1. Packages
  2. Cloudflare Provider
  3. API Docs
  4. getZeroTrustTunnelCloudflaredConfig
Cloudflare v6.0.0 published on Monday, Apr 14, 2025 by Pulumi

cloudflare.getZeroTrustTunnelCloudflaredConfig

Explore with Pulumi AI

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";

const exampleZeroTrustTunnelCloudflaredConfig = cloudflare.getZeroTrustTunnelCloudflaredConfig({
    accountId: "023e105f4ecef8ad9ca31a8372d0c353",
    tunnelId: "f70ff985-a4ef-4643-bbbc-4a0ed4fc8415",
});
Copy
import pulumi
import pulumi_cloudflare as cloudflare

example_zero_trust_tunnel_cloudflared_config = cloudflare.get_zero_trust_tunnel_cloudflared_config(account_id="023e105f4ecef8ad9ca31a8372d0c353",
    tunnel_id="f70ff985-a4ef-4643-bbbc-4a0ed4fc8415")
Copy
package main

import (
	"github.com/pulumi/pulumi-cloudflare/sdk/v6/go/cloudflare"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := cloudflare.LookupZeroTrustTunnelCloudflaredConfig(ctx, &cloudflare.LookupZeroTrustTunnelCloudflaredConfigArgs{
			AccountId: "023e105f4ecef8ad9ca31a8372d0c353",
			TunnelId:  "f70ff985-a4ef-4643-bbbc-4a0ed4fc8415",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;

return await Deployment.RunAsync(() => 
{
    var exampleZeroTrustTunnelCloudflaredConfig = Cloudflare.GetZeroTrustTunnelCloudflaredConfig.Invoke(new()
    {
        AccountId = "023e105f4ecef8ad9ca31a8372d0c353",
        TunnelId = "f70ff985-a4ef-4643-bbbc-4a0ed4fc8415",
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudflare.CloudflareFunctions;
import com.pulumi.cloudflare.inputs.GetZeroTrustTunnelCloudflaredConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var exampleZeroTrustTunnelCloudflaredConfig = CloudflareFunctions.getZeroTrustTunnelCloudflaredConfig(GetZeroTrustTunnelCloudflaredConfigArgs.builder()
            .accountId("023e105f4ecef8ad9ca31a8372d0c353")
            .tunnelId("f70ff985-a4ef-4643-bbbc-4a0ed4fc8415")
            .build());

    }
}
Copy
variables:
  exampleZeroTrustTunnelCloudflaredConfig:
    fn::invoke:
      function: cloudflare:getZeroTrustTunnelCloudflaredConfig
      arguments:
        accountId: 023e105f4ecef8ad9ca31a8372d0c353
        tunnelId: f70ff985-a4ef-4643-bbbc-4a0ed4fc8415
Copy

Using getZeroTrustTunnelCloudflaredConfig

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getZeroTrustTunnelCloudflaredConfig(args: GetZeroTrustTunnelCloudflaredConfigArgs, opts?: InvokeOptions): Promise<GetZeroTrustTunnelCloudflaredConfigResult>
function getZeroTrustTunnelCloudflaredConfigOutput(args: GetZeroTrustTunnelCloudflaredConfigOutputArgs, opts?: InvokeOptions): Output<GetZeroTrustTunnelCloudflaredConfigResult>
Copy
def get_zero_trust_tunnel_cloudflared_config(account_id: Optional[str] = None,
                                             tunnel_id: Optional[str] = None,
                                             opts: Optional[InvokeOptions] = None) -> GetZeroTrustTunnelCloudflaredConfigResult
def get_zero_trust_tunnel_cloudflared_config_output(account_id: Optional[pulumi.Input[str]] = None,
                                             tunnel_id: Optional[pulumi.Input[str]] = None,
                                             opts: Optional[InvokeOptions] = None) -> Output[GetZeroTrustTunnelCloudflaredConfigResult]
Copy
func LookupZeroTrustTunnelCloudflaredConfig(ctx *Context, args *LookupZeroTrustTunnelCloudflaredConfigArgs, opts ...InvokeOption) (*LookupZeroTrustTunnelCloudflaredConfigResult, error)
func LookupZeroTrustTunnelCloudflaredConfigOutput(ctx *Context, args *LookupZeroTrustTunnelCloudflaredConfigOutputArgs, opts ...InvokeOption) LookupZeroTrustTunnelCloudflaredConfigResultOutput
Copy

> Note: This function is named LookupZeroTrustTunnelCloudflaredConfig in the Go SDK.

public static class GetZeroTrustTunnelCloudflaredConfig 
{
    public static Task<GetZeroTrustTunnelCloudflaredConfigResult> InvokeAsync(GetZeroTrustTunnelCloudflaredConfigArgs args, InvokeOptions? opts = null)
    public static Output<GetZeroTrustTunnelCloudflaredConfigResult> Invoke(GetZeroTrustTunnelCloudflaredConfigInvokeArgs args, InvokeOptions? opts = null)
}
Copy
public static CompletableFuture<GetZeroTrustTunnelCloudflaredConfigResult> getZeroTrustTunnelCloudflaredConfig(GetZeroTrustTunnelCloudflaredConfigArgs args, InvokeOptions options)
public static Output<GetZeroTrustTunnelCloudflaredConfigResult> getZeroTrustTunnelCloudflaredConfig(GetZeroTrustTunnelCloudflaredConfigArgs args, InvokeOptions options)
Copy
fn::invoke:
  function: cloudflare:index/getZeroTrustTunnelCloudflaredConfig:getZeroTrustTunnelCloudflaredConfig
  arguments:
    # arguments dictionary
Copy

The following arguments are supported:

AccountId This property is required. string
Identifier
TunnelId This property is required. string
UUID of the tunnel.
AccountId This property is required. string
Identifier
TunnelId This property is required. string
UUID of the tunnel.
accountId This property is required. String
Identifier
tunnelId This property is required. String
UUID of the tunnel.
accountId This property is required. string
Identifier
tunnelId This property is required. string
UUID of the tunnel.
account_id This property is required. str
Identifier
tunnel_id This property is required. str
UUID of the tunnel.
accountId This property is required. String
Identifier
tunnelId This property is required. String
UUID of the tunnel.

getZeroTrustTunnelCloudflaredConfig Result

The following output properties are available:

AccountId string
Identifier
Config GetZeroTrustTunnelCloudflaredConfigConfig
The tunnel configuration and ingress rules.
CreatedAt string
Id string
The provider-assigned unique ID for this managed resource.
Source string
Indicates if this is a locally or remotely configured tunnel. If local, manage the tunnel using a YAML file on the origin machine. If cloudflare, manage the tunnel's configuration on the Zero Trust dashboard. Available values: "local", "cloudflare".
TunnelId string
UUID of the tunnel.
Version int
The version of the Tunnel Configuration.
AccountId string
Identifier
Config GetZeroTrustTunnelCloudflaredConfigConfig
The tunnel configuration and ingress rules.
CreatedAt string
Id string
The provider-assigned unique ID for this managed resource.
Source string
Indicates if this is a locally or remotely configured tunnel. If local, manage the tunnel using a YAML file on the origin machine. If cloudflare, manage the tunnel's configuration on the Zero Trust dashboard. Available values: "local", "cloudflare".
TunnelId string
UUID of the tunnel.
Version int
The version of the Tunnel Configuration.
accountId String
Identifier
config GetZeroTrustTunnelCloudflaredConfigConfig
The tunnel configuration and ingress rules.
createdAt String
id String
The provider-assigned unique ID for this managed resource.
source String
Indicates if this is a locally or remotely configured tunnel. If local, manage the tunnel using a YAML file on the origin machine. If cloudflare, manage the tunnel's configuration on the Zero Trust dashboard. Available values: "local", "cloudflare".
tunnelId String
UUID of the tunnel.
version Integer
The version of the Tunnel Configuration.
accountId string
Identifier
config GetZeroTrustTunnelCloudflaredConfigConfig
The tunnel configuration and ingress rules.
createdAt string
id string
The provider-assigned unique ID for this managed resource.
source string
Indicates if this is a locally or remotely configured tunnel. If local, manage the tunnel using a YAML file on the origin machine. If cloudflare, manage the tunnel's configuration on the Zero Trust dashboard. Available values: "local", "cloudflare".
tunnelId string
UUID of the tunnel.
version number
The version of the Tunnel Configuration.
account_id str
Identifier
config GetZeroTrustTunnelCloudflaredConfigConfig
The tunnel configuration and ingress rules.
created_at str
id str
The provider-assigned unique ID for this managed resource.
source str
Indicates if this is a locally or remotely configured tunnel. If local, manage the tunnel using a YAML file on the origin machine. If cloudflare, manage the tunnel's configuration on the Zero Trust dashboard. Available values: "local", "cloudflare".
tunnel_id str
UUID of the tunnel.
version int
The version of the Tunnel Configuration.
accountId String
Identifier
config Property Map
The tunnel configuration and ingress rules.
createdAt String
id String
The provider-assigned unique ID for this managed resource.
source String
Indicates if this is a locally or remotely configured tunnel. If local, manage the tunnel using a YAML file on the origin machine. If cloudflare, manage the tunnel's configuration on the Zero Trust dashboard. Available values: "local", "cloudflare".
tunnelId String
UUID of the tunnel.
version Number
The version of the Tunnel Configuration.

Supporting Types

GetZeroTrustTunnelCloudflaredConfigConfig

Ingresses This property is required. List<GetZeroTrustTunnelCloudflaredConfigConfigIngress>
List of public hostname definitions. At least one ingress rule needs to be defined for the tunnel.
OriginRequest This property is required. GetZeroTrustTunnelCloudflaredConfigConfigOriginRequest
Configuration parameters for the public hostname specific connection settings between cloudflared and origin server.
WarpRouting This property is required. GetZeroTrustTunnelCloudflaredConfigConfigWarpRouting
Enable private network access from WARP users to private network routes. This is enabled if the tunnel has an assigned route.
Ingresses This property is required. []GetZeroTrustTunnelCloudflaredConfigConfigIngress
List of public hostname definitions. At least one ingress rule needs to be defined for the tunnel.
OriginRequest This property is required. GetZeroTrustTunnelCloudflaredConfigConfigOriginRequest
Configuration parameters for the public hostname specific connection settings between cloudflared and origin server.
WarpRouting This property is required. GetZeroTrustTunnelCloudflaredConfigConfigWarpRouting
Enable private network access from WARP users to private network routes. This is enabled if the tunnel has an assigned route.
ingresses This property is required. List<GetZeroTrustTunnelCloudflaredConfigConfigIngress>
List of public hostname definitions. At least one ingress rule needs to be defined for the tunnel.
originRequest This property is required. GetZeroTrustTunnelCloudflaredConfigConfigOriginRequest
Configuration parameters for the public hostname specific connection settings between cloudflared and origin server.
warpRouting This property is required. GetZeroTrustTunnelCloudflaredConfigConfigWarpRouting
Enable private network access from WARP users to private network routes. This is enabled if the tunnel has an assigned route.
ingresses This property is required. GetZeroTrustTunnelCloudflaredConfigConfigIngress[]
List of public hostname definitions. At least one ingress rule needs to be defined for the tunnel.
originRequest This property is required. GetZeroTrustTunnelCloudflaredConfigConfigOriginRequest
Configuration parameters for the public hostname specific connection settings between cloudflared and origin server.
warpRouting This property is required. GetZeroTrustTunnelCloudflaredConfigConfigWarpRouting
Enable private network access from WARP users to private network routes. This is enabled if the tunnel has an assigned route.
ingresses This property is required. Sequence[GetZeroTrustTunnelCloudflaredConfigConfigIngress]
List of public hostname definitions. At least one ingress rule needs to be defined for the tunnel.
origin_request This property is required. GetZeroTrustTunnelCloudflaredConfigConfigOriginRequest
Configuration parameters for the public hostname specific connection settings between cloudflared and origin server.
warp_routing This property is required. GetZeroTrustTunnelCloudflaredConfigConfigWarpRouting
Enable private network access from WARP users to private network routes. This is enabled if the tunnel has an assigned route.
ingresses This property is required. List<Property Map>
List of public hostname definitions. At least one ingress rule needs to be defined for the tunnel.
originRequest This property is required. Property Map
Configuration parameters for the public hostname specific connection settings between cloudflared and origin server.
warpRouting This property is required. Property Map
Enable private network access from WARP users to private network routes. This is enabled if the tunnel has an assigned route.

GetZeroTrustTunnelCloudflaredConfigConfigIngress

Hostname This property is required. string
Public hostname for this service.
OriginRequest This property is required. GetZeroTrustTunnelCloudflaredConfigConfigIngressOriginRequest
Configuration parameters for the public hostname specific connection settings between cloudflared and origin server.
Path This property is required. string
Requests with this path route to this public hostname.
Service This property is required. string
Protocol and address of destination server. Supported protocols: http://, https://, unix://, tcp://, ssh://, rdp://, unix+tls://, smb://. Alternatively can return a HTTP status code httpstatus:[code] e.g. 'httpstatus:404'.
Hostname This property is required. string
Public hostname for this service.
OriginRequest This property is required. GetZeroTrustTunnelCloudflaredConfigConfigIngressOriginRequest
Configuration parameters for the public hostname specific connection settings between cloudflared and origin server.
Path This property is required. string
Requests with this path route to this public hostname.
Service This property is required. string
Protocol and address of destination server. Supported protocols: http://, https://, unix://, tcp://, ssh://, rdp://, unix+tls://, smb://. Alternatively can return a HTTP status code httpstatus:[code] e.g. 'httpstatus:404'.
hostname This property is required. String
Public hostname for this service.
originRequest This property is required. GetZeroTrustTunnelCloudflaredConfigConfigIngressOriginRequest
Configuration parameters for the public hostname specific connection settings between cloudflared and origin server.
path This property is required. String
Requests with this path route to this public hostname.
service This property is required. String
Protocol and address of destination server. Supported protocols: http://, https://, unix://, tcp://, ssh://, rdp://, unix+tls://, smb://. Alternatively can return a HTTP status code httpstatus:[code] e.g. 'httpstatus:404'.
hostname This property is required. string
Public hostname for this service.
originRequest This property is required. GetZeroTrustTunnelCloudflaredConfigConfigIngressOriginRequest
Configuration parameters for the public hostname specific connection settings between cloudflared and origin server.
path This property is required. string
Requests with this path route to this public hostname.
service This property is required. string
Protocol and address of destination server. Supported protocols: http://, https://, unix://, tcp://, ssh://, rdp://, unix+tls://, smb://. Alternatively can return a HTTP status code httpstatus:[code] e.g. 'httpstatus:404'.
hostname This property is required. str
Public hostname for this service.
origin_request This property is required. GetZeroTrustTunnelCloudflaredConfigConfigIngressOriginRequest
Configuration parameters for the public hostname specific connection settings between cloudflared and origin server.
path This property is required. str
Requests with this path route to this public hostname.
service This property is required. str
Protocol and address of destination server. Supported protocols: http://, https://, unix://, tcp://, ssh://, rdp://, unix+tls://, smb://. Alternatively can return a HTTP status code httpstatus:[code] e.g. 'httpstatus:404'.
hostname This property is required. String
Public hostname for this service.
originRequest This property is required. Property Map
Configuration parameters for the public hostname specific connection settings between cloudflared and origin server.
path This property is required. String
Requests with this path route to this public hostname.
service This property is required. String
Protocol and address of destination server. Supported protocols: http://, https://, unix://, tcp://, ssh://, rdp://, unix+tls://, smb://. Alternatively can return a HTTP status code httpstatus:[code] e.g. 'httpstatus:404'.

GetZeroTrustTunnelCloudflaredConfigConfigIngressOriginRequest

Access This property is required. GetZeroTrustTunnelCloudflaredConfigConfigIngressOriginRequestAccess
For all L7 requests to this hostname, cloudflared will validate each request's Cf-Access-Jwt-Assertion request header.
CaPool This property is required. string
Path to the certificate authority (CA) for the certificate of your origin. This option should be used only if your certificate is not signed by Cloudflare.
ConnectTimeout This property is required. int
Timeout for establishing a new TCP connection to your origin server. This excludes the time taken to establish TLS, which is controlled by tlsTimeout.
DisableChunkedEncoding This property is required. bool
Disables chunked transfer encoding. Useful if you are running a WSGI server.
Http2Origin This property is required. bool
Attempt to connect to origin using HTTP2. Origin must be configured as https.
HttpHostHeader This property is required. string
Sets the HTTP Host header on requests sent to the local service.
KeepAliveConnections This property is required. int
Maximum number of idle keepalive connections between Tunnel and your origin. This does not restrict the total number of concurrent connections.
KeepAliveTimeout This property is required. int
Timeout after which an idle keepalive connection can be discarded.
NoHappyEyeballs This property is required. bool
Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols.
NoTlsVerify This property is required. bool
Disables TLS verification of the certificate presented by your origin. Will allow any certificate from the origin to be accepted.
OriginServerName This property is required. string
Hostname that cloudflared should expect from your origin server certificate.
ProxyType This property is required. string
cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures what type of proxy will be started. Valid options are: "" for the regular proxy and "socks" for a SOCKS5 proxy.
TcpKeepAlive This property is required. int
The timeout after which a TCP keepalive packet is sent on a connection between Tunnel and the origin server.
TlsTimeout This property is required. int
Timeout for completing a TLS handshake to your origin server, if you have chosen to connect Tunnel to an HTTPS server.
Access This property is required. GetZeroTrustTunnelCloudflaredConfigConfigIngressOriginRequestAccess
For all L7 requests to this hostname, cloudflared will validate each request's Cf-Access-Jwt-Assertion request header.
CaPool This property is required. string
Path to the certificate authority (CA) for the certificate of your origin. This option should be used only if your certificate is not signed by Cloudflare.
ConnectTimeout This property is required. int
Timeout for establishing a new TCP connection to your origin server. This excludes the time taken to establish TLS, which is controlled by tlsTimeout.
DisableChunkedEncoding This property is required. bool
Disables chunked transfer encoding. Useful if you are running a WSGI server.
Http2Origin This property is required. bool
Attempt to connect to origin using HTTP2. Origin must be configured as https.
HttpHostHeader This property is required. string
Sets the HTTP Host header on requests sent to the local service.
KeepAliveConnections This property is required. int
Maximum number of idle keepalive connections between Tunnel and your origin. This does not restrict the total number of concurrent connections.
KeepAliveTimeout This property is required. int
Timeout after which an idle keepalive connection can be discarded.
NoHappyEyeballs This property is required. bool
Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols.
NoTlsVerify This property is required. bool
Disables TLS verification of the certificate presented by your origin. Will allow any certificate from the origin to be accepted.
OriginServerName This property is required. string
Hostname that cloudflared should expect from your origin server certificate.
ProxyType This property is required. string
cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures what type of proxy will be started. Valid options are: "" for the regular proxy and "socks" for a SOCKS5 proxy.
TcpKeepAlive This property is required. int
The timeout after which a TCP keepalive packet is sent on a connection between Tunnel and the origin server.
TlsTimeout This property is required. int
Timeout for completing a TLS handshake to your origin server, if you have chosen to connect Tunnel to an HTTPS server.
access This property is required. GetZeroTrustTunnelCloudflaredConfigConfigIngressOriginRequestAccess
For all L7 requests to this hostname, cloudflared will validate each request's Cf-Access-Jwt-Assertion request header.
caPool This property is required. String
Path to the certificate authority (CA) for the certificate of your origin. This option should be used only if your certificate is not signed by Cloudflare.
connectTimeout This property is required. Integer
Timeout for establishing a new TCP connection to your origin server. This excludes the time taken to establish TLS, which is controlled by tlsTimeout.
disableChunkedEncoding This property is required. Boolean
Disables chunked transfer encoding. Useful if you are running a WSGI server.
http2Origin This property is required. Boolean
Attempt to connect to origin using HTTP2. Origin must be configured as https.
httpHostHeader This property is required. String
Sets the HTTP Host header on requests sent to the local service.
keepAliveConnections This property is required. Integer
Maximum number of idle keepalive connections between Tunnel and your origin. This does not restrict the total number of concurrent connections.
keepAliveTimeout This property is required. Integer
Timeout after which an idle keepalive connection can be discarded.
noHappyEyeballs This property is required. Boolean
Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols.
noTlsVerify This property is required. Boolean
Disables TLS verification of the certificate presented by your origin. Will allow any certificate from the origin to be accepted.
originServerName This property is required. String
Hostname that cloudflared should expect from your origin server certificate.
proxyType This property is required. String
cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures what type of proxy will be started. Valid options are: "" for the regular proxy and "socks" for a SOCKS5 proxy.
tcpKeepAlive This property is required. Integer
The timeout after which a TCP keepalive packet is sent on a connection between Tunnel and the origin server.
tlsTimeout This property is required. Integer
Timeout for completing a TLS handshake to your origin server, if you have chosen to connect Tunnel to an HTTPS server.
access This property is required. GetZeroTrustTunnelCloudflaredConfigConfigIngressOriginRequestAccess
For all L7 requests to this hostname, cloudflared will validate each request's Cf-Access-Jwt-Assertion request header.
caPool This property is required. string
Path to the certificate authority (CA) for the certificate of your origin. This option should be used only if your certificate is not signed by Cloudflare.
connectTimeout This property is required. number
Timeout for establishing a new TCP connection to your origin server. This excludes the time taken to establish TLS, which is controlled by tlsTimeout.
disableChunkedEncoding This property is required. boolean
Disables chunked transfer encoding. Useful if you are running a WSGI server.
http2Origin This property is required. boolean
Attempt to connect to origin using HTTP2. Origin must be configured as https.
httpHostHeader This property is required. string
Sets the HTTP Host header on requests sent to the local service.
keepAliveConnections This property is required. number
Maximum number of idle keepalive connections between Tunnel and your origin. This does not restrict the total number of concurrent connections.
keepAliveTimeout This property is required. number
Timeout after which an idle keepalive connection can be discarded.
noHappyEyeballs This property is required. boolean
Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols.
noTlsVerify This property is required. boolean
Disables TLS verification of the certificate presented by your origin. Will allow any certificate from the origin to be accepted.
originServerName This property is required. string
Hostname that cloudflared should expect from your origin server certificate.
proxyType This property is required. string
cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures what type of proxy will be started. Valid options are: "" for the regular proxy and "socks" for a SOCKS5 proxy.
tcpKeepAlive This property is required. number
The timeout after which a TCP keepalive packet is sent on a connection between Tunnel and the origin server.
tlsTimeout This property is required. number
Timeout for completing a TLS handshake to your origin server, if you have chosen to connect Tunnel to an HTTPS server.
access This property is required. GetZeroTrustTunnelCloudflaredConfigConfigIngressOriginRequestAccess
For all L7 requests to this hostname, cloudflared will validate each request's Cf-Access-Jwt-Assertion request header.
ca_pool This property is required. str
Path to the certificate authority (CA) for the certificate of your origin. This option should be used only if your certificate is not signed by Cloudflare.
connect_timeout This property is required. int
Timeout for establishing a new TCP connection to your origin server. This excludes the time taken to establish TLS, which is controlled by tlsTimeout.
disable_chunked_encoding This property is required. bool
Disables chunked transfer encoding. Useful if you are running a WSGI server.
http2_origin This property is required. bool
Attempt to connect to origin using HTTP2. Origin must be configured as https.
http_host_header This property is required. str
Sets the HTTP Host header on requests sent to the local service.
keep_alive_connections This property is required. int
Maximum number of idle keepalive connections between Tunnel and your origin. This does not restrict the total number of concurrent connections.
keep_alive_timeout This property is required. int
Timeout after which an idle keepalive connection can be discarded.
no_happy_eyeballs This property is required. bool
Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols.
no_tls_verify This property is required. bool
Disables TLS verification of the certificate presented by your origin. Will allow any certificate from the origin to be accepted.
origin_server_name This property is required. str
Hostname that cloudflared should expect from your origin server certificate.
proxy_type This property is required. str
cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures what type of proxy will be started. Valid options are: "" for the regular proxy and "socks" for a SOCKS5 proxy.
tcp_keep_alive This property is required. int
The timeout after which a TCP keepalive packet is sent on a connection between Tunnel and the origin server.
tls_timeout This property is required. int
Timeout for completing a TLS handshake to your origin server, if you have chosen to connect Tunnel to an HTTPS server.
access This property is required. Property Map
For all L7 requests to this hostname, cloudflared will validate each request's Cf-Access-Jwt-Assertion request header.
caPool This property is required. String
Path to the certificate authority (CA) for the certificate of your origin. This option should be used only if your certificate is not signed by Cloudflare.
connectTimeout This property is required. Number
Timeout for establishing a new TCP connection to your origin server. This excludes the time taken to establish TLS, which is controlled by tlsTimeout.
disableChunkedEncoding This property is required. Boolean
Disables chunked transfer encoding. Useful if you are running a WSGI server.
http2Origin This property is required. Boolean
Attempt to connect to origin using HTTP2. Origin must be configured as https.
httpHostHeader This property is required. String
Sets the HTTP Host header on requests sent to the local service.
keepAliveConnections This property is required. Number
Maximum number of idle keepalive connections between Tunnel and your origin. This does not restrict the total number of concurrent connections.
keepAliveTimeout This property is required. Number
Timeout after which an idle keepalive connection can be discarded.
noHappyEyeballs This property is required. Boolean
Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols.
noTlsVerify This property is required. Boolean
Disables TLS verification of the certificate presented by your origin. Will allow any certificate from the origin to be accepted.
originServerName This property is required. String
Hostname that cloudflared should expect from your origin server certificate.
proxyType This property is required. String
cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures what type of proxy will be started. Valid options are: "" for the regular proxy and "socks" for a SOCKS5 proxy.
tcpKeepAlive This property is required. Number
The timeout after which a TCP keepalive packet is sent on a connection between Tunnel and the origin server.
tlsTimeout This property is required. Number
Timeout for completing a TLS handshake to your origin server, if you have chosen to connect Tunnel to an HTTPS server.

GetZeroTrustTunnelCloudflaredConfigConfigIngressOriginRequestAccess

AudTags This property is required. List<string>
Access applications that are allowed to reach this hostname for this Tunnel. Audience tags can be identified in the dashboard or via the List Access policies API.
Required This property is required. bool
Deny traffic that has not fulfilled Access authorization.
TeamName This property is required. string
AudTags This property is required. []string
Access applications that are allowed to reach this hostname for this Tunnel. Audience tags can be identified in the dashboard or via the List Access policies API.
Required This property is required. bool
Deny traffic that has not fulfilled Access authorization.
TeamName This property is required. string
audTags This property is required. List<String>
Access applications that are allowed to reach this hostname for this Tunnel. Audience tags can be identified in the dashboard or via the List Access policies API.
required This property is required. Boolean
Deny traffic that has not fulfilled Access authorization.
teamName This property is required. String
audTags This property is required. string[]
Access applications that are allowed to reach this hostname for this Tunnel. Audience tags can be identified in the dashboard or via the List Access policies API.
required This property is required. boolean
Deny traffic that has not fulfilled Access authorization.
teamName This property is required. string
aud_tags This property is required. Sequence[str]
Access applications that are allowed to reach this hostname for this Tunnel. Audience tags can be identified in the dashboard or via the List Access policies API.
required This property is required. bool
Deny traffic that has not fulfilled Access authorization.
team_name This property is required. str
audTags This property is required. List<String>
Access applications that are allowed to reach this hostname for this Tunnel. Audience tags can be identified in the dashboard or via the List Access policies API.
required This property is required. Boolean
Deny traffic that has not fulfilled Access authorization.
teamName This property is required. String

GetZeroTrustTunnelCloudflaredConfigConfigOriginRequest

Access This property is required. GetZeroTrustTunnelCloudflaredConfigConfigOriginRequestAccess
For all L7 requests to this hostname, cloudflared will validate each request's Cf-Access-Jwt-Assertion request header.
CaPool This property is required. string
Path to the certificate authority (CA) for the certificate of your origin. This option should be used only if your certificate is not signed by Cloudflare.
ConnectTimeout This property is required. int
Timeout for establishing a new TCP connection to your origin server. This excludes the time taken to establish TLS, which is controlled by tlsTimeout.
DisableChunkedEncoding This property is required. bool
Disables chunked transfer encoding. Useful if you are running a WSGI server.
Http2Origin This property is required. bool
Attempt to connect to origin using HTTP2. Origin must be configured as https.
HttpHostHeader This property is required. string
Sets the HTTP Host header on requests sent to the local service.
KeepAliveConnections This property is required. int
Maximum number of idle keepalive connections between Tunnel and your origin. This does not restrict the total number of concurrent connections.
KeepAliveTimeout This property is required. int
Timeout after which an idle keepalive connection can be discarded.
NoHappyEyeballs This property is required. bool
Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols.
NoTlsVerify This property is required. bool
Disables TLS verification of the certificate presented by your origin. Will allow any certificate from the origin to be accepted.
OriginServerName This property is required. string
Hostname that cloudflared should expect from your origin server certificate.
ProxyType This property is required. string
cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures what type of proxy will be started. Valid options are: "" for the regular proxy and "socks" for a SOCKS5 proxy.
TcpKeepAlive This property is required. int
The timeout after which a TCP keepalive packet is sent on a connection between Tunnel and the origin server.
TlsTimeout This property is required. int
Timeout for completing a TLS handshake to your origin server, if you have chosen to connect Tunnel to an HTTPS server.
Access This property is required. GetZeroTrustTunnelCloudflaredConfigConfigOriginRequestAccess
For all L7 requests to this hostname, cloudflared will validate each request's Cf-Access-Jwt-Assertion request header.
CaPool This property is required. string
Path to the certificate authority (CA) for the certificate of your origin. This option should be used only if your certificate is not signed by Cloudflare.
ConnectTimeout This property is required. int
Timeout for establishing a new TCP connection to your origin server. This excludes the time taken to establish TLS, which is controlled by tlsTimeout.
DisableChunkedEncoding This property is required. bool
Disables chunked transfer encoding. Useful if you are running a WSGI server.
Http2Origin This property is required. bool
Attempt to connect to origin using HTTP2. Origin must be configured as https.
HttpHostHeader This property is required. string
Sets the HTTP Host header on requests sent to the local service.
KeepAliveConnections This property is required. int
Maximum number of idle keepalive connections between Tunnel and your origin. This does not restrict the total number of concurrent connections.
KeepAliveTimeout This property is required. int
Timeout after which an idle keepalive connection can be discarded.
NoHappyEyeballs This property is required. bool
Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols.
NoTlsVerify This property is required. bool
Disables TLS verification of the certificate presented by your origin. Will allow any certificate from the origin to be accepted.
OriginServerName This property is required. string
Hostname that cloudflared should expect from your origin server certificate.
ProxyType This property is required. string
cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures what type of proxy will be started. Valid options are: "" for the regular proxy and "socks" for a SOCKS5 proxy.
TcpKeepAlive This property is required. int
The timeout after which a TCP keepalive packet is sent on a connection between Tunnel and the origin server.
TlsTimeout This property is required. int
Timeout for completing a TLS handshake to your origin server, if you have chosen to connect Tunnel to an HTTPS server.
access This property is required. GetZeroTrustTunnelCloudflaredConfigConfigOriginRequestAccess
For all L7 requests to this hostname, cloudflared will validate each request's Cf-Access-Jwt-Assertion request header.
caPool This property is required. String
Path to the certificate authority (CA) for the certificate of your origin. This option should be used only if your certificate is not signed by Cloudflare.
connectTimeout This property is required. Integer
Timeout for establishing a new TCP connection to your origin server. This excludes the time taken to establish TLS, which is controlled by tlsTimeout.
disableChunkedEncoding This property is required. Boolean
Disables chunked transfer encoding. Useful if you are running a WSGI server.
http2Origin This property is required. Boolean
Attempt to connect to origin using HTTP2. Origin must be configured as https.
httpHostHeader This property is required. String
Sets the HTTP Host header on requests sent to the local service.
keepAliveConnections This property is required. Integer
Maximum number of idle keepalive connections between Tunnel and your origin. This does not restrict the total number of concurrent connections.
keepAliveTimeout This property is required. Integer
Timeout after which an idle keepalive connection can be discarded.
noHappyEyeballs This property is required. Boolean
Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols.
noTlsVerify This property is required. Boolean
Disables TLS verification of the certificate presented by your origin. Will allow any certificate from the origin to be accepted.
originServerName This property is required. String
Hostname that cloudflared should expect from your origin server certificate.
proxyType This property is required. String
cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures what type of proxy will be started. Valid options are: "" for the regular proxy and "socks" for a SOCKS5 proxy.
tcpKeepAlive This property is required. Integer
The timeout after which a TCP keepalive packet is sent on a connection between Tunnel and the origin server.
tlsTimeout This property is required. Integer
Timeout for completing a TLS handshake to your origin server, if you have chosen to connect Tunnel to an HTTPS server.
access This property is required. GetZeroTrustTunnelCloudflaredConfigConfigOriginRequestAccess
For all L7 requests to this hostname, cloudflared will validate each request's Cf-Access-Jwt-Assertion request header.
caPool This property is required. string
Path to the certificate authority (CA) for the certificate of your origin. This option should be used only if your certificate is not signed by Cloudflare.
connectTimeout This property is required. number
Timeout for establishing a new TCP connection to your origin server. This excludes the time taken to establish TLS, which is controlled by tlsTimeout.
disableChunkedEncoding This property is required. boolean
Disables chunked transfer encoding. Useful if you are running a WSGI server.
http2Origin This property is required. boolean
Attempt to connect to origin using HTTP2. Origin must be configured as https.
httpHostHeader This property is required. string
Sets the HTTP Host header on requests sent to the local service.
keepAliveConnections This property is required. number
Maximum number of idle keepalive connections between Tunnel and your origin. This does not restrict the total number of concurrent connections.
keepAliveTimeout This property is required. number
Timeout after which an idle keepalive connection can be discarded.
noHappyEyeballs This property is required. boolean
Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols.
noTlsVerify This property is required. boolean
Disables TLS verification of the certificate presented by your origin. Will allow any certificate from the origin to be accepted.
originServerName This property is required. string
Hostname that cloudflared should expect from your origin server certificate.
proxyType This property is required. string
cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures what type of proxy will be started. Valid options are: "" for the regular proxy and "socks" for a SOCKS5 proxy.
tcpKeepAlive This property is required. number
The timeout after which a TCP keepalive packet is sent on a connection between Tunnel and the origin server.
tlsTimeout This property is required. number
Timeout for completing a TLS handshake to your origin server, if you have chosen to connect Tunnel to an HTTPS server.
access This property is required. GetZeroTrustTunnelCloudflaredConfigConfigOriginRequestAccess
For all L7 requests to this hostname, cloudflared will validate each request's Cf-Access-Jwt-Assertion request header.
ca_pool This property is required. str
Path to the certificate authority (CA) for the certificate of your origin. This option should be used only if your certificate is not signed by Cloudflare.
connect_timeout This property is required. int
Timeout for establishing a new TCP connection to your origin server. This excludes the time taken to establish TLS, which is controlled by tlsTimeout.
disable_chunked_encoding This property is required. bool
Disables chunked transfer encoding. Useful if you are running a WSGI server.
http2_origin This property is required. bool
Attempt to connect to origin using HTTP2. Origin must be configured as https.
http_host_header This property is required. str
Sets the HTTP Host header on requests sent to the local service.
keep_alive_connections This property is required. int
Maximum number of idle keepalive connections between Tunnel and your origin. This does not restrict the total number of concurrent connections.
keep_alive_timeout This property is required. int
Timeout after which an idle keepalive connection can be discarded.
no_happy_eyeballs This property is required. bool
Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols.
no_tls_verify This property is required. bool
Disables TLS verification of the certificate presented by your origin. Will allow any certificate from the origin to be accepted.
origin_server_name This property is required. str
Hostname that cloudflared should expect from your origin server certificate.
proxy_type This property is required. str
cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures what type of proxy will be started. Valid options are: "" for the regular proxy and "socks" for a SOCKS5 proxy.
tcp_keep_alive This property is required. int
The timeout after which a TCP keepalive packet is sent on a connection between Tunnel and the origin server.
tls_timeout This property is required. int
Timeout for completing a TLS handshake to your origin server, if you have chosen to connect Tunnel to an HTTPS server.
access This property is required. Property Map
For all L7 requests to this hostname, cloudflared will validate each request's Cf-Access-Jwt-Assertion request header.
caPool This property is required. String
Path to the certificate authority (CA) for the certificate of your origin. This option should be used only if your certificate is not signed by Cloudflare.
connectTimeout This property is required. Number
Timeout for establishing a new TCP connection to your origin server. This excludes the time taken to establish TLS, which is controlled by tlsTimeout.
disableChunkedEncoding This property is required. Boolean
Disables chunked transfer encoding. Useful if you are running a WSGI server.
http2Origin This property is required. Boolean
Attempt to connect to origin using HTTP2. Origin must be configured as https.
httpHostHeader This property is required. String
Sets the HTTP Host header on requests sent to the local service.
keepAliveConnections This property is required. Number
Maximum number of idle keepalive connections between Tunnel and your origin. This does not restrict the total number of concurrent connections.
keepAliveTimeout This property is required. Number
Timeout after which an idle keepalive connection can be discarded.
noHappyEyeballs This property is required. Boolean
Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols.
noTlsVerify This property is required. Boolean
Disables TLS verification of the certificate presented by your origin. Will allow any certificate from the origin to be accepted.
originServerName This property is required. String
Hostname that cloudflared should expect from your origin server certificate.
proxyType This property is required. String
cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures what type of proxy will be started. Valid options are: "" for the regular proxy and "socks" for a SOCKS5 proxy.
tcpKeepAlive This property is required. Number
The timeout after which a TCP keepalive packet is sent on a connection between Tunnel and the origin server.
tlsTimeout This property is required. Number
Timeout for completing a TLS handshake to your origin server, if you have chosen to connect Tunnel to an HTTPS server.

GetZeroTrustTunnelCloudflaredConfigConfigOriginRequestAccess

AudTags This property is required. List<string>
Access applications that are allowed to reach this hostname for this Tunnel. Audience tags can be identified in the dashboard or via the List Access policies API.
Required This property is required. bool
Deny traffic that has not fulfilled Access authorization.
TeamName This property is required. string
AudTags This property is required. []string
Access applications that are allowed to reach this hostname for this Tunnel. Audience tags can be identified in the dashboard or via the List Access policies API.
Required This property is required. bool
Deny traffic that has not fulfilled Access authorization.
TeamName This property is required. string
audTags This property is required. List<String>
Access applications that are allowed to reach this hostname for this Tunnel. Audience tags can be identified in the dashboard or via the List Access policies API.
required This property is required. Boolean
Deny traffic that has not fulfilled Access authorization.
teamName This property is required. String
audTags This property is required. string[]
Access applications that are allowed to reach this hostname for this Tunnel. Audience tags can be identified in the dashboard or via the List Access policies API.
required This property is required. boolean
Deny traffic that has not fulfilled Access authorization.
teamName This property is required. string
aud_tags This property is required. Sequence[str]
Access applications that are allowed to reach this hostname for this Tunnel. Audience tags can be identified in the dashboard or via the List Access policies API.
required This property is required. bool
Deny traffic that has not fulfilled Access authorization.
team_name This property is required. str
audTags This property is required. List<String>
Access applications that are allowed to reach this hostname for this Tunnel. Audience tags can be identified in the dashboard or via the List Access policies API.
required This property is required. Boolean
Deny traffic that has not fulfilled Access authorization.
teamName This property is required. String

GetZeroTrustTunnelCloudflaredConfigConfigWarpRouting

Enabled This property is required. bool
Enabled This property is required. bool
enabled This property is required. Boolean
enabled This property is required. boolean
enabled This property is required. bool
enabled This property is required. Boolean

Package Details

Repository
Cloudflare pulumi/pulumi-cloudflare
License
Apache-2.0
Notes
This Pulumi package is based on the cloudflare Terraform Provider.