com.pulumi.cloudflare.kotlin.ZeroTrustAccessPolicyArgs.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-cloudflare-kotlin Show documentation
Show all versions of pulumi-cloudflare-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
The newest version!
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.cloudflare.kotlin
import com.pulumi.cloudflare.ZeroTrustAccessPolicyArgs.builder
import com.pulumi.cloudflare.kotlin.inputs.ZeroTrustAccessPolicyApprovalGroupArgs
import com.pulumi.cloudflare.kotlin.inputs.ZeroTrustAccessPolicyApprovalGroupArgsBuilder
import com.pulumi.cloudflare.kotlin.inputs.ZeroTrustAccessPolicyConnectionRulesArgs
import com.pulumi.cloudflare.kotlin.inputs.ZeroTrustAccessPolicyConnectionRulesArgsBuilder
import com.pulumi.cloudflare.kotlin.inputs.ZeroTrustAccessPolicyExcludeArgs
import com.pulumi.cloudflare.kotlin.inputs.ZeroTrustAccessPolicyExcludeArgsBuilder
import com.pulumi.cloudflare.kotlin.inputs.ZeroTrustAccessPolicyIncludeArgs
import com.pulumi.cloudflare.kotlin.inputs.ZeroTrustAccessPolicyIncludeArgsBuilder
import com.pulumi.cloudflare.kotlin.inputs.ZeroTrustAccessPolicyRequireArgs
import com.pulumi.cloudflare.kotlin.inputs.ZeroTrustAccessPolicyRequireArgsBuilder
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.applySuspend
import kotlin.Boolean
import kotlin.Int
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
import kotlin.jvm.JvmName
/**
* Provides a Cloudflare Access Policy resource. Access Policies are
* used in conjunction with Access Applications to restrict access to
* a particular resource.
* > It's required that an `account_id` or `zone_id` is provided and in most cases using either is fine.
* However, if you're using a scoped access token, you must provide the argument that matches the token's
* scope. For example, an access token that is scoped to the "example.com" zone needs to use the `zone_id` argument.
* If 'application_id' is omitted, the policy created can be reused by multiple access applications.
* Any cloudflare.AccessApplication resource can reference reusable policies through its `policies` argument.
* To destroy a reusable policy and remove it from all applications' policies lists on the same apply, preemptively set the
* lifecycle option `create_before_destroy` to true on the 'cloudflare_access_policy' resource.
* ## Import
* ```sh
* $ pulumi import cloudflare:index/zeroTrustAccessPolicy:ZeroTrustAccessPolicy example account///
* ```
* @property accountId The account identifier to target for the resource. Conflicts with `zone_id`.
* @property applicationId The ID of the application the policy is associated with. Required when using `precedence`. **Modifying this attribute will force creation of a new resource.**
* @property approvalGroups
* @property approvalRequired
* @property connectionRules The rules that define how users may connect to the targets secured by your application.
* @property decision Defines the action Access will take if the policy matches the user. Available values: `allow`, `deny`, `non_identity`, `bypass`.
* @property excludes A series of access conditions, see Access Groups.
* @property includes A series of access conditions, see Access Groups.
* @property isolationRequired Require this application to be served in an isolated browser for users matching this policy.
* @property name Friendly name of the Access Policy.
* @property precedence The unique precedence for policies on a single application. Required when using `application_id`.
* @property purposeJustificationPrompt The prompt to display to the user for a justification for accessing the resource. Required when using `purpose_justification_required`.
* @property purposeJustificationRequired Whether to prompt the user for a justification for accessing the resource.
* @property requires A series of access conditions, see Access Groups.
* @property sessionDuration How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`.
* @property zoneId The zone identifier to target for the resource. Conflicts with `account_id`.
*/
public data class ZeroTrustAccessPolicyArgs(
public val accountId: Output? = null,
public val applicationId: Output? = null,
public val approvalGroups: Output>? = null,
public val approvalRequired: Output? = null,
public val connectionRules: Output? = null,
public val decision: Output? = null,
public val excludes: Output>? = null,
public val includes: Output>? = null,
public val isolationRequired: Output? = null,
public val name: Output? = null,
public val precedence: Output? = null,
public val purposeJustificationPrompt: Output? = null,
public val purposeJustificationRequired: Output? = null,
public val requires: Output>? = null,
public val sessionDuration: Output? = null,
public val zoneId: Output? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.cloudflare.ZeroTrustAccessPolicyArgs =
com.pulumi.cloudflare.ZeroTrustAccessPolicyArgs.builder()
.accountId(accountId?.applyValue({ args0 -> args0 }))
.applicationId(applicationId?.applyValue({ args0 -> args0 }))
.approvalGroups(
approvalGroups?.applyValue({ args0 ->
args0.map({ args0 ->
args0.let({ args0 ->
args0.toJava()
})
})
}),
)
.approvalRequired(approvalRequired?.applyValue({ args0 -> args0 }))
.connectionRules(connectionRules?.applyValue({ args0 -> args0.let({ args0 -> args0.toJava() }) }))
.decision(decision?.applyValue({ args0 -> args0 }))
.excludes(
excludes?.applyValue({ args0 ->
args0.map({ args0 ->
args0.let({ args0 ->
args0.toJava()
})
})
}),
)
.includes(
includes?.applyValue({ args0 ->
args0.map({ args0 ->
args0.let({ args0 ->
args0.toJava()
})
})
}),
)
.isolationRequired(isolationRequired?.applyValue({ args0 -> args0 }))
.name(name?.applyValue({ args0 -> args0 }))
.precedence(precedence?.applyValue({ args0 -> args0 }))
.purposeJustificationPrompt(purposeJustificationPrompt?.applyValue({ args0 -> args0 }))
.purposeJustificationRequired(purposeJustificationRequired?.applyValue({ args0 -> args0 }))
.requires(
requires?.applyValue({ args0 ->
args0.map({ args0 ->
args0.let({ args0 ->
args0.toJava()
})
})
}),
)
.sessionDuration(sessionDuration?.applyValue({ args0 -> args0 }))
.zoneId(zoneId?.applyValue({ args0 -> args0 })).build()
}
/**
* Builder for [ZeroTrustAccessPolicyArgs].
*/
@PulumiTagMarker
public class ZeroTrustAccessPolicyArgsBuilder internal constructor() {
private var accountId: Output? = null
private var applicationId: Output? = null
private var approvalGroups: Output>? = null
private var approvalRequired: Output? = null
private var connectionRules: Output? = null
private var decision: Output? = null
private var excludes: Output>? = null
private var includes: Output>? = null
private var isolationRequired: Output? = null
private var name: Output? = null
private var precedence: Output? = null
private var purposeJustificationPrompt: Output? = null
private var purposeJustificationRequired: Output? = null
private var requires: Output>? = null
private var sessionDuration: Output? = null
private var zoneId: Output? = null
/**
* @param value The account identifier to target for the resource. Conflicts with `zone_id`.
*/
@JvmName("rjinqfypwjbeuytp")
public suspend fun accountId(`value`: Output) {
this.accountId = value
}
/**
* @param value The ID of the application the policy is associated with. Required when using `precedence`. **Modifying this attribute will force creation of a new resource.**
*/
@JvmName("cpgbiqnrsihckylw")
public suspend fun applicationId(`value`: Output) {
this.applicationId = value
}
/**
* @param value
*/
@JvmName("fgjjxxwfixqoxhsp")
public suspend fun approvalGroups(`value`: Output>) {
this.approvalGroups = value
}
@JvmName("qblpbjgymwhjugkj")
public suspend fun approvalGroups(vararg values: Output) {
this.approvalGroups = Output.all(values.asList())
}
/**
* @param values
*/
@JvmName("llaxccnwxcvstpcb")
public suspend fun approvalGroups(values: List>) {
this.approvalGroups = Output.all(values)
}
/**
* @param value
*/
@JvmName("dbveyusoamoutgjj")
public suspend fun approvalRequired(`value`: Output) {
this.approvalRequired = value
}
/**
* @param value The rules that define how users may connect to the targets secured by your application.
*/
@JvmName("xwckvbfualnlycgt")
public suspend fun connectionRules(`value`: Output) {
this.connectionRules = value
}
/**
* @param value Defines the action Access will take if the policy matches the user. Available values: `allow`, `deny`, `non_identity`, `bypass`.
*/
@JvmName("adbuhskjffjprueg")
public suspend fun decision(`value`: Output) {
this.decision = value
}
/**
* @param value A series of access conditions, see Access Groups.
*/
@JvmName("jpytjvkwtgodrlvd")
public suspend fun excludes(`value`: Output>) {
this.excludes = value
}
@JvmName("pcaypcnsbtdcbmyp")
public suspend fun excludes(vararg values: Output) {
this.excludes = Output.all(values.asList())
}
/**
* @param values A series of access conditions, see Access Groups.
*/
@JvmName("rkgodmhhejbbccfv")
public suspend fun excludes(values: List>) {
this.excludes = Output.all(values)
}
/**
* @param value A series of access conditions, see Access Groups.
*/
@JvmName("pqoetbbmyonaatju")
public suspend fun includes(`value`: Output>) {
this.includes = value
}
@JvmName("lygxjowkxalgtymj")
public suspend fun includes(vararg values: Output) {
this.includes = Output.all(values.asList())
}
/**
* @param values A series of access conditions, see Access Groups.
*/
@JvmName("osfetvmwtgppodau")
public suspend fun includes(values: List>) {
this.includes = Output.all(values)
}
/**
* @param value Require this application to be served in an isolated browser for users matching this policy.
*/
@JvmName("jajmtpmpbifrawqe")
public suspend fun isolationRequired(`value`: Output) {
this.isolationRequired = value
}
/**
* @param value Friendly name of the Access Policy.
*/
@JvmName("bgrqfnttsgyfxfjr")
public suspend fun name(`value`: Output) {
this.name = value
}
/**
* @param value The unique precedence for policies on a single application. Required when using `application_id`.
*/
@JvmName("fgpdaxbhwymwfnhi")
public suspend fun precedence(`value`: Output) {
this.precedence = value
}
/**
* @param value The prompt to display to the user for a justification for accessing the resource. Required when using `purpose_justification_required`.
*/
@JvmName("iljbnvthnlmnyfsa")
public suspend fun purposeJustificationPrompt(`value`: Output) {
this.purposeJustificationPrompt = value
}
/**
* @param value Whether to prompt the user for a justification for accessing the resource.
*/
@JvmName("ssapolkemfwihqjn")
public suspend fun purposeJustificationRequired(`value`: Output) {
this.purposeJustificationRequired = value
}
/**
* @param value A series of access conditions, see Access Groups.
*/
@JvmName("rgjgdlaxmmrxsolw")
public suspend fun requires(`value`: Output>) {
this.requires = value
}
@JvmName("rrbtwllpnftsqxfc")
public suspend fun requires(vararg values: Output) {
this.requires = Output.all(values.asList())
}
/**
* @param values A series of access conditions, see Access Groups.
*/
@JvmName("hbojqogarnnpmxjt")
public suspend fun requires(values: List>) {
this.requires = Output.all(values)
}
/**
* @param value How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`.
*/
@JvmName("sbsdfctluxqanjvu")
public suspend fun sessionDuration(`value`: Output) {
this.sessionDuration = value
}
/**
* @param value The zone identifier to target for the resource. Conflicts with `account_id`.
*/
@JvmName("obubdphodbafpeqo")
public suspend fun zoneId(`value`: Output) {
this.zoneId = value
}
/**
* @param value The account identifier to target for the resource. Conflicts with `zone_id`.
*/
@JvmName("vpsxjceygxjolufp")
public suspend fun accountId(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.accountId = mapped
}
/**
* @param value The ID of the application the policy is associated with. Required when using `precedence`. **Modifying this attribute will force creation of a new resource.**
*/
@JvmName("ukunduhhnymhwexq")
public suspend fun applicationId(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.applicationId = mapped
}
/**
* @param value
*/
@JvmName("hjguumdxtvwlwawp")
public suspend fun approvalGroups(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.approvalGroups = mapped
}
/**
* @param argument
*/
@JvmName("dubhsylvqslfrrma")
public suspend fun approvalGroups(argument: List Unit>) {
val toBeMapped = argument.toList().map {
ZeroTrustAccessPolicyApprovalGroupArgsBuilder().applySuspend { it() }.build()
}
val mapped = of(toBeMapped)
this.approvalGroups = mapped
}
/**
* @param argument
*/
@JvmName("ehogomodocfdrgkf")
public suspend fun approvalGroups(vararg argument: suspend ZeroTrustAccessPolicyApprovalGroupArgsBuilder.() -> Unit) {
val toBeMapped = argument.toList().map {
ZeroTrustAccessPolicyApprovalGroupArgsBuilder().applySuspend { it() }.build()
}
val mapped = of(toBeMapped)
this.approvalGroups = mapped
}
/**
* @param argument
*/
@JvmName("mkldsakgluhswojp")
public suspend fun approvalGroups(argument: suspend ZeroTrustAccessPolicyApprovalGroupArgsBuilder.() -> Unit) {
val toBeMapped = listOf(
ZeroTrustAccessPolicyApprovalGroupArgsBuilder().applySuspend {
argument()
}.build(),
)
val mapped = of(toBeMapped)
this.approvalGroups = mapped
}
/**
* @param values
*/
@JvmName("hbottydxeogblogh")
public suspend fun approvalGroups(vararg values: ZeroTrustAccessPolicyApprovalGroupArgs) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.approvalGroups = mapped
}
/**
* @param value
*/
@JvmName("vmvuppuorqqoaeth")
public suspend fun approvalRequired(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.approvalRequired = mapped
}
/**
* @param value The rules that define how users may connect to the targets secured by your application.
*/
@JvmName("fxahtabhtatduoie")
public suspend fun connectionRules(`value`: ZeroTrustAccessPolicyConnectionRulesArgs?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.connectionRules = mapped
}
/**
* @param argument The rules that define how users may connect to the targets secured by your application.
*/
@JvmName("kurnltvqlcaolipy")
public suspend fun connectionRules(argument: suspend ZeroTrustAccessPolicyConnectionRulesArgsBuilder.() -> Unit) {
val toBeMapped = ZeroTrustAccessPolicyConnectionRulesArgsBuilder().applySuspend {
argument()
}.build()
val mapped = of(toBeMapped)
this.connectionRules = mapped
}
/**
* @param value Defines the action Access will take if the policy matches the user. Available values: `allow`, `deny`, `non_identity`, `bypass`.
*/
@JvmName("uqwcsmbljsfbrocb")
public suspend fun decision(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.decision = mapped
}
/**
* @param value A series of access conditions, see Access Groups.
*/
@JvmName("iligseopngupchfl")
public suspend fun excludes(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.excludes = mapped
}
/**
* @param argument A series of access conditions, see Access Groups.
*/
@JvmName("glhwaejmofsibiqr")
public suspend fun excludes(argument: List Unit>) {
val toBeMapped = argument.toList().map {
ZeroTrustAccessPolicyExcludeArgsBuilder().applySuspend {
it()
}.build()
}
val mapped = of(toBeMapped)
this.excludes = mapped
}
/**
* @param argument A series of access conditions, see Access Groups.
*/
@JvmName("rukujuovwtfwgwdy")
public suspend fun excludes(vararg argument: suspend ZeroTrustAccessPolicyExcludeArgsBuilder.() -> Unit) {
val toBeMapped = argument.toList().map {
ZeroTrustAccessPolicyExcludeArgsBuilder().applySuspend {
it()
}.build()
}
val mapped = of(toBeMapped)
this.excludes = mapped
}
/**
* @param argument A series of access conditions, see Access Groups.
*/
@JvmName("ngwgohkejlrftect")
public suspend fun excludes(argument: suspend ZeroTrustAccessPolicyExcludeArgsBuilder.() -> Unit) {
val toBeMapped = listOf(
ZeroTrustAccessPolicyExcludeArgsBuilder().applySuspend {
argument()
}.build(),
)
val mapped = of(toBeMapped)
this.excludes = mapped
}
/**
* @param values A series of access conditions, see Access Groups.
*/
@JvmName("uegfnjbigaafeoff")
public suspend fun excludes(vararg values: ZeroTrustAccessPolicyExcludeArgs) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.excludes = mapped
}
/**
* @param value A series of access conditions, see Access Groups.
*/
@JvmName("hyageywdaxinyayq")
public suspend fun includes(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.includes = mapped
}
/**
* @param argument A series of access conditions, see Access Groups.
*/
@JvmName("mgjeqgggldqrawne")
public suspend fun includes(argument: List Unit>) {
val toBeMapped = argument.toList().map {
ZeroTrustAccessPolicyIncludeArgsBuilder().applySuspend {
it()
}.build()
}
val mapped = of(toBeMapped)
this.includes = mapped
}
/**
* @param argument A series of access conditions, see Access Groups.
*/
@JvmName("agwgmbachkxhfxms")
public suspend fun includes(vararg argument: suspend ZeroTrustAccessPolicyIncludeArgsBuilder.() -> Unit) {
val toBeMapped = argument.toList().map {
ZeroTrustAccessPolicyIncludeArgsBuilder().applySuspend {
it()
}.build()
}
val mapped = of(toBeMapped)
this.includes = mapped
}
/**
* @param argument A series of access conditions, see Access Groups.
*/
@JvmName("cshtvbqvnfdtdigb")
public suspend fun includes(argument: suspend ZeroTrustAccessPolicyIncludeArgsBuilder.() -> Unit) {
val toBeMapped = listOf(
ZeroTrustAccessPolicyIncludeArgsBuilder().applySuspend {
argument()
}.build(),
)
val mapped = of(toBeMapped)
this.includes = mapped
}
/**
* @param values A series of access conditions, see Access Groups.
*/
@JvmName("ynqxgidyyhvxoogk")
public suspend fun includes(vararg values: ZeroTrustAccessPolicyIncludeArgs) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.includes = mapped
}
/**
* @param value Require this application to be served in an isolated browser for users matching this policy.
*/
@JvmName("rkovvknibfdgpfxb")
public suspend fun isolationRequired(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.isolationRequired = mapped
}
/**
* @param value Friendly name of the Access Policy.
*/
@JvmName("matncflibivdnjiq")
public suspend fun name(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.name = mapped
}
/**
* @param value The unique precedence for policies on a single application. Required when using `application_id`.
*/
@JvmName("enrkekgxyvqhykvq")
public suspend fun precedence(`value`: Int?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.precedence = mapped
}
/**
* @param value The prompt to display to the user for a justification for accessing the resource. Required when using `purpose_justification_required`.
*/
@JvmName("fjrrpbdcfawlrcvq")
public suspend fun purposeJustificationPrompt(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.purposeJustificationPrompt = mapped
}
/**
* @param value Whether to prompt the user for a justification for accessing the resource.
*/
@JvmName("odypqgjxleeraank")
public suspend fun purposeJustificationRequired(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.purposeJustificationRequired = mapped
}
/**
* @param value A series of access conditions, see Access Groups.
*/
@JvmName("mwyhjpxdhvsjnuou")
public suspend fun requires(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.requires = mapped
}
/**
* @param argument A series of access conditions, see Access Groups.
*/
@JvmName("abpchmjelctjxpnm")
public suspend fun requires(argument: List Unit>) {
val toBeMapped = argument.toList().map {
ZeroTrustAccessPolicyRequireArgsBuilder().applySuspend {
it()
}.build()
}
val mapped = of(toBeMapped)
this.requires = mapped
}
/**
* @param argument A series of access conditions, see Access Groups.
*/
@JvmName("yrevnxjjdawybjcj")
public suspend fun requires(vararg argument: suspend ZeroTrustAccessPolicyRequireArgsBuilder.() -> Unit) {
val toBeMapped = argument.toList().map {
ZeroTrustAccessPolicyRequireArgsBuilder().applySuspend {
it()
}.build()
}
val mapped = of(toBeMapped)
this.requires = mapped
}
/**
* @param argument A series of access conditions, see Access Groups.
*/
@JvmName("ppoxlgovhqhhdnlh")
public suspend fun requires(argument: suspend ZeroTrustAccessPolicyRequireArgsBuilder.() -> Unit) {
val toBeMapped = listOf(
ZeroTrustAccessPolicyRequireArgsBuilder().applySuspend {
argument()
}.build(),
)
val mapped = of(toBeMapped)
this.requires = mapped
}
/**
* @param values A series of access conditions, see Access Groups.
*/
@JvmName("xbhkopcbqwbdsoym")
public suspend fun requires(vararg values: ZeroTrustAccessPolicyRequireArgs) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.requires = mapped
}
/**
* @param value How often a user will be forced to re-authorise. Must be in the format `48h` or `2h45m`.
*/
@JvmName("ylqgaxjkchflmgdc")
public suspend fun sessionDuration(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.sessionDuration = mapped
}
/**
* @param value The zone identifier to target for the resource. Conflicts with `account_id`.
*/
@JvmName("nasitocdvvqqapew")
public suspend fun zoneId(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.zoneId = mapped
}
internal fun build(): ZeroTrustAccessPolicyArgs = ZeroTrustAccessPolicyArgs(
accountId = accountId,
applicationId = applicationId,
approvalGroups = approvalGroups,
approvalRequired = approvalRequired,
connectionRules = connectionRules,
decision = decision,
excludes = excludes,
includes = includes,
isolationRequired = isolationRequired,
name = name,
precedence = precedence,
purposeJustificationPrompt = purposeJustificationPrompt,
purposeJustificationRequired = purposeJustificationRequired,
requires = requires,
sessionDuration = sessionDuration,
zoneId = zoneId,
)
}