Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance. Project price only 1 $
You can buy this project and download/modify it how often you want.
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.cloudflare.kotlin
import com.pulumi.cloudflare.AccessPolicyArgs.builder
import com.pulumi.cloudflare.kotlin.inputs.AccessPolicyApprovalGroupArgs
import com.pulumi.cloudflare.kotlin.inputs.AccessPolicyApprovalGroupArgsBuilder
import com.pulumi.cloudflare.kotlin.inputs.AccessPolicyExcludeArgs
import com.pulumi.cloudflare.kotlin.inputs.AccessPolicyExcludeArgsBuilder
import com.pulumi.cloudflare.kotlin.inputs.AccessPolicyIncludeArgs
import com.pulumi.cloudflare.kotlin.inputs.AccessPolicyIncludeArgsBuilder
import com.pulumi.cloudflare.kotlin.inputs.AccessPolicyRequireArgs
import com.pulumi.cloudflare.kotlin.inputs.AccessPolicyRequireArgsBuilder
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.applySuspend
import kotlin.Boolean
import kotlin.Int
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
import kotlin.jvm.JvmName
/**
* Provides a Cloudflare Access Policy resource. Access Policies are
* used in conjunction with Access Applications to restrict access to
* a particular resource.
* > It's required that an `account_id` or `zone_id` is provided and in most cases using either is fine.
* However, if you're using a scoped access token, you must provide the argument that matches the token's
* scope. For example, an access token that is scoped to the "example.com" zone needs to use the `zone_id` argument.
* If 'application_id' is omitted, the policy created can be reused by multiple access applications.
* Any cloudflare.AccessApplication resource can reference reusable policies through its `policies` argument.
* To destroy a reusable policy and remove it from all applications' policies lists on the same apply, preemptively set the
* lifecycle option `create_before_destroy` to true on the 'cloudflare_access_policy' resource.
* ## Import
* ```sh
* $ pulumi import cloudflare:index/accessPolicy:AccessPolicy example account///
* ```
* @property accountId The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.**
* @property applicationId The ID of the application the policy is associated with. Required when using `precedence`. **Modifying this attribute will force creation of a new resource.**
* @property approvalGroups
* @property approvalRequired
* @property decision Defines the action Access will take if the policy matches the user. Available values: `allow`, `deny`, `non_identity`, `bypass`.
* @property excludes A series of access conditions, see Access Groups.
* @property includes A series of access conditions, see Access Groups.
* @property isolationRequired Require this application to be served in an isolated browser for users matching this policy.
* @property name Friendly name of the Access Policy.
* @property precedence The unique precedence for policies on a single application. Required when using `application_id`.
* @property purposeJustificationPrompt The prompt to display to the user for a justification for accessing the resource. Required when using `purpose_justification_required`.
* @property purposeJustificationRequired Whether to prompt the user for a justification for accessing the resource.
* @property requires A series of access conditions, see Access Groups.
* @property sessionDuration How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`.
* @property zoneId The zone identifier to target for the resource. Conflicts with `account_id`. **Modifying this attribute will force creation of a new resource.**
*/
public data class AccessPolicyArgs(
public val accountId: Output? = null,
public val applicationId: Output? = null,
public val approvalGroups: Output>? = null,
public val approvalRequired: Output? = null,
public val decision: Output? = null,
public val excludes: Output>? = null,
public val includes: Output>? = null,
public val isolationRequired: Output? = null,
public val name: Output? = null,
public val precedence: Output? = null,
public val purposeJustificationPrompt: Output? = null,
public val purposeJustificationRequired: Output? = null,
public val requires: Output>? = null,
public val sessionDuration: Output? = null,
public val zoneId: Output? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.cloudflare.AccessPolicyArgs =
com.pulumi.cloudflare.AccessPolicyArgs.builder()
.accountId(accountId?.applyValue({ args0 -> args0 }))
.applicationId(applicationId?.applyValue({ args0 -> args0 }))
.approvalGroups(
approvalGroups?.applyValue({ args0 ->
args0.map({ args0 ->
args0.let({ args0 ->
args0.toJava()
})
})
}),
)
.approvalRequired(approvalRequired?.applyValue({ args0 -> args0 }))
.decision(decision?.applyValue({ args0 -> args0 }))
.excludes(
excludes?.applyValue({ args0 ->
args0.map({ args0 ->
args0.let({ args0 ->
args0.toJava()
})
})
}),
)
.includes(
includes?.applyValue({ args0 ->
args0.map({ args0 ->
args0.let({ args0 ->
args0.toJava()
})
})
}),
)
.isolationRequired(isolationRequired?.applyValue({ args0 -> args0 }))
.name(name?.applyValue({ args0 -> args0 }))
.precedence(precedence?.applyValue({ args0 -> args0 }))
.purposeJustificationPrompt(purposeJustificationPrompt?.applyValue({ args0 -> args0 }))
.purposeJustificationRequired(purposeJustificationRequired?.applyValue({ args0 -> args0 }))
.requires(
requires?.applyValue({ args0 ->
args0.map({ args0 ->
args0.let({ args0 ->
args0.toJava()
})
})
}),
)
.sessionDuration(sessionDuration?.applyValue({ args0 -> args0 }))
.zoneId(zoneId?.applyValue({ args0 -> args0 })).build()
}
/**
* Builder for [AccessPolicyArgs].
*/
@PulumiTagMarker
public class AccessPolicyArgsBuilder internal constructor() {
private var accountId: Output? = null
private var applicationId: Output? = null
private var approvalGroups: Output>? = null
private var approvalRequired: Output? = null
private var decision: Output? = null
private var excludes: Output>? = null
private var includes: Output>? = null
private var isolationRequired: Output? = null
private var name: Output? = null
private var precedence: Output? = null
private var purposeJustificationPrompt: Output? = null
private var purposeJustificationRequired: Output? = null
private var requires: Output>? = null
private var sessionDuration: Output? = null
private var zoneId: Output? = null
/**
* @param value The account identifier to target for the resource. Conflicts with `zone_id`. **Modifying this attribute will force creation of a new resource.**
*/
@JvmName("mwqavlffpbnswkmi")
public suspend fun accountId(`value`: Output) {
this.accountId = value
}
/**
* @param value The ID of the application the policy is associated with. Required when using `precedence`. **Modifying this attribute will force creation of a new resource.**
*/
@JvmName("qsyqyxlpukjfgybv")
public suspend fun applicationId(`value`: Output) {
this.applicationId = value
}
/**
* @param value
*/
@JvmName("ppdqooedydbsdjrh")
public suspend fun approvalGroups(`value`: Output>) {
this.approvalGroups = value
}
@JvmName("eguvuabbherupqfc")
public suspend fun approvalGroups(vararg values: Output) {
this.approvalGroups = Output.all(values.asList())
}
/**
* @param values
*/
@JvmName("pkianswyaftaolrp")
public suspend fun approvalGroups(values: List