pulumi.Input[str]) – Friendly name of the Access Identity Provider configuration.
type (pulumi.Input[str]) – The provider type to use. Must be one of:
"centrify","facebook","google-apps","oidc","github","google","saml","linkedin","azureAD","okta","onetimepin","onelogin","yandex".
The configs object supports the following:
appsDomain(pulumi.Input[str])attributes(pulumi.Input[list])authUrl(pulumi.Input[str])centrifyAccount(pulumi.Input[str])centrifyAppId(pulumi.Input[str])certsUrl(pulumi.Input[str])client_id(pulumi.Input[str])client_secret(pulumi.Input[str])directoryId(pulumi.Input[str])emailAttributeName(pulumi.Input[str])idpPublicCert(pulumi.Input[str])issuerUrl(pulumi.Input[str])oktaAccount(pulumi.Input[str])oneloginAccount(pulumi.Input[str])redirectUrl(pulumi.Input[str])signRequest(pulumi.Input[bool])ssoTargetUrl(pulumi.Input[str])supportGroups(pulumi.Input[bool])tokenUrl(pulumi.Input[str])
configs: pulumi.Output[list] = None¶Provider configuration from the [developer documentation][access_identity_provider_guide].
appsDomain(str)attributes(list)authUrl(str)centrifyAccount(str)centrifyAppId(str)certsUrl(str)client_id(str)client_secret(str)directoryId(str)emailAttributeName(str)idpPublicCert(str)issuerUrl(str)oktaAccount(str)oneloginAccount(str)redirectUrl(str)signRequest(bool)ssoTargetUrl(str)supportGroups(bool)tokenUrl(str)
name: pulumi.Output[str] = None¶Friendly name of the Access Identity Provider configuration.
type: pulumi.Output[str] = None¶The provider type to use. Must be one of:
"centrify","facebook","google-apps","oidc","github","google","saml","linkedin","azureAD","okta","onetimepin","onelogin","yandex".
- static
get(resource_name, id, opts=None, account_id=None, configs=None, name=None, type=None)¶ Get an existing AccessIdentityProvider resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
configs (pulumi.Input[list]) – Provider configuration from the [developer documentation][access_identity_provider_guide].
name (pulumi.Input[str]) – Friendly name of the Access Identity Provider configuration.
type (pulumi.Input[str]) – The provider type to use. Must be one of:
"centrify","facebook","google-apps","oidc","github","google","saml","linkedin","azureAD","okta","onetimepin","onelogin","yandex".
The configs object supports the following:
appsDomain(pulumi.Input[str])attributes(pulumi.Input[list])authUrl(pulumi.Input[str])centrifyAccount(pulumi.Input[str])centrifyAppId(pulumi.Input[str])certsUrl(pulumi.Input[str])client_id(pulumi.Input[str])client_secret(pulumi.Input[str])directoryId(pulumi.Input[str])emailAttributeName(pulumi.Input[str])idpPublicCert(pulumi.Input[str])issuerUrl(pulumi.Input[str])oktaAccount(pulumi.Input[str])oneloginAccount(pulumi.Input[str])redirectUrl(pulumi.Input[str])signRequest(pulumi.Input[bool])ssoTargetUrl(pulumi.Input[str])supportGroups(pulumi.Input[bool])tokenUrl(pulumi.Input[str])
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.AccessPolicy(resource_name, opts=None, application_id=None, decision=None, excludes=None, includes=None, name=None, precedence=None, requires=None, zone_id=None, __props__=None, __name__=None, __opts__=None)¶ Provides a Cloudflare Access Policy resource. Access Policies are used in conjunction with Access Applications to restrict access to a particular resource.
import pulumi import pulumi_cloudflare as cloudflare # Allowing access to `test@example.com` email address only test_policy_access_policy = cloudflare.AccessPolicy("testPolicyAccessPolicy", application_id="cb029e245cfdd66dc8d2e570d5dd3322", zone_id="d41d8cd98f00b204e9800998ecf8427e", name="staging policy", precedence="1", decision="allow", include=[{ "emails": ["test@example.com"], }]) # Allowing `test@example.com` to access but only when coming from a # specific IP. test_policy_index_access_policy_access_policy = cloudflare.AccessPolicy("testPolicyIndex/accessPolicyAccessPolicy", application_id="cb029e245cfdd66dc8d2e570d5dd3322", zone_id="d41d8cd98f00b204e9800998ecf8427e", name="staging policy", precedence="1", decision="allow", include=[{ "emails": ["test@example.com"], }], requires={ "ips": [var["office_ip"]], })
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
application_id (pulumi.Input[str]) – The ID of the application the policy is associated with.
decision (pulumi.Input[str]) – Defines the action Access will take if the policy matches the user. Allowed values:
allow,deny,non_identity,bypassexcludes (pulumi.Input[list]) – A series of access conditions, see Access Groups.
includes (pulumi.Input[list]) –
A series of access conditions, see Access Groups.
name (pulumi.Input[str]) – Friendly name of the Access Application.
precedence (pulumi.Input[float]) – The unique precedence for policies on a single application. Integer.
requires (pulumi.Input[list]) –
A series of access conditions, see Access Groups.
zone_id (pulumi.Input[str]) – The DNS zone to which the access rule should be added.
The excludes object supports the following:
anyValidServiceToken(pulumi.Input[bool])azures(pulumi.Input[list])id(pulumi.Input[str])identityProviderId(pulumi.Input[str])
certificate(pulumi.Input[bool])commonName(pulumi.Input[str])emailDomains(pulumi.Input[list])emails(pulumi.Input[list])everyone(pulumi.Input[bool])githubs(pulumi.Input[list])identityProviderId(pulumi.Input[str])name(pulumi.Input[str]) - Friendly name of the Access Application.
groups(pulumi.Input[list])gsuites(pulumi.Input[list])email(pulumi.Input[str])identityProviderId(pulumi.Input[str])
ips(pulumi.Input[list])oktas(pulumi.Input[list])identityProviderId(pulumi.Input[str])name(pulumi.Input[str]) - Friendly name of the Access Application.
samls(pulumi.Input[list])attributeName(pulumi.Input[str])attributeValue(pulumi.Input[str])identityProviderId(pulumi.Input[str])
serviceTokens(pulumi.Input[list])
The includes object supports the following:
anyValidServiceToken(pulumi.Input[bool])azures(pulumi.Input[list])id(pulumi.Input[str])identityProviderId(pulumi.Input[str])
certificate(pulumi.Input[bool])commonName(pulumi.Input[str])emailDomains(pulumi.Input[list])emails(pulumi.Input[list])everyone(pulumi.Input[bool])githubs(pulumi.Input[list])identityProviderId(pulumi.Input[str])name(pulumi.Input[str]) - Friendly name of the Access Application.
groups(pulumi.Input[list])gsuites(pulumi.Input[list])email(pulumi.Input[str])identityProviderId(pulumi.Input[str])
ips(pulumi.Input[list])oktas(pulumi.Input[list])identityProviderId(pulumi.Input[str])name(pulumi.Input[str]) - Friendly name of the Access Application.
samls(pulumi.Input[list])attributeName(pulumi.Input[str])attributeValue(pulumi.Input[str])identityProviderId(pulumi.Input[str])
serviceTokens(pulumi.Input[list])
The requires object supports the following:
anyValidServiceToken(pulumi.Input[bool])azures(pulumi.Input[list])id(pulumi.Input[str])identityProviderId(pulumi.Input[str])
certificate(pulumi.Input[bool])commonName(pulumi.Input[str])emailDomains(pulumi.Input[list])emails(pulumi.Input[list])everyone(pulumi.Input[bool])githubs(pulumi.Input[list])identityProviderId(pulumi.Input[str])name(pulumi.Input[str]) - Friendly name of the Access Application.
groups(pulumi.Input[list])gsuites(pulumi.Input[list])email(pulumi.Input[str])identityProviderId(pulumi.Input[str])
ips(pulumi.Input[list])oktas(pulumi.Input[list])identityProviderId(pulumi.Input[str])name(pulumi.Input[str]) - Friendly name of the Access Application.
samls(pulumi.Input[list])attributeName(pulumi.Input[str])attributeValue(pulumi.Input[str])identityProviderId(pulumi.Input[str])
serviceTokens(pulumi.Input[list])
application_id: pulumi.Output[str] = None¶The ID of the application the policy is associated with.
decision: pulumi.Output[str] = None¶Defines the action Access will take if the policy matches the user. Allowed values:
allow,deny,non_identity,bypass
excludes: pulumi.Output[list] = None¶A series of access conditions, see Access Groups.
anyValidServiceToken(bool)azures(list)id(str)identityProviderId(str)
certificate(bool)commonName(str)emailDomains(list)emails(list)everyone(bool)githubs(list)identityProviderId(str)name(str) - Friendly name of the Access Application.
groups(list)gsuites(list)email(str)identityProviderId(str)
ips(list)oktas(list)identityProviderId(str)name(str) - Friendly name of the Access Application.
samls(list)attributeName(str)attributeValue(str)identityProviderId(str)
serviceTokens(list)
includes: pulumi.Output[list] = None¶A series of access conditions, see Access Groups.
anyValidServiceToken(bool)azures(list)id(str)identityProviderId(str)
certificate(bool)commonName(str)emailDomains(list)emails(list)everyone(bool)githubs(list)identityProviderId(str)name(str) - Friendly name of the Access Application.
groups(list)gsuites(list)email(str)identityProviderId(str)
ips(list)oktas(list)identityProviderId(str)name(str) - Friendly name of the Access Application.
samls(list)attributeName(str)attributeValue(str)identityProviderId(str)
serviceTokens(list)
name: pulumi.Output[str] = None¶Friendly name of the Access Application.
precedence: pulumi.Output[float] = None¶The unique precedence for policies on a single application. Integer.
requires: pulumi.Output[list] = None¶A series of access conditions, see Access Groups.
anyValidServiceToken(bool)azures(list)id(str)identityProviderId(str)
certificate(bool)commonName(str)emailDomains(list)emails(list)everyone(bool)githubs(list)identityProviderId(str)name(str) - Friendly name of the Access Application.
groups(list)gsuites(list)email(str)identityProviderId(str)
ips(list)oktas(list)identityProviderId(str)name(str) - Friendly name of the Access Application.
samls(list)attributeName(str)attributeValue(str)identityProviderId(str)
serviceTokens(list)
zone_id: pulumi.Output[str] = None¶The DNS zone to which the access rule should be added.
- static
get(resource_name, id, opts=None, application_id=None, decision=None, excludes=None, includes=None, name=None, precedence=None, requires=None, zone_id=None)¶ Get an existing AccessPolicy resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
application_id (pulumi.Input[str]) – The ID of the application the policy is associated with.
decision (pulumi.Input[str]) – Defines the action Access will take if the policy matches the user. Allowed values:
allow,deny,non_identity,bypassexcludes (pulumi.Input[list]) –
A series of access conditions, see Access Groups.
includes (pulumi.Input[list]) –
A series of access conditions, see Access Groups.
name (pulumi.Input[str]) – Friendly name of the Access Application.
precedence (pulumi.Input[float]) – The unique precedence for policies on a single application. Integer.
requires (pulumi.Input[list]) –
A series of access conditions, see Access Groups.
zone_id (pulumi.Input[str]) – The DNS zone to which the access rule should be added.
The excludes object supports the following:
anyValidServiceToken(pulumi.Input[bool])azures(pulumi.Input[list])id(pulumi.Input[str])identityProviderId(pulumi.Input[str])
certificate(pulumi.Input[bool])commonName(pulumi.Input[str])emailDomains(pulumi.Input[list])emails(pulumi.Input[list])everyone(pulumi.Input[bool])githubs(pulumi.Input[list])identityProviderId(pulumi.Input[str])name(pulumi.Input[str]) - Friendly name of the Access Application.
groups(pulumi.Input[list])gsuites(pulumi.Input[list])email(pulumi.Input[str])identityProviderId(pulumi.Input[str])
ips(pulumi.Input[list])oktas(pulumi.Input[list])identityProviderId(pulumi.Input[str])name(pulumi.Input[str]) - Friendly name of the Access Application.
samls(pulumi.Input[list])attributeName(pulumi.Input[str])attributeValue(pulumi.Input[str])identityProviderId(pulumi.Input[str])
serviceTokens(pulumi.Input[list])
The includes object supports the following:
anyValidServiceToken(pulumi.Input[bool])azures(pulumi.Input[list])id(pulumi.Input[str])identityProviderId(pulumi.Input[str])
certificate(pulumi.Input[bool])commonName(pulumi.Input[str])emailDomains(pulumi.Input[list])emails(pulumi.Input[list])everyone(pulumi.Input[bool])githubs(pulumi.Input[list])identityProviderId(pulumi.Input[str])name(pulumi.Input[str]) - Friendly name of the Access Application.
groups(pulumi.Input[list])gsuites(pulumi.Input[list])email(pulumi.Input[str])identityProviderId(pulumi.Input[str])
ips(pulumi.Input[list])oktas(pulumi.Input[list])identityProviderId(pulumi.Input[str])name(pulumi.Input[str]) - Friendly name of the Access Application.
samls(pulumi.Input[list])attributeName(pulumi.Input[str])attributeValue(pulumi.Input[str])identityProviderId(pulumi.Input[str])
serviceTokens(pulumi.Input[list])
The requires object supports the following:
anyValidServiceToken(pulumi.Input[bool])azures(pulumi.Input[list])id(pulumi.Input[str])identityProviderId(pulumi.Input[str])
certificate(pulumi.Input[bool])commonName(pulumi.Input[str])emailDomains(pulumi.Input[list])emails(pulumi.Input[list])everyone(pulumi.Input[bool])githubs(pulumi.Input[list])identityProviderId(pulumi.Input[str])name(pulumi.Input[str]) - Friendly name of the Access Application.
groups(pulumi.Input[list])gsuites(pulumi.Input[list])email(pulumi.Input[str])identityProviderId(pulumi.Input[str])
ips(pulumi.Input[list])oktas(pulumi.Input[list])identityProviderId(pulumi.Input[str])name(pulumi.Input[str]) - Friendly name of the Access Application.
samls(pulumi.Input[list])attributeName(pulumi.Input[str])attributeValue(pulumi.Input[str])identityProviderId(pulumi.Input[str])
serviceTokens(pulumi.Input[list])
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.AccessRule(resource_name, opts=None, configuration=None, mode=None, notes=None, zone_id=None, __props__=None, __name__=None, __opts__=None)¶ Provides a Cloudflare IP Firewall Access Rule resource. Access control can be applied on basis of IP addresses, IP ranges, AS numbers or countries.
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
configuration (pulumi.Input[dict]) – Rule configuration to apply to a matched request. It’s a complex value. See description below.
mode (pulumi.Input[str]) – The action to apply to a matched request. Allowed values: “block”, “challenge”, “whitelist”, “js_challenge”
notes (pulumi.Input[str]) – A personal note about the rule. Typically used as a reminder or explanation for the rule.
zone_id (pulumi.Input[str]) – The DNS zone to which the access rule should be added.
The configuration object supports the following:
target(pulumi.Input[str]) - The request property to target. Allowed values: “ip”, “ip6”, “ip_range”, “asn”, “country”value(pulumi.Input[str]) - The value to target. Depends on target’s type.
configuration: pulumi.Output[dict] = None¶Rule configuration to apply to a matched request. It’s a complex value. See description below.
target(str) - The request property to target. Allowed values: “ip”, “ip6”, “ip_range”, “asn”, “country”value(str) - The value to target. Depends on target’s type.
mode: pulumi.Output[str] = None¶The action to apply to a matched request. Allowed values: “block”, “challenge”, “whitelist”, “js_challenge”
notes: pulumi.Output[str] = None¶A personal note about the rule. Typically used as a reminder or explanation for the rule.
zone_id: pulumi.Output[str] = None¶The DNS zone to which the access rule should be added.
- static
get(resource_name, id, opts=None, configuration=None, mode=None, notes=None, zone_id=None)¶ Get an existing AccessRule resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
configuration (pulumi.Input[dict]) – Rule configuration to apply to a matched request. It’s a complex value. See description below.
mode (pulumi.Input[str]) – The action to apply to a matched request. Allowed values: “block”, “challenge”, “whitelist”, “js_challenge”
notes (pulumi.Input[str]) – A personal note about the rule. Typically used as a reminder or explanation for the rule.
zone_id (pulumi.Input[str]) – The DNS zone to which the access rule should be added.
The configuration object supports the following:
target(pulumi.Input[str]) - The request property to target. Allowed values: “ip”, “ip6”, “ip_range”, “asn”, “country”value(pulumi.Input[str]) - The value to target. Depends on target’s type.
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.AccessServiceToken(resource_name, opts=None, account_id=None, name=None, __props__=None, __name__=None, __opts__=None)¶ Access Service Tokens are used for service-to-service communication when an application is behind Cloudflare Access.
import pulumi import pulumi_cloudflare as cloudflare my_app = cloudflare.AccessServiceToken("myApp", account_id="d41d8cd98f00b204e9800998ecf8427e", name="CI/CD app")
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
account_id (pulumi.Input[str]) – The ID of the account where the Access Service is being created.
name (pulumi.Input[str]) – Friendly name of the token’s intent.
account_id: pulumi.Output[str] = None¶The ID of the account where the Access Service is being created.
client_id: pulumi.Output[str] = None¶UUID client ID associated with the Service Token.
client_secret: pulumi.Output[str] = None¶A secret for interacting with Access protocols.
name: pulumi.Output[str] = None¶Friendly name of the token’s intent.
- static
get(resource_name, id, opts=None, account_id=None, client_id=None, client_secret=None, name=None)¶ Get an existing AccessServiceToken resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
account_id (pulumi.Input[str]) – The ID of the account where the Access Service is being created.
client_id (pulumi.Input[str]) – UUID client ID associated with the Service Token.
client_secret (pulumi.Input[str]) – A secret for interacting with Access protocols.
name (pulumi.Input[str]) – Friendly name of the token’s intent.
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.AccountMember(resource_name, opts=None, email_address=None, role_ids=None, __props__=None, __name__=None, __opts__=None)¶ Provides a resource which manages Cloudflare account members.
import pulumi import pulumi_cloudflare as cloudflare example_user = cloudflare.AccountMember("exampleUser", email_address="user@example.com", role_ids=[ "68b329da9893e34099c7d8ad5cb9c940", "d784fa8b6d98d27699781bd9a7cf19f0", ])
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
email_address (pulumi.Input[str]) – The email address of the user who you wish to manage. Note: Following creation, this field becomes read only via the API and cannot be updated.
role_ids (pulumi.Input[list]) – Array of account role IDs that you want to assign to a member.
email_address: pulumi.Output[str] = None¶The email address of the user who you wish to manage. Note: Following creation, this field becomes read only via the API and cannot be updated.
role_ids: pulumi.Output[list] = None¶Array of account role IDs that you want to assign to a member.
- static
get(resource_name, id, opts=None, email_address=None, role_ids=None)¶ Get an existing AccountMember resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
email_address (pulumi.Input[str]) – The email address of the user who you wish to manage. Note: Following creation, this field becomes read only via the API and cannot be updated.
role_ids (pulumi.Input[list]) – Array of account role IDs that you want to assign to a member.
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.Argo(resource_name, opts=None, smart_routing=None, tiered_caching=None, zone_id=None, __props__=None, __name__=None, __opts__=None)¶ Cloudflare Argo controls the routing to your origin and tiered caching options to speed up your website browsing experience.
import pulumi import pulumi_cloudflare as cloudflare example = cloudflare.Argo("example", smart_routing="on", tiered_caching="on", zone_id="d41d8cd98f00b204e9800998ecf8427e")
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
smart_routing (pulumi.Input[str]) – Whether smart routing is enabled. Valid values:
onoroff.tiered_caching (pulumi.Input[str]) – Whether tiered caching is enabled. Valid values:
onoroff.zone_id (pulumi.Input[str]) – The DNS zone ID that you wish to manage Argo on.
smart_routing: pulumi.Output[str] = None¶Whether smart routing is enabled. Valid values:
onoroff.
tiered_caching: pulumi.Output[str] = None¶Whether tiered caching is enabled. Valid values:
onoroff.
zone_id: pulumi.Output[str] = None¶The DNS zone ID that you wish to manage Argo on.
- static
get(resource_name, id, opts=None, smart_routing=None, tiered_caching=None, zone_id=None)¶ Get an existing Argo resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
smart_routing (pulumi.Input[str]) – Whether smart routing is enabled. Valid values:
onoroff.tiered_caching (pulumi.Input[str]) – Whether tiered caching is enabled. Valid values:
onoroff.zone_id (pulumi.Input[str]) – The DNS zone ID that you wish to manage Argo on.
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.AwaitableGetIpRangesResult(cidr_blocks=None, id=None, ipv4_cidr_blocks=None, ipv6_cidr_blocks=None)¶
- class
pulumi_cloudflare.AwaitableGetWafGroupsResult(filter=None, groups=None, id=None, package_id=None, zone_id=None)¶
- class
pulumi_cloudflare.AwaitableGetWafPackagesResult(filter=None, id=None, packages=None, zone_id=None)¶
- class
pulumi_cloudflare.AwaitableGetWafRulesResult(filter=None, id=None, package_id=None, rules=None, zone_id=None)¶
- class
pulumi_cloudflare.AwaitableGetZonesResult(filter=None, id=None, zones=None)¶
- class
pulumi_cloudflare.ByoIpPrefix(resource_name, opts=None, advertisement=None, description=None, prefix_id=None, __props__=None, __name__=None, __opts__=None)¶ Provides the ability to manage Bring-Your-Own-IP prefixes (BYOIP) which are used with or without Magic Transit.
import pulumi import pulumi_cloudflare as cloudflare example = cloudflare.ByoIpPrefix("example", advertisement="on", description="Example IP Prefix", prefix_id="d41d8cd98f00b204e9800998ecf8427e")
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
advertisement (pulumi.Input[str]) – Whether or not the prefix shall be announced. A prefix can be activated or deactivated once every 15 minutes (attempting more regular updates will trigger rate limiting). Valid values:
onoroff.description (pulumi.Input[str]) – The description of the prefix.
prefix_id (pulumi.Input[str]) – The assigned Bring-Your-Own-IP prefix ID.
advertisement: pulumi.Output[str] = None¶Whether or not the prefix shall be announced. A prefix can be activated or deactivated once every 15 minutes (attempting more regular updates will trigger rate limiting). Valid values:
onoroff.
description: pulumi.Output[str] = None¶The description of the prefix.
prefix_id: pulumi.Output[str] = None¶The assigned Bring-Your-Own-IP prefix ID.
- static
get(resource_name, id, opts=None, advertisement=None, description=None, prefix_id=None)¶ Get an existing ByoIpPrefix resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
advertisement (pulumi.Input[str]) – Whether or not the prefix shall be announced. A prefix can be activated or deactivated once every 15 minutes (attempting more regular updates will trigger rate limiting). Valid values:
onoroff.description (pulumi.Input[str]) – The description of the prefix.
prefix_id (pulumi.Input[str]) – The assigned Bring-Your-Own-IP prefix ID.
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.CustomPages(resource_name, opts=None, account_id=None, state=None, type=None, url=None, zone_id=None, __props__=None, __name__=None, __opts__=None)¶ Provides a resource which manages Cloudflare custom error pages.
import pulumi import pulumi_cloudflare as cloudflare basic_challenge = cloudflare.CustomPages("basicChallenge", state="customized", type="basic_challenge", url="https://example.com/challenge.html", zone_id="d41d8cd98f00b204e9800998ecf8427e")
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
account_id (pulumi.Input[str]) – The account ID where the custom pages should be updated. Either
account_idorzone_idmust be provided. Ifaccount_idis present, it will override the zone setting.type (pulumi.Input[str]) – The type of custom page you wish to update. Must be one of
basic_challenge,waf_challenge,waf_block,ratelimit_block,country_challenge,ip_block,under_attack,500_errors,1000_errors,always_online.url (pulumi.Input[str]) – URL of where the custom page source is located.
zone_id (pulumi.Input[str]) – The zone ID where the custom pages should be updated. Either
zone_idoraccount_idmust be provided.
account_id: pulumi.Output[str] = None¶The account ID where the custom pages should be updated. Either
account_idorzone_idmust be provided. Ifaccount_idis present, it will override the zone setting.
type: pulumi.Output[str] = None¶The type of custom page you wish to update. Must be one of
basic_challenge,waf_challenge,waf_block,ratelimit_block,country_challenge,ip_block,under_attack,500_errors,1000_errors,always_online.
url: pulumi.Output[str] = None¶URL of where the custom page source is located.
zone_id: pulumi.Output[str] = None¶The zone ID where the custom pages should be updated. Either
zone_idoraccount_idmust be provided.
- static
get(resource_name, id, opts=None, account_id=None, state=None, type=None, url=None, zone_id=None)¶ Get an existing CustomPages resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
account_id (pulumi.Input[str]) – The account ID where the custom pages should be updated. Either
account_idorzone_idmust be provided. Ifaccount_idis present, it will override the zone setting.type (pulumi.Input[str]) – The type of custom page you wish to update. Must be one of
basic_challenge,waf_challenge,waf_block,ratelimit_block,country_challenge,ip_block,under_attack,500_errors,1000_errors,always_online.url (pulumi.Input[str]) – URL of where the custom page source is located.
zone_id (pulumi.Input[str]) – The zone ID where the custom pages should be updated. Either
zone_idoraccount_idmust be provided.
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.CustomSsl(resource_name, opts=None, custom_ssl_options=None, custom_ssl_priorities=None, zone_id=None, __props__=None, __name__=None, __opts__=None)¶ Provides a Cloudflare custom ssl resource.
import pulumi import pulumi_cloudflare as cloudflare config = pulumi.Config() cloudflare_zone_id = config.get("cloudflareZoneId") if cloudflare_zone_id is None: cloudflare_zone_id = "1d5fdc9e88c8a8c4518b068cd94331fe" # Add a custom ssl certificate to the domain foossl = cloudflare.CustomSsl("foossl", custom_ssl_options={ "bundle_method": "ubiquitous", "certificate": "-----INSERT CERTIFICATE-----", "geo_restrictions": "us", "private_key": "-----INSERT PRIVATE KEY-----", "type": "legacy_custom", }, zone_id=cloudflare_zone_id)
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
custom_ssl_options (pulumi.Input[dict]) – The certificate, private key and associated optional parameters, such as bundle_method, geo_restrictions, and type.
zone_id (pulumi.Input[str]) – The DNS zone id to the custom ssl cert should be added.
The custom_ssl_options object supports the following:
bundle_method(pulumi.Input[str]) - Method of building intermediate certificate chain. A ubiquitous bundle has the highest probability of being verified everywhere, even by clients using outdated or unusual trust stores. An optimal bundle uses the shortest chain and newest intermediates. And the force bundle verifies the chain, but does not otherwise modify it. Valid values areubiquitous(default),optimal,force.certificate(pulumi.Input[str]) - Certificate certificate and the intermediate(s)geo_restrictions(pulumi.Input[str]) - Specifies the region where your private key can be held locally. Valid values areus,eu,highest_security.private_key(pulumi.Input[str]) - Certificate’s private keytype(pulumi.Input[str]) - Whether to enable support for legacy clients which do not include SNI in the TLS handshake. Valid values arelegacy_custom(default),sni_custom.
The custom_ssl_priorities object supports the following:
id(pulumi.Input[str])priority(pulumi.Input[float])
custom_ssl_options: pulumi.Output[dict] = None¶The certificate, private key and associated optional parameters, such as bundle_method, geo_restrictions, and type.
bundle_method(str) - Method of building intermediate certificate chain. A ubiquitous bundle has the highest probability of being verified everywhere, even by clients using outdated or unusual trust stores. An optimal bundle uses the shortest chain and newest intermediates. And the force bundle verifies the chain, but does not otherwise modify it. Valid values areubiquitous(default),optimal,force.certificate(str) - Certificate certificate and the intermediate(s)geo_restrictions(str) - Specifies the region where your private key can be held locally. Valid values areus,eu,highest_security.private_key(str) - Certificate’s private keytype(str) - Whether to enable support for legacy clients which do not include SNI in the TLS handshake. Valid values arelegacy_custom(default),sni_custom.
zone_id: pulumi.Output[str] = None¶The DNS zone id to the custom ssl cert should be added.
- static
get(resource_name, id, opts=None, custom_ssl_options=None, custom_ssl_priorities=None, expires_on=None, hosts=None, issuer=None, modified_on=None, priority=None, signature=None, status=None, uploaded_on=None, zone_id=None)¶ Get an existing CustomSsl resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
custom_ssl_options (pulumi.Input[dict]) – The certificate, private key and associated optional parameters, such as bundle_method, geo_restrictions, and type.
zone_id (pulumi.Input[str]) – The DNS zone id to the custom ssl cert should be added.
The custom_ssl_options object supports the following:
bundle_method(pulumi.Input[str]) - Method of building intermediate certificate chain. A ubiquitous bundle has the highest probability of being verified everywhere, even by clients using outdated or unusual trust stores. An optimal bundle uses the shortest chain and newest intermediates. And the force bundle verifies the chain, but does not otherwise modify it. Valid values areubiquitous(default),optimal,force.certificate(pulumi.Input[str]) - Certificate certificate and the intermediate(s)geo_restrictions(pulumi.Input[str]) - Specifies the region where your private key can be held locally. Valid values areus,eu,highest_security.private_key(pulumi.Input[str]) - Certificate’s private keytype(pulumi.Input[str]) - Whether to enable support for legacy clients which do not include SNI in the TLS handshake. Valid values arelegacy_custom(default),sni_custom.
The custom_ssl_priorities object supports the following:
id(pulumi.Input[str])priority(pulumi.Input[float])
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.Filter(resource_name, opts=None, description=None, expression=None, paused=None, ref=None, zone_id=None, __props__=None, __name__=None, __opts__=None)¶ Filter expressions that can be referenced across multiple features, e.g. Firewall Rule. The expression format is similar to Wireshark Display Filter.
import pulumi import pulumi_cloudflare as cloudflare wordpress = cloudflare.Filter("wordpress", description="Wordpress break-in attempts that are outside of the office", expression="(http.request.uri.path ~ ".*wp-login.php" or http.request.uri.path ~ ".*xmlrpc.php") and ip.src ne 192.0.2.1", zone_id="d41d8cd98f00b204e9800998ecf8427e")
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
description (pulumi.Input[str]) – A note that you can use to describe the purpose of the filter.
expression (pulumi.Input[str]) – The filter expression to be used.
paused (pulumi.Input[bool]) – Whether this filter is currently paused. Boolean value.
ref (pulumi.Input[str]) – Short reference tag to quickly select related rules.
zone_id (pulumi.Input[str]) – The DNS zone to which the Filter should be added.
description: pulumi.Output[str] = None¶A note that you can use to describe the purpose of the filter.
expression: pulumi.Output[str] = None¶The filter expression to be used.
paused: pulumi.Output[bool] = None¶Whether this filter is currently paused. Boolean value.
ref: pulumi.Output[str] = None¶Short reference tag to quickly select related rules.
zone_id: pulumi.Output[str] = None¶The DNS zone to which the Filter should be added.
- static
get(resource_name, id, opts=None, description=None, expression=None, paused=None, ref=None, zone_id=None)¶ Get an existing Filter resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
description (pulumi.Input[str]) – A note that you can use to describe the purpose of the filter.
expression (pulumi.Input[str]) – The filter expression to be used.
paused (pulumi.Input[bool]) – Whether this filter is currently paused. Boolean value.
ref (pulumi.Input[str]) – Short reference tag to quickly select related rules.
zone_id (pulumi.Input[str]) – The DNS zone to which the Filter should be added.
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.FirewallRule(resource_name, opts=None, action=None, description=None, filter_id=None, paused=None, priority=None, products=None, zone_id=None, __props__=None, __name__=None, __opts__=None)¶ Define Firewall rules using filter expressions for more control over how traffic is matched to the rule. A filter expression permits selecting traffic by multiple criteria allowing greater freedom in rule creation.
Filter expressions needs to be created first before using Firewall Rule. See Filter.
import pulumi import pulumi_cloudflare as cloudflare wordpress_filter = cloudflare.Filter("wordpressFilter", zone_id="d41d8cd98f00b204e9800998ecf8427e", description="Wordpress break-in attempts that are outside of the office", expression="(http.request.uri.path ~ ".*wp-login.php" or http.request.uri.path ~ ".*xmlrpc.php") and ip.src ne 192.0.2.1") wordpress_firewall_rule = cloudflare.FirewallRule("wordpressFirewallRule", zone_id="d41d8cd98f00b204e9800998ecf8427e", description="Block wordpress break-in attempts", filter_id=wordpress_filter.id, action="block")
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
action (pulumi.Input[str]) – The action to apply to a matched request. Allowed values: “block”, “challenge”, “allow”, “js_challenge”, “bypass”. Enterprise plan also allows “log”.
description (pulumi.Input[str]) – A description of the rule to help identify it.
paused (pulumi.Input[bool]) – Whether this filter based firewall rule is currently paused. Boolean value.
priority (pulumi.Input[float]) – The priority of the rule to allow control of processing order. A lower number indicates high priority. If not provided, any rules with a priority will be sequenced before those without.
products (pulumi.Input[list]) – List of products to bypass for a request when the bypass action is used. Allowed values: “zoneLockdown”, “uaBlock”, “bic”, “hot”, “securityLevel”, “rateLimit”, “waf”.
zone_id (pulumi.Input[str]) – The DNS zone to which the Filter should be added.
action: pulumi.Output[str] = None¶The action to apply to a matched request. Allowed values: “block”, “challenge”, “allow”, “js_challenge”, “bypass”. Enterprise plan also allows “log”.
description: pulumi.Output[str] = None¶A description of the rule to help identify it.
paused: pulumi.Output[bool] = None¶Whether this filter based firewall rule is currently paused. Boolean value.
priority: pulumi.Output[float] = None¶The priority of the rule to allow control of processing order. A lower number indicates high priority. If not provided, any rules with a priority will be sequenced before those without.
products: pulumi.Output[list] = None¶List of products to bypass for a request when the bypass action is used. Allowed values: “zoneLockdown”, “uaBlock”, “bic”, “hot”, “securityLevel”, “rateLimit”, “waf”.
zone_id: pulumi.Output[str] = None¶The DNS zone to which the Filter should be added.
- static
get(resource_name, id, opts=None, action=None, description=None, filter_id=None, paused=None, priority=None, products=None, zone_id=None)¶ Get an existing FirewallRule resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
action (pulumi.Input[str]) – The action to apply to a matched request. Allowed values: “block”, “challenge”, “allow”, “js_challenge”, “bypass”. Enterprise plan also allows “log”.
description (pulumi.Input[str]) – A description of the rule to help identify it.
paused (pulumi.Input[bool]) – Whether this filter based firewall rule is currently paused. Boolean value.
priority (pulumi.Input[float]) – The priority of the rule to allow control of processing order. A lower number indicates high priority. If not provided, any rules with a priority will be sequenced before those without.
products (pulumi.Input[list]) – List of products to bypass for a request when the bypass action is used. Allowed values: “zoneLockdown”, “uaBlock”, “bic”, “hot”, “securityLevel”, “rateLimit”, “waf”.
zone_id (pulumi.Input[str]) – The DNS zone to which the Filter should be added.
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.GetIpRangesResult(cidr_blocks=None, id=None, ipv4_cidr_blocks=None, ipv6_cidr_blocks=None)¶ A collection of values returned by getIpRanges.
id= None¶The provider-assigned unique ID for this managed resource.
- class
pulumi_cloudflare.GetWafGroupsResult(filter=None, groups=None, id=None, package_id=None, zone_id=None)¶ A collection of values returned by getWafGroups.
id= None¶The provider-assigned unique ID for this managed resource.
- class
pulumi_cloudflare.GetWafPackagesResult(filter=None, id=None, packages=None, zone_id=None)¶ A collection of values returned by getWafPackages.
id= None¶The provider-assigned unique ID for this managed resource.
- class
pulumi_cloudflare.GetWafRulesResult(filter=None, id=None, package_id=None, rules=None, zone_id=None)¶ A collection of values returned by getWafRules.
id= None¶The provider-assigned unique ID for this managed resource.
- class
pulumi_cloudflare.GetZonesResult(filter=None, id=None, zones=None)¶ A collection of values returned by getZones.
id= None¶The provider-assigned unique ID for this managed resource.
- class
pulumi_cloudflare.Healthcheck(resource_name, opts=None, address=None, allow_insecure=None, check_regions=None, consecutive_fails=None, consecutive_successes=None, description=None, expected_body=None, expected_codes=None, follow_redirects=None, headers=None, interval=None, method=None, name=None, notification_email_addresses=None, notification_suspended=None, path=None, port=None, retries=None, suspended=None, timeout=None, type=None, zone_id=None, __props__=None, __name__=None, __opts__=None)¶ Standalone Health Checks provide a way to monitor origin servers without needing a Cloudflare Load Balancer.
import pulumi import pulumi_cloudflare as cloudflare http_health_check = cloudflare.Healthcheck("httpHealthCheck", zone_id=var["cloudflare_zone_id"], name="http-health-check", description="example http health check", address="example.com", suspended=False, check_regions=[ "WEU", "EEU", ], notification_suspended=False, notification_email_addresses=["hostmaster@example.com"], type="HTTPS", port="443", method="GET", path="/health", expected_body="alive", expected_codes=[ "2xx", "301", ], follow_redirects=True, allow_insecure=False, header=[{ "header": "Host", "values": ["example.com"], }], timeout=10, retries=2, interval=60, consecutive_fails=3, consecutive_successes=2)
import pulumi import pulumi_cloudflare as cloudflare tcp_health_check = cloudflare.Healthcheck("tcpHealthCheck", zone_id=var["cloudflare_zone_id"], name="tcp-health-check", description="example tcp health check", address="example.com", suspended=False, check_regions=[ "WEU", "EEU", ], notification_suspended=False, notification_email_addresses=["hostmaster@example.com"], type="TCP", port="22", method="connection_established", timeout=10, retries=2, interval=60, consecutive_fails=3, consecutive_successes=2)
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
address (pulumi.Input[str]) – The hostname or IP address of the origin server to run health checks on.
allow_insecure (pulumi.Input[bool]) – Do not validate the certificate when the health check uses HTTPS. Valid values:
trueorfalse(Default:false).check_regions (pulumi.Input[list]) – A list of regions from which to run health checks. If not set Cloudflare will pick a default region. Valid values:
WNAM,ENAM,WEU,EEU,NSAM,SSAM,OC,ME,NAF,SAF,IN,SEAS,NEAS,ALL_REGIONS.consecutive_fails (pulumi.Input[float]) – The number of consecutive fails required from a health check before changing the health to unhealthy. (Default:
1)consecutive_successes (pulumi.Input[float]) – The number of consecutive successes required from a health check before changing the health to healthy. (Default:
1)description (pulumi.Input[str]) – A human-readable description of the health check.
expected_body (pulumi.Input[str]) – A case-insensitive sub-string to look for in the response body. If this string is not found, the origin will be marked as unhealthy.
expected_codes (pulumi.Input[list]) – The expected HTTP response codes (e.g. “200”) or code ranges (e.g. “2xx” for all codes starting with 2) of the health check. (Default:
["200"])follow_redirects (pulumi.Input[bool]) – Follow redirects if the origin returns a 3xx status code. Valid values:
trueorfalse(Default:false).headers (pulumi.Input[list]) – The header name.
interval (pulumi.Input[float]) – The interval between each health check. Shorter intervals may give quicker notifications if the origin status changes, but will increase load on the origin as we check from multiple locations. (Default:
60)method (pulumi.Input[str]) – The TCP connection method to use for the health check. Valid values:
connection_established(Default:connection_established).name (pulumi.Input[str]) – A short name to identify the health check. Only alphanumeric characters, hyphens and underscores are allowed.
notification_email_addresses (pulumi.Input[list]) – A list of email addresses we want to send the notifications to.
notification_suspended (pulumi.Input[bool]) – Whether the notifications are suspended or not. Useful for maintenance periods. Valid values:
trueorfalse(Default:false).path (pulumi.Input[str]) – The endpoint path to health check against. (Default:
/)port (pulumi.Input[float]) – Port number to connect to for the health check. Valid values are in the rage
0-65535(Default:80).retries (pulumi.Input[float]) – The number of retries to attempt in case of a timeout before marking the origin as unhealthy. Retries are attempted immediately. (Default:
2)suspended (pulumi.Input[bool]) – If suspended, no health checks are sent to the origin. Valid values:
trueorfalse(Default:false).timeout (pulumi.Input[float]) – The timeout (in seconds) before marking the health check as failed. (Default:
5)type (pulumi.Input[str]) – The protocol to use for the health check. Valid values:
HTTP,HTTPS,TCP.zone_id (pulumi.Input[str]) – The DNS zone ID to which apply settings.
The headers object supports the following:
header(pulumi.Input[str]) - The header name.values(pulumi.Input[list]) - A list of string values for the header.
address: pulumi.Output[str] = None¶The hostname or IP address of the origin server to run health checks on.
allow_insecure: pulumi.Output[bool] = None¶Do not validate the certificate when the health check uses HTTPS. Valid values:
trueorfalse(Default:false).
check_regions: pulumi.Output[list] = None¶A list of regions from which to run health checks. If not set Cloudflare will pick a default region. Valid values:
WNAM,ENAM,WEU,EEU,NSAM,SSAM,OC,ME,NAF,SAF,IN,SEAS,NEAS,ALL_REGIONS.
consecutive_fails: pulumi.Output[float] = None¶The number of consecutive fails required from a health check before changing the health to unhealthy. (Default:
1)
consecutive_successes: pulumi.Output[float] = None¶The number of consecutive successes required from a health check before changing the health to healthy. (Default:
1)
description: pulumi.Output[str] = None¶A human-readable description of the health check.
expected_body: pulumi.Output[str] = None¶A case-insensitive sub-string to look for in the response body. If this string is not found, the origin will be marked as unhealthy.
expected_codes: pulumi.Output[list] = None¶The expected HTTP response codes (e.g. “200”) or code ranges (e.g. “2xx” for all codes starting with 2) of the health check. (Default:
["200"])
follow_redirects: pulumi.Output[bool] = None¶Follow redirects if the origin returns a 3xx status code. Valid values:
trueorfalse(Default:false).
headers: pulumi.Output[list] = None¶The header name.
header(str) - The header name.values(list) - A list of string values for the header.
interval: pulumi.Output[float] = None¶The interval between each health check. Shorter intervals may give quicker notifications if the origin status changes, but will increase load on the origin as we check from multiple locations. (Default:
60)
method: pulumi.Output[str] = None¶The TCP connection method to use for the health check. Valid values:
connection_established(Default:connection_established).
name: pulumi.Output[str] = None¶A short name to identify the health check. Only alphanumeric characters, hyphens and underscores are allowed.
notification_email_addresses: pulumi.Output[list] = None¶A list of email addresses we want to send the notifications to.
notification_suspended: pulumi.Output[bool] = None¶Whether the notifications are suspended or not. Useful for maintenance periods. Valid values:
trueorfalse(Default:false).
path: pulumi.Output[str] = None¶The endpoint path to health check against. (Default:
/)
port: pulumi.Output[float] = None¶Port number to connect to for the health check. Valid values are in the rage
0-65535(Default:80).
retries: pulumi.Output[float] = None¶The number of retries to attempt in case of a timeout before marking the origin as unhealthy. Retries are attempted immediately. (Default:
2)
suspended: pulumi.Output[bool] = None¶If suspended, no health checks are sent to the origin. Valid values:
trueorfalse(Default:false).
timeout: pulumi.Output[float] = None¶The timeout (in seconds) before marking the health check as failed. (Default:
5)
type: pulumi.Output[str] = None¶The protocol to use for the health check. Valid values:
HTTP,HTTPS,TCP.
zone_id: pulumi.Output[str] = None¶The DNS zone ID to which apply settings.
- static
get(resource_name, id, opts=None, address=None, allow_insecure=None, check_regions=None, consecutive_fails=None, consecutive_successes=None, created_on=None, description=None, expected_body=None, expected_codes=None, follow_redirects=None, headers=None, interval=None, method=None, modified_on=None, name=None, notification_email_addresses=None, notification_suspended=None, path=None, port=None, retries=None, suspended=None, timeout=None, type=None, zone_id=None)¶ Get an existing Healthcheck resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
address (pulumi.Input[str]) – The hostname or IP address of the origin server to run health checks on.
allow_insecure (pulumi.Input[bool]) – Do not validate the certificate when the health check uses HTTPS. Valid values:
trueorfalse(Default:false).check_regions (pulumi.Input[list]) – A list of regions from which to run health checks. If not set Cloudflare will pick a default region. Valid values:
WNAM,ENAM,WEU,EEU,NSAM,SSAM,OC,ME,NAF,SAF,IN,SEAS,NEAS,ALL_REGIONS.consecutive_fails (pulumi.Input[float]) – The number of consecutive fails required from a health check before changing the health to unhealthy. (Default:
1)consecutive_successes (pulumi.Input[float]) – The number of consecutive successes required from a health check before changing the health to healthy. (Default:
1)description (pulumi.Input[str]) – A human-readable description of the health check.
expected_body (pulumi.Input[str]) – A case-insensitive sub-string to look for in the response body. If this string is not found, the origin will be marked as unhealthy.
expected_codes (pulumi.Input[list]) – The expected HTTP response codes (e.g. “200”) or code ranges (e.g. “2xx” for all codes starting with 2) of the health check. (Default:
["200"])follow_redirects (pulumi.Input[bool]) – Follow redirects if the origin returns a 3xx status code. Valid values:
trueorfalse(Default:false).headers (pulumi.Input[list]) – The header name.
interval (pulumi.Input[float]) – The interval between each health check. Shorter intervals may give quicker notifications if the origin status changes, but will increase load on the origin as we check from multiple locations. (Default:
60)method (pulumi.Input[str]) – The TCP connection method to use for the health check. Valid values:
connection_established(Default:connection_established).name (pulumi.Input[str]) – A short name to identify the health check. Only alphanumeric characters, hyphens and underscores are allowed.
notification_email_addresses (pulumi.Input[list]) – A list of email addresses we want to send the notifications to.
notification_suspended (pulumi.Input[bool]) – Whether the notifications are suspended or not. Useful for maintenance periods. Valid values:
trueorfalse(Default:false).path (pulumi.Input[str]) – The endpoint path to health check against. (Default:
/)port (pulumi.Input[float]) – Port number to connect to for the health check. Valid values are in the rage
0-65535(Default:80).retries (pulumi.Input[float]) – The number of retries to attempt in case of a timeout before marking the origin as unhealthy. Retries are attempted immediately. (Default:
2)suspended (pulumi.Input[bool]) – If suspended, no health checks are sent to the origin. Valid values:
trueorfalse(Default:false).timeout (pulumi.Input[float]) – The timeout (in seconds) before marking the health check as failed. (Default:
5)type (pulumi.Input[str]) – The protocol to use for the health check. Valid values:
HTTP,HTTPS,TCP.zone_id (pulumi.Input[str]) – The DNS zone ID to which apply settings.
The headers object supports the following:
header(pulumi.Input[str]) - The header name.values(pulumi.Input[list]) - A list of string values for the header.
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.LoadBalancer(resource_name, opts=None, default_pool_ids=None, description=None, enabled=None, fallback_pool_id=None, name=None, pop_pools=None, proxied=None, region_pools=None, session_affinity=None, steering_policy=None, ttl=None, zone_id=None, __props__=None, __name__=None, __opts__=None)¶ Provides a Cloudflare Load Balancer resource. This sits in front of a number of defined pools of origins and provides various options for geographically-aware load balancing. Note that the load balancing feature must be enabled in your Cloudflare account before you can use this resource.
import pulumi import pulumi_cloudflare as cloudflare foo = cloudflare.LoadBalancerPool("foo", name="example-lb-pool", origins=[{ "name": "example-1", "address": "192.0.2.1", "enabled": False, }]) # Define a load balancer which always points to a pool we define below # In normal usage, would have different pools set for different pops (cloudflare points-of-presence) and/or for different regions # Within each pop or region we can define multiple pools in failover order bar = cloudflare.LoadBalancer("bar", zone_id="d41d8cd98f00b204e9800998ecf8427e", name="example-load-balancer", fallback_pool_id=foo.id, default_pool_ids=[foo.id], description="example load balancer using geo-balancing", proxied=True, steering_policy="geo", pop_pools=[{ "pop": "LAX", "poolIds": [foo.id], }], region_pools=[{ "region": "WNAM", "poolIds": [foo.id], }])
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
default_pool_ids (pulumi.Input[list]) – A list of pool IDs ordered by their failover priority. Used whenever region/pop pools are not defined.
description (pulumi.Input[str]) – Free text description.
enabled (pulumi.Input[bool]) – Enable or disable the load balancer. Defaults to
true(enabled).fallback_pool_id (pulumi.Input[str]) – The pool ID to use when all other pools are detected as unhealthy.
name (pulumi.Input[str]) – The DNS name (FQDN, including the zone) to associate with the load balancer.
pop_pools (pulumi.Input[list]) – A set containing mappings of Cloudflare Point-of-Presence (PoP) identifiers to a list of pool IDs (ordered by their failover priority) for the PoP (datacenter). This feature is only available to enterprise customers. Fields documented below.
proxied (pulumi.Input[bool]) – Whether the hostname gets Cloudflare’s origin protection. Defaults to
false.region_pools (pulumi.Input[list]) – A set containing mappings of region/country codes to a list of pool IDs (ordered by their failover priority) for the given region. Fields documented below.
session_affinity (pulumi.Input[str]) – Associates all requests coming from an end-user with a single origin. Cloudflare will set a cookie on the initial response to the client, such that consequent requests with the cookie in the request will go to the same origin, so long as it is available. Valid values are:
"","none","cookie", and"ip_cookie". Default is"".steering_policy (pulumi.Input[str]) – Determine which method the load balancer uses to determine the fastest route to your origin. Valid values are:
"off","geo","dynamic_latency","random"or"". Default is"".ttl (pulumi.Input[float]) – Time to live (TTL) of this load balancer’s DNS
name. Conflicts withproxied- this cannot be set for proxied load balancers. Default is30.zone_id (pulumi.Input[str]) – The zone ID to add the load balancer to.
The pop_pools object supports the following:
poolIds(pulumi.Input[list]) - A list of pool IDs in failover priority to use for traffic reaching the given PoP.pop(pulumi.Input[str]) - A 3-letter code for the Point-of-Presence. Allowed values can be found in the list of datacenters on the status page. Multiple entries should not be specified with the same PoP.
The region_pools object supports the following:
poolIds(pulumi.Input[list]) - A list of pool IDs in failover priority to use for traffic reaching the given PoP.region(pulumi.Input[str]) - A region code which must be in the list defined here. Multiple entries should not be specified with the same region.
created_on: pulumi.Output[str] = None¶The RFC3339 timestamp of when the load balancer was created.
default_pool_ids: pulumi.Output[list] = None¶A list of pool IDs ordered by their failover priority. Used whenever region/pop pools are not defined.
description: pulumi.Output[str] = None¶Free text description.
enabled: pulumi.Output[bool] = None¶Enable or disable the load balancer. Defaults to
true(enabled).
fallback_pool_id: pulumi.Output[str] = None¶The pool ID to use when all other pools are detected as unhealthy.
modified_on: pulumi.Output[str] = None¶The RFC3339 timestamp of when the load balancer was last modified.
name: pulumi.Output[str] = None¶The DNS name (FQDN, including the zone) to associate with the load balancer.
pop_pools: pulumi.Output[list] = None¶A set containing mappings of Cloudflare Point-of-Presence (PoP) identifiers to a list of pool IDs (ordered by their failover priority) for the PoP (datacenter). This feature is only available to enterprise customers. Fields documented below.
poolIds(list) - A list of pool IDs in failover priority to use for traffic reaching the given PoP.pop(str) - A 3-letter code for the Point-of-Presence. Allowed values can be found in the list of datacenters on the status page. Multiple entries should not be specified with the same PoP.
proxied: pulumi.Output[bool] = None¶Whether the hostname gets Cloudflare’s origin protection. Defaults to
false.
region_pools: pulumi.Output[list] = None¶A set containing mappings of region/country codes to a list of pool IDs (ordered by their failover priority) for the given region. Fields documented below.
poolIds(list) - A list of pool IDs in failover priority to use for traffic reaching the given PoP.region(str) - A region code which must be in the list defined here. Multiple entries should not be specified with the same region.
session_affinity: pulumi.Output[str] = None¶Associates all requests coming from an end-user with a single origin. Cloudflare will set a cookie on the initial response to the client, such that consequent requests with the cookie in the request will go to the same origin, so long as it is available. Valid values are:
"","none","cookie", and"ip_cookie". Default is"".
steering_policy: pulumi.Output[str] = None¶Determine which method the load balancer uses to determine the fastest route to your origin. Valid values are:
"off","geo","dynamic_latency","random"or"". Default is"".
ttl: pulumi.Output[float] = None¶Time to live (TTL) of this load balancer’s DNS
name. Conflicts withproxied- this cannot be set for proxied load balancers. Default is30.
zone_id: pulumi.Output[str] = None¶The zone ID to add the load balancer to.
- static
get(resource_name, id, opts=None, created_on=None, default_pool_ids=None, description=None, enabled=None, fallback_pool_id=None, modified_on=None, name=None, pop_pools=None, proxied=None, region_pools=None, session_affinity=None, steering_policy=None, ttl=None, zone_id=None)¶ Get an existing LoadBalancer resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
created_on (pulumi.Input[str]) – The RFC3339 timestamp of when the load balancer was created.
default_pool_ids (pulumi.Input[list]) – A list of pool IDs ordered by their failover priority. Used whenever region/pop pools are not defined.
description (pulumi.Input[str]) – Free text description.
enabled (pulumi.Input[bool]) – Enable or disable the load balancer. Defaults to
true(enabled).fallback_pool_id (pulumi.Input[str]) – The pool ID to use when all other pools are detected as unhealthy.
modified_on (pulumi.Input[str]) – The RFC3339 timestamp of when the load balancer was last modified.
name (pulumi.Input[str]) – The DNS name (FQDN, including the zone) to associate with the load balancer.
pop_pools (pulumi.Input[list]) – A set containing mappings of Cloudflare Point-of-Presence (PoP) identifiers to a list of pool IDs (ordered by their failover priority) for the PoP (datacenter). This feature is only available to enterprise customers. Fields documented below.
proxied (pulumi.Input[bool]) – Whether the hostname gets Cloudflare’s origin protection. Defaults to
false.region_pools (pulumi.Input[list]) – A set containing mappings of region/country codes to a list of pool IDs (ordered by their failover priority) for the given region. Fields documented below.
session_affinity (pulumi.Input[str]) – Associates all requests coming from an end-user with a single origin. Cloudflare will set a cookie on the initial response to the client, such that consequent requests with the cookie in the request will go to the same origin, so long as it is available. Valid values are:
"","none","cookie", and"ip_cookie". Default is"".steering_policy (pulumi.Input[str]) – Determine which method the load balancer uses to determine the fastest route to your origin. Valid values are:
"off","geo","dynamic_latency","random"or"". Default is"".ttl (pulumi.Input[float]) – Time to live (TTL) of this load balancer’s DNS
name. Conflicts withproxied- this cannot be set for proxied load balancers. Default is30.zone_id (pulumi.Input[str]) – The zone ID to add the load balancer to.
The pop_pools object supports the following:
poolIds(pulumi.Input[list]) - A list of pool IDs in failover priority to use for traffic reaching the given PoP.pop(pulumi.Input[str]) - A 3-letter code for the Point-of-Presence. Allowed values can be found in the list of datacenters on the status page. Multiple entries should not be specified with the same PoP.
The region_pools object supports the following:
poolIds(pulumi.Input[list]) - A list of pool IDs in failover priority to use for traffic reaching the given PoP.region(pulumi.Input[str]) - A region code which must be in the list defined here. Multiple entries should not be specified with the same region.
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.LoadBalancerMonitor(resource_name, opts=None, allow_insecure=None, description=None, expected_body=None, expected_codes=None, follow_redirects=None, headers=None, interval=None, method=None, path=None, port=None, retries=None, timeout=None, type=None, __props__=None, __name__=None, __opts__=None)¶ If you’re using Cloudflare’s Load Balancing to load-balance across multiple origin servers or data centers, you configure one of these Monitors to actively check the availability of those servers over HTTP(S) or TCP.
import pulumi import pulumi_cloudflare as cloudflare http_monitor = cloudflare.LoadBalancerMonitor("httpMonitor", allow_insecure=False, description="example http load balancer", expected_body="alive", expected_codes="2xx", follow_redirects=True, headers=[{ "header": "Host", "values": ["example.com"], }], interval=60, method="GET", path="/health", retries=5, timeout=7, type="http")
import pulumi import pulumi_cloudflare as cloudflare tcp_monitor = cloudflare.LoadBalancerMonitor("tcpMonitor", description="example tcp load balancer", interval=60, method="connection_established", retries=5, timeout=7, type="tcp")
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
allow_insecure (pulumi.Input[bool]) – Do not validate the certificate when monitor use HTTPS. Only valid if
typeis “http” or “https”.description (pulumi.Input[str]) – Free text description.
expected_body (pulumi.Input[str]) – A case-insensitive sub-string to look for in the response body. If this string is not found, the origin will be marked as unhealthy. Only valid if
typeis “http” or “https”. Default: “”.expected_codes (pulumi.Input[str]) – The expected HTTP response code or code range of the health check. Eg
2xx. Only valid and required iftypeis “http” or “https”.follow_redirects (pulumi.Input[bool]) – Follow redirects if returned by the origin. Only valid if
typeis “http” or “https”.headers (pulumi.Input[list]) – The header name.
interval (pulumi.Input[float]) – The interval between each health check. Shorter intervals may improve failover time, but will increase load on the origins as we check from multiple locations. Default: 60.
method (pulumi.Input[str]) – The method to use for the health check. Valid values are any valid HTTP verb if
typeis “http” or “https”, orconnection_establishediftypeis “tcp”. Default: “GET” iftypeis “http” or “https”, or “connection_established” iftypeis “tcp” .path (pulumi.Input[str]) – The endpoint path to health check against. Default: “/”. Only valid if
typeis “http” or “https”.retries (pulumi.Input[float]) – The number of retries to attempt in case of a timeout before marking the origin as unhealthy. Retries are attempted immediately. Default: 2.
timeout (pulumi.Input[float]) – The timeout (in seconds) before marking the health check as failed. Default: 5.
type (pulumi.Input[str]) – The protocol to use for the healthcheck. Currently supported protocols are ‘HTTP’, ‘HTTPS’ and ‘TCP’. Default: “http”.
The headers object supports the following:
header(pulumi.Input[str]) - The header name.values(pulumi.Input[list]) - A list of string values for the header.
allow_insecure: pulumi.Output[bool] = None¶Do not validate the certificate when monitor use HTTPS. Only valid if
typeis “http” or “https”.
created_on: pulumi.Output[str] = None¶The RFC3339 timestamp of when the load balancer monitor was created.
description: pulumi.Output[str] = None¶Free text description.
expected_body: pulumi.Output[str] = None¶A case-insensitive sub-string to look for in the response body. If this string is not found, the origin will be marked as unhealthy. Only valid if
typeis “http” or “https”. Default: “”.
expected_codes: pulumi.Output[str] = None¶The expected HTTP response code or code range of the health check. Eg
2xx. Only valid and required iftypeis “http” or “https”.
follow_redirects: pulumi.Output[bool] = None¶Follow redirects if returned by the origin. Only valid if
typeis “http” or “https”.
headers: pulumi.Output[list] = None¶The header name.
header(str) - The header name.values(list) - A list of string values for the header.
interval: pulumi.Output[float] = None¶The interval between each health check. Shorter intervals may improve failover time, but will increase load on the origins as we check from multiple locations. Default: 60.
method: pulumi.Output[str] = None¶The method to use for the health check. Valid values are any valid HTTP verb if
typeis “http” or “https”, orconnection_establishediftypeis “tcp”. Default: “GET” iftypeis “http” or “https”, or “connection_established” iftypeis “tcp” .
modified_on: pulumi.Output[str] = None¶The RFC3339 timestamp of when the load balancer monitor was last modified.
path: pulumi.Output[str] = None¶The endpoint path to health check against. Default: “/”. Only valid if
typeis “http” or “https”.
retries: pulumi.Output[float] = None¶The number of retries to attempt in case of a timeout before marking the origin as unhealthy. Retries are attempted immediately. Default: 2.
timeout: pulumi.Output[float] = None¶The timeout (in seconds) before marking the health check as failed. Default: 5.
type: pulumi.Output[str] = None¶The protocol to use for the healthcheck. Currently supported protocols are ‘HTTP’, ‘HTTPS’ and ‘TCP’. Default: “http”.
- static
get(resource_name, id, opts=None, allow_insecure=None, created_on=None, description=None, expected_body=None, expected_codes=None, follow_redirects=None, headers=None, interval=None, method=None, modified_on=None, path=None, port=None, retries=None, timeout=None, type=None)¶ Get an existing LoadBalancerMonitor resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
allow_insecure (pulumi.Input[bool]) – Do not validate the certificate when monitor use HTTPS. Only valid if
typeis “http” or “https”.created_on (pulumi.Input[str]) – The RFC3339 timestamp of when the load balancer monitor was created.
description (pulumi.Input[str]) – Free text description.
expected_body (pulumi.Input[str]) – A case-insensitive sub-string to look for in the response body. If this string is not found, the origin will be marked as unhealthy. Only valid if
typeis “http” or “https”. Default: “”.expected_codes (pulumi.Input[str]) – The expected HTTP response code or code range of the health check. Eg
2xx. Only valid and required iftypeis “http” or “https”.follow_redirects (pulumi.Input[bool]) – Follow redirects if returned by the origin. Only valid if
typeis “http” or “https”.headers (pulumi.Input[list]) – The header name.
interval (pulumi.Input[float]) – The interval between each health check. Shorter intervals may improve failover time, but will increase load on the origins as we check from multiple locations. Default: 60.
method (pulumi.Input[str]) – The method to use for the health check. Valid values are any valid HTTP verb if
typeis “http” or “https”, orconnection_establishediftypeis “tcp”. Default: “GET” iftypeis “http” or “https”, or “connection_established” iftypeis “tcp” .modified_on (pulumi.Input[str]) – The RFC3339 timestamp of when the load balancer monitor was last modified.
path (pulumi.Input[str]) – The endpoint path to health check against. Default: “/”. Only valid if
typeis “http” or “https”.retries (pulumi.Input[float]) – The number of retries to attempt in case of a timeout before marking the origin as unhealthy. Retries are attempted immediately. Default: 2.
timeout (pulumi.Input[float]) – The timeout (in seconds) before marking the health check as failed. Default: 5.
type (pulumi.Input[str]) – The protocol to use for the healthcheck. Currently supported protocols are ‘HTTP’, ‘HTTPS’ and ‘TCP’. Default: “http”.
The headers object supports the following:
header(pulumi.Input[str]) - The header name.values(pulumi.Input[list]) - A list of string values for the header.
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.LoadBalancerPool(resource_name, opts=None, check_regions=None, description=None, enabled=None, minimum_origins=None, monitor=None, name=None, notification_email=None, origins=None, __props__=None, __name__=None, __opts__=None)¶ Provides a Cloudflare Load Balancer pool resource. This provides a pool of origins that can be used by a Cloudflare Load Balancer. Note that the load balancing feature must be enabled in your Cloudflare account before you can use this resource.
import pulumi import pulumi_cloudflare as cloudflare foo = cloudflare.LoadBalancerPool("foo", description="example load balancer pool", enabled=False, minimum_origins=1, name="example-pool", notification_email="someone@example.com", origins=[ { "address": "192.0.2.1", "enabled": False, "name": "example-1", }, { "address": "192.0.2.2", "name": "example-2", }, ])
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
check_regions (pulumi.Input[list]) –
A list of regions (specified by region code) from which to run health checks. Empty means every Cloudflare data center (the default), but requires an Enterprise plan. Region codes can be found here.
description (pulumi.Input[str]) – Free text description.
enabled (pulumi.Input[bool]) – Whether to enable (the default) this origin within the Pool. Disabled origins will not receive traffic and are excluded from health checks. The origin will only be disabled for the current pool.
minimum_origins (pulumi.Input[float]) – The minimum number of origins that must be healthy for this pool to serve traffic. If the number of healthy origins falls below this number, the pool will be marked unhealthy and we will failover to the next available pool. Default: 1.
monitor (pulumi.Input[str]) – The ID of the Monitor to use for health checking origins within this pool.
name (pulumi.Input[str]) – A human-identifiable name for the origin.
notification_email (pulumi.Input[str]) – The email address to send health status notifications to. This can be an individual mailbox or a mailing list. Multiple emails can be supplied as a comma delimited list.
origins (pulumi.Input[list]) – The list of origins within this pool. Traffic directed at this pool is balanced across all currently healthy origins, provided the pool itself is healthy. It’s a complex value. See description below.
The origins object supports the following:
address(pulumi.Input[str]) - The IP address (IPv4 or IPv6) of the origin, or the publicly addressable hostname. Hostnames entered here should resolve directly to the origin, and not be a hostname proxied by Cloudflare.enabled(pulumi.Input[bool]) - Whether to enable (the default) this origin within the Pool. Disabled origins will not receive traffic and are excluded from health checks. The origin will only be disabled for the current pool.name(pulumi.Input[str]) - A human-identifiable name for the origin.weight(pulumi.Input[float]) - The weight (0.01 - 1.00) of this origin, relative to other origins in the pool. Equal values mean equal weighting. A weight of 0 means traffic will not be sent to this origin, but health is still checked. Default: 1.
check_regions: pulumi.Output[list] = None¶A list of regions (specified by region code) from which to run health checks. Empty means every Cloudflare data center (the default), but requires an Enterprise plan. Region codes can be found here.
created_on: pulumi.Output[str] = None¶The RFC3339 timestamp of when the load balancer was created.
description: pulumi.Output[str] = None¶Free text description.
enabled: pulumi.Output[bool] = None¶Whether to enable (the default) this origin within the Pool. Disabled origins will not receive traffic and are excluded from health checks. The origin will only be disabled for the current pool.
minimum_origins: pulumi.Output[float] = None¶The minimum number of origins that must be healthy for this pool to serve traffic. If the number of healthy origins falls below this number, the pool will be marked unhealthy and we will failover to the next available pool. Default: 1.
modified_on: pulumi.Output[str] = None¶The RFC3339 timestamp of when the load balancer was last modified.
monitor: pulumi.Output[str] = None¶The ID of the Monitor to use for health checking origins within this pool.
name: pulumi.Output[str] = None¶A human-identifiable name for the origin.
notification_email: pulumi.Output[str] = None¶The email address to send health status notifications to. This can be an individual mailbox or a mailing list. Multiple emails can be supplied as a comma delimited list.
origins: pulumi.Output[list] = None¶The list of origins within this pool. Traffic directed at this pool is balanced across all currently healthy origins, provided the pool itself is healthy. It’s a complex value. See description below.
address(str) - The IP address (IPv4 or IPv6) of the origin, or the publicly addressable hostname. Hostnames entered here should resolve directly to the origin, and not be a hostname proxied by Cloudflare.enabled(bool) - Whether to enable (the default) this origin within the Pool. Disabled origins will not receive traffic and are excluded from health checks. The origin will only be disabled for the current pool.name(str) - A human-identifiable name for the origin.weight(float) - The weight (0.01 - 1.00) of this origin, relative to other origins in the pool. Equal values mean equal weighting. A weight of 0 means traffic will not be sent to this origin, but health is still checked. Default: 1.
- static
get(resource_name, id, opts=None, check_regions=None, created_on=None, description=None, enabled=None, minimum_origins=None, modified_on=None, monitor=None, name=None, notification_email=None, origins=None)¶ Get an existing LoadBalancerPool resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
check_regions (pulumi.Input[list]) –
A list of regions (specified by region code) from which to run health checks. Empty means every Cloudflare data center (the default), but requires an Enterprise plan. Region codes can be found here.
created_on (pulumi.Input[str]) – The RFC3339 timestamp of when the load balancer was created.
description (pulumi.Input[str]) – Free text description.
enabled (pulumi.Input[bool]) – Whether to enable (the default) this origin within the Pool. Disabled origins will not receive traffic and are excluded from health checks. The origin will only be disabled for the current pool.
minimum_origins (pulumi.Input[float]) – The minimum number of origins that must be healthy for this pool to serve traffic. If the number of healthy origins falls below this number, the pool will be marked unhealthy and we will failover to the next available pool. Default: 1.
modified_on (pulumi.Input[str]) – The RFC3339 timestamp of when the load balancer was last modified.
monitor (pulumi.Input[str]) – The ID of the Monitor to use for health checking origins within this pool.
name (pulumi.Input[str]) – A human-identifiable name for the origin.
notification_email (pulumi.Input[str]) – The email address to send health status notifications to. This can be an individual mailbox or a mailing list. Multiple emails can be supplied as a comma delimited list.
origins (pulumi.Input[list]) – The list of origins within this pool. Traffic directed at this pool is balanced across all currently healthy origins, provided the pool itself is healthy. It’s a complex value. See description below.
The origins object supports the following:
address(pulumi.Input[str]) - The IP address (IPv4 or IPv6) of the origin, or the publicly addressable hostname. Hostnames entered here should resolve directly to the origin, and not be a hostname proxied by Cloudflare.enabled(pulumi.Input[bool]) - Whether to enable (the default) this origin within the Pool. Disabled origins will not receive traffic and are excluded from health checks. The origin will only be disabled for the current pool.name(pulumi.Input[str]) - A human-identifiable name for the origin.weight(pulumi.Input[float]) - The weight (0.01 - 1.00) of this origin, relative to other origins in the pool. Equal values mean equal weighting. A weight of 0 means traffic will not be sent to this origin, but health is still checked. Default: 1.
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.LogPushOwnershipChallenge(resource_name, opts=None, destination_conf=None, zone_id=None, __props__=None, __name__=None, __opts__=None)¶ Provides a resource which manages Cloudflare Logpush ownership challenges to use in a Logpush Job. On it’s own, doesn’t do much however this resource should be used in conjunction to create Logpush jobs.
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
destination_conf (pulumi.Input[str]) – Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See Logpush destination documentation.
zone_id (pulumi.Input[str]) – The zone ID where the logpush ownership challenge should be created.
destination_conf: pulumi.Output[str] = None¶Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See Logpush destination documentation.
ownership_challenge_filename: pulumi.Output[str] = None¶The filename of the ownership challenge which contains the contents required for Logpush Job creation.
zone_id: pulumi.Output[str] = None¶The zone ID where the logpush ownership challenge should be created.
- static
get(resource_name, id, opts=None, destination_conf=None, ownership_challenge_filename=None, zone_id=None)¶ Get an existing LogPushOwnershipChallenge resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
destination_conf (pulumi.Input[str]) –
Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See Logpush destination documentation.
ownership_challenge_filename (pulumi.Input[str]) – The filename of the ownership challenge which contains the contents required for Logpush Job creation.
zone_id (pulumi.Input[str]) – The zone ID where the logpush ownership challenge should be created.
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.LogpullRetention(resource_name, opts=None, enabled=None, zone_id=None, __props__=None, __name__=None, __opts__=None)¶ Allows management of the Logpull Retention settings used to control whether or not to retain HTTP request logs.
import pulumi import pulumi_cloudflare as cloudflare example = cloudflare.LogpullRetention("example", enabled="true", zone_id="fb54f084ca7f7b732d3d3ecbd8ef7bf2")
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
enabled (pulumi.Input[bool]) – Whether you wish to retain logs or not.
zone_id (pulumi.Input[str]) – The zone ID to apply the log retention to.
enabled: pulumi.Output[bool] = None¶Whether you wish to retain logs or not.
zone_id: pulumi.Output[str] = None¶The zone ID to apply the log retention to.
- static
get(resource_name, id, opts=None, enabled=None, zone_id=None)¶ Get an existing LogpullRetention resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
enabled (pulumi.Input[bool]) – Whether you wish to retain logs or not.
zone_id (pulumi.Input[str]) – The zone ID to apply the log retention to.
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.LogpushJob(resource_name, opts=None, dataset=None, destination_conf=None, enabled=None, logpull_options=None, name=None, ownership_challenge=None, zone_id=None, __props__=None, __name__=None, __opts__=None)¶ Create a LogpushJob resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] dataset: Which type of dataset resource to use. Available values are
"firewall_events","http_requests", and"spectrum_events". :param pulumi.Input[str] destination_conf: Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See Logpush destination documentation. :param pulumi.Input[str] logpull_options: Configuration string for the Logshare API. It specifies things like requested fields and timestamp formats. See Logpull options documentation. :param pulumi.Input[str] name: The name of the logpush job to create. Must match the regular expression^[a-zA-Z0-9\-\.]*$. :param pulumi.Input[str] ownership_challenge: Ownership challenge token to prove destination ownership. See Developer documentation. :param pulumi.Input[str] zone_id: The zone ID where the logpush job should be created.dataset: pulumi.Output[str] = None¶Which type of dataset resource to use. Available values are
"firewall_events","http_requests", and"spectrum_events".
destination_conf: pulumi.Output[str] = None¶Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See Logpush destination documentation.
logpull_options: pulumi.Output[str] = None¶Configuration string for the Logshare API. It specifies things like requested fields and timestamp formats. See Logpull options documentation.
name: pulumi.Output[str] = None¶The name of the logpush job to create. Must match the regular expression
^[a-zA-Z0-9\-\.]*$.
ownership_challenge: pulumi.Output[str] = None¶Ownership challenge token to prove destination ownership. See Developer documentation.
zone_id: pulumi.Output[str] = None¶The zone ID where the logpush job should be created.
- static
get(resource_name, id, opts=None, dataset=None, destination_conf=None, enabled=None, logpull_options=None, name=None, ownership_challenge=None, zone_id=None)¶ Get an existing LogpushJob resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
dataset (pulumi.Input[str]) – Which type of dataset resource to use. Available values are
"firewall_events","http_requests", and"spectrum_events".destination_conf (pulumi.Input[str]) –
Uniquely identifies a resource (such as an s3 bucket) where data will be pushed. Additional configuration parameters supported by the destination may be included. See Logpush destination documentation.
logpull_options (pulumi.Input[str]) –
Configuration string for the Logshare API. It specifies things like requested fields and timestamp formats. See Logpull options documentation.
name (pulumi.Input[str]) – The name of the logpush job to create. Must match the regular expression
^[a-zA-Z0-9\-\.]*$.ownership_challenge (pulumi.Input[str]) –
Ownership challenge token to prove destination ownership. See Developer documentation.
zone_id (pulumi.Input[str]) – The zone ID where the logpush job should be created.
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.OriginCaCertificate(resource_name, opts=None, csr=None, hostnames=None, request_type=None, requested_validity=None, __props__=None, __name__=None, __opts__=None)¶ Provides a Cloudflare Origin CA certificate used to protect traffic to your origin without involving a third party Certificate Authority.
This resource requires you use your Origin CA Key as the ``api_user_service_key``.
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
csr (pulumi.Input[str]) – The Certificate Signing Request. Must be newline-encoded.
hostnames (pulumi.Input[list]) – An array of hostnames or wildcard names bound to the certificate.
request_type (pulumi.Input[str]) – The signature type desired on the certificate.
requested_validity (pulumi.Input[float]) – The number of days for which the certificate should be valid.
certificate: pulumi.Output[str] = None¶The Origin CA certificate
csr: pulumi.Output[str] = None¶The Certificate Signing Request. Must be newline-encoded.
expires_on: pulumi.Output[str] = None¶The datetime when the certificate will expire.
hostnames: pulumi.Output[list] = None¶An array of hostnames or wildcard names bound to the certificate.
request_type: pulumi.Output[str] = None¶The signature type desired on the certificate.
requested_validity: pulumi.Output[float] = None¶The number of days for which the certificate should be valid.
- static
get(resource_name, id, opts=None, certificate=None, csr=None, expires_on=None, hostnames=None, request_type=None, requested_validity=None)¶ Get an existing OriginCaCertificate resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
certificate (pulumi.Input[str]) – The Origin CA certificate
csr (pulumi.Input[str]) – The Certificate Signing Request. Must be newline-encoded.
expires_on (pulumi.Input[str]) – The datetime when the certificate will expire.
hostnames (pulumi.Input[list]) – An array of hostnames or wildcard names bound to the certificate.
request_type (pulumi.Input[str]) – The signature type desired on the certificate.
requested_validity (pulumi.Input[float]) – The number of days for which the certificate should be valid.
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.PageRule(resource_name, opts=None, actions=None, priority=None, status=None, target=None, zone_id=None, __props__=None, __name__=None, __opts__=None)¶ Provides a Cloudflare page rule resource.
import pulumi import pulumi_cloudflare as cloudflare # Add a page rule to the domain foobar = cloudflare.PageRule("foobar", zone_id=var["cloudflare_zone_id"], target=f"sub.{var['cloudflare_zone']}/page", priority=1, actions={ "ssl": "flexible", "emailObfuscation": "on", "minify": [{ "html": "off", "css": "on", "js": "on", }], })
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
actions (pulumi.Input[dict]) – The actions taken by the page rule, options given below.
priority (pulumi.Input[float]) – The priority of the page rule among others for this target, the higher the number the higher the priority as per API documentation.
status (pulumi.Input[str]) – Whether the page rule is active or disabled.
target (pulumi.Input[str]) – The URL pattern to target with the page rule.
zone_id (pulumi.Input[str]) – The DNS zone ID to which the page rule should be added.
The actions object supports the following:
alwaysOnline(pulumi.Input[str]) - Whether this action is"on"or"off".alwaysUseHttps(pulumi.Input[bool]) - Boolean of whether this action is enabled. Default: false.automaticHttpsRewrites(pulumi.Input[str]) - Whether this action is"on"or"off".browserCacheTtl(pulumi.Input[str]) - The Time To Live for the browser cache.0means ‘Respect Existing Headers’browserCheck(pulumi.Input[str]) - Whether this action is"on"or"off".bypassCacheOnCookie(pulumi.Input[str]) - String value of cookie name to conditionally bypass cache the page.cacheByDeviceType(pulumi.Input[str]) - Whether this action is"on"or"off".cacheDeceptionArmor(pulumi.Input[str]) - Whether this action is"on"or"off".cacheKeyFields(pulumi.Input[dict]) - Controls how Cloudflare creates Cache Keys used to identify files in cache. See below for full description.cookie(pulumi.Input[dict]) - Controls what cookies go into Cache Key:checkPresences(pulumi.Input[list]) - Check for presence of specified HTTP headers, without including their actual values.includes(pulumi.Input[list]) - Only use values of specified query string parameters in Cache Key.
header(pulumi.Input[dict]) - Controls what HTTP headers go into Cache Key:checkPresences(pulumi.Input[list]) - Check for presence of specified HTTP headers, without including their actual values.excludes(pulumi.Input[list]) - Exclude these query string parameters from Cache Key.includes(pulumi.Input[list]) - Only use values of specified query string parameters in Cache Key.
host(pulumi.Input[dict]) - Controls which Host header goes into Cache Key:resolved(pulumi.Input[bool]) -false(default) - includes the Host header in the HTTP request sent to the origin;true- includes the Host header that was resolved to get the origin IP for the request (e.g. changed with Resolve Override Page Rule).
queryString(pulumi.Input[dict]) - Controls which URL query string parameters go into the Cache Key.excludes(pulumi.Input[list]) - Exclude these query string parameters from Cache Key.ignore(pulumi.Input[bool]) -false(default) - all query string parameters are used for Cache Key, unless explicitly excluded;true- all query string parameters are ignored; value is ignored if any ofexcludeorincludeis non-empty.includes(pulumi.Input[list]) - Only use values of specified query string parameters in Cache Key.
user(pulumi.Input[dict]) - Controls which end user-related features go into the Cache Key.deviceType(pulumi.Input[bool]) -true- classifies a request as “mobile”, “desktop”, or “tablet” based on the User Agent; defaults tofalse.geo(pulumi.Input[bool]) -true- includes the client’s country, derived from the IP address; defaults tofalse.lang(pulumi.Input[bool]) -true- includes the first language code contained in theAccept-Languageheader sent by the client; defaults tofalse.
cacheLevel(pulumi.Input[str]) - Whether to set the cache level to"bypass","basic","simplified","aggressive", or"cache_everything".cacheOnCookie(pulumi.Input[str]) - String value of cookie name to conditionally cache the page.cacheTtlByStatuses(pulumi.Input[list]) - Set cache TTL based on the response status from the origin web server. Can be specified multiple times. See below for full description.codes(pulumi.Input[str]) - A HTTP code (e.g.404) or range of codes (e.g.400-499)ttl(pulumi.Input[float]) - Duration a resource lives in the Cloudflare cache.positive number - cache for specified duration in seconds
disableApps(pulumi.Input[bool]) - Boolean of whether this action is enabled. Default: false.disablePerformance(pulumi.Input[bool]) - Boolean of whether this action is enabled. Default: false.disableRailgun(pulumi.Input[bool]) - Boolean of whether this action is enabled. Default: false.disableSecurity(pulumi.Input[bool]) - Boolean of whether this action is enabled. Default: false.edgeCacheTtl(pulumi.Input[float]) - The Time To Live for the edge cache.emailObfuscation(pulumi.Input[str]) - Whether this action is"on"or"off".explicitCacheControl(pulumi.Input[str]) - Whether origin Cache-Control action is"on"or"off".forwardingUrl(pulumi.Input[dict]) - The URL to forward to, and with what status. See below.statusCode(pulumi.Input[float]) - The status code to use for the redirection.url(pulumi.Input[str]) - The URL to which the page rule should forward.
hostHeaderOverride(pulumi.Input[str]) - Value of the Host header to send.ipGeolocation(pulumi.Input[str]) - Whether this action is"on"or"off".minifies(pulumi.Input[list]) - The configuration for HTML, CSS and JS minification. See below for full list of options.css(pulumi.Input[str]) - Whether CSS should be minified. Valid values are"on"or"off".html(pulumi.Input[str]) - Whether HTML should be minified. Valid values are"on"or"off".js(pulumi.Input[str]) - Whether Javascript should be minified. Valid values are"on"or"off".
mirage(pulumi.Input[str]) - Whether this action is"on"or"off".opportunisticEncryption(pulumi.Input[str]) - Whether this action is"on"or"off".originErrorPagePassThru(pulumi.Input[str]) - Whether this action is"on"or"off".polish(pulumi.Input[str]) - Whether this action is"off","lossless"or"lossy".resolveOverride(pulumi.Input[str]) - Overridden origin server name.respectStrongEtag(pulumi.Input[str]) - Whether this action is"on"or"off".responseBuffering(pulumi.Input[str]) - Whether this action is"on"or"off".rocketLoader(pulumi.Input[str]) - Whether to set the rocket loader to"on","off".securityLevel(pulumi.Input[str]) - Whether to set the security level to"off","essentially_off","low","medium","high", or"under_attack".serverSideExclude(pulumi.Input[str]) - Whether this action is"on"or"off".sortQueryStringForCache(pulumi.Input[str]) - Whether this action is"on"or"off".ssl(pulumi.Input[str]) - Whether to set the SSL mode to"off","flexible","full","strict", or"origin_pull".trueClientIpHeader(pulumi.Input[str]) - Whether this action is"on"or"off".waf(pulumi.Input[str]) - Whether this action is"on"or"off".
actions: pulumi.Output[dict] = None¶The actions taken by the page rule, options given below.
alwaysOnline(str) - Whether this action is"on"or"off".alwaysUseHttps(bool) - Boolean of whether this action is enabled. Default: false.automaticHttpsRewrites(str) - Whether this action is"on"or"off".browserCacheTtl(str) - The Time To Live for the browser cache.0means ‘Respect Existing Headers’browserCheck(str) - Whether this action is"on"or"off".bypassCacheOnCookie(str) - String value of cookie name to conditionally bypass cache the page.cacheByDeviceType(str) - Whether this action is"on"or"off".cacheDeceptionArmor(str) - Whether this action is"on"or"off".cacheKeyFields(dict) - Controls how Cloudflare creates Cache Keys used to identify files in cache. See below for full description.cookie(dict) - Controls what cookies go into Cache Key:checkPresences(list) - Check for presence of specified HTTP headers, without including their actual values.includes(list) - Only use values of specified query string parameters in Cache Key.
header(dict) - Controls what HTTP headers go into Cache Key:checkPresences(list) - Check for presence of specified HTTP headers, without including their actual values.excludes(list) - Exclude these query string parameters from Cache Key.includes(list) - Only use values of specified query string parameters in Cache Key.
host(dict) - Controls which Host header goes into Cache Key:resolved(bool) -false(default) - includes the Host header in the HTTP request sent to the origin;true- includes the Host header that was resolved to get the origin IP for the request (e.g. changed with Resolve Override Page Rule).
queryString(dict) - Controls which URL query string parameters go into the Cache Key.excludes(list) - Exclude these query string parameters from Cache Key.ignore(bool) -false(default) - all query string parameters are used for Cache Key, unless explicitly excluded;true- all query string parameters are ignored; value is ignored if any ofexcludeorincludeis non-empty.includes(list) - Only use values of specified query string parameters in Cache Key.
user(dict) - Controls which end user-related features go into the Cache Key.deviceType(bool) -true- classifies a request as “mobile”, “desktop”, or “tablet” based on the User Agent; defaults tofalse.geo(bool) -true- includes the client’s country, derived from the IP address; defaults tofalse.lang(bool) -true- includes the first language code contained in theAccept-Languageheader sent by the client; defaults tofalse.
cacheLevel(str) - Whether to set the cache level to"bypass","basic","simplified","aggressive", or"cache_everything".cacheOnCookie(str) - String value of cookie name to conditionally cache the page.cacheTtlByStatuses(list) - Set cache TTL based on the response status from the origin web server. Can be specified multiple times. See below for full description.codes(str) - A HTTP code (e.g.404) or range of codes (e.g.400-499)ttl(float) - Duration a resource lives in the Cloudflare cache.positive number - cache for specified duration in seconds
disableApps(bool) - Boolean of whether this action is enabled. Default: false.disablePerformance(bool) - Boolean of whether this action is enabled. Default: false.disableRailgun(bool) - Boolean of whether this action is enabled. Default: false.disableSecurity(bool) - Boolean of whether this action is enabled. Default: false.edgeCacheTtl(float) - The Time To Live for the edge cache.emailObfuscation(str) - Whether this action is"on"or"off".explicitCacheControl(str) - Whether origin Cache-Control action is"on"or"off".forwardingUrl(dict) - The URL to forward to, and with what status. See below.statusCode(float) - The status code to use for the redirection.url(str) - The URL to which the page rule should forward.
hostHeaderOverride(str) - Value of the Host header to send.ipGeolocation(str) - Whether this action is"on"or"off".minifies(list) - The configuration for HTML, CSS and JS minification. See below for full list of options.css(str) - Whether CSS should be minified. Valid values are"on"or"off".html(str) - Whether HTML should be minified. Valid values are"on"or"off".js(str) - Whether Javascript should be minified. Valid values are"on"or"off".
mirage(str) - Whether this action is"on"or"off".opportunisticEncryption(str) - Whether this action is"on"or"off".originErrorPagePassThru(str) - Whether this action is"on"or"off".polish(str) - Whether this action is"off","lossless"or"lossy".resolveOverride(str) - Overridden origin server name.respectStrongEtag(str) - Whether this action is"on"or"off".responseBuffering(str) - Whether this action is"on"or"off".rocketLoader(str) - Whether to set the rocket loader to"on","off".securityLevel(str) - Whether to set the security level to"off","essentially_off","low","medium","high", or"under_attack".serverSideExclude(str) - Whether this action is"on"or"off".sortQueryStringForCache(str) - Whether this action is"on"or"off".ssl(str) - Whether to set the SSL mode to"off","flexible","full","strict", or"origin_pull".trueClientIpHeader(str) - Whether this action is"on"or"off".waf(str) - Whether this action is"on"or"off".
priority: pulumi.Output[float] = None¶The priority of the page rule among others for this target, the higher the number the higher the priority as per API documentation.
status: pulumi.Output[str] = None¶Whether the page rule is active or disabled.
target: pulumi.Output[str] = None¶The URL pattern to target with the page rule.
zone_id: pulumi.Output[str] = None¶The DNS zone ID to which the page rule should be added.
- static
get(resource_name, id, opts=None, actions=None, priority=None, status=None, target=None, zone_id=None)¶ Get an existing PageRule resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
actions (pulumi.Input[dict]) – The actions taken by the page rule, options given below.
priority (pulumi.Input[float]) –
The priority of the page rule among others for this target, the higher the number the higher the priority as per API documentation.
status (pulumi.Input[str]) – Whether the page rule is active or disabled.
target (pulumi.Input[str]) – The URL pattern to target with the page rule.
zone_id (pulumi.Input[str]) – The DNS zone ID to which the page rule should be added.
The actions object supports the following:
alwaysOnline(pulumi.Input[str]) - Whether this action is"on"or"off".alwaysUseHttps(pulumi.Input[bool]) - Boolean of whether this action is enabled. Default: false.automaticHttpsRewrites(pulumi.Input[str]) - Whether this action is"on"or"off".browserCacheTtl(pulumi.Input[str]) - The Time To Live for the browser cache.0means ‘Respect Existing Headers’browserCheck(pulumi.Input[str]) - Whether this action is"on"or"off".bypassCacheOnCookie(pulumi.Input[str]) - String value of cookie name to conditionally bypass cache the page.cacheByDeviceType(pulumi.Input[str]) - Whether this action is"on"or"off".cacheDeceptionArmor(pulumi.Input[str]) - Whether this action is"on"or"off".cacheKeyFields(pulumi.Input[dict]) - Controls how Cloudflare creates Cache Keys used to identify files in cache. See below for full description.cookie(pulumi.Input[dict]) - Controls what cookies go into Cache Key:checkPresences(pulumi.Input[list]) - Check for presence of specified HTTP headers, without including their actual values.includes(pulumi.Input[list]) - Only use values of specified query string parameters in Cache Key.
header(pulumi.Input[dict]) - Controls what HTTP headers go into Cache Key:checkPresences(pulumi.Input[list]) - Check for presence of specified HTTP headers, without including their actual values.excludes(pulumi.Input[list]) - Exclude these query string parameters from Cache Key.includes(pulumi.Input[list]) - Only use values of specified query string parameters in Cache Key.
host(pulumi.Input[dict]) - Controls which Host header goes into Cache Key:resolved(pulumi.Input[bool]) -false(default) - includes the Host header in the HTTP request sent to the origin;true- includes the Host header that was resolved to get the origin IP for the request (e.g. changed with Resolve Override Page Rule).
queryString(pulumi.Input[dict]) - Controls which URL query string parameters go into the Cache Key.excludes(pulumi.Input[list]) - Exclude these query string parameters from Cache Key.ignore(pulumi.Input[bool]) -false(default) - all query string parameters are used for Cache Key, unless explicitly excluded;true- all query string parameters are ignored; value is ignored if any ofexcludeorincludeis non-empty.includes(pulumi.Input[list]) - Only use values of specified query string parameters in Cache Key.
user(pulumi.Input[dict]) - Controls which end user-related features go into the Cache Key.deviceType(pulumi.Input[bool]) -true- classifies a request as “mobile”, “desktop”, or “tablet” based on the User Agent; defaults tofalse.geo(pulumi.Input[bool]) -true- includes the client’s country, derived from the IP address; defaults tofalse.lang(pulumi.Input[bool]) -true- includes the first language code contained in theAccept-Languageheader sent by the client; defaults tofalse.
cacheLevel(pulumi.Input[str]) - Whether to set the cache level to"bypass","basic","simplified","aggressive", or"cache_everything".cacheOnCookie(pulumi.Input[str]) - String value of cookie name to conditionally cache the page.cacheTtlByStatuses(pulumi.Input[list]) - Set cache TTL based on the response status from the origin web server. Can be specified multiple times. See below for full description.codes(pulumi.Input[str]) - A HTTP code (e.g.404) or range of codes (e.g.400-499)ttl(pulumi.Input[float]) - Duration a resource lives in the Cloudflare cache.positive number - cache for specified duration in seconds
disableApps(pulumi.Input[bool]) - Boolean of whether this action is enabled. Default: false.disablePerformance(pulumi.Input[bool]) - Boolean of whether this action is enabled. Default: false.disableRailgun(pulumi.Input[bool]) - Boolean of whether this action is enabled. Default: false.disableSecurity(pulumi.Input[bool]) - Boolean of whether this action is enabled. Default: false.edgeCacheTtl(pulumi.Input[float]) - The Time To Live for the edge cache.emailObfuscation(pulumi.Input[str]) - Whether this action is"on"or"off".explicitCacheControl(pulumi.Input[str]) - Whether origin Cache-Control action is"on"or"off".forwardingUrl(pulumi.Input[dict]) - The URL to forward to, and with what status. See below.statusCode(pulumi.Input[float]) - The status code to use for the redirection.url(pulumi.Input[str]) - The URL to which the page rule should forward.
hostHeaderOverride(pulumi.Input[str]) - Value of the Host header to send.ipGeolocation(pulumi.Input[str]) - Whether this action is"on"or"off".minifies(pulumi.Input[list]) - The configuration for HTML, CSS and JS minification. See below for full list of options.css(pulumi.Input[str]) - Whether CSS should be minified. Valid values are"on"or"off".html(pulumi.Input[str]) - Whether HTML should be minified. Valid values are"on"or"off".js(pulumi.Input[str]) - Whether Javascript should be minified. Valid values are"on"or"off".
mirage(pulumi.Input[str]) - Whether this action is"on"or"off".opportunisticEncryption(pulumi.Input[str]) - Whether this action is"on"or"off".originErrorPagePassThru(pulumi.Input[str]) - Whether this action is"on"or"off".polish(pulumi.Input[str]) - Whether this action is"off","lossless"or"lossy".resolveOverride(pulumi.Input[str]) - Overridden origin server name.respectStrongEtag(pulumi.Input[str]) - Whether this action is"on"or"off".responseBuffering(pulumi.Input[str]) - Whether this action is"on"or"off".rocketLoader(pulumi.Input[str]) - Whether to set the rocket loader to"on","off".securityLevel(pulumi.Input[str]) - Whether to set the security level to"off","essentially_off","low","medium","high", or"under_attack".serverSideExclude(pulumi.Input[str]) - Whether this action is"on"or"off".sortQueryStringForCache(pulumi.Input[str]) - Whether this action is"on"or"off".ssl(pulumi.Input[str]) - Whether to set the SSL mode to"off","flexible","full","strict", or"origin_pull".trueClientIpHeader(pulumi.Input[str]) - Whether this action is"on"or"off".waf(pulumi.Input[str]) - Whether this action is"on"or"off".
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.Provider(resource_name, opts=None, account_id=None, api_client_logging=None, api_key=None, api_token=None, api_user_service_key=None, email=None, max_backoff=None, min_backoff=None, retries=None, rps=None, __props__=None, __name__=None, __opts__=None)¶ The provider type for the cloudflare package. By default, resources use package-wide configuration settings, however an explicit
Providerinstance may be created and passed during resource construction to achieve fine-grained programmatic control over provider settings. See the documentation for more information.- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
account_id (pulumi.Input[str]) – Configure API client to always use that account.
api_client_logging (pulumi.Input[bool]) – Whether to print logs from the API client (using the default log library logger)
api_key (pulumi.Input[str]) – The API key for operations.
api_token (pulumi.Input[str]) – The API Token for operations.
api_user_service_key (pulumi.Input[str]) – A special Cloudflare API key good for a restricted set of endpoints.
email (pulumi.Input[str]) – A registered Cloudflare email address.
max_backoff (pulumi.Input[float]) – Maximum backoff period in seconds after failed API calls
min_backoff (pulumi.Input[float]) – Minimum backoff period in seconds after failed API calls
retries (pulumi.Input[float]) – Maximum number of retries to perform when an API request fails
rps (pulumi.Input[float]) – RPS limit to apply when making calls to the API
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.RateLimit(resource_name, opts=None, action=None, bypass_url_patterns=None, correlate=None, description=None, disabled=None, match=None, period=None, threshold=None, zone_id=None, __props__=None, __name__=None, __opts__=None)¶ Provides a Cloudflare rate limit resource for a given zone. This can be used to limit the traffic you receive zone-wide, or matching more specific types of requests/responses.
import pulumi import pulumi_cloudflare as cloudflare example = cloudflare.RateLimit("example", zone_id=var["cloudflare_zone_id"], threshold=2000, period=2, match={ "request": { "urlPattern": f"{var['cloudflare_zone']}/*", "schemes": [ "HTTP", "HTTPS", ], "methods": [ "GET", "POST", "PUT", "DELETE", "PATCH", "HEAD", ], }, "response": { "statuses": [ 200, 201, 202, 301, 429, ], "originTraffic": False, }, }, action={ "mode": "simulate", "timeout": 43200, "response": { "contentType": "text/plain", "body": "custom response body", }, }, correlate={ "by": "nat", }, disabled=False, description="example rate limit for a zone", bypass_url_patterns=[ f"{var['cloudflare_zone']}/bypass1", f"{var['cloudflare_zone']}/bypass2", ])
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
action (pulumi.Input[dict]) – The action to be performed when the threshold of matched traffic within the period defined is exceeded.
bypass_url_patterns (pulumi.Input[list]) – URLs matching the patterns specified here will be excluded from rate limiting.
correlate (pulumi.Input[dict]) – Determines how rate limiting is applied. By default if not specified, rate limiting applies to the clients IP address.
description (pulumi.Input[str]) – A note that you can use to describe the reason for a rate limit. This value is sanitized and all tags are removed.
disabled (pulumi.Input[bool]) – Whether this ratelimit is currently disabled. Default:
false.match (pulumi.Input[dict]) – Determines which traffic the rate limit counts towards the threshold. By default matches all traffic in the zone. See definition below.
period (pulumi.Input[float]) – The time in seconds to count matching traffic. If the count exceeds threshold within this period the action will be performed (min: 1, max: 86,400).
threshold (pulumi.Input[float]) – The threshold that triggers the rate limit mitigations, combine with period. i.e. threshold per period (min: 2, max: 1,000,000).
zone_id (pulumi.Input[str]) – The DNS zone ID to apply rate limiting to.
The action object supports the following:
mode(pulumi.Input[str]) - The type of action to perform. Allowable values are ‘simulate’, ‘ban’, ‘challenge’ and ‘js_challenge’.response(pulumi.Input[dict]) - Custom content-type and body to return, this overrides the custom error for the zone. This field is not required. Omission will result in default HTML error page. Definition below.body(pulumi.Input[str]) - The body to return, the content here should conform to the content_type.contentType(pulumi.Input[str]) - The content-type of the body, must be one of: ‘text/plain’, ‘text/xml’, ‘application/json’.
timeout(pulumi.Input[float]) - The time in seconds as an integer to perform the mitigation action. This field is required if themodeis eithersimulateorban. Must be the same or greater than the period (min: 1, max: 86400).
The correlate object supports the following:
by(pulumi.Input[str]) - If set to ‘nat’, NAT support will be enabled for rate limiting.
The match object supports the following:
request(pulumi.Input[dict]) - Matches HTTP requests (from the client to Cloudflare). See definition below.methods(pulumi.Input[list]) - HTTP Methods, can be a subset [‘POST’,’PUT’] or all [‘_ALL_’]. Default: [‘_ALL_’].schemes(pulumi.Input[list]) - HTTP Schemes, can be one [‘HTTPS’], both [‘HTTP’,’HTTPS’] or all [‘_ALL_’]. Default: [‘_ALL_’].urlPattern(pulumi.Input[str]) - The URL pattern to match comprised of the host and path, i.e. example.org/path. Wildcard are expanded to match applicable traffic, query strings are not matched. Use * for all traffic to your zone. Default: ‘*’.
response(pulumi.Input[dict]) - Custom content-type and body to return, this overrides the custom error for the zone. This field is not required. Omission will result in default HTML error page. Definition below.originTraffic(pulumi.Input[bool]) - Only count traffic that has come from your origin servers. If true, cached items that Cloudflare serve will not count towards rate limiting. Default:true.statuses(pulumi.Input[list]) - HTTP Status codes, can be one [403], many [401,403] or indicate all by not providing this value.
action: pulumi.Output[dict] = None¶The action to be performed when the threshold of matched traffic within the period defined is exceeded.
mode(str) - The type of action to perform. Allowable values are ‘simulate’, ‘ban’, ‘challenge’ and ‘js_challenge’.response(dict) - Custom content-type and body to return, this overrides the custom error for the zone. This field is not required. Omission will result in default HTML error page. Definition below.body(str) - The body to return, the content here should conform to the content_type.contentType(str) - The content-type of the body, must be one of: ‘text/plain’, ‘text/xml’, ‘application/json’.
timeout(float) - The time in seconds as an integer to perform the mitigation action. This field is required if themodeis eithersimulateorban. Must be the same or greater than the period (min: 1, max: 86400).
bypass_url_patterns: pulumi.Output[list] = None¶URLs matching the patterns specified here will be excluded from rate limiting.
correlate: pulumi.Output[dict] = None¶Determines how rate limiting is applied. By default if not specified, rate limiting applies to the clients IP address.
by(str) - If set to ‘nat’, NAT support will be enabled for rate limiting.
description: pulumi.Output[str] = None¶A note that you can use to describe the reason for a rate limit. This value is sanitized and all tags are removed.
disabled: pulumi.Output[bool] = None¶Whether this ratelimit is currently disabled. Default:
false.
match: pulumi.Output[dict] = None¶Determines which traffic the rate limit counts towards the threshold. By default matches all traffic in the zone. See definition below.
request(dict) - Matches HTTP requests (from the client to Cloudflare). See definition below.methods(list) - HTTP Methods, can be a subset [‘POST’,’PUT’] or all [‘_ALL_’]. Default: [‘_ALL_’].schemes(list) - HTTP Schemes, can be one [‘HTTPS’], both [‘HTTP’,’HTTPS’] or all [‘_ALL_’]. Default: [‘_ALL_’].urlPattern(str) - The URL pattern to match comprised of the host and path, i.e. example.org/path. Wildcard are expanded to match applicable traffic, query strings are not matched. Use * for all traffic to your zone. Default: ‘*’.
response(dict) - Custom content-type and body to return, this overrides the custom error for the zone. This field is not required. Omission will result in default HTML error page. Definition below.originTraffic(bool) - Only count traffic that has come from your origin servers. If true, cached items that Cloudflare serve will not count towards rate limiting. Default:true.statuses(list) - HTTP Status codes, can be one [403], many [401,403] or indicate all by not providing this value.
period: pulumi.Output[float] = None¶The time in seconds to count matching traffic. If the count exceeds threshold within this period the action will be performed (min: 1, max: 86,400).
threshold: pulumi.Output[float] = None¶The threshold that triggers the rate limit mitigations, combine with period. i.e. threshold per period (min: 2, max: 1,000,000).
zone_id: pulumi.Output[str] = None¶The DNS zone ID to apply rate limiting to.
- static
get(resource_name, id, opts=None, action=None, bypass_url_patterns=None, correlate=None, description=None, disabled=None, match=None, period=None, threshold=None, zone_id=None)¶ Get an existing RateLimit resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
action (pulumi.Input[dict]) – The action to be performed when the threshold of matched traffic within the period defined is exceeded.
bypass_url_patterns (pulumi.Input[list]) – URLs matching the patterns specified here will be excluded from rate limiting.
correlate (pulumi.Input[dict]) – Determines how rate limiting is applied. By default if not specified, rate limiting applies to the clients IP address.
description (pulumi.Input[str]) – A note that you can use to describe the reason for a rate limit. This value is sanitized and all tags are removed.
disabled (pulumi.Input[bool]) – Whether this ratelimit is currently disabled. Default:
false.match (pulumi.Input[dict]) – Determines which traffic the rate limit counts towards the threshold. By default matches all traffic in the zone. See definition below.
period (pulumi.Input[float]) – The time in seconds to count matching traffic. If the count exceeds threshold within this period the action will be performed (min: 1, max: 86,400).
threshold (pulumi.Input[float]) – The threshold that triggers the rate limit mitigations, combine with period. i.e. threshold per period (min: 2, max: 1,000,000).
zone_id (pulumi.Input[str]) – The DNS zone ID to apply rate limiting to.
The action object supports the following:
mode(pulumi.Input[str]) - The type of action to perform. Allowable values are ‘simulate’, ‘ban’, ‘challenge’ and ‘js_challenge’.response(pulumi.Input[dict]) - Custom content-type and body to return, this overrides the custom error for the zone. This field is not required. Omission will result in default HTML error page. Definition below.body(pulumi.Input[str]) - The body to return, the content here should conform to the content_type.contentType(pulumi.Input[str]) - The content-type of the body, must be one of: ‘text/plain’, ‘text/xml’, ‘application/json’.
timeout(pulumi.Input[float]) - The time in seconds as an integer to perform the mitigation action. This field is required if themodeis eithersimulateorban. Must be the same or greater than the period (min: 1, max: 86400).
The correlate object supports the following:
by(pulumi.Input[str]) - If set to ‘nat’, NAT support will be enabled for rate limiting.
The match object supports the following:
request(pulumi.Input[dict]) - Matches HTTP requests (from the client to Cloudflare). See definition below.methods(pulumi.Input[list]) - HTTP Methods, can be a subset [‘POST’,’PUT’] or all [‘_ALL_’]. Default: [‘_ALL_’].schemes(pulumi.Input[list]) - HTTP Schemes, can be one [‘HTTPS’], both [‘HTTP’,’HTTPS’] or all [‘_ALL_’]. Default: [‘_ALL_’].urlPattern(pulumi.Input[str]) - The URL pattern to match comprised of the host and path, i.e. example.org/path. Wildcard are expanded to match applicable traffic, query strings are not matched. Use * for all traffic to your zone. Default: ‘*’.
response(pulumi.Input[dict]) - Custom content-type and body to return, this overrides the custom error for the zone. This field is not required. Omission will result in default HTML error page. Definition below.originTraffic(pulumi.Input[bool]) - Only count traffic that has come from your origin servers. If true, cached items that Cloudflare serve will not count towards rate limiting. Default:true.statuses(pulumi.Input[list]) - HTTP Status codes, can be one [403], many [401,403] or indicate all by not providing this value.
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.Record(resource_name, opts=None, data=None, name=None, priority=None, proxied=None, ttl=None, type=None, value=None, zone_id=None, __props__=None, __name__=None, __opts__=None)¶ Create a Record resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[dict] data: Map of attributes that constitute the record value. Primarily used for LOC and SRV record types. Either this or
valuemust be specified :param pulumi.Input[str] name: The name of the record :param pulumi.Input[float] priority: The priority of the record :param pulumi.Input[bool] proxied: Whether the record gets Cloudflare’s origin protection; defaults tofalse. :param pulumi.Input[float] ttl: The TTL of the record (automatic: ‘1’) :param pulumi.Input[str] type: The type of the record :param pulumi.Input[str] value: The (string) value of the record. Either this ordatamust be specified :param pulumi.Input[str] zone_id: The DNS zone ID to add the record toThe data object supports the following:
algorithm(pulumi.Input[float])altitude(pulumi.Input[float])certificate(pulumi.Input[str])content(pulumi.Input[str])digest(pulumi.Input[str])digest_type(pulumi.Input[float])fingerprint(pulumi.Input[str])flags(pulumi.Input[str])key_tag(pulumi.Input[float])lat_degrees(pulumi.Input[float])lat_direction(pulumi.Input[str])lat_minutes(pulumi.Input[float])lat_seconds(pulumi.Input[float])long_degrees(pulumi.Input[float])long_direction(pulumi.Input[str])long_minutes(pulumi.Input[float])long_seconds(pulumi.Input[float])matching_type(pulumi.Input[float])name(pulumi.Input[str]) - The name of the recordorder(pulumi.Input[float])port(pulumi.Input[float])precision_horz(pulumi.Input[float])precision_vert(pulumi.Input[float])preference(pulumi.Input[float])priority(pulumi.Input[float]) - The priority of the recordproto(pulumi.Input[str])protocol(pulumi.Input[float])public_key(pulumi.Input[str])regex(pulumi.Input[str])replacement(pulumi.Input[str])selector(pulumi.Input[float])service(pulumi.Input[str])size(pulumi.Input[float])target(pulumi.Input[str])type(pulumi.Input[float]) - The type of the recordusage(pulumi.Input[float])weight(pulumi.Input[float])
created_on: pulumi.Output[str] = None¶The RFC3339 timestamp of when the record was created
data: pulumi.Output[dict] = None¶Map of attributes that constitute the record value. Primarily used for LOC and SRV record types. Either this or
valuemust be specifiedalgorithm(float)altitude(float)certificate(str)content(str)digest(str)digest_type(float)fingerprint(str)flags(str)key_tag(float)lat_degrees(float)lat_direction(str)lat_minutes(float)lat_seconds(float)long_degrees(float)long_direction(str)long_minutes(float)long_seconds(float)matching_type(float)name(str) - The name of the recordorder(float)port(float)precision_horz(float)precision_vert(float)preference(float)priority(float) - The priority of the recordproto(str)protocol(float)public_key(str)regex(str)replacement(str)selector(float)service(str)size(float)target(str)type(float) - The type of the recordusage(float)weight(float)
hostname: pulumi.Output[str] = None¶The FQDN of the record
metadata: pulumi.Output[dict] = None¶A key-value map of string metadata Cloudflare associates with the record
modified_on: pulumi.Output[str] = None¶The RFC3339 timestamp of when the record was last modified
name: pulumi.Output[str] = None¶The name of the record
priority: pulumi.Output[float] = None¶The priority of the record
proxiable: pulumi.Output[bool] = None¶Shows whether this record can be proxied, must be true if setting
proxied=true
proxied: pulumi.Output[bool] = None¶Whether the record gets Cloudflare’s origin protection; defaults to
false.
ttl: pulumi.Output[float] = None¶The TTL of the record (automatic: ‘1’)
type: pulumi.Output[str] = None¶The type of the record
value: pulumi.Output[str] = None¶The (string) value of the record. Either this or
datamust be specified
zone_id: pulumi.Output[str] = None¶The DNS zone ID to add the record to
- static
get(resource_name, id, opts=None, created_on=None, data=None, hostname=None, metadata=None, modified_on=None, name=None, priority=None, proxiable=None, proxied=None, ttl=None, type=None, value=None, zone_id=None)¶ Get an existing Record resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
created_on (pulumi.Input[str]) – The RFC3339 timestamp of when the record was created
data (pulumi.Input[dict]) – Map of attributes that constitute the record value. Primarily used for LOC and SRV record types. Either this or
valuemust be specifiedhostname (pulumi.Input[str]) – The FQDN of the record
metadata (pulumi.Input[dict]) – A key-value map of string metadata Cloudflare associates with the record
modified_on (pulumi.Input[str]) – The RFC3339 timestamp of when the record was last modified
name (pulumi.Input[str]) – The name of the record
priority (pulumi.Input[float]) – The priority of the record
proxiable (pulumi.Input[bool]) – Shows whether this record can be proxied, must be true if setting
proxied=trueproxied (pulumi.Input[bool]) – Whether the record gets Cloudflare’s origin protection; defaults to
false.ttl (pulumi.Input[float]) –
The TTL of the record (automatic: ‘1’)
type (pulumi.Input[str]) – The type of the record
value (pulumi.Input[str]) – The (string) value of the record. Either this or
datamust be specifiedzone_id (pulumi.Input[str]) – The DNS zone ID to add the record to
The data object supports the following:
algorithm(pulumi.Input[float])altitude(pulumi.Input[float])certificate(pulumi.Input[str])content(pulumi.Input[str])digest(pulumi.Input[str])digest_type(pulumi.Input[float])fingerprint(pulumi.Input[str])flags(pulumi.Input[str])key_tag(pulumi.Input[float])lat_degrees(pulumi.Input[float])lat_direction(pulumi.Input[str])lat_minutes(pulumi.Input[float])lat_seconds(pulumi.Input[float])long_degrees(pulumi.Input[float])long_direction(pulumi.Input[str])long_minutes(pulumi.Input[float])long_seconds(pulumi.Input[float])matching_type(pulumi.Input[float])name(pulumi.Input[str]) - The name of the recordorder(pulumi.Input[float])port(pulumi.Input[float])precision_horz(pulumi.Input[float])precision_vert(pulumi.Input[float])preference(pulumi.Input[float])priority(pulumi.Input[float]) - The priority of the recordproto(pulumi.Input[str])protocol(pulumi.Input[float])public_key(pulumi.Input[str])regex(pulumi.Input[str])replacement(pulumi.Input[str])selector(pulumi.Input[float])service(pulumi.Input[str])size(pulumi.Input[float])target(pulumi.Input[str])type(pulumi.Input[float]) - The type of the recordusage(pulumi.Input[float])weight(pulumi.Input[float])
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.SpectrumApplication(resource_name, opts=None, argo_smart_routing=None, dns=None, edge_ip_connectivity=None, edge_ips=None, ip_firewall=None, origin_directs=None, origin_dns=None, origin_port=None, protocol=None, proxy_protocol=None, tls=None, traffic_type=None, zone_id=None, __props__=None, __name__=None, __opts__=None)¶ Provides a Cloudflare Spectrum Application. You can extend the power of Cloudflare’s DDoS, TLS, and IP Firewall to your other TCP-based services.
import pulumi import pulumi_cloudflare as cloudflare # Define a spectrum application proxies ssh traffic ssh_proxy = cloudflare.SpectrumApplication("sshProxy", zone_id=var["cloudflare_zone_id"], protocol="tcp/22", traffic_type="direct", dns={ "type": "CNAME", "name": "ssh.example.com", }, origin_directs=["tcp://109.151.40.129:22"])
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
argo_smart_routing (pulumi.Input[bool]) – . Enables Argo Smart Routing. Defaults to
false.dns (pulumi.Input[dict]) – The name and type of DNS record for the Spectrum application. Fields documented below.
edge_ip_connectivity (pulumi.Input[str]) – . Choose which types of IP addresses will be provisioned for this subdomain. Valid values are:
all,ipv4,ipv6. Defaults toall.edge_ips (pulumi.Input[list]) – . A list of edge IPs (IPv4 and/or IPv6) to configure Spectrum application to. Requires Bring Your Own IP provisioned.
ip_firewall (pulumi.Input[bool]) – Enables the IP Firewall for this application. Defaults to
true.origin_directs (pulumi.Input[list]) – A list of destination addresses to the origin. e.g.
tcp://192.0.2.1:22.origin_dns (pulumi.Input[dict]) – A destination DNS addresses to the origin. Fields documented below.
origin_port (pulumi.Input[float]) – If using
origin_dnsthis is a required attribute. Origin port to proxy traffice to e.g.22.protocol (pulumi.Input[str]) – The port configuration at Cloudflare’s edge. e.g.
tcp/22.proxy_protocol (pulumi.Input[str]) – Enables a proxy protocol to the origin. Valid values are:
off,v1,v2, andsimple. Defaults tooff.tls (pulumi.Input[str]) – TLS configuration option for Cloudflare to connect to your origin. Valid values are:
off,flexible,fullandstrict. Defaults tooff.traffic_type (pulumi.Input[str]) – Sets application type. Valid values are:
direct,http,https. Defaults todirect.zone_id (pulumi.Input[str]) – The DNS zone ID to add the application to
The dns object supports the following:
name(pulumi.Input[str]) - Fully qualified domain name of the origin e.g. origin-ssh.example.com.type(pulumi.Input[str]) - The type of DNS record associated with the application. Valid values:CNAME.
The origin_dns object supports the following:
name(pulumi.Input[str]) - Fully qualified domain name of the origin e.g. origin-ssh.example.com.
argo_smart_routing: pulumi.Output[bool] = None¶. Enables Argo Smart Routing. Defaults to
false.
dns: pulumi.Output[dict] = None¶The name and type of DNS record for the Spectrum application. Fields documented below.
name(str) - Fully qualified domain name of the origin e.g. origin-ssh.example.com.type(str) - The type of DNS record associated with the application. Valid values:CNAME.
edge_ip_connectivity: pulumi.Output[str] = None¶. Choose which types of IP addresses will be provisioned for this subdomain. Valid values are:
all,ipv4,ipv6. Defaults toall.
edge_ips: pulumi.Output[list] = None¶. A list of edge IPs (IPv4 and/or IPv6) to configure Spectrum application to. Requires Bring Your Own IP provisioned.
ip_firewall: pulumi.Output[bool] = None¶Enables the IP Firewall for this application. Defaults to
true.
origin_directs: pulumi.Output[list] = None¶A list of destination addresses to the origin. e.g.
tcp://192.0.2.1:22.
origin_dns: pulumi.Output[dict] = None¶A destination DNS addresses to the origin. Fields documented below.
name(str) - Fully qualified domain name of the origin e.g. origin-ssh.example.com.
origin_port: pulumi.Output[float] = None¶If using
origin_dnsthis is a required attribute. Origin port to proxy traffice to e.g.22.
protocol: pulumi.Output[str] = None¶The port configuration at Cloudflare’s edge. e.g.
tcp/22.
proxy_protocol: pulumi.Output[str] = None¶Enables a proxy protocol to the origin. Valid values are:
off,v1,v2, andsimple. Defaults tooff.
tls: pulumi.Output[str] = None¶TLS configuration option for Cloudflare to connect to your origin. Valid values are:
off,flexible,fullandstrict. Defaults tooff.
traffic_type: pulumi.Output[str] = None¶Sets application type. Valid values are:
direct,http,https. Defaults todirect.
zone_id: pulumi.Output[str] = None¶The DNS zone ID to add the application to
- static
get(resource_name, id, opts=None, argo_smart_routing=None, dns=None, edge_ip_connectivity=None, edge_ips=None, ip_firewall=None, origin_directs=None, origin_dns=None, origin_port=None, protocol=None, proxy_protocol=None, tls=None, traffic_type=None, zone_id=None)¶ Get an existing SpectrumApplication resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
argo_smart_routing (pulumi.Input[bool]) – . Enables Argo Smart Routing. Defaults to
false.dns (pulumi.Input[dict]) – The name and type of DNS record for the Spectrum application. Fields documented below.
edge_ip_connectivity (pulumi.Input[str]) – . Choose which types of IP addresses will be provisioned for this subdomain. Valid values are:
all,ipv4,ipv6. Defaults toall.edge_ips (pulumi.Input[list]) –
. A list of edge IPs (IPv4 and/or IPv6) to configure Spectrum application to. Requires Bring Your Own IP provisioned.
ip_firewall (pulumi.Input[bool]) – Enables the IP Firewall for this application. Defaults to
true.origin_directs (pulumi.Input[list]) – A list of destination addresses to the origin. e.g.
tcp://192.0.2.1:22.origin_dns (pulumi.Input[dict]) – A destination DNS addresses to the origin. Fields documented below.
origin_port (pulumi.Input[float]) – If using
origin_dnsthis is a required attribute. Origin port to proxy traffice to e.g.22.protocol (pulumi.Input[str]) – The port configuration at Cloudflare’s edge. e.g.
tcp/22.proxy_protocol (pulumi.Input[str]) – Enables a proxy protocol to the origin. Valid values are:
off,v1,v2, andsimple. Defaults tooff.tls (pulumi.Input[str]) – TLS configuration option for Cloudflare to connect to your origin. Valid values are:
off,flexible,fullandstrict. Defaults tooff.traffic_type (pulumi.Input[str]) – Sets application type. Valid values are:
direct,http,https. Defaults todirect.zone_id (pulumi.Input[str]) – The DNS zone ID to add the application to
The dns object supports the following:
name(pulumi.Input[str]) - Fully qualified domain name of the origin e.g. origin-ssh.example.com.type(pulumi.Input[str]) - The type of DNS record associated with the application. Valid values:CNAME.
The origin_dns object supports the following:
name(pulumi.Input[str]) - Fully qualified domain name of the origin e.g. origin-ssh.example.com.
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.WafGroup(resource_name, opts=None, group_id=None, mode=None, package_id=None, zone_id=None, __props__=None, __name__=None, __opts__=None)¶ Provides a Cloudflare WAF rule group resource for a particular zone. This can be used to configure firewall behaviour for pre-defined firewall groups.
import pulumi import pulumi_cloudflare as cloudflare honey_pot = cloudflare.WafGroup("honeyPot", group_id="de677e5818985db1285d0e80225f06e5", mode="on", zone_id="ae36f999674d196762efcc5abb06b345")
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
group_id (pulumi.Input[str]) – The WAF Rule Group ID.
mode (pulumi.Input[str]) – The mode of the group, can be one of [“on”, “off”].
package_id (pulumi.Input[str]) – The ID of the WAF Rule Package that contains the group.
zone_id (pulumi.Input[str]) – The DNS zone ID to apply to.
group_id: pulumi.Output[str] = None¶The WAF Rule Group ID.
mode: pulumi.Output[str] = None¶The mode of the group, can be one of [“on”, “off”].
package_id: pulumi.Output[str] = None¶The ID of the WAF Rule Package that contains the group.
zone_id: pulumi.Output[str] = None¶The DNS zone ID to apply to.
- static
get(resource_name, id, opts=None, group_id=None, mode=None, package_id=None, zone_id=None)¶ Get an existing WafGroup resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
group_id (pulumi.Input[str]) – The WAF Rule Group ID.
mode (pulumi.Input[str]) – The mode of the group, can be one of [“on”, “off”].
package_id (pulumi.Input[str]) – The ID of the WAF Rule Package that contains the group.
zone_id (pulumi.Input[str]) – The DNS zone ID to apply to.
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.WafOverride(resource_name, opts=None, description=None, groups=None, paused=None, priority=None, rewrite_action=None, rules=None, urls=None, zone_id=None, __props__=None, __name__=None, __opts__=None)¶ Provides a Cloudflare WAF override resource. This enables the ability to toggle WAF rules and groups on or off based on URIs.
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
description (pulumi.Input[str]) – Description of what the WAF override does.
groups (pulumi.Input[dict]) – Similar to
rules; which WAF groups you want to alter.paused (pulumi.Input[bool]) – Whether this package is currently paused.
priority (pulumi.Input[float]) – Relative priority of this configuration when multiple configurations match a single URL.
rewrite_action (pulumi.Input[dict]) – When a WAF rule matches, substitute its configured action for a different action specified by this definition.
rules (pulumi.Input[dict]) – A list of WAF rule ID to rule action you intend to apply.
urls (pulumi.Input[list]) – An array of URLs to apply the WAF override to.
zone_id (pulumi.Input[str]) – The DNS zone to which the WAF override condition should be added.
description: pulumi.Output[str] = None¶Description of what the WAF override does.
groups: pulumi.Output[dict] = None¶Similar to
rules; which WAF groups you want to alter.
paused: pulumi.Output[bool] = None¶Whether this package is currently paused.
priority: pulumi.Output[float] = None¶Relative priority of this configuration when multiple configurations match a single URL.
rewrite_action: pulumi.Output[dict] = None¶When a WAF rule matches, substitute its configured action for a different action specified by this definition.
rules: pulumi.Output[dict] = None¶A list of WAF rule ID to rule action you intend to apply.
urls: pulumi.Output[list] = None¶An array of URLs to apply the WAF override to.
zone_id: pulumi.Output[str] = None¶The DNS zone to which the WAF override condition should be added.
- static
get(resource_name, id, opts=None, description=None, groups=None, override_id=None, paused=None, priority=None, rewrite_action=None, rules=None, urls=None, zone_id=None)¶ Get an existing WafOverride resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
description (pulumi.Input[str]) – Description of what the WAF override does.
groups (pulumi.Input[dict]) – Similar to
rules; which WAF groups you want to alter.paused (pulumi.Input[bool]) – Whether this package is currently paused.
priority (pulumi.Input[float]) – Relative priority of this configuration when multiple configurations match a single URL.
rewrite_action (pulumi.Input[dict]) – When a WAF rule matches, substitute its configured action for a different action specified by this definition.
rules (pulumi.Input[dict]) – A list of WAF rule ID to rule action you intend to apply.
urls (pulumi.Input[list]) – An array of URLs to apply the WAF override to.
zone_id (pulumi.Input[str]) – The DNS zone to which the WAF override condition should be added.
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.WafPackage(resource_name, opts=None, action_mode=None, package_id=None, sensitivity=None, zone_id=None, __props__=None, __name__=None, __opts__=None)¶ Provides a Cloudflare WAF rule package resource for a particular zone. This can be used to configure firewall behaviour for pre-defined firewall packages.
import pulumi import pulumi_cloudflare as cloudflare owasp = cloudflare.WafPackage("owasp", action_mode="simulate", package_id="a25a9a7e9c00afc1fb2e0245519d725b", sensitivity="medium", zone_id="ae36f999674d196762efcc5abb06b345")
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
action_mode (pulumi.Input[str]) – The action mode of the package, can be one of [“block”, “challenge”, “simulate”].
package_id (pulumi.Input[str]) – The WAF Package ID.
sensitivity (pulumi.Input[str]) – The sensitivity of the package, can be one of [“high”, “medium”, “low”, “off”].
zone_id (pulumi.Input[str]) – The DNS zone ID to apply to.
action_mode: pulumi.Output[str] = None¶The action mode of the package, can be one of [“block”, “challenge”, “simulate”].
package_id: pulumi.Output[str] = None¶The WAF Package ID.
sensitivity: pulumi.Output[str] = None¶The sensitivity of the package, can be one of [“high”, “medium”, “low”, “off”].
zone_id: pulumi.Output[str] = None¶The DNS zone ID to apply to.
- static
get(resource_name, id, opts=None, action_mode=None, package_id=None, sensitivity=None, zone_id=None)¶ Get an existing WafPackage resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
action_mode (pulumi.Input[str]) – The action mode of the package, can be one of [“block”, “challenge”, “simulate”].
package_id (pulumi.Input[str]) – The WAF Package ID.
sensitivity (pulumi.Input[str]) – The sensitivity of the package, can be one of [“high”, “medium”, “low”, “off”].
zone_id (pulumi.Input[str]) – The DNS zone ID to apply to.
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.WafRule(resource_name, opts=None, mode=None, package_id=None, rule_id=None, zone_id=None, __props__=None, __name__=None, __opts__=None)¶ Provides a Cloudflare WAF rule resource for a particular zone. This can be used to configure firewall behaviour for pre-defined firewall rules.
import pulumi import pulumi_cloudflare as cloudflare _100000 = cloudflare.WafRule("100000", mode="simulate", rule_id="100000", zone_id="ae36f999674d196762efcc5abb06b345")
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
mode (pulumi.Input[str]) – The mode of the rule, can be one of [“block”, “challenge”, “default”, “disable”, “simulate”].
package_id (pulumi.Input[str]) – The ID of the WAF Rule Package that contains the rule.
rule_id (pulumi.Input[str]) – The WAF Rule ID.
zone_id (pulumi.Input[str]) – The DNS zone ID to apply to.
group_id: pulumi.Output[str] = None¶The ID of the WAF Rule Group that contains the rule.
mode: pulumi.Output[str] = None¶The mode of the rule, can be one of [“block”, “challenge”, “default”, “disable”, “simulate”].
package_id: pulumi.Output[str] = None¶The ID of the WAF Rule Package that contains the rule.
rule_id: pulumi.Output[str] = None¶The WAF Rule ID.
zone_id: pulumi.Output[str] = None¶The DNS zone ID to apply to.
- static
get(resource_name, id, opts=None, group_id=None, mode=None, package_id=None, rule_id=None, zone_id=None)¶ Get an existing WafRule resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
group_id (pulumi.Input[str]) – The ID of the WAF Rule Group that contains the rule.
mode (pulumi.Input[str]) – The mode of the rule, can be one of [“block”, “challenge”, “default”, “disable”, “simulate”].
package_id (pulumi.Input[str]) – The ID of the WAF Rule Package that contains the rule.
rule_id (pulumi.Input[str]) – The WAF Rule ID.
zone_id (pulumi.Input[str]) – The DNS zone ID to apply to.
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.WorkerRoute(resource_name, opts=None, pattern=None, script_name=None, zone_id=None, __props__=None, __name__=None, __opts__=None)¶ Provides a Cloudflare worker route resource. A route will also require a
.WorkerScript. NOTE: This resource uses the Cloudflare account APIs. This requires setting theCLOUDFLARE_ACCOUNT_IDenvironment variable oraccount_idprovider argument.import pulumi import pulumi_cloudflare as cloudflare my_script = cloudflare.WorkerScript("myScript") # see ".WorkerScript" documentation ... # Runs the specified worker script for all URLs that match `example.com/*` my_route = cloudflare.WorkerRoute("myRoute", zone_id="d41d8cd98f00b204e9800998ecf8427e", pattern="example.com/*", script_name=my_script.name)
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
pattern (pulumi.Input[str]) – The route pattern
script_name (pulumi.Input[str]) – Which worker script to run for requests that match the route pattern. If
script_nameis empty, workers will be skipped for matching requests.zone_id (pulumi.Input[str]) – The zone ID to add the route to.
pattern: pulumi.Output[str] = None¶The route pattern
script_name: pulumi.Output[str] = None¶Which worker script to run for requests that match the route pattern. If
script_nameis empty, workers will be skipped for matching requests.
zone_id: pulumi.Output[str] = None¶The zone ID to add the route to.
- static
get(resource_name, id, opts=None, pattern=None, script_name=None, zone_id=None)¶ Get an existing WorkerRoute resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
pattern (pulumi.Input[str]) –
The route pattern
script_name (pulumi.Input[str]) – Which worker script to run for requests that match the route pattern. If
script_nameis empty, workers will be skipped for matching requests.zone_id (pulumi.Input[str]) – The zone ID to add the route to.
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.WorkerScript(resource_name, opts=None, content=None, kv_namespace_bindings=None, name=None, plain_text_bindings=None, secret_text_bindings=None, __props__=None, __name__=None, __opts__=None)¶ Provides a Cloudflare worker script resource. In order for a script to be active, you’ll also need to setup a
.WorkerRoute. NOTE: This resource uses the Cloudflare account APIs. This requires setting theCLOUDFLARE_ACCOUNT_IDenvironment variable oraccount_idprovider argument.import pulumi import pulumi_cloudflare as cloudflare my_namespace = cloudflare.WorkersKvNamespace("myNamespace", title="example") # Sets the script with the name "script_1" my_script = cloudflare.WorkerScript("myScript", name="script_1", content=(lambda path: open(path).read())("script.js"), kv_namespace_binding=[{ "name": "MY_EXAMPLE_KV_NAMESPACE", "namespace_id": my_namespace.id, }], plain_text_binding=[{ "name": "MY_EXAMPLE_PLAIN_TEXT", "text": "foobar", }], secret_text_binding=[{ "name": "MY_EXAMPLE_SECRET_TEXT", "text": var["secret_foo_value"], }])
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
content (pulumi.Input[str]) – The script content.
name (pulumi.Input[str]) – The global variable for the binding in your Worker code.
The kv_namespace_bindings object supports the following:
name(pulumi.Input[str]) - The global variable for the binding in your Worker code.namespace_id(pulumi.Input[str])
The plain_text_bindings object supports the following:
name(pulumi.Input[str]) - The global variable for the binding in your Worker code.text(pulumi.Input[str]) - The secret text you want to store.
The secret_text_bindings object supports the following:
name(pulumi.Input[str]) - The global variable for the binding in your Worker code.text(pulumi.Input[str]) - The secret text you want to store.
content: pulumi.Output[str] = None¶The script content.
name: pulumi.Output[str] = None¶The global variable for the binding in your Worker code.
- static
get(resource_name, id, opts=None, content=None, kv_namespace_bindings=None, name=None, plain_text_bindings=None, secret_text_bindings=None)¶ Get an existing WorkerScript resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
content (pulumi.Input[str]) – The script content.
name (pulumi.Input[str]) – The global variable for the binding in your Worker code.
The kv_namespace_bindings object supports the following:
name(pulumi.Input[str]) - The global variable for the binding in your Worker code.namespace_id(pulumi.Input[str])
The plain_text_bindings object supports the following:
name(pulumi.Input[str]) - The global variable for the binding in your Worker code.text(pulumi.Input[str]) - The secret text you want to store.
The secret_text_bindings object supports the following:
name(pulumi.Input[str]) - The global variable for the binding in your Worker code.text(pulumi.Input[str]) - The secret text you want to store.
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.WorkersKv(resource_name, opts=None, key=None, namespace_id=None, value=None, __props__=None, __name__=None, __opts__=None)¶ Provides a Workers KV Pair. NOTE: This resource uses the Cloudflare account APIs. This requires setting the
CLOUDFLARE_ACCOUNT_IDenvironment variable oraccount_idprovider argument.import pulumi import pulumi_cloudflare as cloudflare example_ns = cloudflare.WorkersKvNamespace("exampleNs", title="test-namespace") example = cloudflare.WorkersKv("example", namespace_id=example_ns.id, key="test-key", value="test value")
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
key (pulumi.Input[str]) – The key name
namespace_id (pulumi.Input[str]) – The ID of the Workers KV namespace in which you want to create the KV pair
value (pulumi.Input[str]) – The string value to be stored in the key
key: pulumi.Output[str] = None¶The key name
namespace_id: pulumi.Output[str] = None¶The ID of the Workers KV namespace in which you want to create the KV pair
value: pulumi.Output[str] = None¶The string value to be stored in the key
- static
get(resource_name, id, opts=None, key=None, namespace_id=None, value=None)¶ Get an existing WorkersKv resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
key (pulumi.Input[str]) – The key name
namespace_id (pulumi.Input[str]) – The ID of the Workers KV namespace in which you want to create the KV pair
value (pulumi.Input[str]) – The string value to be stored in the key
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.WorkersKvNamespace(resource_name, opts=None, title=None, __props__=None, __name__=None, __opts__=None)¶ Provides a Workers KV Namespace
import pulumi import pulumi_cloudflare as cloudflare example = cloudflare.WorkersKvNamespace("example", title="test-namespace")
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
title (pulumi.Input[str]) – The name of the namespace you wish to create.
title: pulumi.Output[str] = None¶The name of the namespace you wish to create.
- static
get(resource_name, id, opts=None, title=None)¶ Get an existing WorkersKvNamespace resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
title (pulumi.Input[str]) – The name of the namespace you wish to create.
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.Zone(resource_name, opts=None, jump_start=None, paused=None, plan=None, type=None, zone=None, __props__=None, __name__=None, __opts__=None)¶ Provides a Cloudflare Zone resource. Zone is the basic resource for working with Cloudflare and is roughly equivalent to a domain name that the user purchases.
import pulumi import pulumi_cloudflare as cloudflare example = cloudflare.Zone("example", zone="example.com")
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
jump_start (pulumi.Input[bool]) – Boolean of whether to scan for DNS records on creation. Ignored after zone is created. Default: false.
paused (pulumi.Input[bool]) – Boolean of whether this zone is paused (traffic bypasses Cloudflare). Default: false.
plan (pulumi.Input[str]) – The name of the commercial plan to apply to the zone, can be updated once the one is created; one of
free,pro,business,enterprise.type (pulumi.Input[str]) – A full zone implies that DNS is hosted with Cloudflare. A partial zone is typically a partner-hosted zone or a CNAME setup. Valid values:
full,partial. Default isfull.zone (pulumi.Input[str]) – The DNS zone name which will be added.
jump_start: pulumi.Output[bool] = None¶Boolean of whether to scan for DNS records on creation. Ignored after zone is created. Default: false.
name_servers: pulumi.Output[list] = None¶Cloudflare-assigned name servers. This is only populated for zones that use Cloudflare DNS.
paused: pulumi.Output[bool] = None¶Boolean of whether this zone is paused (traffic bypasses Cloudflare). Default: false.
plan: pulumi.Output[str] = None¶The name of the commercial plan to apply to the zone, can be updated once the one is created; one of
free,pro,business,enterprise.
status: pulumi.Output[str] = None¶Status of the zone. Valid values:
active,pending,initializing,moved,deleted,deactivated.
type: pulumi.Output[str] = None¶A full zone implies that DNS is hosted with Cloudflare. A partial zone is typically a partner-hosted zone or a CNAME setup. Valid values:
full,partial. Default isfull.
vanity_name_servers: pulumi.Output[list] = None¶List of Vanity Nameservers (if set).
meta.wildcard_proxiable- Indicates whether wildcard DNS records can receive Cloudflare security and performance features.meta.phishing_detected- Indicates if URLs on the zone have been identified as hosting phishing content.
verification_key: pulumi.Output[str] = None¶Contains the TXT record value to validate domain ownership. This is only populated for zones of type
partial.
zone: pulumi.Output[str] = None¶The DNS zone name which will be added.
- static
get(resource_name, id, opts=None, jump_start=None, meta=None, name_servers=None, paused=None, plan=None, status=None, type=None, vanity_name_servers=None, verification_key=None, zone=None)¶ Get an existing Zone resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
jump_start (pulumi.Input[bool]) – Boolean of whether to scan for DNS records on creation. Ignored after zone is created. Default: false.
name_servers (pulumi.Input[list]) – Cloudflare-assigned name servers. This is only populated for zones that use Cloudflare DNS.
paused (pulumi.Input[bool]) – Boolean of whether this zone is paused (traffic bypasses Cloudflare). Default: false.
plan (pulumi.Input[str]) – The name of the commercial plan to apply to the zone, can be updated once the one is created; one of
free,pro,business,enterprise.status (pulumi.Input[str]) – Status of the zone. Valid values:
active,pending,initializing,moved,deleted,deactivated.type (pulumi.Input[str]) – A full zone implies that DNS is hosted with Cloudflare. A partial zone is typically a partner-hosted zone or a CNAME setup. Valid values:
full,partial. Default isfull.vanity_name_servers (pulumi.Input[list]) – List of Vanity Nameservers (if set).
* `meta.wildcard_proxiable` - Indicates whether wildcard DNS records can receive Cloudflare security and performance features. * `meta.phishing_detected` - Indicates if URLs on the zone have been identified as hosting phishing content.
- Parameters
verification_key (pulumi.Input[str]) – Contains the TXT record value to validate domain ownership. This is only populated for zones of type
partial.zone (pulumi.Input[str]) – The DNS zone name which will be added.
The meta object supports the following:
phishing_detected(pulumi.Input[bool])wildcard_proxiable(pulumi.Input[bool])
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.ZoneLockdown(resource_name, opts=None, configurations=None, description=None, paused=None, priority=None, urls=None, zone_id=None, __props__=None, __name__=None, __opts__=None)¶ Provides a Cloudflare Zone Lockdown resource. Zone Lockdown allows you to define one or more URLs (with wildcard matching on the domain or path) that will only permit access if the request originates from an IP address that matches a safelist of one or more IP addresses and/or IP ranges.
import pulumi import pulumi_cloudflare as cloudflare # Restrict access to these endpoints to requests from a known IP address. endpoint_lockdown = cloudflare.ZoneLockdown("endpointLockdown", configurations=[{ "target": "ip", "value": "198.51.100.4", }], description="Restrict access to these endpoints to requests from a known IP address", paused="false", urls=["api.mysite.com/some/endpoint*"], zone_id="d41d8cd98f00b204e9800998ecf8427e")
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
configurations (pulumi.Input[list]) – A list of IP addresses or IP ranges to match the request against specified in target, value pairs. It’s a complex value. See description below. The order of the configuration entries is unimportant.
description (pulumi.Input[str]) – A description about the lockdown entry. Typically used as a reminder or explanation for the lockdown.
paused (pulumi.Input[bool]) – Boolean of whether this zone lockdown is currently paused. Default: false.
urls (pulumi.Input[list]) – A list of simple wildcard patterns to match requests against. The order of the urls is unimportant.
zone_id (pulumi.Input[str]) – The DNS zone ID to which the access rule should be added.
The configurations object supports the following:
target(pulumi.Input[str]) - The request property to target. Allowed values: “ip”, “ip_range”value(pulumi.Input[str]) - The value to target. Depends on target’s type. IP addresses should just be standard IPv4/IPv6 notation i.e.198.51.100.4or2001:db8::/32and IP ranges in CIDR format i.e.198.51.0.0/16.
configurations: pulumi.Output[list] = None¶A list of IP addresses or IP ranges to match the request against specified in target, value pairs. It’s a complex value. See description below. The order of the configuration entries is unimportant.
target(str) - The request property to target. Allowed values: “ip”, “ip_range”value(str) - The value to target. Depends on target’s type. IP addresses should just be standard IPv4/IPv6 notation i.e.198.51.100.4or2001:db8::/32and IP ranges in CIDR format i.e.198.51.0.0/16.
description: pulumi.Output[str] = None¶A description about the lockdown entry. Typically used as a reminder or explanation for the lockdown.
paused: pulumi.Output[bool] = None¶Boolean of whether this zone lockdown is currently paused. Default: false.
urls: pulumi.Output[list] = None¶A list of simple wildcard patterns to match requests against. The order of the urls is unimportant.
zone_id: pulumi.Output[str] = None¶The DNS zone ID to which the access rule should be added.
- static
get(resource_name, id, opts=None, configurations=None, description=None, paused=None, priority=None, urls=None, zone_id=None)¶ Get an existing ZoneLockdown resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
configurations (pulumi.Input[list]) – A list of IP addresses or IP ranges to match the request against specified in target, value pairs. It’s a complex value. See description below. The order of the configuration entries is unimportant.
description (pulumi.Input[str]) – A description about the lockdown entry. Typically used as a reminder or explanation for the lockdown.
paused (pulumi.Input[bool]) – Boolean of whether this zone lockdown is currently paused. Default: false.
urls (pulumi.Input[list]) – A list of simple wildcard patterns to match requests against. The order of the urls is unimportant.
zone_id (pulumi.Input[str]) – The DNS zone ID to which the access rule should be added.
The configurations object supports the following:
target(pulumi.Input[str]) - The request property to target. Allowed values: “ip”, “ip_range”value(pulumi.Input[str]) - The value to target. Depends on target’s type. IP addresses should just be standard IPv4/IPv6 notation i.e.198.51.100.4or2001:db8::/32and IP ranges in CIDR format i.e.198.51.0.0/16.
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
- class
pulumi_cloudflare.ZoneSettingsOverride(resource_name, opts=None, settings=None, zone_id=None, __props__=None, __name__=None, __opts__=None)¶ Provides a resource which customizes Cloudflare zone settings. Note that after destroying this resource Zone Settings will be reset to their initial values.
import pulumi import pulumi_cloudflare as cloudflare test = cloudflare.ZoneSettingsOverride("test", zone_id=var["cloudflare_zone_id"], settings={ "brotli": "on", "challengeTtl": 2700, "securityLevel": "high", "opportunisticEncryption": "on", "automaticHttpsRewrites": "on", "mirage": "on", "waf": "on", "minify": { "css": "on", "js": "off", "html": "off", }, "security_header": { "enabled": True, }, })
- Parameters
resource_name (str) – The name of the resource.
opts (pulumi.ResourceOptions) – Options for the resource.
settings (pulumi.Input[dict]) – Settings overrides that will be applied to the zone. If a setting is not specified the existing setting will be used. For a full list of available settings see below.
zone_id (pulumi.Input[str]) – The DNS zone ID to which apply settings.
The settings object supports the following:
alwaysOnline(pulumi.Input[str])alwaysUseHttps(pulumi.Input[str])automaticHttpsRewrites(pulumi.Input[str])brotli(pulumi.Input[str])browserCacheTtl(pulumi.Input[float])browserCheck(pulumi.Input[str])cacheLevel(pulumi.Input[str])challengeTtl(pulumi.Input[float])cnameFlattening(pulumi.Input[str])developmentMode(pulumi.Input[str])emailObfuscation(pulumi.Input[str])h2Prioritization(pulumi.Input[str])hotlinkProtection(pulumi.Input[str])http2(pulumi.Input[str])http3(pulumi.Input[str])imageResizing(pulumi.Input[str])ipGeolocation(pulumi.Input[str])ipv6(pulumi.Input[str])maxUpload(pulumi.Input[float])minTlsVersion(pulumi.Input[str])minify(pulumi.Input[dict])css(pulumi.Input[str]) - “on”/”off”html(pulumi.Input[str]) - “on”/”off”js(pulumi.Input[str]) - “on”/”off”
mirage(pulumi.Input[str])mobileRedirect(pulumi.Input[dict])mobileSubdomain(pulumi.Input[str]) - String valuestatus(pulumi.Input[str]) - “on”/”off”stripUri(pulumi.Input[bool]) - true/false
opportunisticEncryption(pulumi.Input[str])opportunisticOnion(pulumi.Input[str])originErrorPagePassThru(pulumi.Input[str])polish(pulumi.Input[str])prefetchPreload(pulumi.Input[str])privacyPass(pulumi.Input[str])pseudoIpv4(pulumi.Input[str])responseBuffering(pulumi.Input[str])rocketLoader(pulumi.Input[str])securityHeader(pulumi.Input[dict])enabled(pulumi.Input[bool]) - true/falseincludeSubdomains(pulumi.Input[bool]) - true/falsemaxAge(pulumi.Input[float]) - Integernosniff(pulumi.Input[bool]) - true/falsepreload(pulumi.Input[bool]) - true/false
securityLevel(pulumi.Input[str])serverSideExclude(pulumi.Input[str])sortQueryStringForCache(pulumi.Input[str])ssl(pulumi.Input[str])tls12Only(pulumi.Input[str])tls13(pulumi.Input[str])tlsClientAuth(pulumi.Input[str])trueClientIpHeader(pulumi.Input[str])universalSsl(pulumi.Input[str])waf(pulumi.Input[str])webp(pulumi.Input[str]) - . Note that the value specified will be ignored unlesspolishis turned on (i.e. is “lossless” or “lossy”)websockets(pulumi.Input[str])zeroRtt(pulumi.Input[str])
initial_settings: pulumi.Output[dict] = None¶Settings present in the zone at the time the resource is created. This will be used to restore the original settings when this resource is destroyed. Shares the same schema as the
settingsattribute (Above).alwaysOnline(str)alwaysUseHttps(str)automaticHttpsRewrites(str)brotli(str)browserCacheTtl(float)browserCheck(str)cacheLevel(str)challengeTtl(float)cnameFlattening(str)developmentMode(str)emailObfuscation(str)h2Prioritization(str)hotlinkProtection(str)http2(str)http3(str)imageResizing(str)ipGeolocation(str)ipv6(str)maxUpload(float)minTlsVersion(str)minify(dict)css(str) - “on”/”off”html(str) - “on”/”off”js(str) - “on”/”off”
mirage(str)mobileRedirect(dict)mobileSubdomain(str) - String valuestatus(str) - “on”/”off”stripUri(bool) - true/false
opportunisticEncryption(str)opportunisticOnion(str)originErrorPagePassThru(str)polish(str)prefetchPreload(str)privacyPass(str)pseudoIpv4(str)responseBuffering(str)rocketLoader(str)securityHeader(dict)enabled(bool) - true/falseincludeSubdomains(bool) - true/falsemaxAge(float) - Integernosniff(bool) - true/falsepreload(bool) - true/false
securityLevel(str)serverSideExclude(str)sortQueryStringForCache(str)ssl(str)tls12Only(str)tls13(str)tlsClientAuth(str)trueClientIpHeader(str)universalSsl(str)waf(str)webp(str) - . Note that the value specified will be ignored unlesspolishis turned on (i.e. is “lossless” or “lossy”)websockets(str)zeroRtt(str)
readonly_settings: pulumi.Output[list] = None¶Which of the current
settingsare not able to be set by the user. Which settings these are is determined by plan level and user permissions.zone_status. A full zone implies that DNS is hosted with Cloudflare. A partial zone is typically a partner-hosted zone or a CNAME setup.zone_type. Status of the zone. Valid values: active, pending, initializing, moved, deleted, deactivated.
settings: pulumi.Output[dict] = None¶Settings overrides that will be applied to the zone. If a setting is not specified the existing setting will be used. For a full list of available settings see below.
alwaysOnline(str)alwaysUseHttps(str)automaticHttpsRewrites(str)brotli(str)browserCacheTtl(float)browserCheck(str)cacheLevel(str)challengeTtl(float)cnameFlattening(str)developmentMode(str)emailObfuscation(str)h2Prioritization(str)hotlinkProtection(str)http2(str)http3(str)imageResizing(str)ipGeolocation(str)ipv6(str)maxUpload(float)minTlsVersion(str)minify(dict)css(str) - “on”/”off”html(str) - “on”/”off”js(str) - “on”/”off”
mirage(str)mobileRedirect(dict)mobileSubdomain(str) - String valuestatus(str) - “on”/”off”stripUri(bool) - true/false
opportunisticEncryption(str)opportunisticOnion(str)originErrorPagePassThru(str)polish(str)prefetchPreload(str)privacyPass(str)pseudoIpv4(str)responseBuffering(str)rocketLoader(str)securityHeader(dict)enabled(bool) - true/falseincludeSubdomains(bool) - true/falsemaxAge(float) - Integernosniff(bool) - true/falsepreload(bool) - true/false
securityLevel(str)serverSideExclude(str)sortQueryStringForCache(str)ssl(str)tls12Only(str)tls13(str)tlsClientAuth(str)trueClientIpHeader(str)universalSsl(str)waf(str)webp(str) - . Note that the value specified will be ignored unlesspolishis turned on (i.e. is “lossless” or “lossy”)websockets(str)zeroRtt(str)
zone_id: pulumi.Output[str] = None¶The DNS zone ID to which apply settings.
- static
get(resource_name, id, opts=None, initial_settings=None, initial_settings_read_at=None, readonly_settings=None, settings=None, zone_id=None, zone_status=None, zone_type=None)¶ Get an existing ZoneSettingsOverride resource’s state with the given name, id, and optional extra properties used to qualify the lookup.
- Parameters
resource_name (str) – The unique name of the resulting resource.
id (str) – The unique provider ID of the resource to lookup.
opts (pulumi.ResourceOptions) – Options for the resource.
initial_settings (pulumi.Input[dict]) – Settings present in the zone at the time the resource is created. This will be used to restore the original settings when this resource is destroyed. Shares the same schema as the
settingsattribute (Above).readonly_settings (pulumi.Input[list]) – Which of the current
settingsare not able to be set by the user. Which settings these are is determined by plan level and user permissions.
* `zone_status`. A full zone implies that DNS is hosted with Cloudflare. A partial zone is typically a partner-hosted zone or a CNAME setup. * `zone_type`. Status of the zone. Valid values: active, pending, initializing, moved, deleted, deactivated.
- Parameters
settings (pulumi.Input[dict]) – Settings overrides that will be applied to the zone. If a setting is not specified the existing setting will be used. For a full list of available settings see below.
zone_id (pulumi.Input[str]) – The DNS zone ID to which apply settings.
The initial_settings object supports the following:
alwaysOnline(pulumi.Input[str])alwaysUseHttps(pulumi.Input[str])automaticHttpsRewrites(pulumi.Input[str])brotli(pulumi.Input[str])browserCacheTtl(pulumi.Input[float])browserCheck(pulumi.Input[str])cacheLevel(pulumi.Input[str])challengeTtl(pulumi.Input[float])cnameFlattening(pulumi.Input[str])developmentMode(pulumi.Input[str])emailObfuscation(pulumi.Input[str])h2Prioritization(pulumi.Input[str])hotlinkProtection(pulumi.Input[str])http2(pulumi.Input[str])http3(pulumi.Input[str])imageResizing(pulumi.Input[str])ipGeolocation(pulumi.Input[str])ipv6(pulumi.Input[str])maxUpload(pulumi.Input[float])minTlsVersion(pulumi.Input[str])minify(pulumi.Input[dict])css(pulumi.Input[str]) - “on”/”off”html(pulumi.Input[str]) - “on”/”off”js(pulumi.Input[str]) - “on”/”off”
mirage(pulumi.Input[str])mobileRedirect(pulumi.Input[dict])mobileSubdomain(pulumi.Input[str]) - String valuestatus(pulumi.Input[str]) - “on”/”off”stripUri(pulumi.Input[bool]) - true/false
opportunisticEncryption(pulumi.Input[str])opportunisticOnion(pulumi.Input[str])originErrorPagePassThru(pulumi.Input[str])polish(pulumi.Input[str])prefetchPreload(pulumi.Input[str])privacyPass(pulumi.Input[str])pseudoIpv4(pulumi.Input[str])responseBuffering(pulumi.Input[str])rocketLoader(pulumi.Input[str])securityHeader(pulumi.Input[dict])enabled(pulumi.Input[bool]) - true/falseincludeSubdomains(pulumi.Input[bool]) - true/falsemaxAge(pulumi.Input[float]) - Integernosniff(pulumi.Input[bool]) - true/falsepreload(pulumi.Input[bool]) - true/false
securityLevel(pulumi.Input[str])serverSideExclude(pulumi.Input[str])sortQueryStringForCache(pulumi.Input[str])ssl(pulumi.Input[str])tls12Only(pulumi.Input[str])tls13(pulumi.Input[str])tlsClientAuth(pulumi.Input[str])trueClientIpHeader(pulumi.Input[str])universalSsl(pulumi.Input[str])waf(pulumi.Input[str])webp(pulumi.Input[str]) - . Note that the value specified will be ignored unlesspolishis turned on (i.e. is “lossless” or “lossy”)websockets(pulumi.Input[str])zeroRtt(pulumi.Input[str])
The settings object supports the following:
alwaysOnline(pulumi.Input[str])alwaysUseHttps(pulumi.Input[str])automaticHttpsRewrites(pulumi.Input[str])brotli(pulumi.Input[str])browserCacheTtl(pulumi.Input[float])browserCheck(pulumi.Input[str])cacheLevel(pulumi.Input[str])challengeTtl(pulumi.Input[float])cnameFlattening(pulumi.Input[str])developmentMode(pulumi.Input[str])emailObfuscation(pulumi.Input[str])h2Prioritization(pulumi.Input[str])hotlinkProtection(pulumi.Input[str])http2(pulumi.Input[str])http3(pulumi.Input[str])imageResizing(pulumi.Input[str])ipGeolocation(pulumi.Input[str])ipv6(pulumi.Input[str])maxUpload(pulumi.Input[float])minTlsVersion(pulumi.Input[str])minify(pulumi.Input[dict])css(pulumi.Input[str]) - “on”/”off”html(pulumi.Input[str]) - “on”/”off”js(pulumi.Input[str]) - “on”/”off”
mirage(pulumi.Input[str])mobileRedirect(pulumi.Input[dict])mobileSubdomain(pulumi.Input[str]) - String valuestatus(pulumi.Input[str]) - “on”/”off”stripUri(pulumi.Input[bool]) - true/false
opportunisticEncryption(pulumi.Input[str])opportunisticOnion(pulumi.Input[str])originErrorPagePassThru(pulumi.Input[str])polish(pulumi.Input[str])prefetchPreload(pulumi.Input[str])privacyPass(pulumi.Input[str])pseudoIpv4(pulumi.Input[str])responseBuffering(pulumi.Input[str])rocketLoader(pulumi.Input[str])securityHeader(pulumi.Input[dict])enabled(pulumi.Input[bool]) - true/falseincludeSubdomains(pulumi.Input[bool]) - true/falsemaxAge(pulumi.Input[float]) - Integernosniff(pulumi.Input[bool]) - true/falsepreload(pulumi.Input[bool]) - true/false
securityLevel(pulumi.Input[str])serverSideExclude(pulumi.Input[str])sortQueryStringForCache(pulumi.Input[str])ssl(pulumi.Input[str])tls12Only(pulumi.Input[str])tls13(pulumi.Input[str])tlsClientAuth(pulumi.Input[str])trueClientIpHeader(pulumi.Input[str])universalSsl(pulumi.Input[str])waf(pulumi.Input[str])webp(pulumi.Input[str]) - . Note that the value specified will be ignored unlesspolishis turned on (i.e. is “lossless” or “lossy”)websockets(pulumi.Input[str])zeroRtt(pulumi.Input[str])
translate_output_property(prop)¶Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
translate_input_property(prop)¶Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.
- Parameters
prop (str) – A property name.
- Returns
A potentially transformed property name.
- Return type
str
pulumi_cloudflare.get_ip_ranges(opts=None)¶Use this data source to get the IP ranges of Cloudflare edge nodes.
import pulumi import pulumi_cloudflare as cloudflare import pulumi_gcp as gcp cloudflare = cloudflare.get_ip_ranges() allow_cloudflare_ingress = gcp.compute.Firewall("allowCloudflareIngress", network="default", source_ranges=cloudflare.ipv4_cidr_blocks, allow=[{ "ports": "443", "protocol": "tcp", }])
pulumi_cloudflare.get_waf_groups(filter=None, package_id=None, zone_id=None, opts=None)¶Use this data source to look up WAF Rule Groups.
The filter object supports the following:
mode(str)name(str)
pulumi_cloudflare.get_waf_packages(filter=None, zone_id=None, opts=None)¶Use this data source to look up WAF Rule Packages.
The filter object supports the following:
action_mode(str)detectionMode(str)name(str)sensitivity(str)
pulumi_cloudflare.get_waf_rules(filter=None, package_id=None, zone_id=None, opts=None)¶Use this data source to look up WAF Rules.
import pulumi import pulumi_cloudflare as cloudflare test = cloudflare.get_waf_rules(zone_id="ae36f999674d196762efcc5abb06b345", package_id="a25a9a7e9c00afc1fb2e0245519d725b", filter={ "description": ".*example.*", "mode": "on", "group_id": "de677e5818985db1285d0e80225f06e5", }) pulumi.export("wafRules", test.rules)
The filter object supports the following:
description(str)group_id(str)mode(str)
pulumi_cloudflare.get_zones(filter=None, opts=None)¶Use this data source to look up Zone records.
import pulumi import pulumi_cloudflare as cloudflare test = cloudflare.get_zones(filter={ "name": "example.*", "paused": False, "status": "active", }) endpoint_lockdown = cloudflare.ZoneLockdown("endpointLockdown", configurations=[{ "target": "ip", "value": "198.51.100.4", }], description="Restrict access to these endpoints to requests from a known IP address", paused="false", urls=["api.mysite.com/some/endpoint*"], zone=test.zones[0]["name"])
The filter object supports the following:
name(str)paused(bool)status(str)