GradientEdge CDK Utils
    Preparing search index...

    Interface ZeroTrustAccessPolicyProps

    interface ZeroTrustAccessPolicyProps {
        accountId: Input<string>;
        approvalGroups?: Input<Input<ZeroTrustAccessPolicyApprovalGroup>[]>;
        approvalRequired?: Input<boolean>;
        connectionRules?: Input<ZeroTrustAccessPolicyConnectionRules>;
        decision: Input<string>;
        excludes?: Input<Input<ZeroTrustAccessPolicyExclude>[]>;
        includes?: Input<Input<ZeroTrustAccessPolicyInclude>[]>;
        isolationRequired?: Input<boolean>;
        mfaConfig?: Input<ZeroTrustAccessPolicyMfaConfig>;
        name: Input<string>;
        purposeJustificationPrompt?: Input<string>;
        purposeJustificationRequired?: Input<boolean>;
        requires?: Input<Input<ZeroTrustAccessPolicyRequire>[]>;
        sessionDuration?: Input<string>;
    }

    Hierarchy

    • ZeroTrustAccessPolicyArgs
      • ZeroTrustAccessPolicyProps
    Index

    Properties

    accountId approvalGroups? approvalRequired? connectionRules? decision excludes? includes? isolationRequired? mfaConfig? name purposeJustificationPrompt? purposeJustificationRequired? requires? sessionDuration?

    Properties

    accountId: Input<string>

    Identifier.

    approvalGroups?: Input<Input<ZeroTrustAccessPolicyApprovalGroup>[]>

    Administrators who can approve a temporary authentication request.

    approvalRequired?: Input<boolean>

    Requires the user to request access from an administrator at the start of each session.

    connectionRules?: Input<ZeroTrustAccessPolicyConnectionRules>

    The rules that define how users may connect to targets secured by your application.

    decision: Input<string>

    The action Access will take if a user matches this policy. Infrastructure application policies can only use the Allow action. Available values: "allow", "deny", "nonIdentity", "bypass".

    excludes?: Input<Input<ZeroTrustAccessPolicyExclude>[]>

    Rules evaluated with a NOT logical operator. To match the policy, a user cannot meet any of the Exclude rules.

    includes?: Input<Input<ZeroTrustAccessPolicyInclude>[]>

    Rules evaluated with an OR logical operator. A user needs to meet only one of the Include rules.

    isolationRequired?: Input<boolean>

    Require this application to be served in an isolated browser for users matching this policy. 'Client Web Isolation' must be on for the account in order to use this feature.

    mfaConfig?: Input<ZeroTrustAccessPolicyMfaConfig>

    Configures multi-factor authentication (MFA) settings.

    name: Input<string>

    The name of the Access policy.

    purposeJustificationPrompt?: Input<string>

    A custom message that will appear on the purpose justification screen.

    purposeJustificationRequired?: Input<boolean>

    Require users to enter a justification when they log in to the application.

    requires?: Input<Input<ZeroTrustAccessPolicyRequire>[]>

    Rules evaluated with an AND logical operator. To match the policy, a user must meet all of the Require rules.

    sessionDuration?: Input<string>

    The amount of time that tokens issued for the application will be valid. Must be in the format 300ms or 2h45m. Valid time units are: ns, us (or µs), ms, s, m, h.

    Settings

    Member Visibility

    On This Page

    Properties