Ctrl K

Update a Zero Trust Gateway rule

Updates a configured Zero Trust Gateway rule.

Script cloudflare Verified

by hugo697 · 11/16/2023

Use in Windmill

The script

Submitted by hugo697 Typescript (fetch-only)

Verified 383 days ago

All edits

Permalink

type Cloudflare = {
  token: string;
  email: string;
  key: string;
};
/**
 * Update a Zero Trust Gateway rule
 * Updates a configured Zero Trust Gateway rule.
 */
export async function main(
  auth: Cloudflare,
  uuid: string,
  identifier: string,
  body: {
    action:
      | "on"
      | "off"
      | "allow"
      | "block"
      | "scan"
      | "noscan"
      | "safesearch"
      | "ytrestricted"
      | "isolate"
      | "noisolate"
      | "override"
      | "l4_override"
      | "egress"
      | "audit_ssh";
    description?: string;
    device_posture?: string;
    enabled?: boolean;
    filters?: ("http" | "dns" | "l4" | "egress")[];
    identity?: string;
    name: string;
    precedence?: number;
    rule_settings?: {
      add_headers?: { [k: string]: unknown };
      allow_child_bypass?: boolean;
      audit_ssh?: { command_logging?: boolean; [k: string]: unknown };
      biso_admin_controls?: {
        dcp?: boolean;
        dd?: boolean;
        dk?: boolean;
        dp?: boolean;
        du?: boolean;
        [k: string]: unknown;
      };
      block_page_enabled?: boolean;
      block_reason?: string;
      bypass_parent_rule?: boolean;
      check_session?: {
        duration?: string;
        enforce?: boolean;
        [k: string]: unknown;
      };
      dns_resolvers?: {
        ipv4?: {
          ip: string;
          port?: number;
          route_through_private_network?: boolean;
          vnet_id?: string;
          [k: string]: unknown;
        }[];
        ipv6?: {
          ip: string;
          port?: number;
          route_through_private_network?: boolean;
          vnet_id?: string;
          [k: string]: unknown;
        }[];
        [k: string]: unknown;
      };
      egress?: {
        ipv4?: string;
        ipv4_fallback?: string;
        ipv6?: string;
        [k: string]: unknown;
      };
      insecure_disable_dnssec_validation?: boolean;
      ip_categories?: boolean;
      ip_indicator_feeds?: boolean;
      l4override?: { ip?: string; port?: number; [k: string]: unknown };
      override_host?: string;
      override_ips?: string[];
      payload_log?: { enabled?: boolean; [k: string]: unknown };
      resolve_dns_through_cloudflare?: boolean;
      untrusted_cert?: {
        action?: "pass_through" | "block" | "error";
        [k: string]: unknown;
      };
      [k: string]: unknown;
    };
    schedule?: {
      fri?: string;
      mon?: string;
      sat?: string;
      sun?: string;
      thu?: string;
      time_zone?: string;
      tue?: string;
      wed?: string;
      [k: string]: unknown;
    };
    traffic?: string;
    [k: string]: unknown;
  }
) {
  const url = new URL(
    `https://api.cloudflare.com/client/v4/accounts/${identifier}/gateway/rules/${uuid}`
  );

  const response = await fetch(url, {
    method: "PUT",
    headers: {
      "X-AUTH-EMAIL": auth.email,
      "X-AUTH-KEY": auth.key,
      "Content-Type": "application/json",
      Authorization: "Bearer " + auth.token,
    },
    body: JSON.stringify(body),
  });
  if (!response.ok) {
    const text = await response.text();
    throw new Error(`${response.status} ${text}`);
  }
  return await response.json();
}


`1`	`type Cloudflare = {`
`2`	`token: string;`
`3`	`email: string;`
`4`	`key: string;`
`5`	`};`
`6`	`/**`
`7`	`* Update a Zero Trust Gateway rule`
`8`	`* Updates a configured Zero Trust Gateway rule.`
`9`	`*/`
`10`	`export async function main(`
`11`	`auth: Cloudflare,`
`12`	`uuid: string,`
`13`	`identifier: string,`
`14`	`body: {`
`15`	`action:`
`16`	`\| "on"`
`17`	`\| "off"`
`18`	`\| "allow"`
`19`	`\| "block"`
`20`	`\| "scan"`
`21`	`\| "noscan"`
`22`	`\| "safesearch"`
`23`	`\| "ytrestricted"`
`24`	`\| "isolate"`
`25`	`\| "noisolate"`
`26`	`\| "override"`
`27`	`\| "l4_override"`
`28`	`\| "egress"`
`29`	`\| "audit_ssh";`
`30`	`description?: string;`
`31`	`device_posture?: string;`
`32`	`enabled?: boolean;`
`33`	`filters?: ("http" \| "dns" \| "l4" \| "egress")[];`
`34`	`identity?: string;`
`35`	`name: string;`
`36`	`precedence?: number;`
`37`	`rule_settings?: {`
`38`	`add_headers?: { [k: string]: unknown };`
`39`	`allow_child_bypass?: boolean;`
`40`	`audit_ssh?: { command_logging?: boolean; [k: string]: unknown };`
`41`	`biso_admin_controls?: {`
`42`	`dcp?: boolean;`
`43`	`dd?: boolean;`
`44`	`dk?: boolean;`
`45`	`dp?: boolean;`
`46`	`du?: boolean;`
`47`	`[k: string]: unknown;`
`48`	`};`
`49`	`block_page_enabled?: boolean;`
`50`	`block_reason?: string;`
`51`	`bypass_parent_rule?: boolean;`
`52`	`check_session?: {`
`53`	`duration?: string;`
`54`	`enforce?: boolean;`
`55`	`[k: string]: unknown;`
`56`	`};`
`57`	`dns_resolvers?: {`
`58`	`ipv4?: {`
`59`	`ip: string;`
`60`	`port?: number;`
`61`	`route_through_private_network?: boolean;`
`62`	`vnet_id?: string;`
`63`	`[k: string]: unknown;`
`64`	`}[];`
`65`	`ipv6?: {`
`66`	`ip: string;`
`67`	`port?: number;`
`68`	`route_through_private_network?: boolean;`
`69`	`vnet_id?: string;`
`70`	`[k: string]: unknown;`
`71`	`}[];`
`72`	`[k: string]: unknown;`
`73`	`};`
`74`	`egress?: {`
`75`	`ipv4?: string;`
`76`	`ipv4_fallback?: string;`
`77`	`ipv6?: string;`
`78`	`[k: string]: unknown;`
`79`	`};`
`80`	`insecure_disable_dnssec_validation?: boolean;`
`81`	`ip_categories?: boolean;`
`82`	`ip_indicator_feeds?: boolean;`
`83`	`l4override?: { ip?: string; port?: number; [k: string]: unknown };`
`84`	`override_host?: string;`
`85`	`override_ips?: string[];`
`86`	`payload_log?: { enabled?: boolean; [k: string]: unknown };`
`87`	`resolve_dns_through_cloudflare?: boolean;`
`88`	`untrusted_cert?: {`
`89`	`action?: "pass_through" \| "block" \| "error";`
`90`	`[k: string]: unknown;`
`91`	`};`
`92`	`[k: string]: unknown;`
`93`	`};`
`94`	`schedule?: {`
`95`	`fri?: string;`
`96`	`mon?: string;`
`97`	`sat?: string;`
`98`	`sun?: string;`
`99`	`thu?: string;`
`100`	`time_zone?: string;`
`101`	`tue?: string;`
`102`	`wed?: string;`
`103`	`[k: string]: unknown;`
`104`	`};`
`105`	`traffic?: string;`
`106`	`[k: string]: unknown;`
`107`	`}`
`108`	`) {`
`109`	`const url = new URL(`
`110`	`https://api.cloudflare.com/client/v4/accounts/${identifier}/gateway/rules/${uuid}`
`111`	`);`
`112`
`113`	`const response = await fetch(url, {`
`114`	`method: "PUT",`
`115`	`headers: {`
`116`	`"X-AUTH-EMAIL": auth.email,`
`117`	`"X-AUTH-KEY": auth.key,`
`118`	`"Content-Type": "application/json",`
`119`	`Authorization: "Bearer " + auth.token,`
`120`	`},`
`121`	`body: JSON.stringify(body),`
`122`	`});`
`123`	`if (!response.ok) {`
`124`	`const text = await response.text();`
`125`	throw new Error(`${response.status} ${text}`);
`126`	`}`
`127`	`return await response.json();`
`128`	`}`
`129`