logo Windmill Hub
Login
All items

Create an Access group

Creates a new Access group.

Script cloudflare Verified

by hugo697 ยท 11/16/2023

Use in Windmill

The script

Submitted by hugo697 Typescript (fetch-only)
Verified 383 days ago
All edits
Permalink
1 
type Cloudflare = {
2 
  token: string;
3 
  email: string;
4 
  key: string;
5 
};
6 
/**
7 
 * Create an Access group
8 
 * Creates a new Access group.
9 
 */
10 
export async function main(
11 
  auth: Cloudflare,
12 
  identifier: string,
13 
  body: {
14 
    exclude?: (
15 
      | { email: { email: string; [k: string]: unknown }; [k: string]: unknown }
16 
      | {
17 
          email_domain: { domain: string; [k: string]: unknown };
18 
          [k: string]: unknown;
19 
        }
20 
      | { everyone: { [k: string]: unknown }; [k: string]: unknown }
21 
      | { ip: { ip: string; [k: string]: unknown }; [k: string]: unknown }
22 
      | { ip_list: { id: string; [k: string]: unknown }; [k: string]: unknown }
23 
      | { certificate: { [k: string]: unknown }; [k: string]: unknown }
24 
      | { group: { id: string; [k: string]: unknown }; [k: string]: unknown }
25 
      | {
26 
          azureAD: { connection_id: string; id: string; [k: string]: unknown };
27 
          [k: string]: unknown;
28 
        }
29 
      | {
30 
          "github-organization": {
31 
            connection_id: string;
32 
            name: string;
33 
            [k: string]: unknown;
34 
          };
35 
          [k: string]: unknown;
36 
        }
37 
      | {
38 
          gsuite: {
39 
            connection_id: string;
40 
            email: string;
41 
            [k: string]: unknown;
42 
          };
43 
          [k: string]: unknown;
44 
        }
45 
      | {
46 
          okta: { connection_id: string; email: string; [k: string]: unknown };
47 
          [k: string]: unknown;
48 
        }
49 
      | {
50 
          saml: {
51 
            attribute_name: string;
52 
            attribute_value: string;
53 
            [k: string]: unknown;
54 
          };
55 
          [k: string]: unknown;
56 
        }
57 
    )[];
58 
    include: (
59 
      | { email: { email: string; [k: string]: unknown }; [k: string]: unknown }
60 
      | {
61 
          email_domain: { domain: string; [k: string]: unknown };
62 
          [k: string]: unknown;
63 
        }
64 
      | { everyone: { [k: string]: unknown }; [k: string]: unknown }
65 
      | { ip: { ip: string; [k: string]: unknown }; [k: string]: unknown }
66 
      | { ip_list: { id: string; [k: string]: unknown }; [k: string]: unknown }
67 
      | { certificate: { [k: string]: unknown }; [k: string]: unknown }
68 
      | { group: { id: string; [k: string]: unknown }; [k: string]: unknown }
69 
      | {
70 
          azureAD: { connection_id: string; id: string; [k: string]: unknown };
71 
          [k: string]: unknown;
72 
        }
73 
      | {
74 
          "github-organization": {
75 
            connection_id: string;
76 
            name: string;
77 
            [k: string]: unknown;
78 
          };
79 
          [k: string]: unknown;
80 
        }
81 
      | {
82 
          gsuite: {
83 
            connection_id: string;
84 
            email: string;
85 
            [k: string]: unknown;
86 
          };
87 
          [k: string]: unknown;
88 
        }
89 
      | {
90 
          okta: { connection_id: string; email: string; [k: string]: unknown };
91 
          [k: string]: unknown;
92 
        }
93 
      | {
94 
          saml: {
95 
            attribute_name: string;
96 
            attribute_value: string;
97 
            [k: string]: unknown;
98 
          };
99 
          [k: string]: unknown;
100 
        }
101 
    )[];
102 
    name: string;
103 
    require?: (
104 
      | { email: { email: string; [k: string]: unknown }; [k: string]: unknown }
105 
      | {
106 
          email_domain: { domain: string; [k: string]: unknown };
107 
          [k: string]: unknown;
108 
        }
109 
      | { everyone: { [k: string]: unknown }; [k: string]: unknown }
110 
      | { ip: { ip: string; [k: string]: unknown }; [k: string]: unknown }
111 
      | { ip_list: { id: string; [k: string]: unknown }; [k: string]: unknown }
112 
      | { certificate: { [k: string]: unknown }; [k: string]: unknown }
113 
      | { group: { id: string; [k: string]: unknown }; [k: string]: unknown }
114 
      | {
115 
          azureAD: { connection_id: string; id: string; [k: string]: unknown };
116 
          [k: string]: unknown;
117 
        }
118 
      | {
119 
          "github-organization": {
120 
            connection_id: string;
121 
            name: string;
122 
            [k: string]: unknown;
123 
          };
124 
          [k: string]: unknown;
125 
        }
126 
      | {
127 
          gsuite: {
128 
            connection_id: string;
129 
            email: string;
130 
            [k: string]: unknown;
131 
          };
132 
          [k: string]: unknown;
133 
        }
134 
      | {
135 
          okta: { connection_id: string; email: string; [k: string]: unknown };
136 
          [k: string]: unknown;
137 
        }
138 
      | {
139 
          saml: {
140 
            attribute_name: string;
141 
            attribute_value: string;
142 
            [k: string]: unknown;
143 
          };
144 
          [k: string]: unknown;
145 
        }
146 
    )[];
147 
    [k: string]: unknown;
148 
  }
149 
) {
150 
  const url = new URL(
151 
    `https://api.cloudflare.com/client/v4/zones/${identifier}/access/groups`
152 
  );
153
154 
  const response = await fetch(url, {
155 
    method: "POST",
156 
    headers: {
157 
      "X-AUTH-EMAIL": auth.email,
158 
      "X-AUTH-KEY": auth.key,
159 
      "Content-Type": "application/json",
160 
      Authorization: "Bearer " + auth.token,
161 
    },
162 
    body: JSON.stringify(body),
163 
  });
164 
  if (!response.ok) {
165 
    const text = await response.text();
166 
    throw new Error(`${response.status} ${text}`);
167 
  }
168 
  return await response.json();
169 
}
170