Docs Home
Cloudflare v6.0.1 published on Wednesday, Apr 16, 2025 by Pulumi
cloudflare.ZeroTrustDeviceCustomProfile
Explore with Pulumi AI
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";
const exampleZeroTrustDeviceCustomProfile = new cloudflare.ZeroTrustDeviceCustomProfile("example_zero_trust_device_custom_profile", {
accountId: "699d98642c564d2e855e9661899b7252",
match: "user.identity == \"test@cloudflare.com\"",
name: "Allow Developers",
precedence: 100,
allowModeSwitch: true,
allowUpdates: true,
allowedToLeave: true,
autoConnect: 0,
captivePortal: 180,
description: "Policy for test teams.",
disableAutoFallback: true,
enabled: true,
excludes: [{
address: "192.0.2.0/24",
description: "Exclude testing domains from the tunnel",
host: "*.example.com",
}],
excludeOfficeIps: true,
includes: [{
address: "192.0.2.0/24",
description: "Exclude testing domains from the tunnel",
host: "*.example.com",
}],
lanAllowMinutes: 30,
lanAllowSubnetSize: 24,
registerInterfaceIpWithDns: true,
serviceModeV2: {
mode: "proxy",
port: 3000,
},
supportUrl: "https://1.1.1.1/help",
switchLocked: true,
tunnelProtocol: "wireguard",
});
import pulumi
import pulumi_cloudflare as cloudflare
example_zero_trust_device_custom_profile = cloudflare.ZeroTrustDeviceCustomProfile("example_zero_trust_device_custom_profile",
account_id="699d98642c564d2e855e9661899b7252",
match="user.identity == \"test@cloudflare.com\"",
name="Allow Developers",
precedence=100,
allow_mode_switch=True,
allow_updates=True,
allowed_to_leave=True,
auto_connect=0,
captive_portal=180,
description="Policy for test teams.",
disable_auto_fallback=True,
enabled=True,
excludes=[{
"address": "192.0.2.0/24",
"description": "Exclude testing domains from the tunnel",
"host": "*.example.com",
}],
exclude_office_ips=True,
includes=[{
"address": "192.0.2.0/24",
"description": "Exclude testing domains from the tunnel",
"host": "*.example.com",
}],
lan_allow_minutes=30,
lan_allow_subnet_size=24,
register_interface_ip_with_dns=True,
service_mode_v2={
"mode": "proxy",
"port": 3000,
},
support_url="https://1.1.1.1/help",
switch_locked=True,
tunnel_protocol="wireguard")
package main
import (
"github.com/pulumi/pulumi-cloudflare/sdk/v6/go/cloudflare"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cloudflare.NewZeroTrustDeviceCustomProfile(ctx, "example_zero_trust_device_custom_profile", &cloudflare.ZeroTrustDeviceCustomProfileArgs{
AccountId: pulumi.String("699d98642c564d2e855e9661899b7252"),
Match: pulumi.String("user.identity == \"test@cloudflare.com\""),
Name: pulumi.String("Allow Developers"),
Precedence: pulumi.Float64(100),
AllowModeSwitch: pulumi.Bool(true),
AllowUpdates: pulumi.Bool(true),
AllowedToLeave: pulumi.Bool(true),
AutoConnect: pulumi.Float64(0),
CaptivePortal: pulumi.Float64(180),
Description: pulumi.String("Policy for test teams."),
DisableAutoFallback: pulumi.Bool(true),
Enabled: pulumi.Bool(true),
Excludes: cloudflare.ZeroTrustDeviceCustomProfileExcludeArray{
&cloudflare.ZeroTrustDeviceCustomProfileExcludeArgs{
Address: pulumi.String("192.0.2.0/24"),
Description: pulumi.String("Exclude testing domains from the tunnel"),
Host: pulumi.String("*.example.com"),
},
},
ExcludeOfficeIps: pulumi.Bool(true),
Includes: cloudflare.ZeroTrustDeviceCustomProfileIncludeArray{
&cloudflare.ZeroTrustDeviceCustomProfileIncludeArgs{
Address: pulumi.String("192.0.2.0/24"),
Description: pulumi.String("Exclude testing domains from the tunnel"),
Host: pulumi.String("*.example.com"),
},
},
LanAllowMinutes: pulumi.Float64(30),
LanAllowSubnetSize: pulumi.Float64(24),
RegisterInterfaceIpWithDns: pulumi.Bool(true),
ServiceModeV2: &cloudflare.ZeroTrustDeviceCustomProfileServiceModeV2Args{
Mode: pulumi.String("proxy"),
Port: pulumi.Float64(3000),
},
SupportUrl: pulumi.String("https://1.1.1.1/help"),
SwitchLocked: pulumi.Bool(true),
TunnelProtocol: pulumi.String("wireguard"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;
return await Deployment.RunAsync(() =>
{
var exampleZeroTrustDeviceCustomProfile = new Cloudflare.ZeroTrustDeviceCustomProfile("example_zero_trust_device_custom_profile", new()
{
AccountId = "699d98642c564d2e855e9661899b7252",
Match = "user.identity == \"test@cloudflare.com\"",
Name = "Allow Developers",
Precedence = 100,
AllowModeSwitch = true,
AllowUpdates = true,
AllowedToLeave = true,
AutoConnect = 0,
CaptivePortal = 180,
Description = "Policy for test teams.",
DisableAutoFallback = true,
Enabled = true,
Excludes = new[]
{
new Cloudflare.Inputs.ZeroTrustDeviceCustomProfileExcludeArgs
{
Address = "192.0.2.0/24",
Description = "Exclude testing domains from the tunnel",
Host = "*.example.com",
},
},
ExcludeOfficeIps = true,
Includes = new[]
{
new Cloudflare.Inputs.ZeroTrustDeviceCustomProfileIncludeArgs
{
Address = "192.0.2.0/24",
Description = "Exclude testing domains from the tunnel",
Host = "*.example.com",
},
},
LanAllowMinutes = 30,
LanAllowSubnetSize = 24,
RegisterInterfaceIpWithDns = true,
ServiceModeV2 = new Cloudflare.Inputs.ZeroTrustDeviceCustomProfileServiceModeV2Args
{
Mode = "proxy",
Port = 3000,
},
SupportUrl = "https://1.1.1.1/help",
SwitchLocked = true,
TunnelProtocol = "wireguard",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudflare.ZeroTrustDeviceCustomProfile;
import com.pulumi.cloudflare.ZeroTrustDeviceCustomProfileArgs;
import com.pulumi.cloudflare.inputs.ZeroTrustDeviceCustomProfileExcludeArgs;
import com.pulumi.cloudflare.inputs.ZeroTrustDeviceCustomProfileIncludeArgs;
import com.pulumi.cloudflare.inputs.ZeroTrustDeviceCustomProfileServiceModeV2Args;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleZeroTrustDeviceCustomProfile = new ZeroTrustDeviceCustomProfile("exampleZeroTrustDeviceCustomProfile", ZeroTrustDeviceCustomProfileArgs.builder()
.accountId("699d98642c564d2e855e9661899b7252")
.match("user.identity == \"test@cloudflare.com\"")
.name("Allow Developers")
.precedence(100.0)
.allowModeSwitch(true)
.allowUpdates(true)
.allowedToLeave(true)
.autoConnect(0.0)
.captivePortal(180.0)
.description("Policy for test teams.")
.disableAutoFallback(true)
.enabled(true)
.excludes(ZeroTrustDeviceCustomProfileExcludeArgs.builder()
.address("192.0.2.0/24")
.description("Exclude testing domains from the tunnel")
.host("*.example.com")
.build())
.excludeOfficeIps(true)
.includes(ZeroTrustDeviceCustomProfileIncludeArgs.builder()
.address("192.0.2.0/24")
.description("Exclude testing domains from the tunnel")
.host("*.example.com")
.build())
.lanAllowMinutes(30.0)
.lanAllowSubnetSize(24.0)
.registerInterfaceIpWithDns(true)
.serviceModeV2(ZeroTrustDeviceCustomProfileServiceModeV2Args.builder()
.mode("proxy")
.port(3000.0)
.build())
.supportUrl("https://1.1.1.1/help")
.switchLocked(true)
.tunnelProtocol("wireguard")
.build());
}
}
resources:
exampleZeroTrustDeviceCustomProfile:
type: cloudflare:ZeroTrustDeviceCustomProfile
name: example_zero_trust_device_custom_profile
properties:
accountId: 699d98642c564d2e855e9661899b7252
match: user.identity == "test@cloudflare.com"
name: Allow Developers
precedence: 100
allowModeSwitch: true
allowUpdates: true
allowedToLeave: true
autoConnect: 0
captivePortal: 180
description: Policy for test teams.
disableAutoFallback: true
enabled: true
excludes:
- address: 192.0.2.0/24
description: Exclude testing domains from the tunnel
host: '*.example.com'
excludeOfficeIps: true
includes:
- address: 192.0.2.0/24
description: Exclude testing domains from the tunnel
host: '*.example.com'
lanAllowMinutes: 30
lanAllowSubnetSize: 24
registerInterfaceIpWithDns: true
serviceModeV2:
mode: proxy
port: 3000
supportUrl: https://1.1.1.1/help
switchLocked: true
tunnelProtocol: wireguard
Create ZeroTrustDeviceCustomProfile Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new ZeroTrustDeviceCustomProfile(name: string, args: ZeroTrustDeviceCustomProfileArgs, opts?: CustomResourceOptions);@overload
def ZeroTrustDeviceCustomProfile(resource_name: str,
args: ZeroTrustDeviceCustomProfileArgs,
opts: Optional[ResourceOptions] = None)
@overload
def ZeroTrustDeviceCustomProfile(resource_name: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
precedence: Optional[float] = None,
name: Optional[str] = None,
match: Optional[str] = None,
captive_portal: Optional[float] = None,
lan_allow_subnet_size: Optional[float] = None,
description: Optional[str] = None,
disable_auto_fallback: Optional[bool] = None,
enabled: Optional[bool] = None,
exclude_office_ips: Optional[bool] = None,
excludes: Optional[Sequence[ZeroTrustDeviceCustomProfileExcludeArgs]] = None,
includes: Optional[Sequence[ZeroTrustDeviceCustomProfileIncludeArgs]] = None,
lan_allow_minutes: Optional[float] = None,
auto_connect: Optional[float] = None,
allowed_to_leave: Optional[bool] = None,
allow_updates: Optional[bool] = None,
allow_mode_switch: Optional[bool] = None,
register_interface_ip_with_dns: Optional[bool] = None,
service_mode_v2: Optional[ZeroTrustDeviceCustomProfileServiceModeV2Args] = None,
support_url: Optional[str] = None,
switch_locked: Optional[bool] = None,
tunnel_protocol: Optional[str] = None)func NewZeroTrustDeviceCustomProfile(ctx *Context, name string, args ZeroTrustDeviceCustomProfileArgs, opts ...ResourceOption) (*ZeroTrustDeviceCustomProfile, error)public ZeroTrustDeviceCustomProfile(string name, ZeroTrustDeviceCustomProfileArgs args, CustomResourceOptions? opts = null)public ZeroTrustDeviceCustomProfile(String name, ZeroTrustDeviceCustomProfileArgs args)
public ZeroTrustDeviceCustomProfile(String name, ZeroTrustDeviceCustomProfileArgs args, CustomResourceOptions options)
type: cloudflare:ZeroTrustDeviceCustomProfile
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name
This property is required. string - The unique name of the resource.
- args
This property is required. ZeroTrustDeviceCustomProfileArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name
This property is required. str - The unique name of the resource.
- args
This property is required. ZeroTrustDeviceCustomProfileArgs - The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. ZeroTrustDeviceCustomProfileArgs - The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. ZeroTrustDeviceCustomProfileArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name
This property is required. String - The unique name of the resource.
- args
This property is required. ZeroTrustDeviceCustomProfileArgs - The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var zeroTrustDeviceCustomProfileResource = new Cloudflare.ZeroTrustDeviceCustomProfile("zeroTrustDeviceCustomProfileResource", new()
{
AccountId = "string",
Precedence = 0,
Name = "string",
Match = "string",
CaptivePortal = 0,
LanAllowSubnetSize = 0,
Description = "string",
DisableAutoFallback = false,
Enabled = false,
ExcludeOfficeIps = false,
Excludes = new[]
{
new Cloudflare.Inputs.ZeroTrustDeviceCustomProfileExcludeArgs
{
Address = "string",
Description = "string",
Host = "string",
},
},
Includes = new[]
{
new Cloudflare.Inputs.ZeroTrustDeviceCustomProfileIncludeArgs
{
Address = "string",
Description = "string",
Host = "string",
},
},
LanAllowMinutes = 0,
AutoConnect = 0,
AllowedToLeave = false,
AllowUpdates = false,
AllowModeSwitch = false,
RegisterInterfaceIpWithDns = false,
ServiceModeV2 = new Cloudflare.Inputs.ZeroTrustDeviceCustomProfileServiceModeV2Args
{
Mode = "string",
Port = 0,
},
SupportUrl = "string",
SwitchLocked = false,
TunnelProtocol = "string",
});
example, err := cloudflare.NewZeroTrustDeviceCustomProfile(ctx, "zeroTrustDeviceCustomProfileResource", &cloudflare.ZeroTrustDeviceCustomProfileArgs{
AccountId: pulumi.String("string"),
Precedence: pulumi.Float64(0),
Name: pulumi.String("string"),
Match: pulumi.String("string"),
CaptivePortal: pulumi.Float64(0),
LanAllowSubnetSize: pulumi.Float64(0),
Description: pulumi.String("string"),
DisableAutoFallback: pulumi.Bool(false),
Enabled: pulumi.Bool(false),
ExcludeOfficeIps: pulumi.Bool(false),
Excludes: cloudflare.ZeroTrustDeviceCustomProfileExcludeArray{
&cloudflare.ZeroTrustDeviceCustomProfileExcludeArgs{
Address: pulumi.String("string"),
Description: pulumi.String("string"),
Host: pulumi.String("string"),
},
},
Includes: cloudflare.ZeroTrustDeviceCustomProfileIncludeArray{
&cloudflare.ZeroTrustDeviceCustomProfileIncludeArgs{
Address: pulumi.String("string"),
Description: pulumi.String("string"),
Host: pulumi.String("string"),
},
},
LanAllowMinutes: pulumi.Float64(0),
AutoConnect: pulumi.Float64(0),
AllowedToLeave: pulumi.Bool(false),
AllowUpdates: pulumi.Bool(false),
AllowModeSwitch: pulumi.Bool(false),
RegisterInterfaceIpWithDns: pulumi.Bool(false),
ServiceModeV2: &cloudflare.ZeroTrustDeviceCustomProfileServiceModeV2Args{
Mode: pulumi.String("string"),
Port: pulumi.Float64(0),
},
SupportUrl: pulumi.String("string"),
SwitchLocked: pulumi.Bool(false),
TunnelProtocol: pulumi.String("string"),
})
var zeroTrustDeviceCustomProfileResource = new ZeroTrustDeviceCustomProfile("zeroTrustDeviceCustomProfileResource", ZeroTrustDeviceCustomProfileArgs.builder()
.accountId("string")
.precedence(0)
.name("string")
.match("string")
.captivePortal(0)
.lanAllowSubnetSize(0)
.description("string")
.disableAutoFallback(false)
.enabled(false)
.excludeOfficeIps(false)
.excludes(ZeroTrustDeviceCustomProfileExcludeArgs.builder()
.address("string")
.description("string")
.host("string")
.build())
.includes(ZeroTrustDeviceCustomProfileIncludeArgs.builder()
.address("string")
.description("string")
.host("string")
.build())
.lanAllowMinutes(0)
.autoConnect(0)
.allowedToLeave(false)
.allowUpdates(false)
.allowModeSwitch(false)
.registerInterfaceIpWithDns(false)
.serviceModeV2(ZeroTrustDeviceCustomProfileServiceModeV2Args.builder()
.mode("string")
.port(0)
.build())
.supportUrl("string")
.switchLocked(false)
.tunnelProtocol("string")
.build());
zero_trust_device_custom_profile_resource = cloudflare.ZeroTrustDeviceCustomProfile("zeroTrustDeviceCustomProfileResource",
account_id="string",
precedence=0,
name="string",
match="string",
captive_portal=0,
lan_allow_subnet_size=0,
description="string",
disable_auto_fallback=False,
enabled=False,
exclude_office_ips=False,
excludes=[{
"address": "string",
"description": "string",
"host": "string",
}],
includes=[{
"address": "string",
"description": "string",
"host": "string",
}],
lan_allow_minutes=0,
auto_connect=0,
allowed_to_leave=False,
allow_updates=False,
allow_mode_switch=False,
register_interface_ip_with_dns=False,
service_mode_v2={
"mode": "string",
"port": 0,
},
support_url="string",
switch_locked=False,
tunnel_protocol="string")
const zeroTrustDeviceCustomProfileResource = new cloudflare.ZeroTrustDeviceCustomProfile("zeroTrustDeviceCustomProfileResource", {
accountId: "string",
precedence: 0,
name: "string",
match: "string",
captivePortal: 0,
lanAllowSubnetSize: 0,
description: "string",
disableAutoFallback: false,
enabled: false,
excludeOfficeIps: false,
excludes: [{
address: "string",
description: "string",
host: "string",
}],
includes: [{
address: "string",
description: "string",
host: "string",
}],
lanAllowMinutes: 0,
autoConnect: 0,
allowedToLeave: false,
allowUpdates: false,
allowModeSwitch: false,
registerInterfaceIpWithDns: false,
serviceModeV2: {
mode: "string",
port: 0,
},
supportUrl: "string",
switchLocked: false,
tunnelProtocol: "string",
});
type: cloudflare:ZeroTrustDeviceCustomProfile
properties:
accountId: string
allowModeSwitch: false
allowUpdates: false
allowedToLeave: false
autoConnect: 0
captivePortal: 0
description: string
disableAutoFallback: false
enabled: false
excludeOfficeIps: false
excludes:
- address: string
description: string
host: string
includes:
- address: string
description: string
host: string
lanAllowMinutes: 0
lanAllowSubnetSize: 0
match: string
name: string
precedence: 0
registerInterfaceIpWithDns: false
serviceModeV2:
mode: string
port: 0
supportUrl: string
switchLocked: false
tunnelProtocol: string
ZeroTrustDeviceCustomProfile Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The ZeroTrustDeviceCustomProfile resource accepts the following input properties:
- Account
Id This property is required. string - Match
This property is required. string - The wirefilter expression to match devices.
- Name
This property is required. string - The name of the device settings profile.
- Precedence
This property is required. double - The precedence of the policy. Lower values indicate higher precedence. Policies will be evaluated in ascending order of this field.
- Allow
Mode boolSwitch - Whether to allow the user to switch WARP between modes.
- Allow
Updates bool - Whether to receive update notifications when a new version of the client is available.
- Allowed
To boolLeave - Whether to allow devices to leave the organization.
- Auto
Connect double - The amount of time in seconds to reconnect after having been disabled.
- Captive
Portal double - Turn on the captive portal after the specified amount of time.
- Description string
- A description of the policy.
- Disable
Auto boolFallback - If the
dns_serverfield of a fallback domain is not present, the client will fall back to a best guess of the default/system DNS resolvers unless this policy option is set totrue. - Enabled bool
- Whether the policy will be applied to matching devices.
- Exclude
Office boolIps - Whether to add Microsoft IPs to Split Tunnel exclusions.
- Excludes
List<Zero
Trust Device Custom Profile Exclude> - List of routes excluded in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
- Includes
List<Zero
Trust Device Custom Profile Include> - List of routes included in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
- Lan
Allow doubleMinutes - The amount of time in minutes a user is allowed access to their LAN. A value of 0 will allow LAN access until the next WARP reconnection, such as a reboot or a laptop waking from sleep. Note that this field is omitted from the response if null or unset.
- Lan
Allow doubleSubnet Size - The size of the subnet for the local access network. Note that this field is omitted from the response if null or unset.
- Register
Interface boolIp With Dns - Determines if the operating system will register WARP's local interface IP with your on-premises DNS server.
- Service
Mode ZeroV2 Trust Device Custom Profile Service Mode V2 - Support
Url string - The URL to launch when the Send Feedback button is clicked.
- Switch
Locked bool - Whether to allow the user to turn off the WARP switch and disconnect the client.
- Tunnel
Protocol string - Determines which tunnel protocol to use.
- Account
Id This property is required. string - Match
This property is required. string - The wirefilter expression to match devices.
- Name
This property is required. string - The name of the device settings profile.
- Precedence
This property is required. float64 - The precedence of the policy. Lower values indicate higher precedence. Policies will be evaluated in ascending order of this field.
- Allow
Mode boolSwitch - Whether to allow the user to switch WARP between modes.
- Allow
Updates bool - Whether to receive update notifications when a new version of the client is available.
- Allowed
To boolLeave - Whether to allow devices to leave the organization.
- Auto
Connect float64 - The amount of time in seconds to reconnect after having been disabled.
- Captive
Portal float64 - Turn on the captive portal after the specified amount of time.
- Description string
- A description of the policy.
- Disable
Auto boolFallback - If the
dns_serverfield of a fallback domain is not present, the client will fall back to a best guess of the default/system DNS resolvers unless this policy option is set totrue. - Enabled bool
- Whether the policy will be applied to matching devices.
- Exclude
Office boolIps - Whether to add Microsoft IPs to Split Tunnel exclusions.
- Excludes
[]Zero
Trust Device Custom Profile Exclude Args - List of routes excluded in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
- Includes
[]Zero
Trust Device Custom Profile Include Args - List of routes included in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
- Lan
Allow float64Minutes - The amount of time in minutes a user is allowed access to their LAN. A value of 0 will allow LAN access until the next WARP reconnection, such as a reboot or a laptop waking from sleep. Note that this field is omitted from the response if null or unset.
- Lan
Allow float64Subnet Size - The size of the subnet for the local access network. Note that this field is omitted from the response if null or unset.
- Register
Interface boolIp With Dns - Determines if the operating system will register WARP's local interface IP with your on-premises DNS server.
- Service
Mode ZeroV2 Trust Device Custom Profile Service Mode V2Args - Support
Url string - The URL to launch when the Send Feedback button is clicked.
- Switch
Locked bool - Whether to allow the user to turn off the WARP switch and disconnect the client.
- Tunnel
Protocol string - Determines which tunnel protocol to use.
- account
Id This property is required. String - match
This property is required. String - The wirefilter expression to match devices.
- name
This property is required. String - The name of the device settings profile.
- precedence
This property is required. Double - The precedence of the policy. Lower values indicate higher precedence. Policies will be evaluated in ascending order of this field.
- allow
Mode BooleanSwitch - Whether to allow the user to switch WARP between modes.
- allow
Updates Boolean - Whether to receive update notifications when a new version of the client is available.
- allowed
To BooleanLeave - Whether to allow devices to leave the organization.
- auto
Connect Double - The amount of time in seconds to reconnect after having been disabled.
- captive
Portal Double - Turn on the captive portal after the specified amount of time.
- description String
- A description of the policy.
- disable
Auto BooleanFallback - If the
dns_serverfield of a fallback domain is not present, the client will fall back to a best guess of the default/system DNS resolvers unless this policy option is set totrue. - enabled Boolean
- Whether the policy will be applied to matching devices.
- exclude
Office BooleanIps - Whether to add Microsoft IPs to Split Tunnel exclusions.
- excludes
List<Zero
Trust Device Custom Profile Exclude> - List of routes excluded in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
- includes
List<Zero
Trust Device Custom Profile Include> - List of routes included in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
- lan
Allow DoubleMinutes - The amount of time in minutes a user is allowed access to their LAN. A value of 0 will allow LAN access until the next WARP reconnection, such as a reboot or a laptop waking from sleep. Note that this field is omitted from the response if null or unset.
- lan
Allow DoubleSubnet Size - The size of the subnet for the local access network. Note that this field is omitted from the response if null or unset.
- register
Interface BooleanIp With Dns - Determines if the operating system will register WARP's local interface IP with your on-premises DNS server.
- service
Mode ZeroV2 Trust Device Custom Profile Service Mode V2 - support
Url String - The URL to launch when the Send Feedback button is clicked.
- switch
Locked Boolean - Whether to allow the user to turn off the WARP switch and disconnect the client.
- tunnel
Protocol String - Determines which tunnel protocol to use.
- account
Id This property is required. string - match
This property is required. string - The wirefilter expression to match devices.
- name
This property is required. string - The name of the device settings profile.
- precedence
This property is required. number - The precedence of the policy. Lower values indicate higher precedence. Policies will be evaluated in ascending order of this field.
- allow
Mode booleanSwitch - Whether to allow the user to switch WARP between modes.
- allow
Updates boolean - Whether to receive update notifications when a new version of the client is available.
- allowed
To booleanLeave - Whether to allow devices to leave the organization.
- auto
Connect number - The amount of time in seconds to reconnect after having been disabled.
- captive
Portal number - Turn on the captive portal after the specified amount of time.
- description string
- A description of the policy.
- disable
Auto booleanFallback - If the
dns_serverfield of a fallback domain is not present, the client will fall back to a best guess of the default/system DNS resolvers unless this policy option is set totrue. - enabled boolean
- Whether the policy will be applied to matching devices.
- exclude
Office booleanIps - Whether to add Microsoft IPs to Split Tunnel exclusions.
- excludes
Zero
Trust Device Custom Profile Exclude[] - List of routes excluded in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
- includes
Zero
Trust Device Custom Profile Include[] - List of routes included in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
- lan
Allow numberMinutes - The amount of time in minutes a user is allowed access to their LAN. A value of 0 will allow LAN access until the next WARP reconnection, such as a reboot or a laptop waking from sleep. Note that this field is omitted from the response if null or unset.
- lan
Allow numberSubnet Size - The size of the subnet for the local access network. Note that this field is omitted from the response if null or unset.
- register
Interface booleanIp With Dns - Determines if the operating system will register WARP's local interface IP with your on-premises DNS server.
- service
Mode ZeroV2 Trust Device Custom Profile Service Mode V2 - support
Url string - The URL to launch when the Send Feedback button is clicked.
- switch
Locked boolean - Whether to allow the user to turn off the WARP switch and disconnect the client.
- tunnel
Protocol string - Determines which tunnel protocol to use.
- account_
id This property is required. str - match
This property is required. str - The wirefilter expression to match devices.
- name
This property is required. str - The name of the device settings profile.
- precedence
This property is required. float - The precedence of the policy. Lower values indicate higher precedence. Policies will be evaluated in ascending order of this field.
- allow_
mode_ boolswitch - Whether to allow the user to switch WARP between modes.
- allow_
updates bool - Whether to receive update notifications when a new version of the client is available.
- allowed_
to_ boolleave - Whether to allow devices to leave the organization.
- auto_
connect float - The amount of time in seconds to reconnect after having been disabled.
- captive_
portal float - Turn on the captive portal after the specified amount of time.
- description str
- A description of the policy.
- disable_
auto_ boolfallback - If the
dns_serverfield of a fallback domain is not present, the client will fall back to a best guess of the default/system DNS resolvers unless this policy option is set totrue. - enabled bool
- Whether the policy will be applied to matching devices.
- exclude_
office_ boolips - Whether to add Microsoft IPs to Split Tunnel exclusions.
- excludes
Sequence[Zero
Trust Device Custom Profile Exclude Args] - List of routes excluded in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
- includes
Sequence[Zero
Trust Device Custom Profile Include Args] - List of routes included in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
- lan_
allow_ floatminutes - The amount of time in minutes a user is allowed access to their LAN. A value of 0 will allow LAN access until the next WARP reconnection, such as a reboot or a laptop waking from sleep. Note that this field is omitted from the response if null or unset.
- lan_
allow_ floatsubnet_ size - The size of the subnet for the local access network. Note that this field is omitted from the response if null or unset.
- register_
interface_ boolip_ with_ dns - Determines if the operating system will register WARP's local interface IP with your on-premises DNS server.
- service_
mode_ Zerov2 Trust Device Custom Profile Service Mode V2Args - support_
url str - The URL to launch when the Send Feedback button is clicked.
- switch_
locked bool - Whether to allow the user to turn off the WARP switch and disconnect the client.
- tunnel_
protocol str - Determines which tunnel protocol to use.
- account
Id This property is required. String - match
This property is required. String - The wirefilter expression to match devices.
- name
This property is required. String - The name of the device settings profile.
- precedence
This property is required. Number - The precedence of the policy. Lower values indicate higher precedence. Policies will be evaluated in ascending order of this field.
- allow
Mode BooleanSwitch - Whether to allow the user to switch WARP between modes.
- allow
Updates Boolean - Whether to receive update notifications when a new version of the client is available.
- allowed
To BooleanLeave - Whether to allow devices to leave the organization.
- auto
Connect Number - The amount of time in seconds to reconnect after having been disabled.
- captive
Portal Number - Turn on the captive portal after the specified amount of time.
- description String
- A description of the policy.
- disable
Auto BooleanFallback - If the
dns_serverfield of a fallback domain is not present, the client will fall back to a best guess of the default/system DNS resolvers unless this policy option is set totrue. - enabled Boolean
- Whether the policy will be applied to matching devices.
- exclude
Office BooleanIps - Whether to add Microsoft IPs to Split Tunnel exclusions.
- excludes List<Property Map>
- List of routes excluded in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
- includes List<Property Map>
- List of routes included in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
- lan
Allow NumberMinutes - The amount of time in minutes a user is allowed access to their LAN. A value of 0 will allow LAN access until the next WARP reconnection, such as a reboot or a laptop waking from sleep. Note that this field is omitted from the response if null or unset.
- lan
Allow NumberSubnet Size - The size of the subnet for the local access network. Note that this field is omitted from the response if null or unset.
- register
Interface BooleanIp With Dns - Determines if the operating system will register WARP's local interface IP with your on-premises DNS server.
- service
Mode Property MapV2 - support
Url String - The URL to launch when the Send Feedback button is clicked.
- switch
Locked Boolean - Whether to allow the user to turn off the WARP switch and disconnect the client.
- tunnel
Protocol String - Determines which tunnel protocol to use.
Outputs
All input properties are implicitly available as output properties. Additionally, the ZeroTrustDeviceCustomProfile resource produces the following output properties:
- Default bool
- Whether the policy is the default policy for an account.
- Fallback
Domains List<ZeroTrust Device Custom Profile Fallback Domain> - Gateway
Unique stringId - Id string
- The provider-assigned unique ID for this managed resource.
- Policy
Id string - Device ID.
- Target
Tests List<ZeroTrust Device Custom Profile Target Test>
- Default bool
- Whether the policy is the default policy for an account.
- Fallback
Domains []ZeroTrust Device Custom Profile Fallback Domain - Gateway
Unique stringId - Id string
- The provider-assigned unique ID for this managed resource.
- Policy
Id string - Device ID.
- Target
Tests []ZeroTrust Device Custom Profile Target Test
- default_ Boolean
- Whether the policy is the default policy for an account.
- fallback
Domains List<ZeroTrust Device Custom Profile Fallback Domain> - gateway
Unique StringId - id String
- The provider-assigned unique ID for this managed resource.
- policy
Id String - Device ID.
- target
Tests List<ZeroTrust Device Custom Profile Target Test>
- default boolean
- Whether the policy is the default policy for an account.
- fallback
Domains ZeroTrust Device Custom Profile Fallback Domain[] - gateway
Unique stringId - id string
- The provider-assigned unique ID for this managed resource.
- policy
Id string - Device ID.
- target
Tests ZeroTrust Device Custom Profile Target Test[]
- default bool
- Whether the policy is the default policy for an account.
- fallback_
domains Sequence[ZeroTrust Device Custom Profile Fallback Domain] - gateway_
unique_ strid - id str
- The provider-assigned unique ID for this managed resource.
- policy_
id str - Device ID.
- target_
tests Sequence[ZeroTrust Device Custom Profile Target Test]
- default Boolean
- Whether the policy is the default policy for an account.
- fallback
Domains List<Property Map> - gateway
Unique StringId - id String
- The provider-assigned unique ID for this managed resource.
- policy
Id String - Device ID.
- target
Tests List<Property Map>
Look up Existing ZeroTrustDeviceCustomProfile Resource
Get an existing ZeroTrustDeviceCustomProfile resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ZeroTrustDeviceCustomProfileState, opts?: CustomResourceOptions): ZeroTrustDeviceCustomProfile@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
allow_mode_switch: Optional[bool] = None,
allow_updates: Optional[bool] = None,
allowed_to_leave: Optional[bool] = None,
auto_connect: Optional[float] = None,
captive_portal: Optional[float] = None,
default: Optional[bool] = None,
description: Optional[str] = None,
disable_auto_fallback: Optional[bool] = None,
enabled: Optional[bool] = None,
exclude_office_ips: Optional[bool] = None,
excludes: Optional[Sequence[ZeroTrustDeviceCustomProfileExcludeArgs]] = None,
fallback_domains: Optional[Sequence[ZeroTrustDeviceCustomProfileFallbackDomainArgs]] = None,
gateway_unique_id: Optional[str] = None,
includes: Optional[Sequence[ZeroTrustDeviceCustomProfileIncludeArgs]] = None,
lan_allow_minutes: Optional[float] = None,
lan_allow_subnet_size: Optional[float] = None,
match: Optional[str] = None,
name: Optional[str] = None,
policy_id: Optional[str] = None,
precedence: Optional[float] = None,
register_interface_ip_with_dns: Optional[bool] = None,
service_mode_v2: Optional[ZeroTrustDeviceCustomProfileServiceModeV2Args] = None,
support_url: Optional[str] = None,
switch_locked: Optional[bool] = None,
target_tests: Optional[Sequence[ZeroTrustDeviceCustomProfileTargetTestArgs]] = None,
tunnel_protocol: Optional[str] = None) -> ZeroTrustDeviceCustomProfilefunc GetZeroTrustDeviceCustomProfile(ctx *Context, name string, id IDInput, state *ZeroTrustDeviceCustomProfileState, opts ...ResourceOption) (*ZeroTrustDeviceCustomProfile, error)public static ZeroTrustDeviceCustomProfile Get(string name, Input<string> id, ZeroTrustDeviceCustomProfileState? state, CustomResourceOptions? opts = null)public static ZeroTrustDeviceCustomProfile get(String name, Output<String> id, ZeroTrustDeviceCustomProfileState state, CustomResourceOptions options)resources: _: type: cloudflare:ZeroTrustDeviceCustomProfile get: id: ${id}- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
The following state arguments are supported:
- Account
Id string - Allow
Mode boolSwitch - Whether to allow the user to switch WARP between modes.
- Allow
Updates bool - Whether to receive update notifications when a new version of the client is available.
- Allowed
To boolLeave - Whether to allow devices to leave the organization.
- Auto
Connect double - The amount of time in seconds to reconnect after having been disabled.
- Captive
Portal double - Turn on the captive portal after the specified amount of time.
- Default bool
- Whether the policy is the default policy for an account.
- Description string
- A description of the policy.
- Disable
Auto boolFallback - If the
dns_serverfield of a fallback domain is not present, the client will fall back to a best guess of the default/system DNS resolvers unless this policy option is set totrue. - Enabled bool
- Whether the policy will be applied to matching devices.
- Exclude
Office boolIps - Whether to add Microsoft IPs to Split Tunnel exclusions.
- Excludes
List<Zero
Trust Device Custom Profile Exclude> - List of routes excluded in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
- Fallback
Domains List<ZeroTrust Device Custom Profile Fallback Domain> - Gateway
Unique stringId - Includes
List<Zero
Trust Device Custom Profile Include> - List of routes included in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
- Lan
Allow doubleMinutes - The amount of time in minutes a user is allowed access to their LAN. A value of 0 will allow LAN access until the next WARP reconnection, such as a reboot or a laptop waking from sleep. Note that this field is omitted from the response if null or unset.
- Lan
Allow doubleSubnet Size - The size of the subnet for the local access network. Note that this field is omitted from the response if null or unset.
- Match string
- The wirefilter expression to match devices.
- Name string
- The name of the device settings profile.
- Policy
Id string - Device ID.
- Precedence double
- The precedence of the policy. Lower values indicate higher precedence. Policies will be evaluated in ascending order of this field.
- Register
Interface boolIp With Dns - Determines if the operating system will register WARP's local interface IP with your on-premises DNS server.
- Service
Mode ZeroV2 Trust Device Custom Profile Service Mode V2 - Support
Url string - The URL to launch when the Send Feedback button is clicked.
- Switch
Locked bool - Whether to allow the user to turn off the WARP switch and disconnect the client.
- Target
Tests List<ZeroTrust Device Custom Profile Target Test> - Tunnel
Protocol string - Determines which tunnel protocol to use.
- Account
Id string - Allow
Mode boolSwitch - Whether to allow the user to switch WARP between modes.
- Allow
Updates bool - Whether to receive update notifications when a new version of the client is available.
- Allowed
To boolLeave - Whether to allow devices to leave the organization.
- Auto
Connect float64 - The amount of time in seconds to reconnect after having been disabled.
- Captive
Portal float64 - Turn on the captive portal after the specified amount of time.
- Default bool
- Whether the policy is the default policy for an account.
- Description string
- A description of the policy.
- Disable
Auto boolFallback - If the
dns_serverfield of a fallback domain is not present, the client will fall back to a best guess of the default/system DNS resolvers unless this policy option is set totrue. - Enabled bool
- Whether the policy will be applied to matching devices.
- Exclude
Office boolIps - Whether to add Microsoft IPs to Split Tunnel exclusions.
- Excludes
[]Zero
Trust Device Custom Profile Exclude Args - List of routes excluded in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
- Fallback
Domains []ZeroTrust Device Custom Profile Fallback Domain Args - Gateway
Unique stringId - Includes
[]Zero
Trust Device Custom Profile Include Args - List of routes included in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
- Lan
Allow float64Minutes - The amount of time in minutes a user is allowed access to their LAN. A value of 0 will allow LAN access until the next WARP reconnection, such as a reboot or a laptop waking from sleep. Note that this field is omitted from the response if null or unset.
- Lan
Allow float64Subnet Size - The size of the subnet for the local access network. Note that this field is omitted from the response if null or unset.
- Match string
- The wirefilter expression to match devices.
- Name string
- The name of the device settings profile.
- Policy
Id string - Device ID.
- Precedence float64
- The precedence of the policy. Lower values indicate higher precedence. Policies will be evaluated in ascending order of this field.
- Register
Interface boolIp With Dns - Determines if the operating system will register WARP's local interface IP with your on-premises DNS server.
- Service
Mode ZeroV2 Trust Device Custom Profile Service Mode V2Args - Support
Url string - The URL to launch when the Send Feedback button is clicked.
- Switch
Locked bool - Whether to allow the user to turn off the WARP switch and disconnect the client.
- Target
Tests []ZeroTrust Device Custom Profile Target Test Args - Tunnel
Protocol string - Determines which tunnel protocol to use.
- account
Id String - allow
Mode BooleanSwitch - Whether to allow the user to switch WARP between modes.
- allow
Updates Boolean - Whether to receive update notifications when a new version of the client is available.
- allowed
To BooleanLeave - Whether to allow devices to leave the organization.
- auto
Connect Double - The amount of time in seconds to reconnect after having been disabled.
- captive
Portal Double - Turn on the captive portal after the specified amount of time.
- default_ Boolean
- Whether the policy is the default policy for an account.
- description String
- A description of the policy.
- disable
Auto BooleanFallback - If the
dns_serverfield of a fallback domain is not present, the client will fall back to a best guess of the default/system DNS resolvers unless this policy option is set totrue. - enabled Boolean
- Whether the policy will be applied to matching devices.
- exclude
Office BooleanIps - Whether to add Microsoft IPs to Split Tunnel exclusions.
- excludes
List<Zero
Trust Device Custom Profile Exclude> - List of routes excluded in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
- fallback
Domains List<ZeroTrust Device Custom Profile Fallback Domain> - gateway
Unique StringId - includes
List<Zero
Trust Device Custom Profile Include> - List of routes included in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
- lan
Allow DoubleMinutes - The amount of time in minutes a user is allowed access to their LAN. A value of 0 will allow LAN access until the next WARP reconnection, such as a reboot or a laptop waking from sleep. Note that this field is omitted from the response if null or unset.
- lan
Allow DoubleSubnet Size - The size of the subnet for the local access network. Note that this field is omitted from the response if null or unset.
- match String
- The wirefilter expression to match devices.
- name String
- The name of the device settings profile.
- policy
Id String - Device ID.
- precedence Double
- The precedence of the policy. Lower values indicate higher precedence. Policies will be evaluated in ascending order of this field.
- register
Interface BooleanIp With Dns - Determines if the operating system will register WARP's local interface IP with your on-premises DNS server.
- service
Mode ZeroV2 Trust Device Custom Profile Service Mode V2 - support
Url String - The URL to launch when the Send Feedback button is clicked.
- switch
Locked Boolean - Whether to allow the user to turn off the WARP switch and disconnect the client.
- target
Tests List<ZeroTrust Device Custom Profile Target Test> - tunnel
Protocol String - Determines which tunnel protocol to use.
- account
Id string - allow
Mode booleanSwitch - Whether to allow the user to switch WARP between modes.
- allow
Updates boolean - Whether to receive update notifications when a new version of the client is available.
- allowed
To booleanLeave - Whether to allow devices to leave the organization.
- auto
Connect number - The amount of time in seconds to reconnect after having been disabled.
- captive
Portal number - Turn on the captive portal after the specified amount of time.
- default boolean
- Whether the policy is the default policy for an account.
- description string
- A description of the policy.
- disable
Auto booleanFallback - If the
dns_serverfield of a fallback domain is not present, the client will fall back to a best guess of the default/system DNS resolvers unless this policy option is set totrue. - enabled boolean
- Whether the policy will be applied to matching devices.
- exclude
Office booleanIps - Whether to add Microsoft IPs to Split Tunnel exclusions.
- excludes
Zero
Trust Device Custom Profile Exclude[] - List of routes excluded in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
- fallback
Domains ZeroTrust Device Custom Profile Fallback Domain[] - gateway
Unique stringId - includes
Zero
Trust Device Custom Profile Include[] - List of routes included in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
- lan
Allow numberMinutes - The amount of time in minutes a user is allowed access to their LAN. A value of 0 will allow LAN access until the next WARP reconnection, such as a reboot or a laptop waking from sleep. Note that this field is omitted from the response if null or unset.
- lan
Allow numberSubnet Size - The size of the subnet for the local access network. Note that this field is omitted from the response if null or unset.
- match string
- The wirefilter expression to match devices.
- name string
- The name of the device settings profile.
- policy
Id string - Device ID.
- precedence number
- The precedence of the policy. Lower values indicate higher precedence. Policies will be evaluated in ascending order of this field.
- register
Interface booleanIp With Dns - Determines if the operating system will register WARP's local interface IP with your on-premises DNS server.
- service
Mode ZeroV2 Trust Device Custom Profile Service Mode V2 - support
Url string - The URL to launch when the Send Feedback button is clicked.
- switch
Locked boolean - Whether to allow the user to turn off the WARP switch and disconnect the client.
- target
Tests ZeroTrust Device Custom Profile Target Test[] - tunnel
Protocol string - Determines which tunnel protocol to use.
- account_
id str - allow_
mode_ boolswitch - Whether to allow the user to switch WARP between modes.
- allow_
updates bool - Whether to receive update notifications when a new version of the client is available.
- allowed_
to_ boolleave - Whether to allow devices to leave the organization.
- auto_
connect float - The amount of time in seconds to reconnect after having been disabled.
- captive_
portal float - Turn on the captive portal after the specified amount of time.
- default bool
- Whether the policy is the default policy for an account.
- description str
- A description of the policy.
- disable_
auto_ boolfallback - If the
dns_serverfield of a fallback domain is not present, the client will fall back to a best guess of the default/system DNS resolvers unless this policy option is set totrue. - enabled bool
- Whether the policy will be applied to matching devices.
- exclude_
office_ boolips - Whether to add Microsoft IPs to Split Tunnel exclusions.
- excludes
Sequence[Zero
Trust Device Custom Profile Exclude Args] - List of routes excluded in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
- fallback_
domains Sequence[ZeroTrust Device Custom Profile Fallback Domain Args] - gateway_
unique_ strid - includes
Sequence[Zero
Trust Device Custom Profile Include Args] - List of routes included in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
- lan_
allow_ floatminutes - The amount of time in minutes a user is allowed access to their LAN. A value of 0 will allow LAN access until the next WARP reconnection, such as a reboot or a laptop waking from sleep. Note that this field is omitted from the response if null or unset.
- lan_
allow_ floatsubnet_ size - The size of the subnet for the local access network. Note that this field is omitted from the response if null or unset.
- match str
- The wirefilter expression to match devices.
- name str
- The name of the device settings profile.
- policy_
id str - Device ID.
- precedence float
- The precedence of the policy. Lower values indicate higher precedence. Policies will be evaluated in ascending order of this field.
- register_
interface_ boolip_ with_ dns - Determines if the operating system will register WARP's local interface IP with your on-premises DNS server.
- service_
mode_ Zerov2 Trust Device Custom Profile Service Mode V2Args - support_
url str - The URL to launch when the Send Feedback button is clicked.
- switch_
locked bool - Whether to allow the user to turn off the WARP switch and disconnect the client.
- target_
tests Sequence[ZeroTrust Device Custom Profile Target Test Args] - tunnel_
protocol str - Determines which tunnel protocol to use.
- account
Id String - allow
Mode BooleanSwitch - Whether to allow the user to switch WARP between modes.
- allow
Updates Boolean - Whether to receive update notifications when a new version of the client is available.
- allowed
To BooleanLeave - Whether to allow devices to leave the organization.
- auto
Connect Number - The amount of time in seconds to reconnect after having been disabled.
- captive
Portal Number - Turn on the captive portal after the specified amount of time.
- default Boolean
- Whether the policy is the default policy for an account.
- description String
- A description of the policy.
- disable
Auto BooleanFallback - If the
dns_serverfield of a fallback domain is not present, the client will fall back to a best guess of the default/system DNS resolvers unless this policy option is set totrue. - enabled Boolean
- Whether the policy will be applied to matching devices.
- exclude
Office BooleanIps - Whether to add Microsoft IPs to Split Tunnel exclusions.
- excludes List<Property Map>
- List of routes excluded in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
- fallback
Domains List<Property Map> - gateway
Unique StringId - includes List<Property Map>
- List of routes included in the WARP client's tunnel. Both 'exclude' and 'include' cannot be set in the same request.
- lan
Allow NumberMinutes - The amount of time in minutes a user is allowed access to their LAN. A value of 0 will allow LAN access until the next WARP reconnection, such as a reboot or a laptop waking from sleep. Note that this field is omitted from the response if null or unset.
- lan
Allow NumberSubnet Size - The size of the subnet for the local access network. Note that this field is omitted from the response if null or unset.
- match String
- The wirefilter expression to match devices.
- name String
- The name of the device settings profile.
- policy
Id String - Device ID.
- precedence Number
- The precedence of the policy. Lower values indicate higher precedence. Policies will be evaluated in ascending order of this field.
- register
Interface BooleanIp With Dns - Determines if the operating system will register WARP's local interface IP with your on-premises DNS server.
- service
Mode Property MapV2 - support
Url String - The URL to launch when the Send Feedback button is clicked.
- switch
Locked Boolean - Whether to allow the user to turn off the WARP switch and disconnect the client.
- target
Tests List<Property Map> - tunnel
Protocol String - Determines which tunnel protocol to use.
Supporting Types
ZeroTrustDeviceCustomProfileExclude, ZeroTrustDeviceCustomProfileExcludeArgs
, ZeroTrustDeviceCustomProfileExcludeArgs
- Address
This property is required. string - The address in CIDR format to exclude from the tunnel. If
addressis present,hostmust not be present. - Description
This property is required. string - A description of the Split Tunnel item, displayed in the client UI.
- Host string
- The domain name to exclude from the tunnel. If
hostis present,addressmust not be present.
- Address
This property is required. string - The address in CIDR format to exclude from the tunnel. If
addressis present,hostmust not be present. - Description
This property is required. string - A description of the Split Tunnel item, displayed in the client UI.
- Host string
- The domain name to exclude from the tunnel. If
hostis present,addressmust not be present.
- address
This property is required. String - The address in CIDR format to exclude from the tunnel. If
addressis present,hostmust not be present. - description
This property is required. String - A description of the Split Tunnel item, displayed in the client UI.
- host String
- The domain name to exclude from the tunnel. If
hostis present,addressmust not be present.
- address
This property is required. string - The address in CIDR format to exclude from the tunnel. If
addressis present,hostmust not be present. - description
This property is required. string - A description of the Split Tunnel item, displayed in the client UI.
- host string
- The domain name to exclude from the tunnel. If
hostis present,addressmust not be present.
- address
This property is required. str - The address in CIDR format to exclude from the tunnel. If
addressis present,hostmust not be present. - description
This property is required. str - A description of the Split Tunnel item, displayed in the client UI.
- host str
- The domain name to exclude from the tunnel. If
hostis present,addressmust not be present.
- address
This property is required. String - The address in CIDR format to exclude from the tunnel. If
addressis present,hostmust not be present. - description
This property is required. String - A description of the Split Tunnel item, displayed in the client UI.
- host String
- The domain name to exclude from the tunnel. If
hostis present,addressmust not be present.
ZeroTrustDeviceCustomProfileFallbackDomain, ZeroTrustDeviceCustomProfileFallbackDomainArgs
, ZeroTrustDeviceCustomProfileFallbackDomainArgs
- Description string
- A description of the fallback domain, displayed in the client UI.
- Dns
Servers List<string> - A list of IP addresses to handle domain resolution.
- Suffix string
- The domain suffix to match when resolving locally.
- Description string
- A description of the fallback domain, displayed in the client UI.
- Dns
Servers []string - A list of IP addresses to handle domain resolution.
- Suffix string
- The domain suffix to match when resolving locally.
- description String
- A description of the fallback domain, displayed in the client UI.
- dns
Servers List<String> - A list of IP addresses to handle domain resolution.
- suffix String
- The domain suffix to match when resolving locally.
- description string
- A description of the fallback domain, displayed in the client UI.
- dns
Servers string[] - A list of IP addresses to handle domain resolution.
- suffix string
- The domain suffix to match when resolving locally.
- description str
- A description of the fallback domain, displayed in the client UI.
- dns_
servers Sequence[str] - A list of IP addresses to handle domain resolution.
- suffix str
- The domain suffix to match when resolving locally.
- description String
- A description of the fallback domain, displayed in the client UI.
- dns
Servers List<String> - A list of IP addresses to handle domain resolution.
- suffix String
- The domain suffix to match when resolving locally.
ZeroTrustDeviceCustomProfileInclude, ZeroTrustDeviceCustomProfileIncludeArgs
, ZeroTrustDeviceCustomProfileIncludeArgs
- Address
This property is required. string - The address in CIDR format to exclude from the tunnel. If
addressis present,hostmust not be present. - Description
This property is required. string - A description of the Split Tunnel item, displayed in the client UI.
- Host string
- The domain name to exclude from the tunnel. If
hostis present,addressmust not be present.
- Address
This property is required. string - The address in CIDR format to exclude from the tunnel. If
addressis present,hostmust not be present. - Description
This property is required. string - A description of the Split Tunnel item, displayed in the client UI.
- Host string
- The domain name to exclude from the tunnel. If
hostis present,addressmust not be present.
- address
This property is required. String - The address in CIDR format to exclude from the tunnel. If
addressis present,hostmust not be present. - description
This property is required. String - A description of the Split Tunnel item, displayed in the client UI.
- host String
- The domain name to exclude from the tunnel. If
hostis present,addressmust not be present.
- address
This property is required. string - The address in CIDR format to exclude from the tunnel. If
addressis present,hostmust not be present. - description
This property is required. string - A description of the Split Tunnel item, displayed in the client UI.
- host string
- The domain name to exclude from the tunnel. If
hostis present,addressmust not be present.
- address
This property is required. str - The address in CIDR format to exclude from the tunnel. If
addressis present,hostmust not be present. - description
This property is required. str - A description of the Split Tunnel item, displayed in the client UI.
- host str
- The domain name to exclude from the tunnel. If
hostis present,addressmust not be present.
- address
This property is required. String - The address in CIDR format to exclude from the tunnel. If
addressis present,hostmust not be present. - description
This property is required. String - A description of the Split Tunnel item, displayed in the client UI.
- host String
- The domain name to exclude from the tunnel. If
hostis present,addressmust not be present.
ZeroTrustDeviceCustomProfileServiceModeV2, ZeroTrustDeviceCustomProfileServiceModeV2Args
, ZeroTrustDeviceCustomProfileServiceModeV2Args
ZeroTrustDeviceCustomProfileTargetTest, ZeroTrustDeviceCustomProfileTargetTestArgs
, ZeroTrustDeviceCustomProfileTargetTestArgs
Import
$ pulumi import cloudflare:index/zeroTrustDeviceCustomProfile:ZeroTrustDeviceCustomProfile example '<account_id>/<policy_id>'
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Cloudflare pulumi/pulumi-cloudflare
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
cloudflareTerraform Provider.