diff --git a/api.md b/api.md
index 8db2e1d7d2..06d17df6cc 100644
--- a/api.md
+++ b/api.md
@@ -4638,29 +4638,6 @@ Methods:
## Access
-Types:
-
-- AccessDevicePostureRule
-- AccessRule
-- AnyValidServiceTokenRule
-- AuthenticationMethodRule
-- AzureGroupRule
-- CertificateRule
-- CountryRule
-- DomainRule
-- EmailListRule
-- EmailRule
-- EveryoneRule
-- ExternalEvaluationRule
-- GitHubOrganizationRule
-- GroupRule
-- GSuiteGroupRule
-- IPListRule
-- IPRule
-- OktaGroupRule
-- SAMLGroupRule
-- ServiceTokenRule
-
### GatewayCA
Types:
@@ -4765,6 +4742,26 @@ Methods:
Types:
+- AccessDevicePostureRule
+- AccessRule
+- AnyValidServiceTokenRule
+- AuthenticationMethodRule
+- AzureGroupRule
+- CertificateRule
+- CountryRule
+- DomainRule
+- EmailListRule
+- EmailRule
+- EveryoneRule
+- ExternalEvaluationRule
+- GitHubOrganizationRule
+- GroupRule
+- GSuiteGroupRule
+- IPListRule
+- IPRule
+- OktaGroupRule
+- SAMLGroupRule
+- ServiceTokenRule
- PolicyCreateResponse
- PolicyUpdateResponse
- PolicyListResponse
diff --git a/src/resources/zero-trust/access/access.ts b/src/resources/zero-trust/access/access.ts
index 20f2142977..c14de3aa26 100644
--- a/src/resources/zero-trust/access/access.ts
+++ b/src/resources/zero-trust/access/access.ts
@@ -82,7 +82,7 @@ import {
} from './policies';
import * as ServiceTokensAPI from './service-tokens';
import {
- ServiceToken as ServiceTokensAPIServiceToken,
+ ServiceToken,
ServiceTokenCreateParams,
ServiceTokenCreateResponse,
ServiceTokenDeleteParams,
@@ -146,7 +146,7 @@ import {
import * as CertificatesAPI from './certificates/certificates';
import {
AssociatedHostnames,
- Certificate as CertificatesAPICertificate,
+ Certificate,
CertificateCreateParams,
CertificateDeleteParams,
CertificateDeleteResponse,
@@ -185,834 +185,6 @@ export class Access extends APIResource {
policies: PoliciesAPI.Policies = new PoliciesAPI.Policies(this._client);
}
-/**
- * Enforces a device posture rule has run successfully
- */
-export interface AccessDevicePostureRule {
- device_posture: AccessDevicePostureRule.DevicePosture;
-}
-
-export namespace AccessDevicePostureRule {
- export interface DevicePosture {
- /**
- * The ID of a device posture integration.
- */
- integration_uid: string;
- }
-}
-
-/**
- * Enforces a device posture rule has run successfully
- */
-export interface AccessDevicePostureRuleParam {
- device_posture: AccessDevicePostureRuleParam.DevicePosture;
-}
-
-export namespace AccessDevicePostureRuleParam {
- export interface DevicePosture {
- /**
- * The ID of a device posture integration.
- */
- integration_uid: string;
- }
-}
-
-/**
- * Matches an Access group.
- */
-export type AccessRule =
- | GroupRule
- | AnyValidServiceTokenRule
- | AccessRule.AccessAuthContextRule
- | AuthenticationMethodRule
- | AzureGroupRule
- | CertificateRule
- | AccessRule.AccessCommonNameRule
- | CountryRule
- | AccessDevicePostureRule
- | DomainRule
- | EmailListRule
- | EmailRule
- | EveryoneRule
- | ExternalEvaluationRule
- | GitHubOrganizationRule
- | GSuiteGroupRule
- | IPListRule
- | IPRule
- | OktaGroupRule
- | SAMLGroupRule
- | ServiceTokenRule;
-
-export namespace AccessRule {
- /**
- * Matches an Azure Authentication Context. Requires an Azure identity provider.
- */
- export interface AccessAuthContextRule {
- auth_context: AccessAuthContextRule.AuthContext;
- }
-
- export namespace AccessAuthContextRule {
- export interface AuthContext {
- /**
- * The ID of an Authentication context.
- */
- id: string;
-
- /**
- * The ACID of an Authentication context.
- */
- ac_id: string;
-
- /**
- * The ID of your Azure identity provider.
- */
- identity_provider_id: string;
- }
- }
-
- /**
- * Matches a specific common name.
- */
- export interface AccessCommonNameRule {
- common_name: AccessCommonNameRule.CommonName;
- }
-
- export namespace AccessCommonNameRule {
- export interface CommonName {
- /**
- * The common name to match.
- */
- common_name: string;
- }
- }
-}
-
-/**
- * Matches an Access group.
- */
-export type AccessRuleParam =
- | GroupRuleParam
- | AnyValidServiceTokenRuleParam
- | AccessRuleParam.AccessAuthContextRule
- | AuthenticationMethodRuleParam
- | AzureGroupRuleParam
- | CertificateRuleParam
- | AccessRuleParam.AccessCommonNameRule
- | CountryRuleParam
- | AccessDevicePostureRuleParam
- | DomainRuleParam
- | EmailListRuleParam
- | EmailRuleParam
- | EveryoneRuleParam
- | ExternalEvaluationRuleParam
- | GitHubOrganizationRuleParam
- | GSuiteGroupRuleParam
- | IPListRuleParam
- | IPRuleParam
- | OktaGroupRuleParam
- | SAMLGroupRuleParam
- | ServiceTokenRuleParam;
-
-export namespace AccessRuleParam {
- /**
- * Matches an Azure Authentication Context. Requires an Azure identity provider.
- */
- export interface AccessAuthContextRule {
- auth_context: AccessAuthContextRule.AuthContext;
- }
-
- export namespace AccessAuthContextRule {
- export interface AuthContext {
- /**
- * The ID of an Authentication context.
- */
- id: string;
-
- /**
- * The ACID of an Authentication context.
- */
- ac_id: string;
-
- /**
- * The ID of your Azure identity provider.
- */
- identity_provider_id: string;
- }
- }
-
- /**
- * Matches a specific common name.
- */
- export interface AccessCommonNameRule {
- common_name: AccessCommonNameRule.CommonName;
- }
-
- export namespace AccessCommonNameRule {
- export interface CommonName {
- /**
- * The common name to match.
- */
- common_name: string;
- }
- }
-}
-
-/**
- * Matches any valid Access Service Token
- */
-export interface AnyValidServiceTokenRule {
- /**
- * An empty object which matches on all service tokens.
- */
- any_valid_service_token: AnyValidServiceTokenRule.AnyValidServiceToken;
-}
-
-export namespace AnyValidServiceTokenRule {
- /**
- * An empty object which matches on all service tokens.
- */
- export interface AnyValidServiceToken {}
-}
-
-/**
- * Matches any valid Access Service Token
- */
-export interface AnyValidServiceTokenRuleParam {
- /**
- * An empty object which matches on all service tokens.
- */
- any_valid_service_token: AnyValidServiceTokenRuleParam.AnyValidServiceToken;
-}
-
-export namespace AnyValidServiceTokenRuleParam {
- /**
- * An empty object which matches on all service tokens.
- */
- export interface AnyValidServiceToken {}
-}
-
-/**
- * Enforce different MFA options
- */
-export interface AuthenticationMethodRule {
- auth_method: AuthenticationMethodRule.AuthMethod;
-}
-
-export namespace AuthenticationMethodRule {
- export interface AuthMethod {
- /**
- * The type of authentication method
- * https://datatracker.ietf.org/doc/html/rfc8176#section-2.
- */
- auth_method: string;
- }
-}
-
-/**
- * Enforce different MFA options
- */
-export interface AuthenticationMethodRuleParam {
- auth_method: AuthenticationMethodRuleParam.AuthMethod;
-}
-
-export namespace AuthenticationMethodRuleParam {
- export interface AuthMethod {
- /**
- * The type of authentication method
- * https://datatracker.ietf.org/doc/html/rfc8176#section-2.
- */
- auth_method: string;
- }
-}
-
-/**
- * Matches an Azure group. Requires an Azure identity provider.
- */
-export interface AzureGroupRule {
- azureAD: AzureGroupRule.AzureAD;
-}
-
-export namespace AzureGroupRule {
- export interface AzureAD {
- /**
- * The ID of an Azure group.
- */
- id: string;
-
- /**
- * The ID of your Azure identity provider.
- */
- identity_provider_id: string;
- }
-}
-
-/**
- * Matches an Azure group. Requires an Azure identity provider.
- */
-export interface AzureGroupRuleParam {
- azureAD: AzureGroupRuleParam.AzureAD;
-}
-
-export namespace AzureGroupRuleParam {
- export interface AzureAD {
- /**
- * The ID of an Azure group.
- */
- id: string;
-
- /**
- * The ID of your Azure identity provider.
- */
- identity_provider_id: string;
- }
-}
-
-/**
- * Matches any valid client certificate.
- */
-export interface CertificateRule {
- certificate: CertificateRule.Certificate;
-}
-
-export namespace CertificateRule {
- export interface Certificate {}
-}
-
-/**
- * Matches any valid client certificate.
- */
-export interface CertificateRuleParam {
- certificate: CertificateRuleParam.Certificate;
-}
-
-export namespace CertificateRuleParam {
- export interface Certificate {}
-}
-
-/**
- * Matches a specific country
- */
-export interface CountryRule {
- geo: CountryRule.Geo;
-}
-
-export namespace CountryRule {
- export interface Geo {
- /**
- * The country code that should be matched.
- */
- country_code: string;
- }
-}
-
-/**
- * Matches a specific country
- */
-export interface CountryRuleParam {
- geo: CountryRuleParam.Geo;
-}
-
-export namespace CountryRuleParam {
- export interface Geo {
- /**
- * The country code that should be matched.
- */
- country_code: string;
- }
-}
-
-/**
- * Match an entire email domain.
- */
-export interface DomainRule {
- email_domain: DomainRule.EmailDomain;
-}
-
-export namespace DomainRule {
- export interface EmailDomain {
- /**
- * The email domain to match.
- */
- domain: string;
- }
-}
-
-/**
- * Match an entire email domain.
- */
-export interface DomainRuleParam {
- email_domain: DomainRuleParam.EmailDomain;
-}
-
-export namespace DomainRuleParam {
- export interface EmailDomain {
- /**
- * The email domain to match.
- */
- domain: string;
- }
-}
-
-/**
- * Matches an email address from a list.
- */
-export interface EmailListRule {
- email_list: EmailListRule.EmailList;
-}
-
-export namespace EmailListRule {
- export interface EmailList {
- /**
- * The ID of a previously created email list.
- */
- id: string;
- }
-}
-
-/**
- * Matches an email address from a list.
- */
-export interface EmailListRuleParam {
- email_list: EmailListRuleParam.EmailList;
-}
-
-export namespace EmailListRuleParam {
- export interface EmailList {
- /**
- * The ID of a previously created email list.
- */
- id: string;
- }
-}
-
-/**
- * Matches a specific email.
- */
-export interface EmailRule {
- email: EmailRule.Email;
-}
-
-export namespace EmailRule {
- export interface Email {
- /**
- * The email of the user.
- */
- email: string;
- }
-}
-
-/**
- * Matches a specific email.
- */
-export interface EmailRuleParam {
- email: EmailRuleParam.Email;
-}
-
-export namespace EmailRuleParam {
- export interface Email {
- /**
- * The email of the user.
- */
- email: string;
- }
-}
-
-/**
- * Matches everyone.
- */
-export interface EveryoneRule {
- /**
- * An empty object which matches on all users.
- */
- everyone: EveryoneRule.Everyone;
-}
-
-export namespace EveryoneRule {
- /**
- * An empty object which matches on all users.
- */
- export interface Everyone {}
-}
-
-/**
- * Matches everyone.
- */
-export interface EveryoneRuleParam {
- /**
- * An empty object which matches on all users.
- */
- everyone: EveryoneRuleParam.Everyone;
-}
-
-export namespace EveryoneRuleParam {
- /**
- * An empty object which matches on all users.
- */
- export interface Everyone {}
-}
-
-/**
- * Create Allow or Block policies which evaluate the user based on custom criteria.
- */
-export interface ExternalEvaluationRule {
- external_evaluation: ExternalEvaluationRule.ExternalEvaluation;
-}
-
-export namespace ExternalEvaluationRule {
- export interface ExternalEvaluation {
- /**
- * The API endpoint containing your business logic.
- */
- evaluate_url: string;
-
- /**
- * The API endpoint containing the key that Access uses to verify that the response
- * came from your API.
- */
- keys_url: string;
- }
-}
-
-/**
- * Create Allow or Block policies which evaluate the user based on custom criteria.
- */
-export interface ExternalEvaluationRuleParam {
- external_evaluation: ExternalEvaluationRuleParam.ExternalEvaluation;
-}
-
-export namespace ExternalEvaluationRuleParam {
- export interface ExternalEvaluation {
- /**
- * The API endpoint containing your business logic.
- */
- evaluate_url: string;
-
- /**
- * The API endpoint containing the key that Access uses to verify that the response
- * came from your API.
- */
- keys_url: string;
- }
-}
-
-/**
- * Matches a Github organization. Requires a Github identity provider.
- */
-export interface GitHubOrganizationRule {
- 'github-organization': GitHubOrganizationRule.GitHubOrganization;
-}
-
-export namespace GitHubOrganizationRule {
- export interface GitHubOrganization {
- /**
- * The ID of your Github identity provider.
- */
- identity_provider_id: string;
-
- /**
- * The name of the organization.
- */
- name: string;
-
- /**
- * The name of the team
- */
- team?: string;
- }
-}
-
-/**
- * Matches a Github organization. Requires a Github identity provider.
- */
-export interface GitHubOrganizationRuleParam {
- 'github-organization': GitHubOrganizationRuleParam.GitHubOrganization;
-}
-
-export namespace GitHubOrganizationRuleParam {
- export interface GitHubOrganization {
- /**
- * The ID of your Github identity provider.
- */
- identity_provider_id: string;
-
- /**
- * The name of the organization.
- */
- name: string;
-
- /**
- * The name of the team
- */
- team?: string;
- }
-}
-
-/**
- * Matches an Access group.
- */
-export interface GroupRule {
- group: GroupRule.Group;
-}
-
-export namespace GroupRule {
- export interface Group {
- /**
- * The ID of a previously created Access group.
- */
- id: string;
- }
-}
-
-/**
- * Matches an Access group.
- */
-export interface GroupRuleParam {
- group: GroupRuleParam.Group;
-}
-
-export namespace GroupRuleParam {
- export interface Group {
- /**
- * The ID of a previously created Access group.
- */
- id: string;
- }
-}
-
-/**
- * Matches a group in Google Workspace. Requires a Google Workspace identity
- * provider.
- */
-export interface GSuiteGroupRule {
- gsuite: GSuiteGroupRule.GSuite;
-}
-
-export namespace GSuiteGroupRule {
- export interface GSuite {
- /**
- * The email of the Google Workspace group.
- */
- email: string;
-
- /**
- * The ID of your Google Workspace identity provider.
- */
- identity_provider_id: string;
- }
-}
-
-/**
- * Matches a group in Google Workspace. Requires a Google Workspace identity
- * provider.
- */
-export interface GSuiteGroupRuleParam {
- gsuite: GSuiteGroupRuleParam.GSuite;
-}
-
-export namespace GSuiteGroupRuleParam {
- export interface GSuite {
- /**
- * The email of the Google Workspace group.
- */
- email: string;
-
- /**
- * The ID of your Google Workspace identity provider.
- */
- identity_provider_id: string;
- }
-}
-
-/**
- * Matches an IP address from a list.
- */
-export interface IPListRule {
- ip_list: IPListRule.IPList;
-}
-
-export namespace IPListRule {
- export interface IPList {
- /**
- * The ID of a previously created IP list.
- */
- id: string;
- }
-}
-
-/**
- * Matches an IP address from a list.
- */
-export interface IPListRuleParam {
- ip_list: IPListRuleParam.IPList;
-}
-
-export namespace IPListRuleParam {
- export interface IPList {
- /**
- * The ID of a previously created IP list.
- */
- id: string;
- }
-}
-
-/**
- * Matches an IP address block.
- */
-export interface IPRule {
- ip: IPRule.IP;
-}
-
-export namespace IPRule {
- export interface IP {
- /**
- * An IPv4 or IPv6 CIDR block.
- */
- ip: string;
- }
-}
-
-/**
- * Matches an IP address block.
- */
-export interface IPRuleParam {
- ip: IPRuleParam.IP;
-}
-
-export namespace IPRuleParam {
- export interface IP {
- /**
- * An IPv4 or IPv6 CIDR block.
- */
- ip: string;
- }
-}
-
-/**
- * Matches an Okta group. Requires an Okta identity provider.
- */
-export interface OktaGroupRule {
- okta: OktaGroupRule.Okta;
-}
-
-export namespace OktaGroupRule {
- export interface Okta {
- /**
- * The ID of your Okta identity provider.
- */
- identity_provider_id: string;
-
- /**
- * The name of the Okta group.
- */
- name: string;
- }
-}
-
-/**
- * Matches an Okta group. Requires an Okta identity provider.
- */
-export interface OktaGroupRuleParam {
- okta: OktaGroupRuleParam.Okta;
-}
-
-export namespace OktaGroupRuleParam {
- export interface Okta {
- /**
- * The ID of your Okta identity provider.
- */
- identity_provider_id: string;
-
- /**
- * The name of the Okta group.
- */
- name: string;
- }
-}
-
-/**
- * Matches a SAML group. Requires a SAML identity provider.
- */
-export interface SAMLGroupRule {
- saml: SAMLGroupRule.SAML;
-}
-
-export namespace SAMLGroupRule {
- export interface SAML {
- /**
- * The name of the SAML attribute.
- */
- attribute_name: string;
-
- /**
- * The SAML attribute value to look for.
- */
- attribute_value: string;
-
- /**
- * The ID of your SAML identity provider.
- */
- identity_provider_id: string;
- }
-}
-
-/**
- * Matches a SAML group. Requires a SAML identity provider.
- */
-export interface SAMLGroupRuleParam {
- saml: SAMLGroupRuleParam.SAML;
-}
-
-export namespace SAMLGroupRuleParam {
- export interface SAML {
- /**
- * The name of the SAML attribute.
- */
- attribute_name: string;
-
- /**
- * The SAML attribute value to look for.
- */
- attribute_value: string;
-
- /**
- * The ID of your SAML identity provider.
- */
- identity_provider_id: string;
- }
-}
-
-/**
- * Matches a specific Access Service Token
- */
-export interface ServiceTokenRule {
- service_token: ServiceTokenRule.ServiceToken;
-}
-
-export namespace ServiceTokenRule {
- export interface ServiceToken {
- /**
- * The ID of a Service Token.
- */
- token_id: string;
- }
-}
-
-/**
- * Matches a specific Access Service Token
- */
-export interface ServiceTokenRuleParam {
- service_token: ServiceTokenRuleParam.ServiceToken;
-}
-
-export namespace ServiceTokenRuleParam {
- export interface ServiceToken {
- /**
- * The ID of a Service Token.
- */
- token_id: string;
- }
-}
-
Access.GatewayCA = GatewayCA;
Access.GatewayCAListResponsesSinglePage = GatewayCAListResponsesSinglePage;
Access.Infrastructure = Infrastructure;
@@ -1038,29 +210,6 @@ Access.Policies = Policies;
Access.PolicyListResponsesSinglePage = PolicyListResponsesSinglePage;
export declare namespace Access {
- export {
- type AccessDevicePostureRule as AccessDevicePostureRule,
- type AccessRule as AccessRule,
- type AnyValidServiceTokenRule as AnyValidServiceTokenRule,
- type AuthenticationMethodRule as AuthenticationMethodRule,
- type AzureGroupRule as AzureGroupRule,
- type CertificateRule as CertificateRule,
- type CountryRule as CountryRule,
- type DomainRule as DomainRule,
- type EmailListRule as EmailListRule,
- type EmailRule as EmailRule,
- type EveryoneRule as EveryoneRule,
- type ExternalEvaluationRule as ExternalEvaluationRule,
- type GitHubOrganizationRule as GitHubOrganizationRule,
- type GroupRule as GroupRule,
- type GSuiteGroupRule as GSuiteGroupRule,
- type IPListRule as IPListRule,
- type IPRule as IPRule,
- type OktaGroupRule as OktaGroupRule,
- type SAMLGroupRule as SAMLGroupRule,
- type ServiceTokenRule as ServiceTokenRule,
- };
-
export {
GatewayCA as GatewayCA,
type GatewayCACreateResponse as GatewayCACreateResponse,
@@ -1113,7 +262,7 @@ export declare namespace Access {
export {
Certificates as Certificates,
type AssociatedHostnames as AssociatedHostnames,
- type CertificatesAPICertificate as Certificate,
+ type Certificate as Certificate,
type CertificateDeleteResponse as CertificateDeleteResponse,
CertificatesSinglePage as CertificatesSinglePage,
type CertificateCreateParams as CertificateCreateParams,
@@ -1141,7 +290,7 @@ export declare namespace Access {
export {
ServiceTokens as ServiceTokens,
- type ServiceTokensAPIServiceToken as ServiceToken,
+ type ServiceToken as ServiceToken,
type ServiceTokenCreateResponse as ServiceTokenCreateResponse,
type ServiceTokenRotateResponse as ServiceTokenRotateResponse,
ServiceTokensSinglePage as ServiceTokensSinglePage,
diff --git a/src/resources/zero-trust/access/applications/applications.ts b/src/resources/zero-trust/access/applications/applications.ts
index 57eea6edaf..99db064c99 100644
--- a/src/resources/zero-trust/access/applications/applications.ts
+++ b/src/resources/zero-trust/access/applications/applications.ts
@@ -5,7 +5,6 @@ import { isRequestOptions } from '../../../../core';
import * as Core from '../../../../core';
import { CloudflareError } from 'cloudflare/error';
import * as ApplicationsAPI from './applications';
-import * as AccessAPI from '../access';
import * as PoliciesAPI from '../policies';
import * as CAsAPI from './cas';
import {
@@ -20,6 +19,24 @@ import {
} from './cas';
import * as ApplicationsPoliciesAPI from './policies';
import {
+ AccessDevicePostureRule,
+ AccessRule,
+ AnyValidServiceTokenRule,
+ AuthenticationMethodRule,
+ AzureGroupRule,
+ CertificateRule,
+ CountryRule,
+ DomainRule,
+ EmailListRule,
+ EmailRule,
+ EveryoneRule,
+ ExternalEvaluationRule,
+ GSuiteGroupRule,
+ GitHubOrganizationRule,
+ GroupRule,
+ IPListRule,
+ IPRule,
+ OktaGroupRule,
Policies,
PolicyCreateParams,
PolicyCreateResponse,
@@ -32,6 +49,8 @@ import {
PolicyListResponsesSinglePage,
PolicyUpdateParams,
PolicyUpdateResponse,
+ SAMLGroupRule,
+ ServiceTokenRule,
} from './policies';
import * as UserPolicyChecksAPI from './user-policy-checks';
import {
@@ -1359,13 +1378,13 @@ export interface ApplicationPolicy {
* Rules evaluated with a NOT logical operator. To match the policy, a user cannot
* meet any of the Exclude rules.
*/
- exclude?: Array;
+ exclude?: Array;
/**
* Rules evaluated with an OR logical operator. A user needs to meet only one of
* the Include rules.
*/
- include?: Array;
+ include?: Array;
/**
* Require this application to be served in an isolated browser for users matching
@@ -1393,7 +1412,7 @@ export interface ApplicationPolicy {
* Rules evaluated with an AND logical operator. To match the policy, a user must
* meet all of the Require rules.
*/
- require?: Array;
+ require?: Array;
/**
* The amount of time that tokens issued for the application will be valid. Must be
@@ -4513,13 +4532,13 @@ export namespace ApplicationCreateResponse {
* Rules evaluated with a NOT logical operator. To match the policy, a user cannot
* meet any of the Exclude rules.
*/
- exclude?: Array;
+ exclude?: Array;
/**
* Rules evaluated with an OR logical operator. A user needs to meet only one of
* the Include rules.
*/
- include?: Array;
+ include?: Array;
/**
* The name of the Access policy.
@@ -4530,7 +4549,7 @@ export namespace ApplicationCreateResponse {
* Rules evaluated with an AND logical operator. To match the policy, a user must
* meet all of the Require rules.
*/
- require?: Array;
+ require?: Array;
updated_at?: string;
}
@@ -6777,13 +6796,13 @@ export namespace ApplicationUpdateResponse {
* Rules evaluated with a NOT logical operator. To match the policy, a user cannot
* meet any of the Exclude rules.
*/
- exclude?: Array;
+ exclude?: Array;
/**
* Rules evaluated with an OR logical operator. A user needs to meet only one of
* the Include rules.
*/
- include?: Array;
+ include?: Array;
/**
* The name of the Access policy.
@@ -6794,7 +6813,7 @@ export namespace ApplicationUpdateResponse {
* Rules evaluated with an AND logical operator. To match the policy, a user must
* meet all of the Require rules.
*/
- require?: Array;
+ require?: Array;
updated_at?: string;
}
@@ -9041,13 +9060,13 @@ export namespace ApplicationListResponse {
* Rules evaluated with a NOT logical operator. To match the policy, a user cannot
* meet any of the Exclude rules.
*/
- exclude?: Array;
+ exclude?: Array;
/**
* Rules evaluated with an OR logical operator. A user needs to meet only one of
* the Include rules.
*/
- include?: Array;
+ include?: Array;
/**
* The name of the Access policy.
@@ -9058,7 +9077,7 @@ export namespace ApplicationListResponse {
* Rules evaluated with an AND logical operator. To match the policy, a user must
* meet all of the Require rules.
*/
- require?: Array;
+ require?: Array;
updated_at?: string;
}
@@ -11312,13 +11331,13 @@ export namespace ApplicationGetResponse {
* Rules evaluated with a NOT logical operator. To match the policy, a user cannot
* meet any of the Exclude rules.
*/
- exclude?: Array;
+ exclude?: Array;
/**
* Rules evaluated with an OR logical operator. A user needs to meet only one of
* the Include rules.
*/
- include?: Array;
+ include?: Array;
/**
* The name of the Access policy.
@@ -11329,7 +11348,7 @@ export namespace ApplicationGetResponse {
* Rules evaluated with an AND logical operator. To match the policy, a user must
* meet all of the Require rules.
*/
- require?: Array;
+ require?: Array;
updated_at?: string;
}
@@ -14003,7 +14022,7 @@ export declare namespace ApplicationCreateParams {
* Rules evaluated with an OR logical operator. A user needs to meet only one of
* the Include rules.
*/
- include: Array;
+ include: Array;
/**
* The name of the Access policy.
@@ -14020,13 +14039,13 @@ export declare namespace ApplicationCreateParams {
* Rules evaluated with a NOT logical operator. To match the policy, a user cannot
* meet any of the Exclude rules.
*/
- exclude?: Array;
+ exclude?: Array;
/**
* Rules evaluated with an AND logical operator. To match the policy, a user must
* meet all of the Require rules.
*/
- require?: Array;
+ require?: Array;
}
export namespace Policy {
@@ -16597,7 +16616,7 @@ export declare namespace ApplicationUpdateParams {
* Rules evaluated with an OR logical operator. A user needs to meet only one of
* the Include rules.
*/
- include: Array;
+ include: Array;
/**
* The name of the Access policy.
@@ -16614,13 +16633,13 @@ export declare namespace ApplicationUpdateParams {
* Rules evaluated with a NOT logical operator. To match the policy, a user cannot
* meet any of the Exclude rules.
*/
- exclude?: Array;
+ exclude?: Array;
/**
* Rules evaluated with an AND logical operator. To match the policy, a user must
* meet all of the Require rules.
*/
- require?: Array;
+ require?: Array;
}
export namespace Policy {
@@ -16791,6 +16810,26 @@ export declare namespace Applications {
export {
Policies as Policies,
+ type AccessDevicePostureRule as AccessDevicePostureRule,
+ type AccessRule as AccessRule,
+ type AnyValidServiceTokenRule as AnyValidServiceTokenRule,
+ type AuthenticationMethodRule as AuthenticationMethodRule,
+ type AzureGroupRule as AzureGroupRule,
+ type CertificateRule as CertificateRule,
+ type CountryRule as CountryRule,
+ type DomainRule as DomainRule,
+ type EmailListRule as EmailListRule,
+ type EmailRule as EmailRule,
+ type EveryoneRule as EveryoneRule,
+ type ExternalEvaluationRule as ExternalEvaluationRule,
+ type GitHubOrganizationRule as GitHubOrganizationRule,
+ type GroupRule as GroupRule,
+ type GSuiteGroupRule as GSuiteGroupRule,
+ type IPListRule as IPListRule,
+ type IPRule as IPRule,
+ type OktaGroupRule as OktaGroupRule,
+ type SAMLGroupRule as SAMLGroupRule,
+ type ServiceTokenRule as ServiceTokenRule,
type PolicyCreateResponse as PolicyCreateResponse,
type PolicyUpdateResponse as PolicyUpdateResponse,
type PolicyListResponse as PolicyListResponse,
diff --git a/src/resources/zero-trust/access/applications/index.ts b/src/resources/zero-trust/access/applications/index.ts
index 6821aed5c6..9a71169da7 100644
--- a/src/resources/zero-trust/access/applications/index.ts
+++ b/src/resources/zero-trust/access/applications/index.ts
@@ -48,6 +48,26 @@ export {
export {
PolicyListResponsesSinglePage,
Policies,
+ type AccessDevicePostureRule,
+ type AccessRule,
+ type AnyValidServiceTokenRule,
+ type AuthenticationMethodRule,
+ type AzureGroupRule,
+ type CertificateRule,
+ type CountryRule,
+ type DomainRule,
+ type EmailListRule,
+ type EmailRule,
+ type EveryoneRule,
+ type ExternalEvaluationRule,
+ type GitHubOrganizationRule,
+ type GroupRule,
+ type GSuiteGroupRule,
+ type IPListRule,
+ type IPRule,
+ type OktaGroupRule,
+ type SAMLGroupRule,
+ type ServiceTokenRule,
type PolicyCreateResponse,
type PolicyUpdateResponse,
type PolicyListResponse,
diff --git a/src/resources/zero-trust/access/applications/policies.ts b/src/resources/zero-trust/access/applications/policies.ts
index 6f34b94f4a..451d7b24ef 100644
--- a/src/resources/zero-trust/access/applications/policies.ts
+++ b/src/resources/zero-trust/access/applications/policies.ts
@@ -222,6 +222,834 @@ export class Policies extends APIResource {
export class PolicyListResponsesSinglePage extends SinglePage {}
+/**
+ * Enforces a device posture rule has run successfully
+ */
+export interface AccessDevicePostureRule {
+ device_posture: AccessDevicePostureRule.DevicePosture;
+}
+
+export namespace AccessDevicePostureRule {
+ export interface DevicePosture {
+ /**
+ * The ID of a device posture integration.
+ */
+ integration_uid: string;
+ }
+}
+
+/**
+ * Enforces a device posture rule has run successfully
+ */
+export interface AccessDevicePostureRuleParam {
+ device_posture: AccessDevicePostureRuleParam.DevicePosture;
+}
+
+export namespace AccessDevicePostureRuleParam {
+ export interface DevicePosture {
+ /**
+ * The ID of a device posture integration.
+ */
+ integration_uid: string;
+ }
+}
+
+/**
+ * Matches an Access group.
+ */
+export type AccessRule =
+ | GroupRule
+ | AnyValidServiceTokenRule
+ | AccessRule.AccessAuthContextRule
+ | AuthenticationMethodRule
+ | AzureGroupRule
+ | CertificateRule
+ | AccessRule.AccessCommonNameRule
+ | CountryRule
+ | AccessDevicePostureRule
+ | DomainRule
+ | EmailListRule
+ | EmailRule
+ | EveryoneRule
+ | ExternalEvaluationRule
+ | GitHubOrganizationRule
+ | GSuiteGroupRule
+ | IPListRule
+ | IPRule
+ | OktaGroupRule
+ | SAMLGroupRule
+ | ServiceTokenRule;
+
+export namespace AccessRule {
+ /**
+ * Matches an Azure Authentication Context. Requires an Azure identity provider.
+ */
+ export interface AccessAuthContextRule {
+ auth_context: AccessAuthContextRule.AuthContext;
+ }
+
+ export namespace AccessAuthContextRule {
+ export interface AuthContext {
+ /**
+ * The ID of an Authentication context.
+ */
+ id: string;
+
+ /**
+ * The ACID of an Authentication context.
+ */
+ ac_id: string;
+
+ /**
+ * The ID of your Azure identity provider.
+ */
+ identity_provider_id: string;
+ }
+ }
+
+ /**
+ * Matches a specific common name.
+ */
+ export interface AccessCommonNameRule {
+ common_name: AccessCommonNameRule.CommonName;
+ }
+
+ export namespace AccessCommonNameRule {
+ export interface CommonName {
+ /**
+ * The common name to match.
+ */
+ common_name: string;
+ }
+ }
+}
+
+/**
+ * Matches an Access group.
+ */
+export type AccessRuleParam =
+ | GroupRuleParam
+ | AnyValidServiceTokenRuleParam
+ | AccessRuleParam.AccessAuthContextRule
+ | AuthenticationMethodRuleParam
+ | AzureGroupRuleParam
+ | CertificateRuleParam
+ | AccessRuleParam.AccessCommonNameRule
+ | CountryRuleParam
+ | AccessDevicePostureRuleParam
+ | DomainRuleParam
+ | EmailListRuleParam
+ | EmailRuleParam
+ | EveryoneRuleParam
+ | ExternalEvaluationRuleParam
+ | GitHubOrganizationRuleParam
+ | GSuiteGroupRuleParam
+ | IPListRuleParam
+ | IPRuleParam
+ | OktaGroupRuleParam
+ | SAMLGroupRuleParam
+ | ServiceTokenRuleParam;
+
+export namespace AccessRuleParam {
+ /**
+ * Matches an Azure Authentication Context. Requires an Azure identity provider.
+ */
+ export interface AccessAuthContextRule {
+ auth_context: AccessAuthContextRule.AuthContext;
+ }
+
+ export namespace AccessAuthContextRule {
+ export interface AuthContext {
+ /**
+ * The ID of an Authentication context.
+ */
+ id: string;
+
+ /**
+ * The ACID of an Authentication context.
+ */
+ ac_id: string;
+
+ /**
+ * The ID of your Azure identity provider.
+ */
+ identity_provider_id: string;
+ }
+ }
+
+ /**
+ * Matches a specific common name.
+ */
+ export interface AccessCommonNameRule {
+ common_name: AccessCommonNameRule.CommonName;
+ }
+
+ export namespace AccessCommonNameRule {
+ export interface CommonName {
+ /**
+ * The common name to match.
+ */
+ common_name: string;
+ }
+ }
+}
+
+/**
+ * Matches any valid Access Service Token
+ */
+export interface AnyValidServiceTokenRule {
+ /**
+ * An empty object which matches on all service tokens.
+ */
+ any_valid_service_token: AnyValidServiceTokenRule.AnyValidServiceToken;
+}
+
+export namespace AnyValidServiceTokenRule {
+ /**
+ * An empty object which matches on all service tokens.
+ */
+ export interface AnyValidServiceToken {}
+}
+
+/**
+ * Matches any valid Access Service Token
+ */
+export interface AnyValidServiceTokenRuleParam {
+ /**
+ * An empty object which matches on all service tokens.
+ */
+ any_valid_service_token: AnyValidServiceTokenRuleParam.AnyValidServiceToken;
+}
+
+export namespace AnyValidServiceTokenRuleParam {
+ /**
+ * An empty object which matches on all service tokens.
+ */
+ export interface AnyValidServiceToken {}
+}
+
+/**
+ * Enforce different MFA options
+ */
+export interface AuthenticationMethodRule {
+ auth_method: AuthenticationMethodRule.AuthMethod;
+}
+
+export namespace AuthenticationMethodRule {
+ export interface AuthMethod {
+ /**
+ * The type of authentication method
+ * https://datatracker.ietf.org/doc/html/rfc8176#section-2.
+ */
+ auth_method: string;
+ }
+}
+
+/**
+ * Enforce different MFA options
+ */
+export interface AuthenticationMethodRuleParam {
+ auth_method: AuthenticationMethodRuleParam.AuthMethod;
+}
+
+export namespace AuthenticationMethodRuleParam {
+ export interface AuthMethod {
+ /**
+ * The type of authentication method
+ * https://datatracker.ietf.org/doc/html/rfc8176#section-2.
+ */
+ auth_method: string;
+ }
+}
+
+/**
+ * Matches an Azure group. Requires an Azure identity provider.
+ */
+export interface AzureGroupRule {
+ azureAD: AzureGroupRule.AzureAD;
+}
+
+export namespace AzureGroupRule {
+ export interface AzureAD {
+ /**
+ * The ID of an Azure group.
+ */
+ id: string;
+
+ /**
+ * The ID of your Azure identity provider.
+ */
+ identity_provider_id: string;
+ }
+}
+
+/**
+ * Matches an Azure group. Requires an Azure identity provider.
+ */
+export interface AzureGroupRuleParam {
+ azureAD: AzureGroupRuleParam.AzureAD;
+}
+
+export namespace AzureGroupRuleParam {
+ export interface AzureAD {
+ /**
+ * The ID of an Azure group.
+ */
+ id: string;
+
+ /**
+ * The ID of your Azure identity provider.
+ */
+ identity_provider_id: string;
+ }
+}
+
+/**
+ * Matches any valid client certificate.
+ */
+export interface CertificateRule {
+ certificate: CertificateRule.Certificate;
+}
+
+export namespace CertificateRule {
+ export interface Certificate {}
+}
+
+/**
+ * Matches any valid client certificate.
+ */
+export interface CertificateRuleParam {
+ certificate: CertificateRuleParam.Certificate;
+}
+
+export namespace CertificateRuleParam {
+ export interface Certificate {}
+}
+
+/**
+ * Matches a specific country
+ */
+export interface CountryRule {
+ geo: CountryRule.Geo;
+}
+
+export namespace CountryRule {
+ export interface Geo {
+ /**
+ * The country code that should be matched.
+ */
+ country_code: string;
+ }
+}
+
+/**
+ * Matches a specific country
+ */
+export interface CountryRuleParam {
+ geo: CountryRuleParam.Geo;
+}
+
+export namespace CountryRuleParam {
+ export interface Geo {
+ /**
+ * The country code that should be matched.
+ */
+ country_code: string;
+ }
+}
+
+/**
+ * Match an entire email domain.
+ */
+export interface DomainRule {
+ email_domain: DomainRule.EmailDomain;
+}
+
+export namespace DomainRule {
+ export interface EmailDomain {
+ /**
+ * The email domain to match.
+ */
+ domain: string;
+ }
+}
+
+/**
+ * Match an entire email domain.
+ */
+export interface DomainRuleParam {
+ email_domain: DomainRuleParam.EmailDomain;
+}
+
+export namespace DomainRuleParam {
+ export interface EmailDomain {
+ /**
+ * The email domain to match.
+ */
+ domain: string;
+ }
+}
+
+/**
+ * Matches an email address from a list.
+ */
+export interface EmailListRule {
+ email_list: EmailListRule.EmailList;
+}
+
+export namespace EmailListRule {
+ export interface EmailList {
+ /**
+ * The ID of a previously created email list.
+ */
+ id: string;
+ }
+}
+
+/**
+ * Matches an email address from a list.
+ */
+export interface EmailListRuleParam {
+ email_list: EmailListRuleParam.EmailList;
+}
+
+export namespace EmailListRuleParam {
+ export interface EmailList {
+ /**
+ * The ID of a previously created email list.
+ */
+ id: string;
+ }
+}
+
+/**
+ * Matches a specific email.
+ */
+export interface EmailRule {
+ email: EmailRule.Email;
+}
+
+export namespace EmailRule {
+ export interface Email {
+ /**
+ * The email of the user.
+ */
+ email: string;
+ }
+}
+
+/**
+ * Matches a specific email.
+ */
+export interface EmailRuleParam {
+ email: EmailRuleParam.Email;
+}
+
+export namespace EmailRuleParam {
+ export interface Email {
+ /**
+ * The email of the user.
+ */
+ email: string;
+ }
+}
+
+/**
+ * Matches everyone.
+ */
+export interface EveryoneRule {
+ /**
+ * An empty object which matches on all users.
+ */
+ everyone: EveryoneRule.Everyone;
+}
+
+export namespace EveryoneRule {
+ /**
+ * An empty object which matches on all users.
+ */
+ export interface Everyone {}
+}
+
+/**
+ * Matches everyone.
+ */
+export interface EveryoneRuleParam {
+ /**
+ * An empty object which matches on all users.
+ */
+ everyone: EveryoneRuleParam.Everyone;
+}
+
+export namespace EveryoneRuleParam {
+ /**
+ * An empty object which matches on all users.
+ */
+ export interface Everyone {}
+}
+
+/**
+ * Create Allow or Block policies which evaluate the user based on custom criteria.
+ */
+export interface ExternalEvaluationRule {
+ external_evaluation: ExternalEvaluationRule.ExternalEvaluation;
+}
+
+export namespace ExternalEvaluationRule {
+ export interface ExternalEvaluation {
+ /**
+ * The API endpoint containing your business logic.
+ */
+ evaluate_url: string;
+
+ /**
+ * The API endpoint containing the key that Access uses to verify that the response
+ * came from your API.
+ */
+ keys_url: string;
+ }
+}
+
+/**
+ * Create Allow or Block policies which evaluate the user based on custom criteria.
+ */
+export interface ExternalEvaluationRuleParam {
+ external_evaluation: ExternalEvaluationRuleParam.ExternalEvaluation;
+}
+
+export namespace ExternalEvaluationRuleParam {
+ export interface ExternalEvaluation {
+ /**
+ * The API endpoint containing your business logic.
+ */
+ evaluate_url: string;
+
+ /**
+ * The API endpoint containing the key that Access uses to verify that the response
+ * came from your API.
+ */
+ keys_url: string;
+ }
+}
+
+/**
+ * Matches a Github organization. Requires a Github identity provider.
+ */
+export interface GitHubOrganizationRule {
+ 'github-organization': GitHubOrganizationRule.GitHubOrganization;
+}
+
+export namespace GitHubOrganizationRule {
+ export interface GitHubOrganization {
+ /**
+ * The ID of your Github identity provider.
+ */
+ identity_provider_id: string;
+
+ /**
+ * The name of the organization.
+ */
+ name: string;
+
+ /**
+ * The name of the team
+ */
+ team?: string;
+ }
+}
+
+/**
+ * Matches a Github organization. Requires a Github identity provider.
+ */
+export interface GitHubOrganizationRuleParam {
+ 'github-organization': GitHubOrganizationRuleParam.GitHubOrganization;
+}
+
+export namespace GitHubOrganizationRuleParam {
+ export interface GitHubOrganization {
+ /**
+ * The ID of your Github identity provider.
+ */
+ identity_provider_id: string;
+
+ /**
+ * The name of the organization.
+ */
+ name: string;
+
+ /**
+ * The name of the team
+ */
+ team?: string;
+ }
+}
+
+/**
+ * Matches an Access group.
+ */
+export interface GroupRule {
+ group: GroupRule.Group;
+}
+
+export namespace GroupRule {
+ export interface Group {
+ /**
+ * The ID of a previously created Access group.
+ */
+ id: string;
+ }
+}
+
+/**
+ * Matches an Access group.
+ */
+export interface GroupRuleParam {
+ group: GroupRuleParam.Group;
+}
+
+export namespace GroupRuleParam {
+ export interface Group {
+ /**
+ * The ID of a previously created Access group.
+ */
+ id: string;
+ }
+}
+
+/**
+ * Matches a group in Google Workspace. Requires a Google Workspace identity
+ * provider.
+ */
+export interface GSuiteGroupRule {
+ gsuite: GSuiteGroupRule.GSuite;
+}
+
+export namespace GSuiteGroupRule {
+ export interface GSuite {
+ /**
+ * The email of the Google Workspace group.
+ */
+ email: string;
+
+ /**
+ * The ID of your Google Workspace identity provider.
+ */
+ identity_provider_id: string;
+ }
+}
+
+/**
+ * Matches a group in Google Workspace. Requires a Google Workspace identity
+ * provider.
+ */
+export interface GSuiteGroupRuleParam {
+ gsuite: GSuiteGroupRuleParam.GSuite;
+}
+
+export namespace GSuiteGroupRuleParam {
+ export interface GSuite {
+ /**
+ * The email of the Google Workspace group.
+ */
+ email: string;
+
+ /**
+ * The ID of your Google Workspace identity provider.
+ */
+ identity_provider_id: string;
+ }
+}
+
+/**
+ * Matches an IP address from a list.
+ */
+export interface IPListRule {
+ ip_list: IPListRule.IPList;
+}
+
+export namespace IPListRule {
+ export interface IPList {
+ /**
+ * The ID of a previously created IP list.
+ */
+ id: string;
+ }
+}
+
+/**
+ * Matches an IP address from a list.
+ */
+export interface IPListRuleParam {
+ ip_list: IPListRuleParam.IPList;
+}
+
+export namespace IPListRuleParam {
+ export interface IPList {
+ /**
+ * The ID of a previously created IP list.
+ */
+ id: string;
+ }
+}
+
+/**
+ * Matches an IP address block.
+ */
+export interface IPRule {
+ ip: IPRule.IP;
+}
+
+export namespace IPRule {
+ export interface IP {
+ /**
+ * An IPv4 or IPv6 CIDR block.
+ */
+ ip: string;
+ }
+}
+
+/**
+ * Matches an IP address block.
+ */
+export interface IPRuleParam {
+ ip: IPRuleParam.IP;
+}
+
+export namespace IPRuleParam {
+ export interface IP {
+ /**
+ * An IPv4 or IPv6 CIDR block.
+ */
+ ip: string;
+ }
+}
+
+/**
+ * Matches an Okta group. Requires an Okta identity provider.
+ */
+export interface OktaGroupRule {
+ okta: OktaGroupRule.Okta;
+}
+
+export namespace OktaGroupRule {
+ export interface Okta {
+ /**
+ * The ID of your Okta identity provider.
+ */
+ identity_provider_id: string;
+
+ /**
+ * The name of the Okta group.
+ */
+ name: string;
+ }
+}
+
+/**
+ * Matches an Okta group. Requires an Okta identity provider.
+ */
+export interface OktaGroupRuleParam {
+ okta: OktaGroupRuleParam.Okta;
+}
+
+export namespace OktaGroupRuleParam {
+ export interface Okta {
+ /**
+ * The ID of your Okta identity provider.
+ */
+ identity_provider_id: string;
+
+ /**
+ * The name of the Okta group.
+ */
+ name: string;
+ }
+}
+
+/**
+ * Matches a SAML group. Requires a SAML identity provider.
+ */
+export interface SAMLGroupRule {
+ saml: SAMLGroupRule.SAML;
+}
+
+export namespace SAMLGroupRule {
+ export interface SAML {
+ /**
+ * The name of the SAML attribute.
+ */
+ attribute_name: string;
+
+ /**
+ * The SAML attribute value to look for.
+ */
+ attribute_value: string;
+
+ /**
+ * The ID of your SAML identity provider.
+ */
+ identity_provider_id: string;
+ }
+}
+
+/**
+ * Matches a SAML group. Requires a SAML identity provider.
+ */
+export interface SAMLGroupRuleParam {
+ saml: SAMLGroupRuleParam.SAML;
+}
+
+export namespace SAMLGroupRuleParam {
+ export interface SAML {
+ /**
+ * The name of the SAML attribute.
+ */
+ attribute_name: string;
+
+ /**
+ * The SAML attribute value to look for.
+ */
+ attribute_value: string;
+
+ /**
+ * The ID of your SAML identity provider.
+ */
+ identity_provider_id: string;
+ }
+}
+
+/**
+ * Matches a specific Access Service Token
+ */
+export interface ServiceTokenRule {
+ service_token: ServiceTokenRule.ServiceToken;
+}
+
+export namespace ServiceTokenRule {
+ export interface ServiceToken {
+ /**
+ * The ID of a Service Token.
+ */
+ token_id: string;
+ }
+}
+
+/**
+ * Matches a specific Access Service Token
+ */
+export interface ServiceTokenRuleParam {
+ service_token: ServiceTokenRuleParam.ServiceToken;
+}
+
+export namespace ServiceTokenRuleParam {
+ export interface ServiceToken {
+ /**
+ * The ID of a Service Token.
+ */
+ token_id: string;
+ }
+}
+
export interface PolicyCreateResponse extends ApplicationsAPI.ApplicationPolicy {
/**
* The order of execution for this policy. Must be unique for each policy within an
@@ -415,6 +1243,26 @@ Policies.PolicyListResponsesSinglePage = PolicyListResponsesSinglePage;
export declare namespace Policies {
export {
+ type AccessDevicePostureRule as AccessDevicePostureRule,
+ type AccessRule as AccessRule,
+ type AnyValidServiceTokenRule as AnyValidServiceTokenRule,
+ type AuthenticationMethodRule as AuthenticationMethodRule,
+ type AzureGroupRule as AzureGroupRule,
+ type CertificateRule as CertificateRule,
+ type CountryRule as CountryRule,
+ type DomainRule as DomainRule,
+ type EmailListRule as EmailListRule,
+ type EmailRule as EmailRule,
+ type EveryoneRule as EveryoneRule,
+ type ExternalEvaluationRule as ExternalEvaluationRule,
+ type GitHubOrganizationRule as GitHubOrganizationRule,
+ type GroupRule as GroupRule,
+ type GSuiteGroupRule as GSuiteGroupRule,
+ type IPListRule as IPListRule,
+ type IPRule as IPRule,
+ type OktaGroupRule as OktaGroupRule,
+ type SAMLGroupRule as SAMLGroupRule,
+ type ServiceTokenRule as ServiceTokenRule,
type PolicyCreateResponse as PolicyCreateResponse,
type PolicyUpdateResponse as PolicyUpdateResponse,
type PolicyListResponse as PolicyListResponse,
diff --git a/src/resources/zero-trust/access/applications/policy-tests/policy-tests.ts b/src/resources/zero-trust/access/applications/policy-tests/policy-tests.ts
index ca1f77bc26..d7ca98bc82 100755
--- a/src/resources/zero-trust/access/applications/policy-tests/policy-tests.ts
+++ b/src/resources/zero-trust/access/applications/policy-tests/policy-tests.ts
@@ -2,9 +2,9 @@
import { APIResource } from '../../../../../resource';
import * as Core from '../../../../../core';
-import * as AccessAPI from '../../access';
import * as PoliciesAPI from '../../policies';
import * as ApplicationsAPI from '../applications';
+import * as ApplicationsPoliciesAPI from '../policies';
import * as UsersAPI from './users';
import { UserListParams, UserListResponse, UserListResponsesSinglePage, Users } from './users';
@@ -128,7 +128,7 @@ export namespace PolicyTestCreateParams {
* Rules evaluated with an OR logical operator. A user needs to meet only one of
* the Include rules.
*/
- include: Array;
+ include: Array;
/**
* The name of the Access policy.
@@ -150,7 +150,7 @@ export namespace PolicyTestCreateParams {
* Rules evaluated with a NOT logical operator. To match the policy, a user cannot
* meet any of the Exclude rules.
*/
- exclude?: Array;
+ exclude?: Array;
/**
* Require this application to be served in an isolated browser for users matching
@@ -173,7 +173,7 @@ export namespace PolicyTestCreateParams {
* Rules evaluated with an AND logical operator. To match the policy, a user must
* meet all of the Require rules.
*/
- require?: Array;
+ require?: Array;
/**
* The amount of time that tokens issued for the application will be valid. Must be
diff --git a/src/resources/zero-trust/access/groups.ts b/src/resources/zero-trust/access/groups.ts
index de132b2e76..f691db74de 100644
--- a/src/resources/zero-trust/access/groups.ts
+++ b/src/resources/zero-trust/access/groups.ts
@@ -4,7 +4,7 @@ import { APIResource } from '../../../resource';
import { isRequestOptions } from '../../../core';
import * as Core from '../../../core';
import { CloudflareError } from 'cloudflare/error';
-import * as AccessAPI from './access';
+import * as PoliciesAPI from './applications/policies';
import { SinglePage } from '../../../pagination';
export class Groups extends APIResource {
@@ -254,19 +254,19 @@ export interface GroupCreateResponse {
* Rules evaluated with a NOT logical operator. To match a policy, a user cannot
* meet any of the Exclude rules.
*/
- exclude?: Array;
+ exclude?: Array;
/**
* Rules evaluated with an OR logical operator. A user needs to meet only one of
* the Include rules.
*/
- include?: Array;
+ include?: Array;
/**
* Rules evaluated with an AND logical operator. To match a policy, a user must
* meet all of the Require rules.
*/
- is_default?: Array;
+ is_default?: Array;
/**
* The name of the Access group.
@@ -277,7 +277,7 @@ export interface GroupCreateResponse {
* Rules evaluated with an AND logical operator. To match a policy, a user must
* meet all of the Require rules.
*/
- require?: Array;
+ require?: Array;
updated_at?: string;
}
@@ -294,19 +294,19 @@ export interface GroupUpdateResponse {
* Rules evaluated with a NOT logical operator. To match a policy, a user cannot
* meet any of the Exclude rules.
*/
- exclude?: Array;
+ exclude?: Array;
/**
* Rules evaluated with an OR logical operator. A user needs to meet only one of
* the Include rules.
*/
- include?: Array;
+ include?: Array;
/**
* Rules evaluated with an AND logical operator. To match a policy, a user must
* meet all of the Require rules.
*/
- is_default?: Array;
+ is_default?: Array;
/**
* The name of the Access group.
@@ -317,7 +317,7 @@ export interface GroupUpdateResponse {
* Rules evaluated with an AND logical operator. To match a policy, a user must
* meet all of the Require rules.
*/
- require?: Array;
+ require?: Array;
updated_at?: string;
}
@@ -334,19 +334,19 @@ export interface GroupListResponse {
* Rules evaluated with a NOT logical operator. To match a policy, a user cannot
* meet any of the Exclude rules.
*/
- exclude?: Array;
+ exclude?: Array;
/**
* Rules evaluated with an OR logical operator. A user needs to meet only one of
* the Include rules.
*/
- include?: Array;
+ include?: Array;
/**
* Rules evaluated with an AND logical operator. To match a policy, a user must
* meet all of the Require rules.
*/
- is_default?: Array;
+ is_default?: Array;
/**
* The name of the Access group.
@@ -357,7 +357,7 @@ export interface GroupListResponse {
* Rules evaluated with an AND logical operator. To match a policy, a user must
* meet all of the Require rules.
*/
- require?: Array;
+ require?: Array;
updated_at?: string;
}
@@ -381,19 +381,19 @@ export interface GroupGetResponse {
* Rules evaluated with a NOT logical operator. To match a policy, a user cannot
* meet any of the Exclude rules.
*/
- exclude?: Array;
+ exclude?: Array;
/**
* Rules evaluated with an OR logical operator. A user needs to meet only one of
* the Include rules.
*/
- include?: Array;
+ include?: Array;
/**
* Rules evaluated with an AND logical operator. To match a policy, a user must
* meet all of the Require rules.
*/
- is_default?: Array;
+ is_default?: Array;
/**
* The name of the Access group.
@@ -404,7 +404,7 @@ export interface GroupGetResponse {
* Rules evaluated with an AND logical operator. To match a policy, a user must
* meet all of the Require rules.
*/
- require?: Array;
+ require?: Array;
updated_at?: string;
}
@@ -414,7 +414,7 @@ export interface GroupCreateParams {
* Body param: Rules evaluated with an OR logical operator. A user needs to meet
* only one of the Include rules.
*/
- include: Array;
+ include: Array;
/**
* Body param: The name of the Access group.
@@ -437,7 +437,7 @@ export interface GroupCreateParams {
* Body param: Rules evaluated with a NOT logical operator. To match a policy, a
* user cannot meet any of the Exclude rules.
*/
- exclude?: Array;
+ exclude?: Array;
/**
* Body param: Whether this is the default group
@@ -448,7 +448,7 @@ export interface GroupCreateParams {
* Body param: Rules evaluated with an AND logical operator. To match a policy, a
* user must meet all of the Require rules.
*/
- require?: Array;
+ require?: Array;
}
export interface GroupUpdateParams {
@@ -456,7 +456,7 @@ export interface GroupUpdateParams {
* Body param: Rules evaluated with an OR logical operator. A user needs to meet
* only one of the Include rules.
*/
- include: Array;
+ include: Array;
/**
* Body param: The name of the Access group.
@@ -479,7 +479,7 @@ export interface GroupUpdateParams {
* Body param: Rules evaluated with a NOT logical operator. To match a policy, a
* user cannot meet any of the Exclude rules.
*/
- exclude?: Array;
+ exclude?: Array;
/**
* Body param: Whether this is the default group
@@ -490,7 +490,7 @@ export interface GroupUpdateParams {
* Body param: Rules evaluated with an AND logical operator. To match a policy, a
* user must meet all of the Require rules.
*/
- require?: Array;
+ require?: Array;
}
export interface GroupListParams {
diff --git a/src/resources/zero-trust/access/index.ts b/src/resources/zero-trust/access/index.ts
index 2d2275d1f8..d8a643ef19 100644
--- a/src/resources/zero-trust/access/index.ts
+++ b/src/resources/zero-trust/access/index.ts
@@ -1,28 +1,6 @@
// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
-export {
- Access,
- type AccessDevicePostureRule,
- type AccessRule,
- type AnyValidServiceTokenRule,
- type AuthenticationMethodRule,
- type AzureGroupRule,
- type CertificateRule,
- type CountryRule,
- type DomainRule,
- type EmailListRule,
- type EmailRule,
- type EveryoneRule,
- type ExternalEvaluationRule,
- type GitHubOrganizationRule,
- type GroupRule,
- type GSuiteGroupRule,
- type IPListRule,
- type IPRule,
- type OktaGroupRule,
- type SAMLGroupRule,
- type ServiceTokenRule,
-} from './access';
+export { Access } from './access';
export {
AccessUsersSinglePage,
UserListResponsesSinglePage,
diff --git a/src/resources/zero-trust/access/policies.ts b/src/resources/zero-trust/access/policies.ts
index b3b7d03c16..93e61b07d6 100644
--- a/src/resources/zero-trust/access/policies.ts
+++ b/src/resources/zero-trust/access/policies.ts
@@ -2,8 +2,8 @@
import { APIResource } from '../../../resource';
import * as Core from '../../../core';
-import * as AccessAPI from './access';
import * as ApplicationsAPI from './applications/applications';
+import * as ApplicationsPoliciesAPI from './applications/policies';
import { SinglePage } from '../../../pagination';
export class Policies extends APIResource {
@@ -154,13 +154,13 @@ export interface Policy {
* Rules evaluated with a NOT logical operator. To match the policy, a user cannot
* meet any of the Exclude rules.
*/
- exclude?: Array;
+ exclude?: Array;
/**
* Rules evaluated with an OR logical operator. A user needs to meet only one of
* the Include rules.
*/
- include?: Array;
+ include?: Array;
/**
* Require this application to be served in an isolated browser for users matching
@@ -192,7 +192,7 @@ export interface Policy {
* Rules evaluated with an AND logical operator. To match the policy, a user must
* meet all of the Require rules.
*/
- require?: Array;
+ require?: Array;
updated_at?: string;
}
@@ -253,13 +253,13 @@ export interface PolicyCreateResponse {
* Rules evaluated with a NOT logical operator. To match the policy, a user cannot
* meet any of the Exclude rules.
*/
- exclude?: Array;
+ exclude?: Array;
/**
* Rules evaluated with an OR logical operator. A user needs to meet only one of
* the Include rules.
*/
- include?: Array;
+ include?: Array;
/**
* Require this application to be served in an isolated browser for users matching
@@ -287,7 +287,7 @@ export interface PolicyCreateResponse {
* Rules evaluated with an AND logical operator. To match the policy, a user must
* meet all of the Require rules.
*/
- require?: Array;
+ require?: Array;
reusable?: true;
@@ -335,13 +335,13 @@ export interface PolicyUpdateResponse {
* Rules evaluated with a NOT logical operator. To match the policy, a user cannot
* meet any of the Exclude rules.
*/
- exclude?: Array;
+ exclude?: Array;
/**
* Rules evaluated with an OR logical operator. A user needs to meet only one of
* the Include rules.
*/
- include?: Array;
+ include?: Array;
/**
* Require this application to be served in an isolated browser for users matching
@@ -369,7 +369,7 @@ export interface PolicyUpdateResponse {
* Rules evaluated with an AND logical operator. To match the policy, a user must
* meet all of the Require rules.
*/
- require?: Array;
+ require?: Array;
reusable?: true;
@@ -417,13 +417,13 @@ export interface PolicyListResponse {
* Rules evaluated with a NOT logical operator. To match the policy, a user cannot
* meet any of the Exclude rules.
*/
- exclude?: Array;
+ exclude?: Array;
/**
* Rules evaluated with an OR logical operator. A user needs to meet only one of
* the Include rules.
*/
- include?: Array;
+ include?: Array;
/**
* Require this application to be served in an isolated browser for users matching
@@ -451,7 +451,7 @@ export interface PolicyListResponse {
* Rules evaluated with an AND logical operator. To match the policy, a user must
* meet all of the Require rules.
*/
- require?: Array;
+ require?: Array;
reusable?: true;
@@ -506,13 +506,13 @@ export interface PolicyGetResponse {
* Rules evaluated with a NOT logical operator. To match the policy, a user cannot
* meet any of the Exclude rules.
*/
- exclude?: Array;
+ exclude?: Array;
/**
* Rules evaluated with an OR logical operator. A user needs to meet only one of
* the Include rules.
*/
- include?: Array;
+ include?: Array;
/**
* Require this application to be served in an isolated browser for users matching
@@ -540,7 +540,7 @@ export interface PolicyGetResponse {
* Rules evaluated with an AND logical operator. To match the policy, a user must
* meet all of the Require rules.
*/
- require?: Array;
+ require?: Array;
reusable?: true;
@@ -570,7 +570,7 @@ export interface PolicyCreateParams {
* Body param: Rules evaluated with an OR logical operator. A user needs to meet
* only one of the Include rules.
*/
- include: Array;
+ include: Array;
/**
* Body param: The name of the Access policy.
@@ -592,7 +592,7 @@ export interface PolicyCreateParams {
* Body param: Rules evaluated with a NOT logical operator. To match the policy, a
* user cannot meet any of the Exclude rules.
*/
- exclude?: Array;
+ exclude?: Array;
/**
* Body param: Require this application to be served in an isolated browser for
@@ -617,7 +617,7 @@ export interface PolicyCreateParams {
* Body param: Rules evaluated with an AND logical operator. To match the policy, a
* user must meet all of the Require rules.
*/
- require?: Array;
+ require?: Array;
/**
* Body param: The amount of time that tokens issued for the application will be
@@ -643,7 +643,7 @@ export interface PolicyUpdateParams {
* Body param: Rules evaluated with an OR logical operator. A user needs to meet
* only one of the Include rules.
*/
- include: Array;
+ include: Array;
/**
* Body param: The name of the Access policy.
@@ -665,7 +665,7 @@ export interface PolicyUpdateParams {
* Body param: Rules evaluated with a NOT logical operator. To match the policy, a
* user cannot meet any of the Exclude rules.
*/
- exclude?: Array;
+ exclude?: Array;
/**
* Body param: Require this application to be served in an isolated browser for
@@ -690,7 +690,7 @@ export interface PolicyUpdateParams {
* Body param: Rules evaluated with an AND logical operator. To match the policy, a
* user must meet all of the Require rules.
*/
- require?: Array;
+ require?: Array;
/**
* Body param: The amount of time that tokens issued for the application will be
diff --git a/src/resources/zero-trust/index.ts b/src/resources/zero-trust/index.ts
index ccf1314632..6c5ba50e1c 100644
--- a/src/resources/zero-trust/index.ts
+++ b/src/resources/zero-trust/index.ts
@@ -1,28 +1,6 @@
// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
-export {
- Access,
- type AccessDevicePostureRule,
- type AccessRule,
- type AnyValidServiceTokenRule,
- type AuthenticationMethodRule,
- type AzureGroupRule,
- type CertificateRule,
- type CountryRule,
- type DomainRule,
- type EmailListRule,
- type EmailRule,
- type EveryoneRule,
- type ExternalEvaluationRule,
- type GitHubOrganizationRule,
- type GroupRule,
- type GSuiteGroupRule,
- type IPListRule,
- type IPRule,
- type OktaGroupRule,
- type SAMLGroupRule,
- type ServiceTokenRule,
-} from './access/index';
+export { Access } from './access/index';
export {
ConnectivitySettings,
type ConnectivitySettingEditResponse,
diff --git a/src/resources/zero-trust/zero-trust.ts b/src/resources/zero-trust/zero-trust.ts
index d85620da62..5deecbf954 100644
--- a/src/resources/zero-trust/zero-trust.ts
+++ b/src/resources/zero-trust/zero-trust.ts
@@ -12,29 +12,7 @@ import {
import * as SeatsAPI from './seats';
import { Seat, SeatEditParams, SeatEditResponse, Seats } from './seats';
import * as AccessAPI from './access/access';
-import {
- Access,
- AccessDevicePostureRule,
- AccessRule,
- AnyValidServiceTokenRule,
- AuthenticationMethodRule,
- AzureGroupRule,
- CertificateRule,
- CountryRule,
- DomainRule,
- EmailListRule,
- EmailRule,
- EveryoneRule,
- ExternalEvaluationRule,
- GSuiteGroupRule,
- GitHubOrganizationRule,
- GroupRule,
- IPListRule,
- IPRule,
- OktaGroupRule,
- SAMLGroupRule,
- ServiceTokenRule,
-} from './access/access';
+import { Access } from './access/access';
import * as DevicesAPI from './devices/devices';
import {
Device,
@@ -190,29 +168,7 @@ export declare namespace ZeroTrust {
type SeatEditParams as SeatEditParams,
};
- export {
- Access as Access,
- type AccessDevicePostureRule as AccessDevicePostureRule,
- type AccessRule as AccessRule,
- type AnyValidServiceTokenRule as AnyValidServiceTokenRule,
- type AuthenticationMethodRule as AuthenticationMethodRule,
- type AzureGroupRule as AzureGroupRule,
- type CertificateRule as CertificateRule,
- type CountryRule as CountryRule,
- type DomainRule as DomainRule,
- type EmailListRule as EmailListRule,
- type EmailRule as EmailRule,
- type EveryoneRule as EveryoneRule,
- type ExternalEvaluationRule as ExternalEvaluationRule,
- type GitHubOrganizationRule as GitHubOrganizationRule,
- type GroupRule as GroupRule,
- type GSuiteGroupRule as GSuiteGroupRule,
- type IPListRule as IPListRule,
- type IPRule as IPRule,
- type OktaGroupRule as OktaGroupRule,
- type SAMLGroupRule as SAMLGroupRule,
- type ServiceTokenRule as ServiceTokenRule,
- };
+ export { Access as Access };
export {
DEX as DEX,