waft.cf_dashboard.zero_trust.gateway_actions module

class waft.cf_dashboard.zero_trust.gateway_actions.GatewayOperations(dash_client: CfDashboardClient, account_id: str)

Bases: CfDashboardResource

Class to define interactions with Gateway Rules over Cloudflare python SDK

create(action: GatewayRuleOperations, name: str, description: str | None = None, device_posture: str | None = None, filters: Literal['http', 'dns', 'l4', 'egress', 'dns_resolver'] | None = None, enabled: bool = True, identity: str | None = None, precedence: int | None = None, schedule: ScheduleParam | None = None, rule_settings: RuleSettingParam | None = None, traffic: str | None = None) → GatewayRuleModel

Create a Gateway Rule

Args: action: Action that policy shall take, chosen from given list name: Name of device policy description: Description of rule to record device_posture: The wirefilter expression used for device posture check matching. filters: The protocol or layer to evaluate the traffic, identity, and device posture

expressions.

enabled: Boolean indicating if rule is enabled identity: The wirefilter expression used for identity matching. precedence: Precedence sets the order of your rules. Lower values indicate higher

precedence. At each processing phase, applicable rules are evaluated in ascending order of this value.

rule_settings: Additional settings that modify the rule’s action.

schedule: The schedule for activating DNS policies. This does not apply to HTTP or network

policies.

traffic: The wirefilter expression used for traffic matching.

delete(rule_id: str)

Delete Gateway rule with the given rule ID

Args: rule_id: String of Rule ID to delete

enable_tls_decrpytion()

Enables TLS decrpytion for account

get(rule_id: str) → GatewayRuleModel

Get Gateway rule with the given rule ID

Args: rule_id: String of Rule ID to get information for

list() → List[GatewayRuleModel]

List all currently defined Gateway rules

list_all_precedences(filter_type: Literal['http', 'dns', 'l4', 'egress', 'dns_resolver']) → List[int]

Return a list of all precedence values currently defined

Parameters:

filter_type – Filter type for which to return precedence values

property settings: GatewayConfigurationSettings

Return the current gateway settings for the Zero Trust organizaiton

update(rule_id: str, name: str, action: GatewayRuleOperations | None = None, description: str | None = None, enabled: bool = True, identity: str | None = None, precedence: int | None = None, rule_settings: RuleSettingParam | None = None, traffic: str | None = None) → GatewayRuleModel

Update a Gateway Rule

Parameters:

• rule_id – UUID of rule that is to have its settings updated

• settings_policy – SettingsPolicy structure to dissect and

• action – The action to preform when the associated traffic, identity, and device posture expressions are either absent or evaluate to true.

• name – Name of Gateway rule

• description – Description of rule to record

• enabled – Boolean indicating if rule is enabled

• identity – The wirefilter expression used for identity matching.

• precedence – Precedence sets the order of your rules. Lower values indicate higher precedence. At each processing phase, applicable rules are evaluated in ascending order of this value.

• rule_settings – Additional settings that modify the rule’s action.

• schedule – The schedule for activating DNS policies. This does not apply to HTTP or network policies.

• traffic – The wirefilter expression used for traffic matching.