Docs Home Pulumi IaC Pulumi ESC Pulumi Insights Pulumi Cloud Packages Tutorials
  1. Packages
  2. Cloudflare Provider
  3. API Docs
  4. ZeroTrustDevicePostureRule
Cloudflare v5.49.1 published on Tuesday, Feb 18, 2025 by Pulumi
pulumi/pulumi-cloudflare

cloudflare.ZeroTrustDevicePostureRule

Explore with Pulumi AI

Cloudflare v5.49.1 published on Tuesday, Feb 18, 2025 by Pulumi
pulumi/pulumi-cloudflare

Provides a Cloudflare Device Posture Rule resource. Device posture rules configure security policies for device posture checks.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";

const eaxmple = new cloudflare.ZeroTrustDevicePostureRule("eaxmple", {
    accountId: "f037e56e89293a057740de681ac9abbe",
    name: "Corporate devices posture rule",
    type: "os_version",
    description: "Device posture rule for corporate devices.",
    schedule: "24h",
    expiration: "24h",
    matches: [{
        platform: "linux",
    }],
    inputs: [{
        id: corporateDevices.id,
        version: "1.0.0",
        operator: "<",
        osDistroName: "ubuntu",
        osDistroRevision: "1.0.0",
        osVersionExtra: "(a)",
    }],
});
Copy
import pulumi
import pulumi_cloudflare as cloudflare

eaxmple = cloudflare.ZeroTrustDevicePostureRule("eaxmple",
    account_id="f037e56e89293a057740de681ac9abbe",
    name="Corporate devices posture rule",
    type="os_version",
    description="Device posture rule for corporate devices.",
    schedule="24h",
    expiration="24h",
    matches=[{
        "platform": "linux",
    }],
    inputs=[{
        "id": corporate_devices["id"],
        "version": "1.0.0",
        "operator": "<",
        "os_distro_name": "ubuntu",
        "os_distro_revision": "1.0.0",
        "os_version_extra": "(a)",
    }])
Copy
package main

import (
	"github.com/pulumi/pulumi-cloudflare/sdk/v5/go/cloudflare"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := cloudflare.NewZeroTrustDevicePostureRule(ctx, "eaxmple", &cloudflare.ZeroTrustDevicePostureRuleArgs{
			AccountId:   pulumi.String("f037e56e89293a057740de681ac9abbe"),
			Name:        pulumi.String("Corporate devices posture rule"),
			Type:        pulumi.String("os_version"),
			Description: pulumi.String("Device posture rule for corporate devices."),
			Schedule:    pulumi.String("24h"),
			Expiration:  pulumi.String("24h"),
			Matches: cloudflare.ZeroTrustDevicePostureRuleMatchArray{
				&cloudflare.ZeroTrustDevicePostureRuleMatchArgs{
					Platform: pulumi.String("linux"),
				},
			},
			Inputs: cloudflare.ZeroTrustDevicePostureRuleInputTypeArray{
				&cloudflare.ZeroTrustDevicePostureRuleInputTypeArgs{
					Id:               pulumi.Any(corporateDevices.Id),
					Version:          pulumi.String("1.0.0"),
					Operator:         pulumi.String("<"),
					OsDistroName:     pulumi.String("ubuntu"),
					OsDistroRevision: pulumi.String("1.0.0"),
					OsVersionExtra:   pulumi.String("(a)"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;

return await Deployment.RunAsync(() => 
{
    var eaxmple = new Cloudflare.ZeroTrustDevicePostureRule("eaxmple", new()
    {
        AccountId = "f037e56e89293a057740de681ac9abbe",
        Name = "Corporate devices posture rule",
        Type = "os_version",
        Description = "Device posture rule for corporate devices.",
        Schedule = "24h",
        Expiration = "24h",
        Matches = new[]
        {
            new Cloudflare.Inputs.ZeroTrustDevicePostureRuleMatchArgs
            {
                Platform = "linux",
            },
        },
        Inputs = new[]
        {
            new Cloudflare.Inputs.ZeroTrustDevicePostureRuleInputArgs
            {
                Id = corporateDevices.Id,
                Version = "1.0.0",
                Operator = "<",
                OsDistroName = "ubuntu",
                OsDistroRevision = "1.0.0",
                OsVersionExtra = "(a)",
            },
        },
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudflare.ZeroTrustDevicePostureRule;
import com.pulumi.cloudflare.ZeroTrustDevicePostureRuleArgs;
import com.pulumi.cloudflare.inputs.ZeroTrustDevicePostureRuleMatchArgs;
import com.pulumi.cloudflare.inputs.ZeroTrustDevicePostureRuleInputArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var eaxmple = new ZeroTrustDevicePostureRule("eaxmple", ZeroTrustDevicePostureRuleArgs.builder()
            .accountId("f037e56e89293a057740de681ac9abbe")
            .name("Corporate devices posture rule")
            .type("os_version")
            .description("Device posture rule for corporate devices.")
            .schedule("24h")
            .expiration("24h")
            .matches(ZeroTrustDevicePostureRuleMatchArgs.builder()
                .platform("linux")
                .build())
            .inputs(ZeroTrustDevicePostureRuleInputArgs.builder()
                .id(corporateDevices.id())
                .version("1.0.0")
                .operator("<")
                .osDistroName("ubuntu")
                .osDistroRevision("1.0.0")
                .osVersionExtra("(a)")
                .build())
            .build());

    }
}
Copy
resources:
  eaxmple:
    type: cloudflare:ZeroTrustDevicePostureRule
    properties:
      accountId: f037e56e89293a057740de681ac9abbe
      name: Corporate devices posture rule
      type: os_version
      description: Device posture rule for corporate devices.
      schedule: 24h
      expiration: 24h
      matches:
        - platform: linux
      inputs:
        - id: ${corporateDevices.id}
          version: 1.0.0
          operator: <
          osDistroName: ubuntu
          osDistroRevision: 1.0.0
          osVersionExtra: (a)
Copy

Create ZeroTrustDevicePostureRule Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new ZeroTrustDevicePostureRule(name: string, args: ZeroTrustDevicePostureRuleArgs, opts?: CustomResourceOptions);
@overload
def ZeroTrustDevicePostureRule(resource_name: str,
                               args: ZeroTrustDevicePostureRuleArgs,
                               opts: Optional[ResourceOptions] = None)

@overload
def ZeroTrustDevicePostureRule(resource_name: str,
                               opts: Optional[ResourceOptions] = None,
                               account_id: Optional[str] = None,
                               type: Optional[str] = None,
                               description: Optional[str] = None,
                               expiration: Optional[str] = None,
                               inputs: Optional[Sequence[ZeroTrustDevicePostureRuleInputArgs]] = None,
                               matches: Optional[Sequence[ZeroTrustDevicePostureRuleMatchArgs]] = None,
                               name: Optional[str] = None,
                               schedule: Optional[str] = None)
func NewZeroTrustDevicePostureRule(ctx *Context, name string, args ZeroTrustDevicePostureRuleArgs, opts ...ResourceOption) (*ZeroTrustDevicePostureRule, error)
public ZeroTrustDevicePostureRule(string name, ZeroTrustDevicePostureRuleArgs args, CustomResourceOptions? opts = null)
public ZeroTrustDevicePostureRule(String name, ZeroTrustDevicePostureRuleArgs args)
public ZeroTrustDevicePostureRule(String name, ZeroTrustDevicePostureRuleArgs args, CustomResourceOptions options)

type: cloudflare:ZeroTrustDevicePostureRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args This property is required. ZeroTrustDevicePostureRuleArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args This property is required. ZeroTrustDevicePostureRuleArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args This property is required. ZeroTrustDevicePostureRuleArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args This property is required. ZeroTrustDevicePostureRuleArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. ZeroTrustDevicePostureRuleArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var zeroTrustDevicePostureRuleResource = new Cloudflare.ZeroTrustDevicePostureRule("zeroTrustDevicePostureRuleResource", new()
{
    AccountId = "string",
    Type = "string",
    Description = "string",
    Expiration = "string",
    Inputs = new[]
    {
        new Cloudflare.Inputs.ZeroTrustDevicePostureRuleInputArgs
        {
            ActiveThreats = 0,
            CertificateId = "string",
            CheckDisks = new[]
            {
                "string",
            },
            CheckPrivateKey = false,
            Cn = "string",
            ComplianceStatus = "string",
            ConnectionId = "string",
            CountOperator = "string",
            Domain = "string",
            EidLastSeen = "string",
            Enabled = false,
            Exists = false,
            ExtendedKeyUsages = new[]
            {
                "string",
            },
            Id = "string",
            Infected = false,
            IsActive = false,
            IssueCount = "string",
            LastSeen = "string",
            Locations = new[]
            {
                new Cloudflare.Inputs.ZeroTrustDevicePostureRuleInputLocationArgs
                {
                    Paths = new[]
                    {
                        "string",
                    },
                    TrustStores = new[]
                    {
                        "string",
                    },
                },
            },
            NetworkStatus = "string",
            OperationalState = "string",
            Operator = "string",
            Os = "string",
            OsDistroName = "string",
            OsDistroRevision = "string",
            OsVersionExtra = "string",
            Overall = "string",
            Path = "string",
            RequireAll = false,
            RiskLevel = "string",
            Running = false,
            Score = 0,
            SensorConfig = "string",
            Sha256 = "string",
            State = "string",
            Thumbprint = "string",
            TotalScore = 0,
            Version = "string",
            VersionOperator = "string",
        },
    },
    Matches = new[]
    {
        new Cloudflare.Inputs.ZeroTrustDevicePostureRuleMatchArgs
        {
            Platform = "string",
        },
    },
    Name = "string",
    Schedule = "string",
});
Copy
example, err := cloudflare.NewZeroTrustDevicePostureRule(ctx, "zeroTrustDevicePostureRuleResource", &cloudflare.ZeroTrustDevicePostureRuleArgs{
	AccountId:   pulumi.String("string"),
	Type:        pulumi.String("string"),
	Description: pulumi.String("string"),
	Expiration:  pulumi.String("string"),
	Inputs: cloudflare.ZeroTrustDevicePostureRuleInputTypeArray{
		&cloudflare.ZeroTrustDevicePostureRuleInputTypeArgs{
			ActiveThreats: pulumi.Int(0),
			CertificateId: pulumi.String("string"),
			CheckDisks: pulumi.StringArray{
				pulumi.String("string"),
			},
			CheckPrivateKey:  pulumi.Bool(false),
			Cn:               pulumi.String("string"),
			ComplianceStatus: pulumi.String("string"),
			ConnectionId:     pulumi.String("string"),
			CountOperator:    pulumi.String("string"),
			Domain:           pulumi.String("string"),
			EidLastSeen:      pulumi.String("string"),
			Enabled:          pulumi.Bool(false),
			Exists:           pulumi.Bool(false),
			ExtendedKeyUsages: pulumi.StringArray{
				pulumi.String("string"),
			},
			Id:         pulumi.String("string"),
			Infected:   pulumi.Bool(false),
			IsActive:   pulumi.Bool(false),
			IssueCount: pulumi.String("string"),
			LastSeen:   pulumi.String("string"),
			Locations: cloudflare.ZeroTrustDevicePostureRuleInputLocationArray{
				&cloudflare.ZeroTrustDevicePostureRuleInputLocationArgs{
					Paths: pulumi.StringArray{
						pulumi.String("string"),
					},
					TrustStores: pulumi.StringArray{
						pulumi.String("string"),
					},
				},
			},
			NetworkStatus:    pulumi.String("string"),
			OperationalState: pulumi.String("string"),
			Operator:         pulumi.String("string"),
			Os:               pulumi.String("string"),
			OsDistroName:     pulumi.String("string"),
			OsDistroRevision: pulumi.String("string"),
			OsVersionExtra:   pulumi.String("string"),
			Overall:          pulumi.String("string"),
			Path:             pulumi.String("string"),
			RequireAll:       pulumi.Bool(false),
			RiskLevel:        pulumi.String("string"),
			Running:          pulumi.Bool(false),
			Score:            pulumi.Int(0),
			SensorConfig:     pulumi.String("string"),
			Sha256:           pulumi.String("string"),
			State:            pulumi.String("string"),
			Thumbprint:       pulumi.String("string"),
			TotalScore:       pulumi.Int(0),
			Version:          pulumi.String("string"),
			VersionOperator:  pulumi.String("string"),
		},
	},
	Matches: cloudflare.ZeroTrustDevicePostureRuleMatchArray{
		&cloudflare.ZeroTrustDevicePostureRuleMatchArgs{
			Platform: pulumi.String("string"),
		},
	},
	Name:     pulumi.String("string"),
	Schedule: pulumi.String("string"),
})
Copy
var zeroTrustDevicePostureRuleResource = new ZeroTrustDevicePostureRule("zeroTrustDevicePostureRuleResource", ZeroTrustDevicePostureRuleArgs.builder()
    .accountId("string")
    .type("string")
    .description("string")
    .expiration("string")
    .inputs(ZeroTrustDevicePostureRuleInputArgs.builder()
        .activeThreats(0)
        .certificateId("string")
        .checkDisks("string")
        .checkPrivateKey(false)
        .cn("string")
        .complianceStatus("string")
        .connectionId("string")
        .countOperator("string")
        .domain("string")
        .eidLastSeen("string")
        .enabled(false)
        .exists(false)
        .extendedKeyUsages("string")
        .id("string")
        .infected(false)
        .isActive(false)
        .issueCount("string")
        .lastSeen("string")
        .locations(ZeroTrustDevicePostureRuleInputLocationArgs.builder()
            .paths("string")
            .trustStores("string")
            .build())
        .networkStatus("string")
        .operationalState("string")
        .operator("string")
        .os("string")
        .osDistroName("string")
        .osDistroRevision("string")
        .osVersionExtra("string")
        .overall("string")
        .path("string")
        .requireAll(false)
        .riskLevel("string")
        .running(false)
        .score(0)
        .sensorConfig("string")
        .sha256("string")
        .state("string")
        .thumbprint("string")
        .totalScore(0)
        .version("string")
        .versionOperator("string")
        .build())
    .matches(ZeroTrustDevicePostureRuleMatchArgs.builder()
        .platform("string")
        .build())
    .name("string")
    .schedule("string")
    .build());
Copy
zero_trust_device_posture_rule_resource = cloudflare.ZeroTrustDevicePostureRule("zeroTrustDevicePostureRuleResource",
    account_id="string",
    type="string",
    description="string",
    expiration="string",
    inputs=[{
        "active_threats": 0,
        "certificate_id": "string",
        "check_disks": ["string"],
        "check_private_key": False,
        "cn": "string",
        "compliance_status": "string",
        "connection_id": "string",
        "count_operator": "string",
        "domain": "string",
        "eid_last_seen": "string",
        "enabled": False,
        "exists": False,
        "extended_key_usages": ["string"],
        "id": "string",
        "infected": False,
        "is_active": False,
        "issue_count": "string",
        "last_seen": "string",
        "locations": [{
            "paths": ["string"],
            "trust_stores": ["string"],
        }],
        "network_status": "string",
        "operational_state": "string",
        "operator": "string",
        "os": "string",
        "os_distro_name": "string",
        "os_distro_revision": "string",
        "os_version_extra": "string",
        "overall": "string",
        "path": "string",
        "require_all": False,
        "risk_level": "string",
        "running": False,
        "score": 0,
        "sensor_config": "string",
        "sha256": "string",
        "state": "string",
        "thumbprint": "string",
        "total_score": 0,
        "version": "string",
        "version_operator": "string",
    }],
    matches=[{
        "platform": "string",
    }],
    name="string",
    schedule="string")
Copy
const zeroTrustDevicePostureRuleResource = new cloudflare.ZeroTrustDevicePostureRule("zeroTrustDevicePostureRuleResource", {
    accountId: "string",
    type: "string",
    description: "string",
    expiration: "string",
    inputs: [{
        activeThreats: 0,
        certificateId: "string",
        checkDisks: ["string"],
        checkPrivateKey: false,
        cn: "string",
        complianceStatus: "string",
        connectionId: "string",
        countOperator: "string",
        domain: "string",
        eidLastSeen: "string",
        enabled: false,
        exists: false,
        extendedKeyUsages: ["string"],
        id: "string",
        infected: false,
        isActive: false,
        issueCount: "string",
        lastSeen: "string",
        locations: [{
            paths: ["string"],
            trustStores: ["string"],
        }],
        networkStatus: "string",
        operationalState: "string",
        operator: "string",
        os: "string",
        osDistroName: "string",
        osDistroRevision: "string",
        osVersionExtra: "string",
        overall: "string",
        path: "string",
        requireAll: false,
        riskLevel: "string",
        running: false,
        score: 0,
        sensorConfig: "string",
        sha256: "string",
        state: "string",
        thumbprint: "string",
        totalScore: 0,
        version: "string",
        versionOperator: "string",
    }],
    matches: [{
        platform: "string",
    }],
    name: "string",
    schedule: "string",
});
Copy
type: cloudflare:ZeroTrustDevicePostureRule
properties:
    accountId: string
    description: string
    expiration: string
    inputs:
        - activeThreats: 0
          certificateId: string
          checkDisks:
            - string
          checkPrivateKey: false
          cn: string
          complianceStatus: string
          connectionId: string
          countOperator: string
          domain: string
          eidLastSeen: string
          enabled: false
          exists: false
          extendedKeyUsages:
            - string
          id: string
          infected: false
          isActive: false
          issueCount: string
          lastSeen: string
          locations:
            - paths:
                - string
              trustStores:
                - string
          networkStatus: string
          operationalState: string
          operator: string
          os: string
          osDistroName: string
          osDistroRevision: string
          osVersionExtra: string
          overall: string
          path: string
          requireAll: false
          riskLevel: string
          running: false
          score: 0
          sensorConfig: string
          sha256: string
          state: string
          thumbprint: string
          totalScore: 0
          version: string
          versionOperator: string
    matches:
        - platform: string
    name: string
    schedule: string
    type: string
Copy

ZeroTrustDevicePostureRule Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The ZeroTrustDevicePostureRule resource accepts the following input properties:

AccountId This property is required. string
The account identifier to target for the resource.
Type This property is required. string
The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, client_certificate, client_certificate_v2, workspace_one, unique_client_id, crowdstrike_s2s, sentinelone, kolide, tanium_s2s, intune, sentinelone_s2s, custom_s2s.
Description string
Expiration string
Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m.
Inputs List<ZeroTrustDevicePostureRuleInput>
Required for all rule types except warp, gateway, and tanium.
Matches List<ZeroTrustDevicePostureRuleMatch>
The conditions that the client must match to run the rule.
Name string
Name of the device posture rule.
Schedule string
Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m.
AccountId This property is required. string
The account identifier to target for the resource.
Type This property is required. string
The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, client_certificate, client_certificate_v2, workspace_one, unique_client_id, crowdstrike_s2s, sentinelone, kolide, tanium_s2s, intune, sentinelone_s2s, custom_s2s.
Description string
Expiration string
Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m.
Inputs []ZeroTrustDevicePostureRuleInputTypeArgs
Required for all rule types except warp, gateway, and tanium.
Matches []ZeroTrustDevicePostureRuleMatchArgs
The conditions that the client must match to run the rule.
Name string
Name of the device posture rule.
Schedule string
Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m.
accountId This property is required. String
The account identifier to target for the resource.
type This property is required. String
The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, client_certificate, client_certificate_v2, workspace_one, unique_client_id, crowdstrike_s2s, sentinelone, kolide, tanium_s2s, intune, sentinelone_s2s, custom_s2s.
description String
expiration String
Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m.
inputs List<ZeroTrustDevicePostureRuleInput>
Required for all rule types except warp, gateway, and tanium.
matches List<ZeroTrustDevicePostureRuleMatch>
The conditions that the client must match to run the rule.
name String
Name of the device posture rule.
schedule String
Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m.
accountId This property is required. string
The account identifier to target for the resource.
type This property is required. string
The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, client_certificate, client_certificate_v2, workspace_one, unique_client_id, crowdstrike_s2s, sentinelone, kolide, tanium_s2s, intune, sentinelone_s2s, custom_s2s.
description string
expiration string
Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m.
inputs ZeroTrustDevicePostureRuleInput[]
Required for all rule types except warp, gateway, and tanium.
matches ZeroTrustDevicePostureRuleMatch[]
The conditions that the client must match to run the rule.
name string
Name of the device posture rule.
schedule string
Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m.
account_id This property is required. str
The account identifier to target for the resource.
type This property is required. str
The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, client_certificate, client_certificate_v2, workspace_one, unique_client_id, crowdstrike_s2s, sentinelone, kolide, tanium_s2s, intune, sentinelone_s2s, custom_s2s.
description str
expiration str
Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m.
inputs Sequence[ZeroTrustDevicePostureRuleInputArgs]
Required for all rule types except warp, gateway, and tanium.
matches Sequence[ZeroTrustDevicePostureRuleMatchArgs]
The conditions that the client must match to run the rule.
name str
Name of the device posture rule.
schedule str
Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m.
accountId This property is required. String
The account identifier to target for the resource.
type This property is required. String
The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, client_certificate, client_certificate_v2, workspace_one, unique_client_id, crowdstrike_s2s, sentinelone, kolide, tanium_s2s, intune, sentinelone_s2s, custom_s2s.
description String
expiration String
Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m.
inputs List<Property Map>
Required for all rule types except warp, gateway, and tanium.
matches List<Property Map>
The conditions that the client must match to run the rule.
name String
Name of the device posture rule.
schedule String
Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m.

Outputs

All input properties are implicitly available as output properties. Additionally, the ZeroTrustDevicePostureRule resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
Id string
The provider-assigned unique ID for this managed resource.
id String
The provider-assigned unique ID for this managed resource.
id string
The provider-assigned unique ID for this managed resource.
id str
The provider-assigned unique ID for this managed resource.
id String
The provider-assigned unique ID for this managed resource.

Look up Existing ZeroTrustDevicePostureRule Resource

Get an existing ZeroTrustDevicePostureRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: ZeroTrustDevicePostureRuleState, opts?: CustomResourceOptions): ZeroTrustDevicePostureRule
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        account_id: Optional[str] = None,
        description: Optional[str] = None,
        expiration: Optional[str] = None,
        inputs: Optional[Sequence[ZeroTrustDevicePostureRuleInputArgs]] = None,
        matches: Optional[Sequence[ZeroTrustDevicePostureRuleMatchArgs]] = None,
        name: Optional[str] = None,
        schedule: Optional[str] = None,
        type: Optional[str] = None) -> ZeroTrustDevicePostureRule
func GetZeroTrustDevicePostureRule(ctx *Context, name string, id IDInput, state *ZeroTrustDevicePostureRuleState, opts ...ResourceOption) (*ZeroTrustDevicePostureRule, error)
public static ZeroTrustDevicePostureRule Get(string name, Input<string> id, ZeroTrustDevicePostureRuleState? state, CustomResourceOptions? opts = null)
public static ZeroTrustDevicePostureRule get(String name, Output<String> id, ZeroTrustDevicePostureRuleState state, CustomResourceOptions options)
resources:  _:    type: cloudflare:ZeroTrustDevicePostureRule    get:      id: ${id}
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
AccountId string
The account identifier to target for the resource.
Description string
Expiration string
Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m.
Inputs List<ZeroTrustDevicePostureRuleInput>
Required for all rule types except warp, gateway, and tanium.
Matches List<ZeroTrustDevicePostureRuleMatch>
The conditions that the client must match to run the rule.
Name string
Name of the device posture rule.
Schedule string
Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m.
Type string
The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, client_certificate, client_certificate_v2, workspace_one, unique_client_id, crowdstrike_s2s, sentinelone, kolide, tanium_s2s, intune, sentinelone_s2s, custom_s2s.
AccountId string
The account identifier to target for the resource.
Description string
Expiration string
Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m.
Inputs []ZeroTrustDevicePostureRuleInputTypeArgs
Required for all rule types except warp, gateway, and tanium.
Matches []ZeroTrustDevicePostureRuleMatchArgs
The conditions that the client must match to run the rule.
Name string
Name of the device posture rule.
Schedule string
Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m.
Type string
The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, client_certificate, client_certificate_v2, workspace_one, unique_client_id, crowdstrike_s2s, sentinelone, kolide, tanium_s2s, intune, sentinelone_s2s, custom_s2s.
accountId String
The account identifier to target for the resource.
description String
expiration String
Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m.
inputs List<ZeroTrustDevicePostureRuleInput>
Required for all rule types except warp, gateway, and tanium.
matches List<ZeroTrustDevicePostureRuleMatch>
The conditions that the client must match to run the rule.
name String
Name of the device posture rule.
schedule String
Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m.
type String
The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, client_certificate, client_certificate_v2, workspace_one, unique_client_id, crowdstrike_s2s, sentinelone, kolide, tanium_s2s, intune, sentinelone_s2s, custom_s2s.
accountId string
The account identifier to target for the resource.
description string
expiration string
Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m.
inputs ZeroTrustDevicePostureRuleInput[]
Required for all rule types except warp, gateway, and tanium.
matches ZeroTrustDevicePostureRuleMatch[]
The conditions that the client must match to run the rule.
name string
Name of the device posture rule.
schedule string
Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m.
type string
The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, client_certificate, client_certificate_v2, workspace_one, unique_client_id, crowdstrike_s2s, sentinelone, kolide, tanium_s2s, intune, sentinelone_s2s, custom_s2s.
account_id str
The account identifier to target for the resource.
description str
expiration str
Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m.
inputs Sequence[ZeroTrustDevicePostureRuleInputArgs]
Required for all rule types except warp, gateway, and tanium.
matches Sequence[ZeroTrustDevicePostureRuleMatchArgs]
The conditions that the client must match to run the rule.
name str
Name of the device posture rule.
schedule str
Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m.
type str
The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, client_certificate, client_certificate_v2, workspace_one, unique_client_id, crowdstrike_s2s, sentinelone, kolide, tanium_s2s, intune, sentinelone_s2s, custom_s2s.
accountId String
The account identifier to target for the resource.
description String
expiration String
Expire posture results after the specified amount of time. Must be in the format 1h or 30m. Valid units are h and m.
inputs List<Property Map>
Required for all rule types except warp, gateway, and tanium.
matches List<Property Map>
The conditions that the client must match to run the rule.
name String
Name of the device posture rule.
schedule String
Tells the client when to run the device posture check. Must be in the format 1h or 30m. Valid units are h and m.
type String
The device posture rule type. Available values: serial_number, file, application, gateway, warp, domain_joined, os_version, disk_encryption, firewall, client_certificate, client_certificate_v2, workspace_one, unique_client_id, crowdstrike_s2s, sentinelone, kolide, tanium_s2s, intune, sentinelone_s2s, custom_s2s.

Supporting Types

ZeroTrustDevicePostureRuleInput
, ZeroTrustDevicePostureRuleInputArgs

ActiveThreats int
The number of active threats from SentinelOne.
CertificateId string
The UUID of a Cloudflare managed certificate.
CheckDisks List<string>
Specific volume(s) to check for encryption.
CheckPrivateKey bool
Confirm the certificate was not imported from another device.
Cn string
The common name for a certificate.
ComplianceStatus string
The workspace one or intune device compliance status. compliant and noncompliant are values supported by both providers. unknown, conflict, error, ingraceperiod values are only supported by intune. Available values: compliant, noncompliant, unknown, conflict, error, ingraceperiod.
ConnectionId string
The workspace one or intune connection id.
CountOperator string
The count comparison operator for kolide. Available values: >, >=, <, <=, ==.
Domain string
The domain that the client must join.
EidLastSeen string
The time a device last seen in Tanium. Must be in the format 1h or 30m. Valid units are d, h and m.
Enabled bool
True if the firewall must be enabled.
Exists bool
Checks if the file should exist.
ExtendedKeyUsages List<string>
List of values indicating purposes for which the certificate public key can be used. Available values: clientAuth, emailProtection.
Id string
The Teams List id. Required for serial_number and unique_client_id rule types.
Infected bool
True if SentinelOne device is infected.
IsActive bool
True if SentinelOne device is active.
IssueCount string
The number of issues for kolide.
LastSeen string
The duration of time that the host was last seen from Crowdstrike. Must be in the format 1h or 30m. Valid units are d, h and m.
Locations List<ZeroTrustDevicePostureRuleInputLocation>
List of operating system locations to check for a client certificate..
NetworkStatus string
The network status from SentinelOne. Available values: connected, disconnected, disconnecting, connecting.
OperationalState string
The current operational state of a SentinelOne Agent. Available values: na, partially_disabled, auto_fully_disabled, fully_disabled, auto_partially_disabled, disabled_error, db_corruption.
Operator string
The version comparison operator. Available values: >, >=, <, <=, ==.
Os string
OS signal score from Crowdstrike. Value must be between 1 and 100.
OsDistroName string
The operating system excluding version information.
OsDistroRevision string
The operating system version excluding OS name information or release name.
OsVersionExtra string
Extra version value following the operating system semantic version.
Overall string
Overall ZTA score from Crowdstrike. Value must be between 1 and 100.
Path string
The path to the file.
RequireAll bool
True if all drives must be encrypted.
RiskLevel string
The risk level from Tanium. Available values: low, medium, high, critical.
Running bool
Checks if the application should be running.
Score int
A value between 0-100 assigned to devices set by the 3rd party posture provider for custom device posture integrations.
SensorConfig string
Sensor signal score from Crowdstrike. Value must be between 1 and 100.
Sha256 string
The sha256 hash of the file.
State string
The host’s current online status from Crowdstrike. Available values: online, offline, unknown.
Thumbprint string
The thumbprint of the file certificate.
TotalScore int
The total score from Tanium.
Version string
The operating system semantic version.
VersionOperator string
The version comparison operator for Crowdstrike. Available values: >, >=, <, <=, ==.
ActiveThreats int
The number of active threats from SentinelOne.
CertificateId string
The UUID of a Cloudflare managed certificate.
CheckDisks []string
Specific volume(s) to check for encryption.
CheckPrivateKey bool
Confirm the certificate was not imported from another device.
Cn string
The common name for a certificate.
ComplianceStatus string
The workspace one or intune device compliance status. compliant and noncompliant are values supported by both providers. unknown, conflict, error, ingraceperiod values are only supported by intune. Available values: compliant, noncompliant, unknown, conflict, error, ingraceperiod.
ConnectionId string
The workspace one or intune connection id.
CountOperator string
The count comparison operator for kolide. Available values: >, >=, <, <=, ==.
Domain string
The domain that the client must join.
EidLastSeen string
The time a device last seen in Tanium. Must be in the format 1h or 30m. Valid units are d, h and m.
Enabled bool
True if the firewall must be enabled.
Exists bool
Checks if the file should exist.
ExtendedKeyUsages []string
List of values indicating purposes for which the certificate public key can be used. Available values: clientAuth, emailProtection.
Id string
The Teams List id. Required for serial_number and unique_client_id rule types.
Infected bool
True if SentinelOne device is infected.
IsActive bool
True if SentinelOne device is active.
IssueCount string
The number of issues for kolide.
LastSeen string
The duration of time that the host was last seen from Crowdstrike. Must be in the format 1h or 30m. Valid units are d, h and m.
Locations []ZeroTrustDevicePostureRuleInputLocation
List of operating system locations to check for a client certificate..
NetworkStatus string
The network status from SentinelOne. Available values: connected, disconnected, disconnecting, connecting.
OperationalState string
The current operational state of a SentinelOne Agent. Available values: na, partially_disabled, auto_fully_disabled, fully_disabled, auto_partially_disabled, disabled_error, db_corruption.
Operator string
The version comparison operator. Available values: >, >=, <, <=, ==.
Os string
OS signal score from Crowdstrike. Value must be between 1 and 100.
OsDistroName string
The operating system excluding version information.
OsDistroRevision string
The operating system version excluding OS name information or release name.
OsVersionExtra string
Extra version value following the operating system semantic version.
Overall string
Overall ZTA score from Crowdstrike. Value must be between 1 and 100.
Path string
The path to the file.
RequireAll bool
True if all drives must be encrypted.
RiskLevel string
The risk level from Tanium. Available values: low, medium, high, critical.
Running bool
Checks if the application should be running.
Score int
A value between 0-100 assigned to devices set by the 3rd party posture provider for custom device posture integrations.
SensorConfig string
Sensor signal score from Crowdstrike. Value must be between 1 and 100.
Sha256 string
The sha256 hash of the file.
State string
The host’s current online status from Crowdstrike. Available values: online, offline, unknown.
Thumbprint string
The thumbprint of the file certificate.
TotalScore int
The total score from Tanium.
Version string
The operating system semantic version.
VersionOperator string
The version comparison operator for Crowdstrike. Available values: >, >=, <, <=, ==.
activeThreats Integer
The number of active threats from SentinelOne.
certificateId String
The UUID of a Cloudflare managed certificate.
checkDisks List<String>
Specific volume(s) to check for encryption.
checkPrivateKey Boolean
Confirm the certificate was not imported from another device.
cn String
The common name for a certificate.
complianceStatus String
The workspace one or intune device compliance status. compliant and noncompliant are values supported by both providers. unknown, conflict, error, ingraceperiod values are only supported by intune. Available values: compliant, noncompliant, unknown, conflict, error, ingraceperiod.
connectionId String
The workspace one or intune connection id.
countOperator String
The count comparison operator for kolide. Available values: >, >=, <, <=, ==.
domain String
The domain that the client must join.
eidLastSeen String
The time a device last seen in Tanium. Must be in the format 1h or 30m. Valid units are d, h and m.
enabled Boolean
True if the firewall must be enabled.
exists Boolean
Checks if the file should exist.
extendedKeyUsages List<String>
List of values indicating purposes for which the certificate public key can be used. Available values: clientAuth, emailProtection.
id String
The Teams List id. Required for serial_number and unique_client_id rule types.
infected Boolean
True if SentinelOne device is infected.
isActive Boolean
True if SentinelOne device is active.
issueCount String
The number of issues for kolide.
lastSeen String
The duration of time that the host was last seen from Crowdstrike. Must be in the format 1h or 30m. Valid units are d, h and m.
locations List<ZeroTrustDevicePostureRuleInputLocation>
List of operating system locations to check for a client certificate..
networkStatus String
The network status from SentinelOne. Available values: connected, disconnected, disconnecting, connecting.
operationalState String
The current operational state of a SentinelOne Agent. Available values: na, partially_disabled, auto_fully_disabled, fully_disabled, auto_partially_disabled, disabled_error, db_corruption.
operator String
The version comparison operator. Available values: >, >=, <, <=, ==.
os String
OS signal score from Crowdstrike. Value must be between 1 and 100.
osDistroName String
The operating system excluding version information.
osDistroRevision String
The operating system version excluding OS name information or release name.
osVersionExtra String
Extra version value following the operating system semantic version.
overall String
Overall ZTA score from Crowdstrike. Value must be between 1 and 100.
path String
The path to the file.
requireAll Boolean
True if all drives must be encrypted.
riskLevel String
The risk level from Tanium. Available values: low, medium, high, critical.
running Boolean
Checks if the application should be running.
score Integer
A value between 0-100 assigned to devices set by the 3rd party posture provider for custom device posture integrations.
sensorConfig String
Sensor signal score from Crowdstrike. Value must be between 1 and 100.
sha256 String
The sha256 hash of the file.
state String
The host’s current online status from Crowdstrike. Available values: online, offline, unknown.
thumbprint String
The thumbprint of the file certificate.
totalScore Integer
The total score from Tanium.
version String
The operating system semantic version.
versionOperator String
The version comparison operator for Crowdstrike. Available values: >, >=, <, <=, ==.
activeThreats number
The number of active threats from SentinelOne.
certificateId string
The UUID of a Cloudflare managed certificate.
checkDisks string[]
Specific volume(s) to check for encryption.
checkPrivateKey boolean
Confirm the certificate was not imported from another device.
cn string
The common name for a certificate.
complianceStatus string
The workspace one or intune device compliance status. compliant and noncompliant are values supported by both providers. unknown, conflict, error, ingraceperiod values are only supported by intune. Available values: compliant, noncompliant, unknown, conflict, error, ingraceperiod.
connectionId string
The workspace one or intune connection id.
countOperator string
The count comparison operator for kolide. Available values: >, >=, <, <=, ==.
domain string
The domain that the client must join.
eidLastSeen string
The time a device last seen in Tanium. Must be in the format 1h or 30m. Valid units are d, h and m.
enabled boolean
True if the firewall must be enabled.
exists boolean
Checks if the file should exist.
extendedKeyUsages string[]
List of values indicating purposes for which the certificate public key can be used. Available values: clientAuth, emailProtection.
id string
The Teams List id. Required for serial_number and unique_client_id rule types.
infected boolean
True if SentinelOne device is infected.
isActive boolean
True if SentinelOne device is active.
issueCount string
The number of issues for kolide.
lastSeen string
The duration of time that the host was last seen from Crowdstrike. Must be in the format 1h or 30m. Valid units are d, h and m.
locations ZeroTrustDevicePostureRuleInputLocation[]
List of operating system locations to check for a client certificate..
networkStatus string
The network status from SentinelOne. Available values: connected, disconnected, disconnecting, connecting.
operationalState string
The current operational state of a SentinelOne Agent. Available values: na, partially_disabled, auto_fully_disabled, fully_disabled, auto_partially_disabled, disabled_error, db_corruption.
operator string
The version comparison operator. Available values: >, >=, <, <=, ==.
os string
OS signal score from Crowdstrike. Value must be between 1 and 100.
osDistroName string
The operating system excluding version information.
osDistroRevision string
The operating system version excluding OS name information or release name.
osVersionExtra string
Extra version value following the operating system semantic version.
overall string
Overall ZTA score from Crowdstrike. Value must be between 1 and 100.
path string
The path to the file.
requireAll boolean
True if all drives must be encrypted.
riskLevel string
The risk level from Tanium. Available values: low, medium, high, critical.
running boolean
Checks if the application should be running.
score number
A value between 0-100 assigned to devices set by the 3rd party posture provider for custom device posture integrations.
sensorConfig string
Sensor signal score from Crowdstrike. Value must be between 1 and 100.
sha256 string
The sha256 hash of the file.
state string
The host’s current online status from Crowdstrike. Available values: online, offline, unknown.
thumbprint string
The thumbprint of the file certificate.
totalScore number
The total score from Tanium.
version string
The operating system semantic version.
versionOperator string
The version comparison operator for Crowdstrike. Available values: >, >=, <, <=, ==.
active_threats int
The number of active threats from SentinelOne.
certificate_id str
The UUID of a Cloudflare managed certificate.
check_disks Sequence[str]
Specific volume(s) to check for encryption.
check_private_key bool
Confirm the certificate was not imported from another device.
cn str
The common name for a certificate.
compliance_status str
The workspace one or intune device compliance status. compliant and noncompliant are values supported by both providers. unknown, conflict, error, ingraceperiod values are only supported by intune. Available values: compliant, noncompliant, unknown, conflict, error, ingraceperiod.
connection_id str
The workspace one or intune connection id.
count_operator str
The count comparison operator for kolide. Available values: >, >=, <, <=, ==.
domain str
The domain that the client must join.
eid_last_seen str
The time a device last seen in Tanium. Must be in the format 1h or 30m. Valid units are d, h and m.
enabled bool
True if the firewall must be enabled.
exists bool
Checks if the file should exist.
extended_key_usages Sequence[str]
List of values indicating purposes for which the certificate public key can be used. Available values: clientAuth, emailProtection.
id str
The Teams List id. Required for serial_number and unique_client_id rule types.
infected bool
True if SentinelOne device is infected.
is_active bool
True if SentinelOne device is active.
issue_count str
The number of issues for kolide.
last_seen str
The duration of time that the host was last seen from Crowdstrike. Must be in the format 1h or 30m. Valid units are d, h and m.
locations Sequence[ZeroTrustDevicePostureRuleInputLocation]
List of operating system locations to check for a client certificate..
network_status str
The network status from SentinelOne. Available values: connected, disconnected, disconnecting, connecting.
operational_state str
The current operational state of a SentinelOne Agent. Available values: na, partially_disabled, auto_fully_disabled, fully_disabled, auto_partially_disabled, disabled_error, db_corruption.
operator str
The version comparison operator. Available values: >, >=, <, <=, ==.
os str
OS signal score from Crowdstrike. Value must be between 1 and 100.
os_distro_name str
The operating system excluding version information.
os_distro_revision str
The operating system version excluding OS name information or release name.
os_version_extra str
Extra version value following the operating system semantic version.
overall str
Overall ZTA score from Crowdstrike. Value must be between 1 and 100.
path str
The path to the file.
require_all bool
True if all drives must be encrypted.
risk_level str
The risk level from Tanium. Available values: low, medium, high, critical.
running bool
Checks if the application should be running.
score int
A value between 0-100 assigned to devices set by the 3rd party posture provider for custom device posture integrations.
sensor_config str
Sensor signal score from Crowdstrike. Value must be between 1 and 100.
sha256 str
The sha256 hash of the file.
state str
The host’s current online status from Crowdstrike. Available values: online, offline, unknown.
thumbprint str
The thumbprint of the file certificate.
total_score int
The total score from Tanium.
version str
The operating system semantic version.
version_operator str
The version comparison operator for Crowdstrike. Available values: >, >=, <, <=, ==.
activeThreats Number
The number of active threats from SentinelOne.
certificateId String
The UUID of a Cloudflare managed certificate.
checkDisks List<String>
Specific volume(s) to check for encryption.
checkPrivateKey Boolean
Confirm the certificate was not imported from another device.
cn String
The common name for a certificate.
complianceStatus String
The workspace one or intune device compliance status. compliant and noncompliant are values supported by both providers. unknown, conflict, error, ingraceperiod values are only supported by intune. Available values: compliant, noncompliant, unknown, conflict, error, ingraceperiod.
connectionId String
The workspace one or intune connection id.
countOperator String
The count comparison operator for kolide. Available values: >, >=, <, <=, ==.
domain String
The domain that the client must join.
eidLastSeen String
The time a device last seen in Tanium. Must be in the format 1h or 30m. Valid units are d, h and m.
enabled Boolean
True if the firewall must be enabled.
exists Boolean
Checks if the file should exist.
extendedKeyUsages List<String>
List of values indicating purposes for which the certificate public key can be used. Available values: clientAuth, emailProtection.
id String
The Teams List id. Required for serial_number and unique_client_id rule types.
infected Boolean
True if SentinelOne device is infected.
isActive Boolean
True if SentinelOne device is active.
issueCount String
The number of issues for kolide.
lastSeen String
The duration of time that the host was last seen from Crowdstrike. Must be in the format 1h or 30m. Valid units are d, h and m.
locations List<Property Map>
List of operating system locations to check for a client certificate..
networkStatus String
The network status from SentinelOne. Available values: connected, disconnected, disconnecting, connecting.
operationalState String
The current operational state of a SentinelOne Agent. Available values: na, partially_disabled, auto_fully_disabled, fully_disabled, auto_partially_disabled, disabled_error, db_corruption.
operator String
The version comparison operator. Available values: >, >=, <, <=, ==.
os String
OS signal score from Crowdstrike. Value must be between 1 and 100.
osDistroName String
The operating system excluding version information.
osDistroRevision String
The operating system version excluding OS name information or release name.
osVersionExtra String
Extra version value following the operating system semantic version.
overall String
Overall ZTA score from Crowdstrike. Value must be between 1 and 100.
path String
The path to the file.
requireAll Boolean
True if all drives must be encrypted.
riskLevel String
The risk level from Tanium. Available values: low, medium, high, critical.
running Boolean
Checks if the application should be running.
score Number
A value between 0-100 assigned to devices set by the 3rd party posture provider for custom device posture integrations.
sensorConfig String
Sensor signal score from Crowdstrike. Value must be between 1 and 100.
sha256 String
The sha256 hash of the file.
state String
The host’s current online status from Crowdstrike. Available values: online, offline, unknown.
thumbprint String
The thumbprint of the file certificate.
totalScore Number
The total score from Tanium.
version String
The operating system semantic version.
versionOperator String
The version comparison operator for Crowdstrike. Available values: >, >=, <, <=, ==.

ZeroTrustDevicePostureRuleInputLocation
, ZeroTrustDevicePostureRuleInputLocationArgs

Paths List<string>
List of paths to check for client certificate rule.
TrustStores List<string>
List of trust stores to check for client certificate rule. Available values: system, user.
Paths []string
List of paths to check for client certificate rule.
TrustStores []string
List of trust stores to check for client certificate rule. Available values: system, user.
paths List<String>
List of paths to check for client certificate rule.
trustStores List<String>
List of trust stores to check for client certificate rule. Available values: system, user.
paths string[]
List of paths to check for client certificate rule.
trustStores string[]
List of trust stores to check for client certificate rule. Available values: system, user.
paths Sequence[str]
List of paths to check for client certificate rule.
trust_stores Sequence[str]
List of trust stores to check for client certificate rule. Available values: system, user.
paths List<String>
List of paths to check for client certificate rule.
trustStores List<String>
List of trust stores to check for client certificate rule. Available values: system, user.

ZeroTrustDevicePostureRuleMatch
, ZeroTrustDevicePostureRuleMatchArgs

Platform string
The platform of the device. Available values: windows, mac, linux, android, ios, chromeos.
Platform string
The platform of the device. Available values: windows, mac, linux, android, ios, chromeos.
platform String
The platform of the device. Available values: windows, mac, linux, android, ios, chromeos.
platform string
The platform of the device. Available values: windows, mac, linux, android, ios, chromeos.
platform str
The platform of the device. Available values: windows, mac, linux, android, ios, chromeos.
platform String
The platform of the device. Available values: windows, mac, linux, android, ios, chromeos.

Import

$ pulumi import cloudflare:index/zeroTrustDevicePostureRule:ZeroTrustDevicePostureRule example <account_id>/<device_posture_rule_id>
Copy

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository
Cloudflare pulumi/pulumi-cloudflare
License
Apache-2.0
Notes
This Pulumi package is based on the cloudflare Terraform Provider.
Cloudflare v5.49.1 published on Tuesday, Feb 18, 2025 by Pulumi
pulumi/pulumi-cloudflare