Cloudflare v6.1.0, Apr 18 25

Cloudflare v6.1.0 published on Friday, Apr 18, 2025 by Pulumi

cloudflare.DevicePostureRule

Explore with Pulumi AI

Cloudflare v6.1.0 published on Friday, Apr 18, 2025 by Pulumi

Example Usage

TypeScript
Python
Go
C#
Java
YAML

Coming soon!

Coming soon!

Coming soon!

Coming soon!

Coming soon!

resources:
  exampleZeroTrustDevicePostureRule:
    type: cloudflare:ZeroTrustDevicePostureRule
    name: example_zero_trust_device_posture_rule
    properties:
      accountId: 699d98642c564d2e855e9661899b7252
      name: Admin Serial Numbers
      type: file
      description: The rule for admin serial numbers
      expiration: 1h
      input:
        operating_system: linux
        path: /bin/cat
        exists: true
        sha256: https://api.us-2.crowdstrike.com
        thumbprint: 0aabab210bdb998e9cf45da2c9ce352977ab531c681b74cf1e487be1bbe9fe6e
      matches:
        - platform: windows
      schedule: 1h

Create DevicePostureRule Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

new DevicePostureRule(name: string, args: DevicePostureRuleArgs, opts?: CustomResourceOptions);

@overload
def DevicePostureRule(resource_name: str,
                      args: DevicePostureRuleArgs,
                      opts: Optional[ResourceOptions] = None)

@overload
def DevicePostureRule(resource_name: str,
                      opts: Optional[ResourceOptions] = None,
                      account_id: Optional[str] = None,
                      description: Optional[str] = None,
                      expiration: Optional[str] = None,
                      input: Optional[DevicePostureRuleInputArgs] = None,
                      matches: Optional[Sequence[DevicePostureRuleMatchArgs]] = None,
                      name: Optional[str] = None,
                      schedule: Optional[str] = None,
                      type: Optional[str] = None)

func NewDevicePostureRule(ctx *Context, name string, args DevicePostureRuleArgs, opts ...ResourceOption) (*DevicePostureRule, error)

public DevicePostureRule(string name, DevicePostureRuleArgs args, CustomResourceOptions? opts = null)

public DevicePostureRule(String name, DevicePostureRuleArgs args)
public DevicePostureRule(String name, DevicePostureRuleArgs args, CustomResourceOptions options)

type: cloudflare:DevicePostureRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args DevicePostureRuleArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args DevicePostureRuleArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args DevicePostureRuleArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args DevicePostureRuleArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args DevicePostureRuleArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

DevicePostureRule Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The DevicePostureRule resource accepts the following input properties:

AccountId string
Name string: The name of the device posture rule.
Type string: The type of device posture rule. Available values: "file", "application", "tanium", "gateway", "warp", "diskencryption", "sentinelone", "carbonblack", "firewall", "osversion", "domainjoined", "clientcertificate", "clientcertificatev2", "uniqueclientid", "kolide", "taniums2s", "crowdstrikes2s", "intune", "workspaceone", "sentinelones2s", "custom_s2s".
Description string: The description of the device posture rule.
Expiration string: Sets the expiration time for a posture check result. If empty, the result remains valid until it is overwritten by new data from the WARP client.
Input DevicePostureRuleInput: The value to be checked against.
Matches List<DevicePostureRuleMatch>: The conditions that the client must match to run the rule.
Schedule string: Polling frequency for the WARP client posture check. Default: 5m (poll every five minutes). Minimum: 1m.

AccountId string
Name string: The name of the device posture rule.
Type string: The type of device posture rule. Available values: "file", "application", "tanium", "gateway", "warp", "diskencryption", "sentinelone", "carbonblack", "firewall", "osversion", "domainjoined", "clientcertificate", "clientcertificatev2", "uniqueclientid", "kolide", "taniums2s", "crowdstrikes2s", "intune", "workspaceone", "sentinelones2s", "custom_s2s".
Description string: The description of the device posture rule.
Expiration string: Sets the expiration time for a posture check result. If empty, the result remains valid until it is overwritten by new data from the WARP client.
Input DevicePostureRuleInputTypeArgs: The value to be checked against.
Matches []DevicePostureRuleMatchArgs: The conditions that the client must match to run the rule.
Schedule string: Polling frequency for the WARP client posture check. Default: 5m (poll every five minutes). Minimum: 1m.

accountId String
name String: The name of the device posture rule.
type String: The type of device posture rule. Available values: "file", "application", "tanium", "gateway", "warp", "diskencryption", "sentinelone", "carbonblack", "firewall", "osversion", "domainjoined", "clientcertificate", "clientcertificatev2", "uniqueclientid", "kolide", "taniums2s", "crowdstrikes2s", "intune", "workspaceone", "sentinelones2s", "custom_s2s".
description String: The description of the device posture rule.
expiration String: Sets the expiration time for a posture check result. If empty, the result remains valid until it is overwritten by new data from the WARP client.
input DevicePostureRuleInput: The value to be checked against.
matches List<DevicePostureRuleMatch>: The conditions that the client must match to run the rule.
schedule String: Polling frequency for the WARP client posture check. Default: 5m (poll every five minutes). Minimum: 1m.

accountId string
name string: The name of the device posture rule.
type string: The type of device posture rule. Available values: "file", "application", "tanium", "gateway", "warp", "diskencryption", "sentinelone", "carbonblack", "firewall", "osversion", "domainjoined", "clientcertificate", "clientcertificatev2", "uniqueclientid", "kolide", "taniums2s", "crowdstrikes2s", "intune", "workspaceone", "sentinelones2s", "custom_s2s".
description string: The description of the device posture rule.
expiration string: Sets the expiration time for a posture check result. If empty, the result remains valid until it is overwritten by new data from the WARP client.
input DevicePostureRuleInput: The value to be checked against.
matches DevicePostureRuleMatch[]: The conditions that the client must match to run the rule.
schedule string: Polling frequency for the WARP client posture check. Default: 5m (poll every five minutes). Minimum: 1m.

account_id str
name str: The name of the device posture rule.
type str: The type of device posture rule. Available values: "file", "application", "tanium", "gateway", "warp", "diskencryption", "sentinelone", "carbonblack", "firewall", "osversion", "domainjoined", "clientcertificate", "clientcertificatev2", "uniqueclientid", "kolide", "taniums2s", "crowdstrikes2s", "intune", "workspaceone", "sentinelones2s", "custom_s2s".
description str: The description of the device posture rule.
expiration str: Sets the expiration time for a posture check result. If empty, the result remains valid until it is overwritten by new data from the WARP client.
input DevicePostureRuleInputArgs: The value to be checked against.
matches Sequence[DevicePostureRuleMatchArgs]: The conditions that the client must match to run the rule.
schedule str: Polling frequency for the WARP client posture check. Default: 5m (poll every five minutes). Minimum: 1m.

accountId String
name String: The name of the device posture rule.
type String: The type of device posture rule. Available values: "file", "application", "tanium", "gateway", "warp", "diskencryption", "sentinelone", "carbonblack", "firewall", "osversion", "domainjoined", "clientcertificate", "clientcertificatev2", "uniqueclientid", "kolide", "taniums2s", "crowdstrikes2s", "intune", "workspaceone", "sentinelones2s", "custom_s2s".
description String: The description of the device posture rule.
expiration String: Sets the expiration time for a posture check result. If empty, the result remains valid until it is overwritten by new data from the WARP client.
input Property Map: The value to be checked against.
matches List<Property Map>: The conditions that the client must match to run the rule.
schedule String: Polling frequency for the WARP client posture check. Default: 5m (poll every five minutes). Minimum: 1m.

Outputs

All input properties are implicitly available as output properties. Additionally, the DevicePostureRule resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing DevicePostureRule Resource

Get an existing DevicePostureRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

TypeScript
Python
Go
C#
Java
YAML

public static get(name: string, id: Input<ID>, state?: DevicePostureRuleState, opts?: CustomResourceOptions): DevicePostureRule

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        account_id: Optional[str] = None,
        description: Optional[str] = None,
        expiration: Optional[str] = None,
        input: Optional[DevicePostureRuleInputArgs] = None,
        matches: Optional[Sequence[DevicePostureRuleMatchArgs]] = None,
        name: Optional[str] = None,
        schedule: Optional[str] = None,
        type: Optional[str] = None) -> DevicePostureRule

func GetDevicePostureRule(ctx *Context, name string, id IDInput, state *DevicePostureRuleState, opts ...ResourceOption) (*DevicePostureRule, error)

public static DevicePostureRule Get(string name, Input<string> id, DevicePostureRuleState? state, CustomResourceOptions? opts = null)

public static DevicePostureRule get(String name, Output<String> id, DevicePostureRuleState state, CustomResourceOptions options)

resources:  _:    type: cloudflare:DevicePostureRule    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AccountId string
Description string: The description of the device posture rule.
Expiration string: Sets the expiration time for a posture check result. If empty, the result remains valid until it is overwritten by new data from the WARP client.
Input DevicePostureRuleInput: The value to be checked against.
Matches List<DevicePostureRuleMatch>: The conditions that the client must match to run the rule.
Name string: The name of the device posture rule.
Schedule string: Polling frequency for the WARP client posture check. Default: 5m (poll every five minutes). Minimum: 1m.
Type string: The type of device posture rule. Available values: "file", "application", "tanium", "gateway", "warp", "diskencryption", "sentinelone", "carbonblack", "firewall", "osversion", "domainjoined", "clientcertificate", "clientcertificatev2", "uniqueclientid", "kolide", "taniums2s", "crowdstrikes2s", "intune", "workspaceone", "sentinelones2s", "custom_s2s".

AccountId string
Description string: The description of the device posture rule.
Expiration string: Sets the expiration time for a posture check result. If empty, the result remains valid until it is overwritten by new data from the WARP client.
Input DevicePostureRuleInputTypeArgs: The value to be checked against.
Matches []DevicePostureRuleMatchArgs: The conditions that the client must match to run the rule.
Name string: The name of the device posture rule.
Schedule string: Polling frequency for the WARP client posture check. Default: 5m (poll every five minutes). Minimum: 1m.
Type string: The type of device posture rule. Available values: "file", "application", "tanium", "gateway", "warp", "diskencryption", "sentinelone", "carbonblack", "firewall", "osversion", "domainjoined", "clientcertificate", "clientcertificatev2", "uniqueclientid", "kolide", "taniums2s", "crowdstrikes2s", "intune", "workspaceone", "sentinelones2s", "custom_s2s".

accountId String
description String: The description of the device posture rule.
expiration String: Sets the expiration time for a posture check result. If empty, the result remains valid until it is overwritten by new data from the WARP client.
input DevicePostureRuleInput: The value to be checked against.
matches List<DevicePostureRuleMatch>: The conditions that the client must match to run the rule.
name String: The name of the device posture rule.
schedule String: Polling frequency for the WARP client posture check. Default: 5m (poll every five minutes). Minimum: 1m.
type String: The type of device posture rule. Available values: "file", "application", "tanium", "gateway", "warp", "diskencryption", "sentinelone", "carbonblack", "firewall", "osversion", "domainjoined", "clientcertificate", "clientcertificatev2", "uniqueclientid", "kolide", "taniums2s", "crowdstrikes2s", "intune", "workspaceone", "sentinelones2s", "custom_s2s".

accountId string
description string: The description of the device posture rule.
expiration string: Sets the expiration time for a posture check result. If empty, the result remains valid until it is overwritten by new data from the WARP client.
input DevicePostureRuleInput: The value to be checked against.
matches DevicePostureRuleMatch[]: The conditions that the client must match to run the rule.
name string: The name of the device posture rule.
schedule string: Polling frequency for the WARP client posture check. Default: 5m (poll every five minutes). Minimum: 1m.
type string: The type of device posture rule. Available values: "file", "application", "tanium", "gateway", "warp", "diskencryption", "sentinelone", "carbonblack", "firewall", "osversion", "domainjoined", "clientcertificate", "clientcertificatev2", "uniqueclientid", "kolide", "taniums2s", "crowdstrikes2s", "intune", "workspaceone", "sentinelones2s", "custom_s2s".

account_id str
description str: The description of the device posture rule.
expiration str: Sets the expiration time for a posture check result. If empty, the result remains valid until it is overwritten by new data from the WARP client.
input DevicePostureRuleInputArgs: The value to be checked against.
matches Sequence[DevicePostureRuleMatchArgs]: The conditions that the client must match to run the rule.
name str: The name of the device posture rule.
schedule str: Polling frequency for the WARP client posture check. Default: 5m (poll every five minutes). Minimum: 1m.
type str: The type of device posture rule. Available values: "file", "application", "tanium", "gateway", "warp", "diskencryption", "sentinelone", "carbonblack", "firewall", "osversion", "domainjoined", "clientcertificate", "clientcertificatev2", "uniqueclientid", "kolide", "taniums2s", "crowdstrikes2s", "intune", "workspaceone", "sentinelones2s", "custom_s2s".

accountId String
description String: The description of the device posture rule.
expiration String: Sets the expiration time for a posture check result. If empty, the result remains valid until it is overwritten by new data from the WARP client.
input Property Map: The value to be checked against.
matches List<Property Map>: The conditions that the client must match to run the rule.
name String: The name of the device posture rule.
schedule String: Polling frequency for the WARP client posture check. Default: 5m (poll every five minutes). Minimum: 1m.
type String: The type of device posture rule. Available values: "file", "application", "tanium", "gateway", "warp", "diskencryption", "sentinelone", "carbonblack", "firewall", "osversion", "domainjoined", "clientcertificate", "clientcertificatev2", "uniqueclientid", "kolide", "taniums2s", "crowdstrikes2s", "intune", "workspaceone", "sentinelones2s", "custom_s2s".

Supporting Types

DevicePostureRuleInput
, DevicePostureRuleInputArgs

ActiveThreats double: The Number of active threats.
CertificateId string: UUID of Cloudflare managed certificate.
CheckDisks List<string>: List of volume names to be checked for encryption.
CheckPrivateKey bool: Confirm the certificate was not imported from another device. We recommend keeping this enabled unless the certificate was deployed without a private key.
Cn string: Common Name that is protected by the certificate
ComplianceStatus string: Compliance Status Available values: "compliant", "noncompliant", "unknown".
ConnectionId string: Posture Integration ID.
CountOperator string: Count Operator Available values: "<", "<=", ">", ">=", "==".
Domain string: Domain
EidLastSeen string: For more details on eid last seen, refer to the Tanium documentation.
Enabled bool: Enabled
Exists bool: Whether or not file exists
ExtendedKeyUsages List<string>: List of values indicating purposes for which the certificate public key can be used
Id string: List ID.
Infected bool: Whether device is infected.
IsActive bool: Whether device is active.
IssueCount string: The Number of Issues.
LastSeen string: For more details on last seen, please refer to the Crowdstrike documentation.
Locations DevicePostureRuleInputLocations
NetworkStatus string: Network status of device. Available values: "connected", "disconnected", "disconnecting", "connecting".
OperatingSystem string: Operating system Available values: "windows", "linux", "mac".
OperationalState string: Agent operational state. Available values: "na", "partiallydisabled", "autofullydisabled", "fullydisabled", "autopartiallydisabled", "disablederror", "dbcorruption".
Operator string: operator Available values: "<", "<=", ">", ">=", "==".
Os string: Os Version
OsDistroName string: Operating System Distribution Name (linux only)
OsDistroRevision string: Version of OS Distribution (linux only)
OsVersionExtra string: Additional version data. For Mac or iOS, the Product Version Extra. For Linux, the kernel release version. (Mac, iOS, and Linux only)
Overall string: overall
Path string: File path.
RequireAll bool: Whether to check all disks for encryption.
RiskLevel string: For more details on risk level, refer to the Tanium documentation. Available values: "low", "medium", "high", "critical".
Score double: A value between 0-100 assigned to devices set by the 3rd party posture provider.
ScoreOperator string: Score Operator Available values: "<", "<=", ">", ">=", "==".
SensorConfig string: SensorConfig
Sha256 string: SHA-256.
State string: For more details on state, please refer to the Crowdstrike documentation. Available values: "online", "offline", "unknown".
Thumbprint string: Signing certificate thumbprint.
TotalScore double: For more details on total score, refer to the Tanium documentation.
Version string: Version of OS
VersionOperator string: Version Operator Available values: "<", "<=", ">", ">=", "==".

ActiveThreats float64: The Number of active threats.
CertificateId string: UUID of Cloudflare managed certificate.
CheckDisks []string: List of volume names to be checked for encryption.
CheckPrivateKey bool: Confirm the certificate was not imported from another device. We recommend keeping this enabled unless the certificate was deployed without a private key.
Cn string: Common Name that is protected by the certificate
ComplianceStatus string: Compliance Status Available values: "compliant", "noncompliant", "unknown".
ConnectionId string: Posture Integration ID.
CountOperator string: Count Operator Available values: "<", "<=", ">", ">=", "==".
Domain string: Domain
EidLastSeen string: For more details on eid last seen, refer to the Tanium documentation.
Enabled bool: Enabled
Exists bool: Whether or not file exists
ExtendedKeyUsages []string: List of values indicating purposes for which the certificate public key can be used
Id string: List ID.
Infected bool: Whether device is infected.
IsActive bool: Whether device is active.
IssueCount string: The Number of Issues.
LastSeen string: For more details on last seen, please refer to the Crowdstrike documentation.
Locations DevicePostureRuleInputLocations
NetworkStatus string: Network status of device. Available values: "connected", "disconnected", "disconnecting", "connecting".
OperatingSystem string: Operating system Available values: "windows", "linux", "mac".
OperationalState string: Agent operational state. Available values: "na", "partiallydisabled", "autofullydisabled", "fullydisabled", "autopartiallydisabled", "disablederror", "dbcorruption".
Operator string: operator Available values: "<", "<=", ">", ">=", "==".
Os string: Os Version
OsDistroName string: Operating System Distribution Name (linux only)
OsDistroRevision string: Version of OS Distribution (linux only)
OsVersionExtra string: Additional version data. For Mac or iOS, the Product Version Extra. For Linux, the kernel release version. (Mac, iOS, and Linux only)
Overall string: overall
Path string: File path.
RequireAll bool: Whether to check all disks for encryption.
RiskLevel string: For more details on risk level, refer to the Tanium documentation. Available values: "low", "medium", "high", "critical".
Score float64: A value between 0-100 assigned to devices set by the 3rd party posture provider.
ScoreOperator string: Score Operator Available values: "<", "<=", ">", ">=", "==".
SensorConfig string: SensorConfig
Sha256 string: SHA-256.
State string: For more details on state, please refer to the Crowdstrike documentation. Available values: "online", "offline", "unknown".
Thumbprint string: Signing certificate thumbprint.
TotalScore float64: For more details on total score, refer to the Tanium documentation.
Version string: Version of OS
VersionOperator string: Version Operator Available values: "<", "<=", ">", ">=", "==".

activeThreats Double: The Number of active threats.
certificateId String: UUID of Cloudflare managed certificate.
checkDisks List<String>: List of volume names to be checked for encryption.
checkPrivateKey Boolean: Confirm the certificate was not imported from another device. We recommend keeping this enabled unless the certificate was deployed without a private key.
cn String: Common Name that is protected by the certificate
complianceStatus String: Compliance Status Available values: "compliant", "noncompliant", "unknown".
connectionId String: Posture Integration ID.
countOperator String: Count Operator Available values: "<", "<=", ">", ">=", "==".
domain String: Domain
eidLastSeen String: For more details on eid last seen, refer to the Tanium documentation.
enabled Boolean: Enabled
exists Boolean: Whether or not file exists
extendedKeyUsages List<String>: List of values indicating purposes for which the certificate public key can be used
id String: List ID.
infected Boolean: Whether device is infected.
isActive Boolean: Whether device is active.
issueCount String: The Number of Issues.
lastSeen String: For more details on last seen, please refer to the Crowdstrike documentation.
locations DevicePostureRuleInputLocations
networkStatus String: Network status of device. Available values: "connected", "disconnected", "disconnecting", "connecting".
operatingSystem String: Operating system Available values: "windows", "linux", "mac".
operationalState String: Agent operational state. Available values: "na", "partiallydisabled", "autofullydisabled", "fullydisabled", "autopartiallydisabled", "disablederror", "dbcorruption".
operator String: operator Available values: "<", "<=", ">", ">=", "==".
os String: Os Version
osDistroName String: Operating System Distribution Name (linux only)
osDistroRevision String: Version of OS Distribution (linux only)
osVersionExtra String: Additional version data. For Mac or iOS, the Product Version Extra. For Linux, the kernel release version. (Mac, iOS, and Linux only)
overall String: overall
path String: File path.
requireAll Boolean: Whether to check all disks for encryption.
riskLevel String: For more details on risk level, refer to the Tanium documentation. Available values: "low", "medium", "high", "critical".
score Double: A value between 0-100 assigned to devices set by the 3rd party posture provider.
scoreOperator String: Score Operator Available values: "<", "<=", ">", ">=", "==".
sensorConfig String: SensorConfig
sha256 String: SHA-256.
state String: For more details on state, please refer to the Crowdstrike documentation. Available values: "online", "offline", "unknown".
thumbprint String: Signing certificate thumbprint.
totalScore Double: For more details on total score, refer to the Tanium documentation.
version String: Version of OS
versionOperator String: Version Operator Available values: "<", "<=", ">", ">=", "==".

activeThreats number: The Number of active threats.
certificateId string: UUID of Cloudflare managed certificate.
checkDisks string[]: List of volume names to be checked for encryption.
checkPrivateKey boolean: Confirm the certificate was not imported from another device. We recommend keeping this enabled unless the certificate was deployed without a private key.
cn string: Common Name that is protected by the certificate
complianceStatus string: Compliance Status Available values: "compliant", "noncompliant", "unknown".
connectionId string: Posture Integration ID.
countOperator string: Count Operator Available values: "<", "<=", ">", ">=", "==".
domain string: Domain
eidLastSeen string: For more details on eid last seen, refer to the Tanium documentation.
enabled boolean: Enabled
exists boolean: Whether or not file exists
extendedKeyUsages string[]: List of values indicating purposes for which the certificate public key can be used
id string: List ID.
infected boolean: Whether device is infected.
isActive boolean: Whether device is active.
issueCount string: The Number of Issues.
lastSeen string: For more details on last seen, please refer to the Crowdstrike documentation.
locations DevicePostureRuleInputLocations
networkStatus string: Network status of device. Available values: "connected", "disconnected", "disconnecting", "connecting".
operatingSystem string: Operating system Available values: "windows", "linux", "mac".
operationalState string: Agent operational state. Available values: "na", "partiallydisabled", "autofullydisabled", "fullydisabled", "autopartiallydisabled", "disablederror", "dbcorruption".
operator string: operator Available values: "<", "<=", ">", ">=", "==".
os string: Os Version
osDistroName string: Operating System Distribution Name (linux only)
osDistroRevision string: Version of OS Distribution (linux only)
osVersionExtra string: Additional version data. For Mac or iOS, the Product Version Extra. For Linux, the kernel release version. (Mac, iOS, and Linux only)
overall string: overall
path string: File path.
requireAll boolean: Whether to check all disks for encryption.
riskLevel string: For more details on risk level, refer to the Tanium documentation. Available values: "low", "medium", "high", "critical".
score number: A value between 0-100 assigned to devices set by the 3rd party posture provider.
scoreOperator string: Score Operator Available values: "<", "<=", ">", ">=", "==".
sensorConfig string: SensorConfig
sha256 string: SHA-256.
state string: For more details on state, please refer to the Crowdstrike documentation. Available values: "online", "offline", "unknown".
thumbprint string: Signing certificate thumbprint.
totalScore number: For more details on total score, refer to the Tanium documentation.
version string: Version of OS
versionOperator string: Version Operator Available values: "<", "<=", ">", ">=", "==".

active_threats float: The Number of active threats.
certificate_id str: UUID of Cloudflare managed certificate.
check_disks Sequence[str]: List of volume names to be checked for encryption.
check_private_key bool: Confirm the certificate was not imported from another device. We recommend keeping this enabled unless the certificate was deployed without a private key.
cn str: Common Name that is protected by the certificate
compliance_status str: Compliance Status Available values: "compliant", "noncompliant", "unknown".
connection_id str: Posture Integration ID.
count_operator str: Count Operator Available values: "<", "<=", ">", ">=", "==".
domain str: Domain
eid_last_seen str: For more details on eid last seen, refer to the Tanium documentation.
enabled bool: Enabled
exists bool: Whether or not file exists
extended_key_usages Sequence[str]: List of values indicating purposes for which the certificate public key can be used
id str: List ID.
infected bool: Whether device is infected.
is_active bool: Whether device is active.
issue_count str: The Number of Issues.
last_seen str: For more details on last seen, please refer to the Crowdstrike documentation.
locations DevicePostureRuleInputLocations
network_status str: Network status of device. Available values: "connected", "disconnected", "disconnecting", "connecting".
operating_system str: Operating system Available values: "windows", "linux", "mac".
operational_state str: Agent operational state. Available values: "na", "partiallydisabled", "autofullydisabled", "fullydisabled", "autopartiallydisabled", "disablederror", "dbcorruption".
operator str: operator Available values: "<", "<=", ">", ">=", "==".
os str: Os Version
os_distro_name str: Operating System Distribution Name (linux only)
os_distro_revision str: Version of OS Distribution (linux only)
os_version_extra str: Additional version data. For Mac or iOS, the Product Version Extra. For Linux, the kernel release version. (Mac, iOS, and Linux only)
overall str: overall
path str: File path.
require_all bool: Whether to check all disks for encryption.
risk_level str: For more details on risk level, refer to the Tanium documentation. Available values: "low", "medium", "high", "critical".
score float: A value between 0-100 assigned to devices set by the 3rd party posture provider.
score_operator str: Score Operator Available values: "<", "<=", ">", ">=", "==".
sensor_config str: SensorConfig
sha256 str: SHA-256.
state str: For more details on state, please refer to the Crowdstrike documentation. Available values: "online", "offline", "unknown".
thumbprint str: Signing certificate thumbprint.
total_score float: For more details on total score, refer to the Tanium documentation.
version str: Version of OS
version_operator str: Version Operator Available values: "<", "<=", ">", ">=", "==".

activeThreats Number: The Number of active threats.
certificateId String: UUID of Cloudflare managed certificate.
checkDisks List<String>: List of volume names to be checked for encryption.
checkPrivateKey Boolean: Confirm the certificate was not imported from another device. We recommend keeping this enabled unless the certificate was deployed without a private key.
cn String: Common Name that is protected by the certificate
complianceStatus String: Compliance Status Available values: "compliant", "noncompliant", "unknown".
connectionId String: Posture Integration ID.
countOperator String: Count Operator Available values: "<", "<=", ">", ">=", "==".
domain String: Domain
eidLastSeen String: For more details on eid last seen, refer to the Tanium documentation.
enabled Boolean: Enabled
exists Boolean: Whether or not file exists
extendedKeyUsages List<String>: List of values indicating purposes for which the certificate public key can be used
id String: List ID.
infected Boolean: Whether device is infected.
isActive Boolean: Whether device is active.
issueCount String: The Number of Issues.
lastSeen String: For more details on last seen, please refer to the Crowdstrike documentation.
locations Property Map
networkStatus String: Network status of device. Available values: "connected", "disconnected", "disconnecting", "connecting".
operatingSystem String: Operating system Available values: "windows", "linux", "mac".
operationalState String: Agent operational state. Available values: "na", "partiallydisabled", "autofullydisabled", "fullydisabled", "autopartiallydisabled", "disablederror", "dbcorruption".
operator String: operator Available values: "<", "<=", ">", ">=", "==".
os String: Os Version
osDistroName String: Operating System Distribution Name (linux only)
osDistroRevision String: Version of OS Distribution (linux only)
osVersionExtra String: Additional version data. For Mac or iOS, the Product Version Extra. For Linux, the kernel release version. (Mac, iOS, and Linux only)
overall String: overall
path String: File path.
requireAll Boolean: Whether to check all disks for encryption.
riskLevel String: For more details on risk level, refer to the Tanium documentation. Available values: "low", "medium", "high", "critical".
score Number: A value between 0-100 assigned to devices set by the 3rd party posture provider.
scoreOperator String: Score Operator Available values: "<", "<=", ">", ">=", "==".
sensorConfig String: SensorConfig
sha256 String: SHA-256.
state String: For more details on state, please refer to the Crowdstrike documentation. Available values: "online", "offline", "unknown".
thumbprint String: Signing certificate thumbprint.
totalScore Number: For more details on total score, refer to the Tanium documentation.
version String: Version of OS
versionOperator String: Version Operator Available values: "<", "<=", ">", ">=", "==".

DevicePostureRuleInputLocations
, DevicePostureRuleInputLocationsArgs

Paths List<string>: List of paths to check for client certificate on linux.
TrustStores List<string>: List of trust stores to check for client certificate.

Paths []string: List of paths to check for client certificate on linux.
TrustStores []string: List of trust stores to check for client certificate.

paths List<String>: List of paths to check for client certificate on linux.
trustStores List<String>: List of trust stores to check for client certificate.

paths string[]: List of paths to check for client certificate on linux.
trustStores string[]: List of trust stores to check for client certificate.

paths Sequence[str]: List of paths to check for client certificate on linux.
trust_stores Sequence[str]: List of trust stores to check for client certificate.

paths List<String>: List of paths to check for client certificate on linux.
trustStores List<String>: List of trust stores to check for client certificate.

DevicePostureRuleMatch
, DevicePostureRuleMatchArgs

Platform string: Available values: "windows", "mac", "linux", "android", "ios".

Platform string: Available values: "windows", "mac", "linux", "android", "ios".

platform String: Available values: "windows", "mac", "linux", "android", "ios".

platform string: Available values: "windows", "mac", "linux", "android", "ios".

platform str: Available values: "windows", "mac", "linux", "android", "ios".

platform String: Available values: "windows", "mac", "linux", "android", "ios".

Import

$ pulumi import cloudflare:index/devicePostureRule:DevicePostureRule example '<account_id>/<rule_id>'

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: Cloudflare pulumi/pulumi-cloudflare
License: Apache-2.0
Notes: This Pulumi package is based on the cloudflare Terraform Provider.

Cloudflare v6.1.0 published on Friday, Apr 18, 2025 by Pulumi

pulumi/pulumi-cloudflare

cloudflare.DevicePostureRule

On this page

On this page

Example Usage

Create DevicePostureRule Resource

Constructor syntax

Parameters

DevicePostureRule Resource Properties

Inputs

Outputs

Look up Existing DevicePostureRule Resource

Supporting Types

DevicePostureRuleInput
, DevicePostureRuleInputArgs

DevicePostureRuleInputLocations
, DevicePostureRuleInputLocationsArgs

DevicePostureRuleMatch
, DevicePostureRuleMatchArgs

Import

Package Details

On this page

On this page

cloudflare.DevicePostureRule

On this page

On this page

Example Usage

Create DevicePostureRule Resource

Constructor syntax

Parameters

DevicePostureRule Resource Properties

Inputs

Outputs

Look up Existing DevicePostureRule Resource

Supporting Types

DevicePostureRuleInput, DevicePostureRuleInputArgs

DevicePostureRuleInputLocations, DevicePostureRuleInputLocationsArgs

DevicePostureRuleMatch, DevicePostureRuleMatchArgs

Import

Package Details

On this page

On this page

DevicePostureRuleInput
, DevicePostureRuleInputArgs

DevicePostureRuleInputLocations
, DevicePostureRuleInputLocationsArgs

DevicePostureRuleMatch
, DevicePostureRuleMatchArgs