Access
Provides a Cloudflare Access Policy resource. Access Policies are used in conjunction with Access Applications to restrict access to a particular resource.
It's required that an
account_idorzone_idis provided and in most cases using either is fine. However, if you're using a scoped access token, you must provide the argument that matches the token's scope. For example, an access token that is scoped to the "example.com" zone needs to use thezone_idargument. If 'application_id' is omitted, the policy created can be reused by multiple access applications. Any cloudflare.AccessApplication resource can reference reusable policies through itspoliciesargument. To destroy a reusable policy and remove it from all applications' policies lists on the same apply, preemptively set the lifecycle optioncreate_before_destroyto true on the 'cloudflare_access_policy' resource.
Import
$ pulumi import cloudflare:index/accessPolicy:AccessPolicy example account/<account_id>/<application_id>/<policy_id>Constructors
Properties
The ID of the application the policy is associated with. Required when using precedence. Modifying this attribute will force creation of a new resource.
The rules that define how users may connect to the targets secured by your application. Only applicable to Infrastructure Applications, in which case this field is required.
A series of access conditions, see Access Groups.
A series of access conditions, see Access Groups.
Require this application to be served in an isolated browser for users matching this policy.
The unique precedence for policies on a single application. Required when using application_id.
The prompt to display to the user for a justification for accessing the resource. Required when using purpose_justification_required.
Whether to prompt the user for a justification for accessing the resource.
A series of access conditions, see Access Groups.
How often a user will be forced to re-authorise. Must be in the format 48h or 2h45m.