pulumi-cloudflare-kotlin/com.pulumi.cloudflare.kotlin.inputs/ZeroTrustGatewayPolicyRuleSettingsArgs

ZeroTrustGatewayPolicyRuleSettingsArgs

data class ZeroTrustGatewayPolicyRuleSettingsArgs(val addHeaders: Output<Map<String, String>>? = null, val allowChildBypass: Output<Boolean>? = null, val auditSsh: Output<ZeroTrustGatewayPolicyRuleSettingsAuditSshArgs>? = null, val bisoAdminControls: Output<ZeroTrustGatewayPolicyRuleSettingsBisoAdminControlsArgs>? = null, val blockPageEnabled: Output<Boolean>? = null, val blockPageReason: Output<String>? = null, val bypassParentRule: Output<Boolean>? = null, val checkSession: Output<ZeroTrustGatewayPolicyRuleSettingsCheckSessionArgs>? = null, val dnsResolvers: Output<ZeroTrustGatewayPolicyRuleSettingsDnsResolversArgs>? = null, val egress: Output<ZeroTrustGatewayPolicyRuleSettingsEgressArgs>? = null, val ignoreCnameCategoryMatches: Output<Boolean>? = null, val insecureDisableDnssecValidation: Output<Boolean>? = null, val ipCategories: Output<Boolean>? = null, val l4override: Output<ZeroTrustGatewayPolicyRuleSettingsL4overrideArgs>? = null, val notificationSettings: Output<ZeroTrustGatewayPolicyRuleSettingsNotificationSettingsArgs>? = null, val overrideHost: Output<String>? = null, val overrideIps: Output<List<String>>? = null, val payloadLog: Output<ZeroTrustGatewayPolicyRuleSettingsPayloadLogArgs>? = null, val resolveDnsInternally: Output<ZeroTrustGatewayPolicyRuleSettingsResolveDnsInternallyArgs>? = null, val resolveDnsThroughCloudflare: Output<Boolean>? = null, val untrustedCert: Output<ZeroTrustGatewayPolicyRuleSettingsUntrustedCertArgs>? = null) : ConvertibleToJava<ZeroTrustGatewayPolicyRuleSettingsArgs>

Constructors

Link copied to clipboard
constructor(addHeaders: Output<Map<String, String>>? = null, allowChildBypass: Output<Boolean>? = null, auditSsh: Output<ZeroTrustGatewayPolicyRuleSettingsAuditSshArgs>? = null, bisoAdminControls: Output<ZeroTrustGatewayPolicyRuleSettingsBisoAdminControlsArgs>? = null, blockPageEnabled: Output<Boolean>? = null, blockPageReason: Output<String>? = null, bypassParentRule: Output<Boolean>? = null, checkSession: Output<ZeroTrustGatewayPolicyRuleSettingsCheckSessionArgs>? = null, dnsResolvers: Output<ZeroTrustGatewayPolicyRuleSettingsDnsResolversArgs>? = null, egress: Output<ZeroTrustGatewayPolicyRuleSettingsEgressArgs>? = null, ignoreCnameCategoryMatches: Output<Boolean>? = null, insecureDisableDnssecValidation: Output<Boolean>? = null, ipCategories: Output<Boolean>? = null, l4override: Output<ZeroTrustGatewayPolicyRuleSettingsL4overrideArgs>? = null, notificationSettings: Output<ZeroTrustGatewayPolicyRuleSettingsNotificationSettingsArgs>? = null, overrideHost: Output<String>? = null, overrideIps: Output<List<String>>? = null, payloadLog: Output<ZeroTrustGatewayPolicyRuleSettingsPayloadLogArgs>? = null, resolveDnsInternally: Output<ZeroTrustGatewayPolicyRuleSettingsResolveDnsInternallyArgs>? = null, resolveDnsThroughCloudflare: Output<Boolean>? = null, untrustedCert: Output<ZeroTrustGatewayPolicyRuleSettingsUntrustedCertArgs>? = null)

Properties

Link copied to clipboard
val addHeaders: Output<Map<String, String>>? = null

Add custom headers to allowed requests in the form of key-value pairs.

Link copied to clipboard
val allowChildBypass: Output<Boolean>? = null

Allow parent MSP accounts to enable bypass their children's rules.

Link copied to clipboard
val auditSsh: Output<ZeroTrustGatewayPolicyRuleSettingsAuditSshArgs>? = null

Settings for auditing SSH usage.

Link copied to clipboard
val bisoAdminControls: Output<ZeroTrustGatewayPolicyRuleSettingsBisoAdminControlsArgs>? = null

Configure how browser isolation behaves.

Link copied to clipboard
val blockPageEnabled: Output<Boolean>? = null

Indicator of block page enablement.

Link copied to clipboard
val blockPageReason: Output<String>? = null

The displayed reason for a user being blocked.

Link copied to clipboard
val bypassParentRule: Output<Boolean>? = null

Allow child MSP accounts to bypass their parent's rule.

Link copied to clipboard
val checkSession: Output<ZeroTrustGatewayPolicyRuleSettingsCheckSessionArgs>? = null

Configure how session check behaves.

Link copied to clipboard
val dnsResolvers: Output<ZeroTrustGatewayPolicyRuleSettingsDnsResolversArgs>? = null

Add your own custom resolvers to route queries that match the resolver policy. Cannot be used when resolvednsthrough*cloudflare is set. DNS queries will route to the address closest to their origin.

Link copied to clipboard
val egress: Output<ZeroTrustGatewayPolicyRuleSettingsEgressArgs>? = null

Configure how Proxy traffic egresses. Can be set for rules with Egress action and Egress filter. Can be omitted to indicate local egress via Warp IPs.

Link copied to clipboard
val ignoreCnameCategoryMatches: Output<Boolean>? = null

Set to true, to ignore the category matches at CNAME domains in a response.

Link copied to clipboard
val insecureDisableDnssecValidation: Output<Boolean>? = null

Disable DNSSEC validation (must be Allow rule).

Link copied to clipboard
val ipCategories: Output<Boolean>? = null

Turns on IP category based filter on dns if the rule contains dns category checks.

Link copied to clipboard
val l4override: Output<ZeroTrustGatewayPolicyRuleSettingsL4overrideArgs>? = null

Settings to forward layer 4 traffic.

Link copied to clipboard
val notificationSettings: Output<ZeroTrustGatewayPolicyRuleSettingsNotificationSettingsArgs>? = null

Notification settings on a block rule.

Link copied to clipboard
val overrideHost: Output<String>? = null

The host to override matching DNS queries with.

Link copied to clipboard
val overrideIps: Output<List<String>>? = null

The IPs to override matching DNS queries with.

Link copied to clipboard
val payloadLog: Output<ZeroTrustGatewayPolicyRuleSettingsPayloadLogArgs>? = null

Configure DLP Payload Logging settings for this rule.

Link copied to clipboard
val resolveDnsInternally: Output<ZeroTrustGatewayPolicyRuleSettingsResolveDnsInternallyArgs>? = null

Configure to forward the query to the internal DNS service, passing the specified 'viewid' as input. Cannot be set when 'dnsresolvers' are specified or 'resolvednsthrough*cloudflare' is set. Only valid when a rule's action is set to 'resolve'.

Link copied to clipboard
val resolveDnsThroughCloudflare: Output<Boolean>? = null

Enable sending queries that match the resolver policy to Cloudflare's default 1.1.1.1 DNS resolver. Cannot be set when dns_resolvers are specified.

Link copied to clipboard
val untrustedCert: Output<ZeroTrustGatewayPolicyRuleSettingsUntrustedCertArgs>? = null

Configure untrusted certificate settings for this rule.

Functions

Link copied to clipboard
open override fun toJava(): ZeroTrustGatewayPolicyRuleSettingsArgs