Docs Home
Cloudflare v5.49.1 published on Tuesday, Feb 18, 2025 by Pulumi
cloudflare.AccessOrganization
Explore with Pulumi AI
A Zero Trust organization defines the user login experience.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";
const example = new cloudflare.AccessOrganization("example", {
accountId: "f037e56e89293a057740de681ac9abbe",
name: "example.cloudflareaccess.com",
authDomain: "example.cloudflareaccess.com",
isUiReadOnly: false,
userSeatExpirationInactiveTime: "720h",
autoRedirectToIdentity: false,
loginDesigns: [{
backgroundColor: "#ffffff",
textColor: "#000000",
logoPath: "https://example.com/logo.png",
headerText: "My header text",
footerText: "My footer text",
}],
});
import pulumi
import pulumi_cloudflare as cloudflare
example = cloudflare.AccessOrganization("example",
account_id="f037e56e89293a057740de681ac9abbe",
name="example.cloudflareaccess.com",
auth_domain="example.cloudflareaccess.com",
is_ui_read_only=False,
user_seat_expiration_inactive_time="720h",
auto_redirect_to_identity=False,
login_designs=[{
"background_color": "#ffffff",
"text_color": "#000000",
"logo_path": "https://example.com/logo.png",
"header_text": "My header text",
"footer_text": "My footer text",
}])
package main
import (
"github.com/pulumi/pulumi-cloudflare/sdk/v5/go/cloudflare"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cloudflare.NewAccessOrganization(ctx, "example", &cloudflare.AccessOrganizationArgs{
AccountId: pulumi.String("f037e56e89293a057740de681ac9abbe"),
Name: pulumi.String("example.cloudflareaccess.com"),
AuthDomain: pulumi.String("example.cloudflareaccess.com"),
IsUiReadOnly: pulumi.Bool(false),
UserSeatExpirationInactiveTime: pulumi.String("720h"),
AutoRedirectToIdentity: pulumi.Bool(false),
LoginDesigns: cloudflare.AccessOrganizationLoginDesignArray{
&cloudflare.AccessOrganizationLoginDesignArgs{
BackgroundColor: pulumi.String("#ffffff"),
TextColor: pulumi.String("#000000"),
LogoPath: pulumi.String("https://example.com/logo.png"),
HeaderText: pulumi.String("My header text"),
FooterText: pulumi.String("My footer text"),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;
return await Deployment.RunAsync(() =>
{
var example = new Cloudflare.AccessOrganization("example", new()
{
AccountId = "f037e56e89293a057740de681ac9abbe",
Name = "example.cloudflareaccess.com",
AuthDomain = "example.cloudflareaccess.com",
IsUiReadOnly = false,
UserSeatExpirationInactiveTime = "720h",
AutoRedirectToIdentity = false,
LoginDesigns = new[]
{
new Cloudflare.Inputs.AccessOrganizationLoginDesignArgs
{
BackgroundColor = "#ffffff",
TextColor = "#000000",
LogoPath = "https://example.com/logo.png",
HeaderText = "My header text",
FooterText = "My footer text",
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudflare.AccessOrganization;
import com.pulumi.cloudflare.AccessOrganizationArgs;
import com.pulumi.cloudflare.inputs.AccessOrganizationLoginDesignArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new AccessOrganization("example", AccessOrganizationArgs.builder()
.accountId("f037e56e89293a057740de681ac9abbe")
.name("example.cloudflareaccess.com")
.authDomain("example.cloudflareaccess.com")
.isUiReadOnly(false)
.userSeatExpirationInactiveTime("720h")
.autoRedirectToIdentity(false)
.loginDesigns(AccessOrganizationLoginDesignArgs.builder()
.backgroundColor("#ffffff")
.textColor("#000000")
.logoPath("https://example.com/logo.png")
.headerText("My header text")
.footerText("My footer text")
.build())
.build());
}
}
resources:
example:
type: cloudflare:AccessOrganization
properties:
accountId: f037e56e89293a057740de681ac9abbe
name: example.cloudflareaccess.com
authDomain: example.cloudflareaccess.com
isUiReadOnly: false
userSeatExpirationInactiveTime: 720h
autoRedirectToIdentity: false
loginDesigns:
- backgroundColor: '#ffffff'
textColor: '#000000'
logoPath: https://example.com/logo.png
headerText: My header text
footerText: My footer text
Create AccessOrganization Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new AccessOrganization(name: string, args: AccessOrganizationArgs, opts?: CustomResourceOptions);@overload
def AccessOrganization(resource_name: str,
args: AccessOrganizationArgs,
opts: Optional[ResourceOptions] = None)
@overload
def AccessOrganization(resource_name: str,
opts: Optional[ResourceOptions] = None,
auth_domain: Optional[str] = None,
name: Optional[str] = None,
login_designs: Optional[Sequence[AccessOrganizationLoginDesignArgs]] = None,
auto_redirect_to_identity: Optional[bool] = None,
custom_pages: Optional[Sequence[AccessOrganizationCustomPageArgs]] = None,
is_ui_read_only: Optional[bool] = None,
account_id: Optional[str] = None,
allow_authenticate_via_warp: Optional[bool] = None,
session_duration: Optional[str] = None,
ui_read_only_toggle_reason: Optional[str] = None,
user_seat_expiration_inactive_time: Optional[str] = None,
warp_auth_session_duration: Optional[str] = None,
zone_id: Optional[str] = None)func NewAccessOrganization(ctx *Context, name string, args AccessOrganizationArgs, opts ...ResourceOption) (*AccessOrganization, error)public AccessOrganization(string name, AccessOrganizationArgs args, CustomResourceOptions? opts = null)
public AccessOrganization(String name, AccessOrganizationArgs args)
public AccessOrganization(String name, AccessOrganizationArgs args, CustomResourceOptions options)
type: cloudflare:AccessOrganization
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args AccessOrganizationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AccessOrganizationArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AccessOrganizationArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AccessOrganizationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AccessOrganizationArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var accessOrganizationResource = new Cloudflare.AccessOrganization("accessOrganizationResource", new()
{
AuthDomain = "string",
Name = "string",
LoginDesigns = new[]
{
new Cloudflare.Inputs.AccessOrganizationLoginDesignArgs
{
BackgroundColor = "string",
FooterText = "string",
HeaderText = "string",
LogoPath = "string",
TextColor = "string",
},
},
AutoRedirectToIdentity = false,
CustomPages = new[]
{
new Cloudflare.Inputs.AccessOrganizationCustomPageArgs
{
Forbidden = "string",
IdentityDenied = "string",
},
},
IsUiReadOnly = false,
AccountId = "string",
AllowAuthenticateViaWarp = false,
SessionDuration = "string",
UiReadOnlyToggleReason = "string",
UserSeatExpirationInactiveTime = "string",
WarpAuthSessionDuration = "string",
ZoneId = "string",
});
example, err := cloudflare.NewAccessOrganization(ctx, "accessOrganizationResource", &cloudflare.AccessOrganizationArgs{
AuthDomain: pulumi.String("string"),
Name: pulumi.String("string"),
LoginDesigns: cloudflare.AccessOrganizationLoginDesignArray{
&cloudflare.AccessOrganizationLoginDesignArgs{
BackgroundColor: pulumi.String("string"),
FooterText: pulumi.String("string"),
HeaderText: pulumi.String("string"),
LogoPath: pulumi.String("string"),
TextColor: pulumi.String("string"),
},
},
AutoRedirectToIdentity: pulumi.Bool(false),
CustomPages: cloudflare.AccessOrganizationCustomPageArray{
&cloudflare.AccessOrganizationCustomPageArgs{
Forbidden: pulumi.String("string"),
IdentityDenied: pulumi.String("string"),
},
},
IsUiReadOnly: pulumi.Bool(false),
AccountId: pulumi.String("string"),
AllowAuthenticateViaWarp: pulumi.Bool(false),
SessionDuration: pulumi.String("string"),
UiReadOnlyToggleReason: pulumi.String("string"),
UserSeatExpirationInactiveTime: pulumi.String("string"),
WarpAuthSessionDuration: pulumi.String("string"),
ZoneId: pulumi.String("string"),
})
var accessOrganizationResource = new AccessOrganization("accessOrganizationResource", AccessOrganizationArgs.builder()
.authDomain("string")
.name("string")
.loginDesigns(AccessOrganizationLoginDesignArgs.builder()
.backgroundColor("string")
.footerText("string")
.headerText("string")
.logoPath("string")
.textColor("string")
.build())
.autoRedirectToIdentity(false)
.customPages(AccessOrganizationCustomPageArgs.builder()
.forbidden("string")
.identityDenied("string")
.build())
.isUiReadOnly(false)
.accountId("string")
.allowAuthenticateViaWarp(false)
.sessionDuration("string")
.uiReadOnlyToggleReason("string")
.userSeatExpirationInactiveTime("string")
.warpAuthSessionDuration("string")
.zoneId("string")
.build());
access_organization_resource = cloudflare.AccessOrganization("accessOrganizationResource",
auth_domain="string",
name="string",
login_designs=[{
"background_color": "string",
"footer_text": "string",
"header_text": "string",
"logo_path": "string",
"text_color": "string",
}],
auto_redirect_to_identity=False,
custom_pages=[{
"forbidden": "string",
"identity_denied": "string",
}],
is_ui_read_only=False,
account_id="string",
allow_authenticate_via_warp=False,
session_duration="string",
ui_read_only_toggle_reason="string",
user_seat_expiration_inactive_time="string",
warp_auth_session_duration="string",
zone_id="string")
const accessOrganizationResource = new cloudflare.AccessOrganization("accessOrganizationResource", {
authDomain: "string",
name: "string",
loginDesigns: [{
backgroundColor: "string",
footerText: "string",
headerText: "string",
logoPath: "string",
textColor: "string",
}],
autoRedirectToIdentity: false,
customPages: [{
forbidden: "string",
identityDenied: "string",
}],
isUiReadOnly: false,
accountId: "string",
allowAuthenticateViaWarp: false,
sessionDuration: "string",
uiReadOnlyToggleReason: "string",
userSeatExpirationInactiveTime: "string",
warpAuthSessionDuration: "string",
zoneId: "string",
});
type: cloudflare:AccessOrganization
properties:
accountId: string
allowAuthenticateViaWarp: false
authDomain: string
autoRedirectToIdentity: false
customPages:
- forbidden: string
identityDenied: string
isUiReadOnly: false
loginDesigns:
- backgroundColor: string
footerText: string
headerText: string
logoPath: string
textColor: string
name: string
sessionDuration: string
uiReadOnlyToggleReason: string
userSeatExpirationInactiveTime: string
warpAuthSessionDuration: string
zoneId: string
AccessOrganization Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The AccessOrganization resource accepts the following input properties:
- Auth
Domain string - The unique subdomain assigned to your Zero Trust organization.
- Name string
- The name of your Zero Trust organization.
- Account
Id string - The account identifier to target for the resource. Conflicts with
zone_id. - Allow
Authenticate boolVia Warp - When set to true, users can authenticate via WARP for any application in your organization. Application settings will take precedence over this value.
- Auto
Redirect boolTo Identity - When set to true, users skip the identity provider selection step during login.
- Custom
Pages List<AccessOrganization Custom Page> - Custom pages for your Zero Trust organization.
- Is
Ui boolRead Only - When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- Login
Designs List<AccessOrganization Login Design> - Session
Duration string - How often a user will be forced to re-authorise. Must be in the format
48hor2h45m. - Ui
Read stringOnly Toggle Reason - A description of the reason why the UI read only field is being toggled.
- User
Seat stringExpiration Inactive Time - The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300msor2h45m. - Warp
Auth stringSession Duration - The amount of time that tokens issued for applications will be valid. Must be in the format 30m or 2h45m. Valid time units are: m, h.
- Zone
Id string - The zone identifier to target for the resource. Conflicts with
account_id.
- Auth
Domain string - The unique subdomain assigned to your Zero Trust organization.
- Name string
- The name of your Zero Trust organization.
- Account
Id string - The account identifier to target for the resource. Conflicts with
zone_id. - Allow
Authenticate boolVia Warp - When set to true, users can authenticate via WARP for any application in your organization. Application settings will take precedence over this value.
- Auto
Redirect boolTo Identity - When set to true, users skip the identity provider selection step during login.
- Custom
Pages []AccessOrganization Custom Page Args - Custom pages for your Zero Trust organization.
- Is
Ui boolRead Only - When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- Login
Designs []AccessOrganization Login Design Args - Session
Duration string - How often a user will be forced to re-authorise. Must be in the format
48hor2h45m. - Ui
Read stringOnly Toggle Reason - A description of the reason why the UI read only field is being toggled.
- User
Seat stringExpiration Inactive Time - The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300msor2h45m. - Warp
Auth stringSession Duration - The amount of time that tokens issued for applications will be valid. Must be in the format 30m or 2h45m. Valid time units are: m, h.
- Zone
Id string - The zone identifier to target for the resource. Conflicts with
account_id.
- auth
Domain String - The unique subdomain assigned to your Zero Trust organization.
- name String
- The name of your Zero Trust organization.
- account
Id String - The account identifier to target for the resource. Conflicts with
zone_id. - allow
Authenticate BooleanVia Warp - When set to true, users can authenticate via WARP for any application in your organization. Application settings will take precedence over this value.
- auto
Redirect BooleanTo Identity - When set to true, users skip the identity provider selection step during login.
- custom
Pages List<AccessOrganization Custom Page> - Custom pages for your Zero Trust organization.
- is
Ui BooleanRead Only - When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- login
Designs List<AccessOrganization Login Design> - session
Duration String - How often a user will be forced to re-authorise. Must be in the format
48hor2h45m. - ui
Read StringOnly Toggle Reason - A description of the reason why the UI read only field is being toggled.
- user
Seat StringExpiration Inactive Time - The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300msor2h45m. - warp
Auth StringSession Duration - The amount of time that tokens issued for applications will be valid. Must be in the format 30m or 2h45m. Valid time units are: m, h.
- zone
Id String - The zone identifier to target for the resource. Conflicts with
account_id.
- auth
Domain string - The unique subdomain assigned to your Zero Trust organization.
- name string
- The name of your Zero Trust organization.
- account
Id string - The account identifier to target for the resource. Conflicts with
zone_id. - allow
Authenticate booleanVia Warp - When set to true, users can authenticate via WARP for any application in your organization. Application settings will take precedence over this value.
- auto
Redirect booleanTo Identity - When set to true, users skip the identity provider selection step during login.
- custom
Pages AccessOrganization Custom Page[] - Custom pages for your Zero Trust organization.
- is
Ui booleanRead Only - When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- login
Designs AccessOrganization Login Design[] - session
Duration string - How often a user will be forced to re-authorise. Must be in the format
48hor2h45m. - ui
Read stringOnly Toggle Reason - A description of the reason why the UI read only field is being toggled.
- user
Seat stringExpiration Inactive Time - The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300msor2h45m. - warp
Auth stringSession Duration - The amount of time that tokens issued for applications will be valid. Must be in the format 30m or 2h45m. Valid time units are: m, h.
- zone
Id string - The zone identifier to target for the resource. Conflicts with
account_id.
- auth_
domain str - The unique subdomain assigned to your Zero Trust organization.
- name str
- The name of your Zero Trust organization.
- account_
id str - The account identifier to target for the resource. Conflicts with
zone_id. - allow_
authenticate_ boolvia_ warp - When set to true, users can authenticate via WARP for any application in your organization. Application settings will take precedence over this value.
- auto_
redirect_ boolto_ identity - When set to true, users skip the identity provider selection step during login.
- custom_
pages Sequence[AccessOrganization Custom Page Args] - Custom pages for your Zero Trust organization.
- is_
ui_ boolread_ only - When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- login_
designs Sequence[AccessOrganization Login Design Args] - session_
duration str - How often a user will be forced to re-authorise. Must be in the format
48hor2h45m. - ui_
read_ stronly_ toggle_ reason - A description of the reason why the UI read only field is being toggled.
- user_
seat_ strexpiration_ inactive_ time - The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300msor2h45m. - warp_
auth_ strsession_ duration - The amount of time that tokens issued for applications will be valid. Must be in the format 30m or 2h45m. Valid time units are: m, h.
- zone_
id str - The zone identifier to target for the resource. Conflicts with
account_id.
- auth
Domain String - The unique subdomain assigned to your Zero Trust organization.
- name String
- The name of your Zero Trust organization.
- account
Id String - The account identifier to target for the resource. Conflicts with
zone_id. - allow
Authenticate BooleanVia Warp - When set to true, users can authenticate via WARP for any application in your organization. Application settings will take precedence over this value.
- auto
Redirect BooleanTo Identity - When set to true, users skip the identity provider selection step during login.
- custom
Pages List<Property Map> - Custom pages for your Zero Trust organization.
- is
Ui BooleanRead Only - When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- login
Designs List<Property Map> - session
Duration String - How often a user will be forced to re-authorise. Must be in the format
48hor2h45m. - ui
Read StringOnly Toggle Reason - A description of the reason why the UI read only field is being toggled.
- user
Seat StringExpiration Inactive Time - The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300msor2h45m. - warp
Auth StringSession Duration - The amount of time that tokens issued for applications will be valid. Must be in the format 30m or 2h45m. Valid time units are: m, h.
- zone
Id String - The zone identifier to target for the resource. Conflicts with
account_id.
Outputs
All input properties are implicitly available as output properties. Additionally, the AccessOrganization resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing AccessOrganization Resource
Get an existing AccessOrganization resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AccessOrganizationState, opts?: CustomResourceOptions): AccessOrganization@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
allow_authenticate_via_warp: Optional[bool] = None,
auth_domain: Optional[str] = None,
auto_redirect_to_identity: Optional[bool] = None,
custom_pages: Optional[Sequence[AccessOrganizationCustomPageArgs]] = None,
is_ui_read_only: Optional[bool] = None,
login_designs: Optional[Sequence[AccessOrganizationLoginDesignArgs]] = None,
name: Optional[str] = None,
session_duration: Optional[str] = None,
ui_read_only_toggle_reason: Optional[str] = None,
user_seat_expiration_inactive_time: Optional[str] = None,
warp_auth_session_duration: Optional[str] = None,
zone_id: Optional[str] = None) -> AccessOrganizationfunc GetAccessOrganization(ctx *Context, name string, id IDInput, state *AccessOrganizationState, opts ...ResourceOption) (*AccessOrganization, error)public static AccessOrganization Get(string name, Input<string> id, AccessOrganizationState? state, CustomResourceOptions? opts = null)public static AccessOrganization get(String name, Output<String> id, AccessOrganizationState state, CustomResourceOptions options)resources: _: type: cloudflare:AccessOrganization get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Account
Id string - The account identifier to target for the resource. Conflicts with
zone_id. - Allow
Authenticate boolVia Warp - When set to true, users can authenticate via WARP for any application in your organization. Application settings will take precedence over this value.
- Auth
Domain string - The unique subdomain assigned to your Zero Trust organization.
- Auto
Redirect boolTo Identity - When set to true, users skip the identity provider selection step during login.
- Custom
Pages List<AccessOrganization Custom Page> - Custom pages for your Zero Trust organization.
- Is
Ui boolRead Only - When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- Login
Designs List<AccessOrganization Login Design> - Name string
- The name of your Zero Trust organization.
- Session
Duration string - How often a user will be forced to re-authorise. Must be in the format
48hor2h45m. - Ui
Read stringOnly Toggle Reason - A description of the reason why the UI read only field is being toggled.
- User
Seat stringExpiration Inactive Time - The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300msor2h45m. - Warp
Auth stringSession Duration - The amount of time that tokens issued for applications will be valid. Must be in the format 30m or 2h45m. Valid time units are: m, h.
- Zone
Id string - The zone identifier to target for the resource. Conflicts with
account_id.
- Account
Id string - The account identifier to target for the resource. Conflicts with
zone_id. - Allow
Authenticate boolVia Warp - When set to true, users can authenticate via WARP for any application in your organization. Application settings will take precedence over this value.
- Auth
Domain string - The unique subdomain assigned to your Zero Trust organization.
- Auto
Redirect boolTo Identity - When set to true, users skip the identity provider selection step during login.
- Custom
Pages []AccessOrganization Custom Page Args - Custom pages for your Zero Trust organization.
- Is
Ui boolRead Only - When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- Login
Designs []AccessOrganization Login Design Args - Name string
- The name of your Zero Trust organization.
- Session
Duration string - How often a user will be forced to re-authorise. Must be in the format
48hor2h45m. - Ui
Read stringOnly Toggle Reason - A description of the reason why the UI read only field is being toggled.
- User
Seat stringExpiration Inactive Time - The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300msor2h45m. - Warp
Auth stringSession Duration - The amount of time that tokens issued for applications will be valid. Must be in the format 30m or 2h45m. Valid time units are: m, h.
- Zone
Id string - The zone identifier to target for the resource. Conflicts with
account_id.
- account
Id String - The account identifier to target for the resource. Conflicts with
zone_id. - allow
Authenticate BooleanVia Warp - When set to true, users can authenticate via WARP for any application in your organization. Application settings will take precedence over this value.
- auth
Domain String - The unique subdomain assigned to your Zero Trust organization.
- auto
Redirect BooleanTo Identity - When set to true, users skip the identity provider selection step during login.
- custom
Pages List<AccessOrganization Custom Page> - Custom pages for your Zero Trust organization.
- is
Ui BooleanRead Only - When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- login
Designs List<AccessOrganization Login Design> - name String
- The name of your Zero Trust organization.
- session
Duration String - How often a user will be forced to re-authorise. Must be in the format
48hor2h45m. - ui
Read StringOnly Toggle Reason - A description of the reason why the UI read only field is being toggled.
- user
Seat StringExpiration Inactive Time - The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300msor2h45m. - warp
Auth StringSession Duration - The amount of time that tokens issued for applications will be valid. Must be in the format 30m or 2h45m. Valid time units are: m, h.
- zone
Id String - The zone identifier to target for the resource. Conflicts with
account_id.
- account
Id string - The account identifier to target for the resource. Conflicts with
zone_id. - allow
Authenticate booleanVia Warp - When set to true, users can authenticate via WARP for any application in your organization. Application settings will take precedence over this value.
- auth
Domain string - The unique subdomain assigned to your Zero Trust organization.
- auto
Redirect booleanTo Identity - When set to true, users skip the identity provider selection step during login.
- custom
Pages AccessOrganization Custom Page[] - Custom pages for your Zero Trust organization.
- is
Ui booleanRead Only - When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- login
Designs AccessOrganization Login Design[] - name string
- The name of your Zero Trust organization.
- session
Duration string - How often a user will be forced to re-authorise. Must be in the format
48hor2h45m. - ui
Read stringOnly Toggle Reason - A description of the reason why the UI read only field is being toggled.
- user
Seat stringExpiration Inactive Time - The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300msor2h45m. - warp
Auth stringSession Duration - The amount of time that tokens issued for applications will be valid. Must be in the format 30m or 2h45m. Valid time units are: m, h.
- zone
Id string - The zone identifier to target for the resource. Conflicts with
account_id.
- account_
id str - The account identifier to target for the resource. Conflicts with
zone_id. - allow_
authenticate_ boolvia_ warp - When set to true, users can authenticate via WARP for any application in your organization. Application settings will take precedence over this value.
- auth_
domain str - The unique subdomain assigned to your Zero Trust organization.
- auto_
redirect_ boolto_ identity - When set to true, users skip the identity provider selection step during login.
- custom_
pages Sequence[AccessOrganization Custom Page Args] - Custom pages for your Zero Trust organization.
- is_
ui_ boolread_ only - When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- login_
designs Sequence[AccessOrganization Login Design Args] - name str
- The name of your Zero Trust organization.
- session_
duration str - How often a user will be forced to re-authorise. Must be in the format
48hor2h45m. - ui_
read_ stronly_ toggle_ reason - A description of the reason why the UI read only field is being toggled.
- user_
seat_ strexpiration_ inactive_ time - The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300msor2h45m. - warp_
auth_ strsession_ duration - The amount of time that tokens issued for applications will be valid. Must be in the format 30m or 2h45m. Valid time units are: m, h.
- zone_
id str - The zone identifier to target for the resource. Conflicts with
account_id.
- account
Id String - The account identifier to target for the resource. Conflicts with
zone_id. - allow
Authenticate BooleanVia Warp - When set to true, users can authenticate via WARP for any application in your organization. Application settings will take precedence over this value.
- auth
Domain String - The unique subdomain assigned to your Zero Trust organization.
- auto
Redirect BooleanTo Identity - When set to true, users skip the identity provider selection step during login.
- custom
Pages List<Property Map> - Custom pages for your Zero Trust organization.
- is
Ui BooleanRead Only - When set to true, this will disable all editing of Access resources via the Zero Trust Dashboard.
- login
Designs List<Property Map> - name String
- The name of your Zero Trust organization.
- session
Duration String - How often a user will be forced to re-authorise. Must be in the format
48hor2h45m. - ui
Read StringOnly Toggle Reason - A description of the reason why the UI read only field is being toggled.
- user
Seat StringExpiration Inactive Time - The amount of time a user seat is inactive before it expires. When the user seat exceeds the set time of inactivity, the user is removed as an active seat and no longer counts against your Teams seat count. Must be in the format
300msor2h45m. - warp
Auth StringSession Duration - The amount of time that tokens issued for applications will be valid. Must be in the format 30m or 2h45m. Valid time units are: m, h.
- zone
Id String - The zone identifier to target for the resource. Conflicts with
account_id.
Supporting Types
AccessOrganizationCustomPage, AccessOrganizationCustomPageArgs
- Forbidden string
- The id of the forbidden page.
- Identity
Denied string - The id of the identity denied page.
- Forbidden string
- The id of the forbidden page.
- Identity
Denied string - The id of the identity denied page.
- forbidden String
- The id of the forbidden page.
- identity
Denied String - The id of the identity denied page.
- forbidden string
- The id of the forbidden page.
- identity
Denied string - The id of the identity denied page.
- forbidden str
- The id of the forbidden page.
- identity_
denied str - The id of the identity denied page.
- forbidden String
- The id of the forbidden page.
- identity
Denied String - The id of the identity denied page.
AccessOrganizationLoginDesign, AccessOrganizationLoginDesignArgs
- Background
Color string - The background color on the login page.
- string
- The text at the bottom of the login page.
- Header
Text string - The text at the top of the login page.
- Logo
Path string - The URL of the logo on the login page.
- Text
Color string - The text color on the login page.
- Background
Color string - The background color on the login page.
- string
- The text at the bottom of the login page.
- Header
Text string - The text at the top of the login page.
- Logo
Path string - The URL of the logo on the login page.
- Text
Color string - The text color on the login page.
- background
Color String - The background color on the login page.
- String
- The text at the bottom of the login page.
- header
Text String - The text at the top of the login page.
- logo
Path String - The URL of the logo on the login page.
- text
Color String - The text color on the login page.
- background
Color string - The background color on the login page.
- string
- The text at the bottom of the login page.
- header
Text string - The text at the top of the login page.
- logo
Path string - The URL of the logo on the login page.
- text
Color string - The text color on the login page.
- background_
color str - The background color on the login page.
- str
- The text at the bottom of the login page.
- header_
text str - The text at the top of the login page.
- logo_
path str - The URL of the logo on the login page.
- text_
color str - The text color on the login page.
- background
Color String - The background color on the login page.
- String
- The text at the bottom of the login page.
- header
Text String - The text at the top of the login page.
- logo
Path String - The URL of the logo on the login page.
- text
Color String - The text color on the login page.
Import
$ pulumi import cloudflare:index/accessOrganization:AccessOrganization example <account_id>
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Cloudflare pulumi/pulumi-cloudflare
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
cloudflareTerraform Provider.