API Reference

Zero Trust

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

Devices

List devices (deprecated)

Deprecated

client.ZeroTrust.Devices.List(ctx, query) (*SinglePage[Device], error)

GET/accounts/{account_id}/devices

Get device (deprecated)

Deprecated

client.ZeroTrust.Devices.Get(ctx, deviceID, query) (*DeviceGetResponse, error)

GET/accounts/{account_id}/devices/{device_id}

ModelsExpand Collapse

type Device struct{…}

ID stringoptional

Registration ID. Equal to Device ID except for accounts which enabled multi-user mode.

maxLength36

Created Timeoptional

When the device was created.

formatdate-time

Deleted booloptional

True if the device was deleted.

DeviceType DeviceDeviceTypeoptional

One of the following:

const DeviceDeviceTypeWindows DeviceDeviceType = "windows"

const DeviceDeviceTypeMac DeviceDeviceType = "mac"

const DeviceDeviceTypeLinux DeviceDeviceType = "linux"

const DeviceDeviceTypeAndroid DeviceDeviceType = "android"

const DeviceDeviceTypeIos DeviceDeviceType = "ios"

const DeviceDeviceTypeChromeos DeviceDeviceType = "chromeos"

IP stringoptional

IPv4 or IPv6 address.

Key stringoptional

The device's public key.

LastSeen Timeoptional

When the device last connected to Cloudflare services.

formatdate-time

MacAddress stringoptional

The device mac address.

Manufacturer stringoptional

The device manufacturer name.

Model stringoptional

The device model name.

Name stringoptional

The device name.

OSDistroName stringoptional

The Linux distro name.

OSDistroRevision stringoptional

The Linux distro revision.

OSVersion stringoptional

The operating system version.

OSVersionExtra stringoptional

Additional operating system version details. For Windows, the UBR (Update Build Revision). For Mac or iOS, the Product Version Extra. For Linux, the distribution name and version.

RevokedAt Timeoptional

When the device was revoked.

formatdate-time

SerialNumber stringoptional

The device serial number.

Updated Timeoptional

When the device was updated.

formatdate-time

User DeviceUseroptional

ID stringoptional

UUID.

maxLength36

Email stringoptional

The contact email address of the user.

maxLength90

Name stringoptional

The enrolled device user's name.

Version stringoptional

The WARP client version.

DevicesDevices

List devices

client.ZeroTrust.Devices.Devices.List(ctx, params) (*CursorPagination[DeviceDeviceListResponse], error)

GET/accounts/{account_id}/devices/physical-devices

Get device

client.ZeroTrust.Devices.Devices.Get(ctx, deviceID, params) (*DeviceDeviceGetResponse, error)

GET/accounts/{account_id}/devices/physical-devices/{device_id}

Delete device

client.ZeroTrust.Devices.Devices.Delete(ctx, deviceID, body) (*DeviceDeviceDeleteResponse, error)

DELETE/accounts/{account_id}/devices/physical-devices/{device_id}

Revoke device registrations

client.ZeroTrust.Devices.Devices.Revoke(ctx, deviceID, body) (*DeviceDeviceRevokeResponse, error)

POST/accounts/{account_id}/devices/physical-devices/{device_id}/revoke

DevicesResilience

DevicesResilienceGlobal WARP Override

Retrieve Global WARP override state

client.ZeroTrust.Devices.Resilience.GlobalWARPOverride.Get(ctx, query) (*DeviceResilienceGlobalWARPOverrideGetResponse, error)

GET/accounts/{account_id}/devices/resilience/disconnect

Set Global WARP override state

client.ZeroTrust.Devices.Resilience.GlobalWARPOverride.New(ctx, params) (*DeviceResilienceGlobalWARPOverrideNewResponse, error)

POST/accounts/{account_id}/devices/resilience/disconnect

DevicesRegistrations

List registrations

client.ZeroTrust.Devices.Registrations.List(ctx, params) (*CursorPagination[DeviceRegistrationListResponse], error)

GET/accounts/{account_id}/devices/registrations

Get registration

client.ZeroTrust.Devices.Registrations.Get(ctx, registrationID, params) (*DeviceRegistrationGetResponse, error)

GET/accounts/{account_id}/devices/registrations/{registration_id}

Delete registration

client.ZeroTrust.Devices.Registrations.Delete(ctx, registrationID, body) (*DeviceRegistrationDeleteResponse, error)

DELETE/accounts/{account_id}/devices/registrations/{registration_id}

Delete registrations

client.ZeroTrust.Devices.Registrations.BulkDelete(ctx, params) (*DeviceRegistrationBulkDeleteResponse, error)

DELETE/accounts/{account_id}/devices/registrations

Revoke registrations

client.ZeroTrust.Devices.Registrations.Revoke(ctx, params) (*DeviceRegistrationRevokeResponse, error)

POST/accounts/{account_id}/devices/registrations/revoke

Unrevoke registrations

client.ZeroTrust.Devices.Registrations.Unrevoke(ctx, params) (*DeviceRegistrationUnrevokeResponse, error)

POST/accounts/{account_id}/devices/registrations/unrevoke

DevicesDEX Tests

List Device DEX tests

client.ZeroTrust.Devices.DEXTests.List(ctx, params) (*V4PagePaginationArray[DeviceDEXTestListResponse], error)

GET/accounts/{account_id}/dex/devices/dex_tests

Get Device DEX test

client.ZeroTrust.Devices.DEXTests.Get(ctx, dexTestID, query) (*DeviceDEXTestGetResponse, error)

GET/accounts/{account_id}/dex/devices/dex_tests/{dex_test_id}

Create Device DEX test

client.ZeroTrust.Devices.DEXTests.New(ctx, params) (*DeviceDEXTestNewResponse, error)

POST/accounts/{account_id}/dex/devices/dex_tests

Update Device DEX test

client.ZeroTrust.Devices.DEXTests.Update(ctx, dexTestID, params) (*DeviceDEXTestUpdateResponse, error)

PUT/accounts/{account_id}/dex/devices/dex_tests/{dex_test_id}

Delete Device DEX test

client.ZeroTrust.Devices.DEXTests.Delete(ctx, dexTestID, body) (*DeviceDEXTestDeleteResponse, error)

DELETE/accounts/{account_id}/dex/devices/dex_tests/{dex_test_id}

ModelsExpand Collapse

type SchemaData struct{…}

The configuration object which contains the details for the WARP client to conduct the test.

Host stringoptional

The desired endpoint to test.

Kind stringoptional

The type of test.

Method stringoptional

The HTTP request method type.

type SchemaHTTP struct{…}

Data SchemaData

The configuration object which contains the details for the WARP client to conduct the test.

Enabled bool

Determines whether or not the test is active.

Interval string

How often the test will run.

Name string

The name of the DEX test. Must be unique.

Description stringoptional

Additional details about the test.

TargetPolicies []SchemaHTTPTargetPolicyoptional

Device settings profiles targeted by this test.

ID stringoptional

The id of the device settings profile.

Default booloptional

Whether the profile is the account default.

Name stringoptional

The name of the device settings profile.

Targeted booloptional

TestID stringoptional

The unique identifier for the test.

maxLength32

DevicesIP Profiles

List IP profiles

client.ZeroTrust.Devices.IPProfiles.List(ctx, params) (*SinglePage[IPProfile], error)

GET/accounts/{account_id}/devices/ip-profiles

Get IP profile

client.ZeroTrust.Devices.IPProfiles.Get(ctx, profileID, query) (*IPProfile, error)

GET/accounts/{account_id}/devices/ip-profiles/{profile_id}

Create IP profile

client.ZeroTrust.Devices.IPProfiles.New(ctx, params) (*IPProfile, error)

POST/accounts/{account_id}/devices/ip-profiles

Update IP profile

client.ZeroTrust.Devices.IPProfiles.Update(ctx, profileID, params) (*IPProfile, error)

PATCH/accounts/{account_id}/devices/ip-profiles/{profile_id}

Delete IP profile

client.ZeroTrust.Devices.IPProfiles.Delete(ctx, profileID, body) (*DeviceIPProfileDeleteResponse, error)

DELETE/accounts/{account_id}/devices/ip-profiles/{profile_id}

ModelsExpand Collapse

type IPProfile struct{…}

ID string

The ID of the Device IP profile.

CreatedAt string

The RFC3339Nano timestamp when the Device IP profile was created.

Description string

An optional description of the Device IP profile.

Enabled bool

Whether the Device IP profile is enabled.

Match string

The wirefilter expression to match registrations. Available values: "identity.name", "identity.email", "identity.groups.id", "identity.groups.name", "identity.groups.email", "identity.saml_attributes".

maxLength10000

Name string

A user-friendly name for the Device IP profile.

Precedence int64

The precedence of the Device IP profile. Lower values indicate higher precedence. Device IP profile will be evaluated in ascending order of this field.

SubnetID string

The ID of the Subnet.

UpdatedAt string

The RFC3339Nano timestamp when the Device IP profile was last updated.

DevicesNetworks

List your device managed networks

client.ZeroTrust.Devices.Networks.List(ctx, query) (*SinglePage[DeviceNetwork], error)

GET/accounts/{account_id}/devices/networks

Get device managed network details

client.ZeroTrust.Devices.Networks.Get(ctx, networkID, query) (*DeviceNetwork, error)

GET/accounts/{account_id}/devices/networks/{network_id}

Create a device managed network

client.ZeroTrust.Devices.Networks.New(ctx, params) (*DeviceNetwork, error)

POST/accounts/{account_id}/devices/networks

Update a device managed network

client.ZeroTrust.Devices.Networks.Update(ctx, networkID, params) (*DeviceNetwork, error)

PUT/accounts/{account_id}/devices/networks/{network_id}

Delete a device managed network

client.ZeroTrust.Devices.Networks.Delete(ctx, networkID, body) (*SinglePage[DeviceNetwork], error)

DELETE/accounts/{account_id}/devices/networks/{network_id}

ModelsExpand Collapse

type DeviceNetwork struct{…}

Config DeviceNetworkConfigoptional

The configuration object containing information for the WARP client to detect the managed network.

TLSSockaddr string

A network address of the form "host:port" that the WARP client will use to detect the presence of a TLS host.

Sha256 stringoptional

The SHA-256 hash of the TLS certificate presented by the host found at tls_sockaddr. If absent, regular certificate verification (trusted roots, valid timestamp, etc) will be used to validate the certificate.

Name stringoptional

The name of the device managed network. This name must be unique.

NetworkID stringoptional

API UUID.

maxLength36

Type DeviceNetworkTypeoptional

The type of device managed network.

DevicesFleet Status

Get the live status of a latest device

client.ZeroTrust.Devices.FleetStatus.Get(ctx, deviceID, params) (*DeviceFleetStatusGetResponse, error)

GET/accounts/{account_id}/dex/devices/{device_id}/fleet-status/live

DevicesPolicies

ModelsExpand Collapse

type DevicePolicyCertificates struct{…}

Enabled bool

The current status of the device policy certificate provisioning feature for WARP clients.

type FallbackDomain struct{…}

Suffix string

The domain suffix to match when resolving locally.

Description stringoptional

A description of the fallback domain, displayed in the client UI.

maxLength100

DNSServer []stringoptional

A list of IP addresses to handle domain resolution.

type FallbackDomainPolicy []FallbackDomain

Suffix string

The domain suffix to match when resolving locally.

Description stringoptional

A description of the fallback domain, displayed in the client UI.

maxLength100

DNSServer []stringoptional

A list of IP addresses to handle domain resolution.

type SettingsPolicy struct{…}

AllowModeSwitch booloptional

Whether to allow the user to switch WARP between modes.

AllowUpdates booloptional

Whether to receive update notifications when a new version of the client is available.

AllowedToLeave booloptional

Whether to allow devices to leave the organization.

AutoConnect float64optional

The amount of time in seconds to reconnect after having been disabled.

CaptivePortal float64optional

Turn on the captive portal after the specified amount of time.

Default booloptional

Whether the policy is the default policy for an account.

Description stringoptional

A description of the policy.

maxLength500

DisableAutoFallback booloptional

If the dns_server field of a fallback domain is not present, the client will fall back to a best guess of the default/system DNS resolvers unless this policy option is set to true.

Enabled booloptional

Whether the policy will be applied to matching devices.

Exclude []SplitTunnelExcludeoptional

List of routes excluded in the WARP client's tunnel.

One of the following:

type SplitTunnelExcludeTeamsDevicesExcludeSplitTunnelWithAddress struct{…}

Address string

The address in CIDR format to exclude from the tunnel. If address is present, host must not be present.

Description stringoptional

A description of the Split Tunnel item, displayed in the client UI.

maxLength100

type SplitTunnelExcludeTeamsDevicesExcludeSplitTunnelWithHost struct{…}

Host string

The domain name to exclude from the tunnel. If host is present, address must not be present.

Description stringoptional

A description of the Split Tunnel item, displayed in the client UI.

maxLength100

ExcludeOfficeIPs booloptional

Whether to add Microsoft IPs to Split Tunnel exclusions.

FallbackDomains []FallbackDomainoptional

Suffix string

The domain suffix to match when resolving locally.

Description stringoptional

A description of the fallback domain, displayed in the client UI.

maxLength100

DNSServer []stringoptional

A list of IP addresses to handle domain resolution.

GatewayUniqueID stringoptional

Include []SplitTunnelIncludeoptional

List of routes included in the WARP client's tunnel.

One of the following:

type SplitTunnelIncludeTeamsDevicesIncludeSplitTunnelWithAddress struct{…}

Address string

The address in CIDR format to include in the tunnel. If address is present, host must not be present.

Description stringoptional

A description of the Split Tunnel item, displayed in the client UI.

maxLength100

type SplitTunnelIncludeTeamsDevicesIncludeSplitTunnelWithHost struct{…}

Host string

The domain name to include in the tunnel. If host is present, address must not be present.

Description stringoptional

A description of the Split Tunnel item, displayed in the client UI.

maxLength100

LANAllowMinutes float64optional

The amount of time in minutes a user is allowed access to their LAN. A value of 0 will allow LAN access until the next WARP reconnection, such as a reboot or a laptop waking from sleep. Note that this field is omitted from the response if null or unset.

LANAllowSubnetSize float64optional

The size of the subnet for the local access network. Note that this field is omitted from the response if null or unset.

Match stringoptional

The wirefilter expression to match devices. Available values: "identity.email", "identity.groups.id", "identity.groups.name", "identity.groups.email", "identity.service_token_uuid", "identity.saml_attributes", "network", "os.name", "os.version".

maxLength500

Name stringoptional

The name of the device settings profile.

maxLength100

PolicyID stringoptional

maxLength36

Precedence float64optional

The precedence of the policy. Lower values indicate higher precedence. Policies will be evaluated in ascending order of this field.

RegisterInterfaceIPWithDNS booloptional

Determines if the operating system will register WARP's local interface IP with your on-premises DNS server.

SccmVpnBoundarySupport booloptional

Determines whether the WARP client indicates to SCCM that it is inside a VPN boundary. (Windows only).

ServiceModeV2 SettingsPolicyServiceModeV2optional

Mode stringoptional

The mode to run the WARP client under.

Port float64optional

The port number when used with proxy mode.

SupportURL stringoptional

The URL to launch when the Send Feedback button is clicked.

SwitchLocked booloptional

Whether to allow the user to turn off the WARP switch and disconnect the client.

TargetTests []SettingsPolicyTargetTestoptional

ID stringoptional

The id of the DEX test targeting this policy.

Name stringoptional

The name of the DEX test targeting this policy.

TunnelProtocol stringoptional

Determines which tunnel protocol to use.

type SplitTunnelExclude interface{…}

One of the following:

type SplitTunnelExcludeTeamsDevicesExcludeSplitTunnelWithAddress struct{…}

Address string

The address in CIDR format to exclude from the tunnel. If address is present, host must not be present.

Description stringoptional

A description of the Split Tunnel item, displayed in the client UI.

maxLength100

type SplitTunnelExcludeTeamsDevicesExcludeSplitTunnelWithHost struct{…}

Host string

The domain name to exclude from the tunnel. If host is present, address must not be present.

Description stringoptional

A description of the Split Tunnel item, displayed in the client UI.

maxLength100

type SplitTunnelInclude interface{…}

One of the following:

type SplitTunnelIncludeTeamsDevicesIncludeSplitTunnelWithAddress struct{…}

Address string

The address in CIDR format to include in the tunnel. If address is present, host must not be present.

Description stringoptional

A description of the Split Tunnel item, displayed in the client UI.

maxLength100

type SplitTunnelIncludeTeamsDevicesIncludeSplitTunnelWithHost struct{…}

Host string

The domain name to include in the tunnel. If host is present, address must not be present.

Description stringoptional

A description of the Split Tunnel item, displayed in the client UI.

maxLength100

DevicesPoliciesDefault

Get the default device settings profile

client.ZeroTrust.Devices.Policies.Default.Get(ctx, query) (*DevicePolicyDefaultGetResponse, error)

GET/accounts/{account_id}/devices/policy

Update the default device settings profile

client.ZeroTrust.Devices.Policies.Default.Edit(ctx, params) (*DevicePolicyDefaultEditResponse, error)

PATCH/accounts/{account_id}/devices/policy

DevicesPoliciesDefaultExcludes

Get the Split Tunnel exclude list

client.ZeroTrust.Devices.Policies.Default.Excludes.Get(ctx, query) (*SinglePage[SplitTunnelExclude], error)

GET/accounts/{account_id}/devices/policy/exclude

Set the Split Tunnel exclude list

client.ZeroTrust.Devices.Policies.Default.Excludes.Update(ctx, params) (*SinglePage[SplitTunnelExclude], error)

PUT/accounts/{account_id}/devices/policy/exclude

DevicesPoliciesDefaultIncludes

Get the Split Tunnel include list

client.ZeroTrust.Devices.Policies.Default.Includes.Get(ctx, query) (*SinglePage[SplitTunnelInclude], error)

GET/accounts/{account_id}/devices/policy/include

Set the Split Tunnel include list

client.ZeroTrust.Devices.Policies.Default.Includes.Update(ctx, params) (*SinglePage[SplitTunnelInclude], error)

PUT/accounts/{account_id}/devices/policy/include

DevicesPoliciesDefaultFallback Domains

Get your Local Domain Fallback list

client.ZeroTrust.Devices.Policies.Default.FallbackDomains.Get(ctx, query) (*SinglePage[FallbackDomain], error)

GET/accounts/{account_id}/devices/policy/fallback_domains

Set your Local Domain Fallback list

client.ZeroTrust.Devices.Policies.Default.FallbackDomains.Update(ctx, params) (*SinglePage[FallbackDomain], error)

PUT/accounts/{account_id}/devices/policy/fallback_domains

DevicesPoliciesDefaultCertificates

Get device certificate provisioning status

client.ZeroTrust.Devices.Policies.Default.Certificates.Get(ctx, query) (*DevicePolicyCertificates, error)

GET/zones/{zone_id}/devices/policy/certificates

Update device certificate provisioning status

client.ZeroTrust.Devices.Policies.Default.Certificates.Edit(ctx, params) (*DevicePolicyCertificates, error)

PATCH/zones/{zone_id}/devices/policy/certificates

DevicesPoliciesCustom

List device settings profiles

client.ZeroTrust.Devices.Policies.Custom.List(ctx, query) (*SinglePage[SettingsPolicy], error)

GET/accounts/{account_id}/devices/policies

Get device settings profile by ID

client.ZeroTrust.Devices.Policies.Custom.Get(ctx, policyID, query) (*SettingsPolicy, error)

GET/accounts/{account_id}/devices/policy/{policy_id}

Create a device settings profile

client.ZeroTrust.Devices.Policies.Custom.New(ctx, params) (*SettingsPolicy, error)

POST/accounts/{account_id}/devices/policy

Update a device settings profile

client.ZeroTrust.Devices.Policies.Custom.Edit(ctx, policyID, params) (*SettingsPolicy, error)

PATCH/accounts/{account_id}/devices/policy/{policy_id}

Delete a device settings profile

client.ZeroTrust.Devices.Policies.Custom.Delete(ctx, policyID, body) (*SinglePage[SettingsPolicy], error)

DELETE/accounts/{account_id}/devices/policy/{policy_id}

DevicesPoliciesCustomExcludes

Get the Split Tunnel exclude list for a device settings profile

client.ZeroTrust.Devices.Policies.Custom.Excludes.Get(ctx, policyID, query) (*SinglePage[SplitTunnelExclude], error)

GET/accounts/{account_id}/devices/policy/{policy_id}/exclude

Set the Split Tunnel exclude list for a device settings profile

client.ZeroTrust.Devices.Policies.Custom.Excludes.Update(ctx, policyID, params) (*SinglePage[SplitTunnelExclude], error)

PUT/accounts/{account_id}/devices/policy/{policy_id}/exclude

DevicesPoliciesCustomIncludes

Get the Split Tunnel include list for a device settings profile

client.ZeroTrust.Devices.Policies.Custom.Includes.Get(ctx, policyID, query) (*SinglePage[SplitTunnelInclude], error)

GET/accounts/{account_id}/devices/policy/{policy_id}/include

Set the Split Tunnel include list for a device settings profile

client.ZeroTrust.Devices.Policies.Custom.Includes.Update(ctx, policyID, params) (*SinglePage[SplitTunnelInclude], error)

PUT/accounts/{account_id}/devices/policy/{policy_id}/include

DevicesPoliciesCustomFallback Domains

Get the Local Domain Fallback list for a device settings profile

client.ZeroTrust.Devices.Policies.Custom.FallbackDomains.Get(ctx, policyID, query) (*SinglePage[FallbackDomain], error)

GET/accounts/{account_id}/devices/policy/{policy_id}/fallback_domains

Set the Local Domain Fallback list for a device settings profile

client.ZeroTrust.Devices.Policies.Custom.FallbackDomains.Update(ctx, policyID, params) (*SinglePage[FallbackDomain], error)

PUT/accounts/{account_id}/devices/policy/{policy_id}/fallback_domains

DevicesPosture

List device posture rules

client.ZeroTrust.Devices.Posture.List(ctx, query) (*SinglePage[DevicePostureRule], error)

GET/accounts/{account_id}/devices/posture

Get device posture rule details

client.ZeroTrust.Devices.Posture.Get(ctx, ruleID, query) (*DevicePostureRule, error)

GET/accounts/{account_id}/devices/posture/{rule_id}

Create a device posture rule

client.ZeroTrust.Devices.Posture.New(ctx, params) (*DevicePostureRule, error)

POST/accounts/{account_id}/devices/posture

Update a device posture rule

client.ZeroTrust.Devices.Posture.Update(ctx, ruleID, params) (*DevicePostureRule, error)

PUT/accounts/{account_id}/devices/posture/{rule_id}

Delete a device posture rule

client.ZeroTrust.Devices.Posture.Delete(ctx, ruleID, body) (*DevicePostureDeleteResponse, error)

DELETE/accounts/{account_id}/devices/posture/{rule_id}

ModelsExpand Collapse

type CarbonblackInput string

type ClientCertificateInput struct{…}

CertificateID string

UUID of Cloudflare managed certificate.

maxLength36

Cn string

Common Name that is protected by the certificate.

type CrowdstrikeInput struct{…}

ConnectionID string

Posture Integration ID.

LastSeen stringoptional

For more details on last seen, please refer to the Crowdstrike documentation.

Operator CrowdstrikeInputOperatoroptional

Operator.

One of the following:

const CrowdstrikeInputOperatorLess CrowdstrikeInputOperator = "<"

const CrowdstrikeInputOperatorLessOrEquals CrowdstrikeInputOperator = "<="

const CrowdstrikeInputOperatorGreater CrowdstrikeInputOperator = ">"

const CrowdstrikeInputOperatorGreaterOrEquals CrowdstrikeInputOperator = ">="

const CrowdstrikeInputOperatorEquals CrowdstrikeInputOperator = "=="

OS stringoptional

Os Version.

Overall stringoptional

Overall.

SensorConfig stringoptional

SensorConfig.

State CrowdstrikeInputStateoptional

For more details on state, please refer to the Crowdstrike documentation.

One of the following:

const CrowdstrikeInputStateOnline CrowdstrikeInputState = "online"

const CrowdstrikeInputStateOffline CrowdstrikeInputState = "offline"

const CrowdstrikeInputStateUnknown CrowdstrikeInputState = "unknown"

Version stringoptional

Version.

VersionOperator CrowdstrikeInputVersionOperatoroptional

Version Operator.

One of the following:

const CrowdstrikeInputVersionOperatorLess CrowdstrikeInputVersionOperator = "<"

const CrowdstrikeInputVersionOperatorLessOrEquals CrowdstrikeInputVersionOperator = "<="

const CrowdstrikeInputVersionOperatorGreater CrowdstrikeInputVersionOperator = ">"

const CrowdstrikeInputVersionOperatorGreaterOrEquals CrowdstrikeInputVersionOperator = ">="

const CrowdstrikeInputVersionOperatorEquals CrowdstrikeInputVersionOperator = "=="

type DeviceInput interface{…}

The value to be checked against.

One of the following:

type FileInput struct{…}

OperatingSystem FileInputOperatingSystem

Operating system.

One of the following:

const FileInputOperatingSystemWindows FileInputOperatingSystem = "windows"

const FileInputOperatingSystemLinux FileInputOperatingSystem = "linux"

const FileInputOperatingSystemMac FileInputOperatingSystem = "mac"

Path string

File path.

Exists booloptional

Whether or not file exists.

Sha256 stringoptional

SHA-256.

Thumbprint stringoptional

Signing certificate thumbprint.

type UniqueClientIDInput struct{…}

ID string

List ID.

OperatingSystem UniqueClientIDInputOperatingSystem

Operating System.

One of the following:

const UniqueClientIDInputOperatingSystemAndroid UniqueClientIDInputOperatingSystem = "android"

const UniqueClientIDInputOperatingSystemIos UniqueClientIDInputOperatingSystem = "ios"

const UniqueClientIDInputOperatingSystemChromeos UniqueClientIDInputOperatingSystem = "chromeos"

type DomainJoinedInput struct{…}

OperatingSystem DomainJoinedInputOperatingSystem

Operating System.

Domain stringoptional

Domain.

type OSVersionInput struct{…}

OperatingSystem OSVersionInputOperatingSystem

Operating System.

Operator OSVersionInputOperator

Operator.

One of the following:

const OSVersionInputOperatorLess OSVersionInputOperator = "<"

const OSVersionInputOperatorLessOrEquals OSVersionInputOperator = "<="

const OSVersionInputOperatorGreater OSVersionInputOperator = ">"

const OSVersionInputOperatorGreaterOrEquals OSVersionInputOperator = ">="

const OSVersionInputOperatorEquals OSVersionInputOperator = "=="

Version string

Version of OS.

OSDistroName stringoptional

Operating System Distribution Name (linux only).

OSDistroRevision stringoptional

Version of OS Distribution (linux only).

OSVersionExtra stringoptional

Additional operating system version details. For Windows, the UBR (Update Build Revision). For Mac or iOS, the Product Version Extra. For Linux, the distribution name and version.

type FirewallInput struct{…}

Enabled bool

Enabled.

OperatingSystem FirewallInputOperatingSystem

Operating System.

One of the following:

const FirewallInputOperatingSystemWindows FirewallInputOperatingSystem = "windows"

const FirewallInputOperatingSystemMac FirewallInputOperatingSystem = "mac"

type SentineloneInput struct{…}

OperatingSystem SentineloneInputOperatingSystem

Operating system.

One of the following:

const SentineloneInputOperatingSystemWindows SentineloneInputOperatingSystem = "windows"

const SentineloneInputOperatingSystemLinux SentineloneInputOperatingSystem = "linux"

const SentineloneInputOperatingSystemMac SentineloneInputOperatingSystem = "mac"

Path string

File path.

Sha256 stringoptional

SHA-256.

Thumbprint stringoptional

Signing certificate thumbprint.

type DeviceInputTeamsDevicesCarbonblackInputRequest struct{…}

OperatingSystem DeviceInputTeamsDevicesCarbonblackInputRequestOperatingSystem

Operating system.

One of the following:

const DeviceInputTeamsDevicesCarbonblackInputRequestOperatingSystemWindows DeviceInputTeamsDevicesCarbonblackInputRequestOperatingSystem = "windows"

const DeviceInputTeamsDevicesCarbonblackInputRequestOperatingSystemLinux DeviceInputTeamsDevicesCarbonblackInputRequestOperatingSystem = "linux"

const DeviceInputTeamsDevicesCarbonblackInputRequestOperatingSystemMac DeviceInputTeamsDevicesCarbonblackInputRequestOperatingSystem = "mac"

Path string

File path.

Sha256 stringoptional

SHA-256.

Thumbprint stringoptional

Signing certificate thumbprint.

type DeviceInputTeamsDevicesAccessSerialNumberListInputRequest struct{…}

ID string

UUID of Access List.

maxLength36

type DiskEncryptionInput struct{…}

CheckDisks []CarbonblackInputoptional

List of volume names to be checked for encryption.

RequireAll booloptional

Whether to check all disks for encryption.

type DeviceInputTeamsDevicesApplicationInputRequest struct{…}

OperatingSystem DeviceInputTeamsDevicesApplicationInputRequestOperatingSystem

Operating system.

One of the following:

const DeviceInputTeamsDevicesApplicationInputRequestOperatingSystemWindows DeviceInputTeamsDevicesApplicationInputRequestOperatingSystem = "windows"

const DeviceInputTeamsDevicesApplicationInputRequestOperatingSystemLinux DeviceInputTeamsDevicesApplicationInputRequestOperatingSystem = "linux"

const DeviceInputTeamsDevicesApplicationInputRequestOperatingSystemMac DeviceInputTeamsDevicesApplicationInputRequestOperatingSystem = "mac"

Path string

Path for the application.

Sha256 stringoptional

SHA-256.

Thumbprint stringoptional

Signing certificate thumbprint.

type ClientCertificateInput struct{…}

CertificateID string

UUID of Cloudflare managed certificate.

maxLength36

Cn string

Common Name that is protected by the certificate.

type DeviceInputTeamsDevicesClientCertificateV2InputRequest struct{…}

CertificateID string

UUID of Cloudflare managed certificate.

maxLength36

CheckPrivateKey bool

Confirm the certificate was not imported from another device. We recommend keeping this enabled unless the certificate was deployed without a private key.

OperatingSystem DeviceInputTeamsDevicesClientCertificateV2InputRequestOperatingSystem

Operating system.

One of the following:

const DeviceInputTeamsDevicesClientCertificateV2InputRequestOperatingSystemWindows DeviceInputTeamsDevicesClientCertificateV2InputRequestOperatingSystem = "windows"

const DeviceInputTeamsDevicesClientCertificateV2InputRequestOperatingSystemLinux DeviceInputTeamsDevicesClientCertificateV2InputRequestOperatingSystem = "linux"

const DeviceInputTeamsDevicesClientCertificateV2InputRequestOperatingSystemMac DeviceInputTeamsDevicesClientCertificateV2InputRequestOperatingSystem = "mac"

Cn stringoptional

Certificate Common Name. This may include one or more variables in the ${ } notation. Only ${serial_number} and ${hostname} are valid variables.

ExtendedKeyUsage []DeviceInputTeamsDevicesClientCertificateV2InputRequestExtendedKeyUsageoptional

List of values indicating purposes for which the certificate public key can be used.

One of the following:

const DeviceInputTeamsDevicesClientCertificateV2InputRequestExtendedKeyUsageClientAuth DeviceInputTeamsDevicesClientCertificateV2InputRequestExtendedKeyUsage = "clientAuth"

const DeviceInputTeamsDevicesClientCertificateV2InputRequestExtendedKeyUsageEmailProtection DeviceInputTeamsDevicesClientCertificateV2InputRequestExtendedKeyUsage = "emailProtection"

Locations DeviceInputTeamsDevicesClientCertificateV2InputRequestLocationsoptional

Paths []stringoptional

List of paths to check for client certificate on linux.

TrustStores []DeviceInputTeamsDevicesClientCertificateV2InputRequestLocationsTrustStoreoptional

List of trust stores to check for client certificate.

One of the following:

const DeviceInputTeamsDevicesClientCertificateV2InputRequestLocationsTrustStoreSystem DeviceInputTeamsDevicesClientCertificateV2InputRequestLocationsTrustStore = "system"

const DeviceInputTeamsDevicesClientCertificateV2InputRequestLocationsTrustStoreUser DeviceInputTeamsDevicesClientCertificateV2InputRequestLocationsTrustStore = "user"

SubjectAlternativeNames []stringoptional

List of certificate Subject Alternative Names.

type DeviceInputTeamsDevicesAntivirusInputRequest struct{…}

UpdateWindowDays float64optional

Number of days that the antivirus should be updated within.

type WorkspaceOneInput struct{…}

ComplianceStatus WorkspaceOneInputComplianceStatus

Compliance Status.

One of the following:

const WorkspaceOneInputComplianceStatusCompliant WorkspaceOneInputComplianceStatus = "compliant"

const WorkspaceOneInputComplianceStatusNoncompliant WorkspaceOneInputComplianceStatus = "noncompliant"

const WorkspaceOneInputComplianceStatusUnknown WorkspaceOneInputComplianceStatus = "unknown"

ConnectionID string

Posture Integration ID.

type CrowdstrikeInput struct{…}

ConnectionID string

Posture Integration ID.

LastSeen stringoptional

For more details on last seen, please refer to the Crowdstrike documentation.

Operator CrowdstrikeInputOperatoroptional

Operator.

One of the following:

const CrowdstrikeInputOperatorLess CrowdstrikeInputOperator = "<"

const CrowdstrikeInputOperatorLessOrEquals CrowdstrikeInputOperator = "<="

const CrowdstrikeInputOperatorGreater CrowdstrikeInputOperator = ">"

const CrowdstrikeInputOperatorGreaterOrEquals CrowdstrikeInputOperator = ">="

const CrowdstrikeInputOperatorEquals CrowdstrikeInputOperator = "=="

OS stringoptional

Os Version.

Overall stringoptional

Overall.

SensorConfig stringoptional

SensorConfig.

State CrowdstrikeInputStateoptional

For more details on state, please refer to the Crowdstrike documentation.

One of the following:

const CrowdstrikeInputStateOnline CrowdstrikeInputState = "online"

const CrowdstrikeInputStateOffline CrowdstrikeInputState = "offline"

const CrowdstrikeInputStateUnknown CrowdstrikeInputState = "unknown"

Version stringoptional

Version.

VersionOperator CrowdstrikeInputVersionOperatoroptional

Version Operator.

One of the following:

const CrowdstrikeInputVersionOperatorLess CrowdstrikeInputVersionOperator = "<"

const CrowdstrikeInputVersionOperatorLessOrEquals CrowdstrikeInputVersionOperator = "<="

const CrowdstrikeInputVersionOperatorGreater CrowdstrikeInputVersionOperator = ">"

const CrowdstrikeInputVersionOperatorGreaterOrEquals CrowdstrikeInputVersionOperator = ">="

const CrowdstrikeInputVersionOperatorEquals CrowdstrikeInputVersionOperator = "=="

type IntuneInput struct{…}

ComplianceStatus IntuneInputComplianceStatus

Compliance Status.

One of the following:

const IntuneInputComplianceStatusCompliant IntuneInputComplianceStatus = "compliant"

const IntuneInputComplianceStatusNoncompliant IntuneInputComplianceStatus = "noncompliant"

const IntuneInputComplianceStatusUnknown IntuneInputComplianceStatus = "unknown"

const IntuneInputComplianceStatusNotapplicable IntuneInputComplianceStatus = "notapplicable"

const IntuneInputComplianceStatusIngraceperiod IntuneInputComplianceStatus = "ingraceperiod"

const IntuneInputComplianceStatusError IntuneInputComplianceStatus = "error"

ConnectionID string

Posture Integration ID.

type KolideInput struct{…}

ConnectionID string

Posture Integration ID.

CountOperator KolideInputCountOperator

Count Operator.

One of the following:

const KolideInputCountOperatorLess KolideInputCountOperator = "<"

const KolideInputCountOperatorLessOrEquals KolideInputCountOperator = "<="

const KolideInputCountOperatorGreater KolideInputCountOperator = ">"

const KolideInputCountOperatorGreaterOrEquals KolideInputCountOperator = ">="

const KolideInputCountOperatorEquals KolideInputCountOperator = "=="

IssueCount string

The Number of Issues.

type TaniumInput struct{…}

ConnectionID string

Posture Integration ID.

EidLastSeen stringoptional

For more details on eid last seen, refer to the Tanium documentation.

Operator TaniumInputOperatoroptional

Operator to evaluate risk_level or eid_last_seen.

One of the following:

const TaniumInputOperatorLess TaniumInputOperator = "<"

const TaniumInputOperatorLessOrEquals TaniumInputOperator = "<="

const TaniumInputOperatorGreater TaniumInputOperator = ">"

const TaniumInputOperatorGreaterOrEquals TaniumInputOperator = ">="

const TaniumInputOperatorEquals TaniumInputOperator = "=="

RiskLevel TaniumInputRiskLeveloptional

For more details on risk level, refer to the Tanium documentation.

One of the following:

const TaniumInputRiskLevelLow TaniumInputRiskLevel = "low"

const TaniumInputRiskLevelMedium TaniumInputRiskLevel = "medium"

const TaniumInputRiskLevelHigh TaniumInputRiskLevel = "high"

const TaniumInputRiskLevelCritical TaniumInputRiskLevel = "critical"

ScoreOperator TaniumInputScoreOperatoroptional

Score Operator.

One of the following:

const TaniumInputScoreOperatorLess TaniumInputScoreOperator = "<"

const TaniumInputScoreOperatorLessOrEquals TaniumInputScoreOperator = "<="

const TaniumInputScoreOperatorGreater TaniumInputScoreOperator = ">"

const TaniumInputScoreOperatorGreaterOrEquals TaniumInputScoreOperator = ">="

const TaniumInputScoreOperatorEquals TaniumInputScoreOperator = "=="

TotalScore float64optional

For more details on total score, refer to the Tanium documentation.

type SentineloneS2sInput struct{…}

ConnectionID string

Posture Integration ID.

ActiveThreats float64optional

The Number of active threats.

Infected booloptional

Whether device is infected.

IsActive booloptional

Whether device is active.

NetworkStatus SentineloneS2sInputNetworkStatusoptional

Network status of device.

One of the following:

const SentineloneS2sInputNetworkStatusConnected SentineloneS2sInputNetworkStatus = "connected"

const SentineloneS2sInputNetworkStatusDisconnected SentineloneS2sInputNetworkStatus = "disconnected"

const SentineloneS2sInputNetworkStatusDisconnecting SentineloneS2sInputNetworkStatus = "disconnecting"

const SentineloneS2sInputNetworkStatusConnecting SentineloneS2sInputNetworkStatus = "connecting"

OperationalState SentineloneS2sInputOperationalStateoptional

Agent operational state.

One of the following:

const SentineloneS2sInputOperationalStateNa SentineloneS2sInputOperationalState = "na"

const SentineloneS2sInputOperationalStatePartiallyDisabled SentineloneS2sInputOperationalState = "partially_disabled"

const SentineloneS2sInputOperationalStateAutoFullyDisabled SentineloneS2sInputOperationalState = "auto_fully_disabled"

const SentineloneS2sInputOperationalStateFullyDisabled SentineloneS2sInputOperationalState = "fully_disabled"

const SentineloneS2sInputOperationalStateAutoPartiallyDisabled SentineloneS2sInputOperationalState = "auto_partially_disabled"

const SentineloneS2sInputOperationalStateDisabledError SentineloneS2sInputOperationalState = "disabled_error"

const SentineloneS2sInputOperationalStateDBCorruption SentineloneS2sInputOperationalState = "db_corruption"

Operator SentineloneS2sInputOperatoroptional

Operator.

One of the following:

const SentineloneS2sInputOperatorLess SentineloneS2sInputOperator = "<"

const SentineloneS2sInputOperatorLessOrEquals SentineloneS2sInputOperator = "<="

const SentineloneS2sInputOperatorGreater SentineloneS2sInputOperator = ">"

const SentineloneS2sInputOperatorGreaterOrEquals SentineloneS2sInputOperator = ">="

const SentineloneS2sInputOperatorEquals SentineloneS2sInputOperator = "=="

type DeviceInputTeamsDevicesCustomS2sInputRequest struct{…}

ConnectionID string

Posture Integration ID.

Operator DeviceInputTeamsDevicesCustomS2sInputRequestOperator

Operator.

One of the following:

const DeviceInputTeamsDevicesCustomS2sInputRequestOperatorLess DeviceInputTeamsDevicesCustomS2sInputRequestOperator = "<"

const DeviceInputTeamsDevicesCustomS2sInputRequestOperatorLessOrEquals DeviceInputTeamsDevicesCustomS2sInputRequestOperator = "<="

const DeviceInputTeamsDevicesCustomS2sInputRequestOperatorGreater DeviceInputTeamsDevicesCustomS2sInputRequestOperator = ">"

const DeviceInputTeamsDevicesCustomS2sInputRequestOperatorGreaterOrEquals DeviceInputTeamsDevicesCustomS2sInputRequestOperator = ">="

const DeviceInputTeamsDevicesCustomS2sInputRequestOperatorEquals DeviceInputTeamsDevicesCustomS2sInputRequestOperator = "=="

Score float64

A value between 0-100 assigned to devices set by the 3rd party posture provider.

type DeviceMatch struct{…}

Platform DeviceMatchPlatformoptional

One of the following:

const DeviceMatchPlatformWindows DeviceMatchPlatform = "windows"

const DeviceMatchPlatformMac DeviceMatchPlatform = "mac"

const DeviceMatchPlatformLinux DeviceMatchPlatform = "linux"

const DeviceMatchPlatformAndroid DeviceMatchPlatform = "android"

const DeviceMatchPlatformIos DeviceMatchPlatform = "ios"

const DeviceMatchPlatformChromeos DeviceMatchPlatform = "chromeos"

type DevicePostureRule struct{…}

ID stringoptional

API UUID.

maxLength36

Description stringoptional

The description of the device posture rule.

Expiration stringoptional

Sets the expiration time for a posture check result. If empty, the result remains valid until it is overwritten by new data from the WARP client.

Input DeviceInputoptional

The value to be checked against.

Match []DeviceMatchoptional

The conditions that the client must match to run the rule.

Platform DeviceMatchPlatformoptional

One of the following:

const DeviceMatchPlatformWindows DeviceMatchPlatform = "windows"

const DeviceMatchPlatformMac DeviceMatchPlatform = "mac"

const DeviceMatchPlatformLinux DeviceMatchPlatform = "linux"

const DeviceMatchPlatformAndroid DeviceMatchPlatform = "android"

const DeviceMatchPlatformIos DeviceMatchPlatform = "ios"

const DeviceMatchPlatformChromeos DeviceMatchPlatform = "chromeos"

Name stringoptional

The name of the device posture rule.

Schedule stringoptional

Polling frequency for the WARP client posture check. Default: 5m (poll every five minutes). Minimum: 1m.

Type DevicePostureRuleTypeoptional

The type of device posture rule.

One of the following:

const DevicePostureRuleTypeFile DevicePostureRuleType = "file"

const DevicePostureRuleTypeApplication DevicePostureRuleType = "application"

const DevicePostureRuleTypeTanium DevicePostureRuleType = "tanium"

const DevicePostureRuleTypeGateway DevicePostureRuleType = "gateway"

const DevicePostureRuleTypeWARP DevicePostureRuleType = "warp"

const DevicePostureRuleTypeDiskEncryption DevicePostureRuleType = "disk_encryption"

const DevicePostureRuleTypeSerialNumber DevicePostureRuleType = "serial_number"

const DevicePostureRuleTypeSentinelone DevicePostureRuleType = "sentinelone"

const DevicePostureRuleTypeCarbonblack DevicePostureRuleType = "carbonblack"

const DevicePostureRuleTypeFirewall DevicePostureRuleType = "firewall"

const DevicePostureRuleTypeOSVersion DevicePostureRuleType = "os_version"

const DevicePostureRuleTypeDomainJoined DevicePostureRuleType = "domain_joined"

const DevicePostureRuleTypeClientCertificate DevicePostureRuleType = "client_certificate"

const DevicePostureRuleTypeClientCertificateV2 DevicePostureRuleType = "client_certificate_v2"

const DevicePostureRuleTypeAntivirus DevicePostureRuleType = "antivirus"

const DevicePostureRuleTypeUniqueClientID DevicePostureRuleType = "unique_client_id"

const DevicePostureRuleTypeKolide DevicePostureRuleType = "kolide"

const DevicePostureRuleTypeTaniumS2s DevicePostureRuleType = "tanium_s2s"

const DevicePostureRuleTypeCrowdstrikeS2s DevicePostureRuleType = "crowdstrike_s2s"

const DevicePostureRuleTypeIntune DevicePostureRuleType = "intune"

const DevicePostureRuleTypeWorkspaceOne DevicePostureRuleType = "workspace_one"

const DevicePostureRuleTypeSentineloneS2s DevicePostureRuleType = "sentinelone_s2s"

const DevicePostureRuleTypeCustomS2s DevicePostureRuleType = "custom_s2s"

type DiskEncryptionInput struct{…}

CheckDisks []CarbonblackInputoptional

List of volume names to be checked for encryption.

RequireAll booloptional

Whether to check all disks for encryption.

type DomainJoinedInput struct{…}

OperatingSystem DomainJoinedInputOperatingSystem

Operating System.

Domain stringoptional

Domain.

type FileInput struct{…}

OperatingSystem FileInputOperatingSystem

Operating system.

One of the following:

const FileInputOperatingSystemWindows FileInputOperatingSystem = "windows"

const FileInputOperatingSystemLinux FileInputOperatingSystem = "linux"

const FileInputOperatingSystemMac FileInputOperatingSystem = "mac"

Path string

File path.

Exists booloptional

Whether or not file exists.

Sha256 stringoptional

SHA-256.

Thumbprint stringoptional

Signing certificate thumbprint.

type FirewallInput struct{…}

Enabled bool

Enabled.

OperatingSystem FirewallInputOperatingSystem

Operating System.

One of the following:

const FirewallInputOperatingSystemWindows FirewallInputOperatingSystem = "windows"

const FirewallInputOperatingSystemMac FirewallInputOperatingSystem = "mac"

type IntuneInput struct{…}

ComplianceStatus IntuneInputComplianceStatus

Compliance Status.

One of the following:

const IntuneInputComplianceStatusCompliant IntuneInputComplianceStatus = "compliant"

const IntuneInputComplianceStatusNoncompliant IntuneInputComplianceStatus = "noncompliant"

const IntuneInputComplianceStatusUnknown IntuneInputComplianceStatus = "unknown"

const IntuneInputComplianceStatusNotapplicable IntuneInputComplianceStatus = "notapplicable"

const IntuneInputComplianceStatusIngraceperiod IntuneInputComplianceStatus = "ingraceperiod"

const IntuneInputComplianceStatusError IntuneInputComplianceStatus = "error"

ConnectionID string

Posture Integration ID.

type KolideInput struct{…}

ConnectionID string

Posture Integration ID.

CountOperator KolideInputCountOperator

Count Operator.

One of the following:

const KolideInputCountOperatorLess KolideInputCountOperator = "<"

const KolideInputCountOperatorLessOrEquals KolideInputCountOperator = "<="

const KolideInputCountOperatorGreater KolideInputCountOperator = ">"

const KolideInputCountOperatorGreaterOrEquals KolideInputCountOperator = ">="

const KolideInputCountOperatorEquals KolideInputCountOperator = "=="

IssueCount string

The Number of Issues.

type OSVersionInput struct{…}

OperatingSystem OSVersionInputOperatingSystem

Operating System.

Operator OSVersionInputOperator

Operator.

One of the following:

const OSVersionInputOperatorLess OSVersionInputOperator = "<"

const OSVersionInputOperatorLessOrEquals OSVersionInputOperator = "<="

const OSVersionInputOperatorGreater OSVersionInputOperator = ">"

const OSVersionInputOperatorGreaterOrEquals OSVersionInputOperator = ">="

const OSVersionInputOperatorEquals OSVersionInputOperator = "=="

Version string

Version of OS.

OSDistroName stringoptional

Operating System Distribution Name (linux only).

OSDistroRevision stringoptional

Version of OS Distribution (linux only).

OSVersionExtra stringoptional

Additional operating system version details. For Windows, the UBR (Update Build Revision). For Mac or iOS, the Product Version Extra. For Linux, the distribution name and version.

type SentineloneInput struct{…}

OperatingSystem SentineloneInputOperatingSystem

Operating system.

One of the following:

const SentineloneInputOperatingSystemWindows SentineloneInputOperatingSystem = "windows"

const SentineloneInputOperatingSystemLinux SentineloneInputOperatingSystem = "linux"

const SentineloneInputOperatingSystemMac SentineloneInputOperatingSystem = "mac"

Path string

File path.

Sha256 stringoptional

SHA-256.

Thumbprint stringoptional

Signing certificate thumbprint.

type SentineloneS2sInput struct{…}

ConnectionID string

Posture Integration ID.

ActiveThreats float64optional

The Number of active threats.

Infected booloptional

Whether device is infected.

IsActive booloptional

Whether device is active.

NetworkStatus SentineloneS2sInputNetworkStatusoptional

Network status of device.

One of the following:

const SentineloneS2sInputNetworkStatusConnected SentineloneS2sInputNetworkStatus = "connected"

const SentineloneS2sInputNetworkStatusDisconnected SentineloneS2sInputNetworkStatus = "disconnected"

const SentineloneS2sInputNetworkStatusDisconnecting SentineloneS2sInputNetworkStatus = "disconnecting"

const SentineloneS2sInputNetworkStatusConnecting SentineloneS2sInputNetworkStatus = "connecting"

OperationalState SentineloneS2sInputOperationalStateoptional

Agent operational state.

One of the following:

const SentineloneS2sInputOperationalStateNa SentineloneS2sInputOperationalState = "na"

const SentineloneS2sInputOperationalStatePartiallyDisabled SentineloneS2sInputOperationalState = "partially_disabled"

const SentineloneS2sInputOperationalStateAutoFullyDisabled SentineloneS2sInputOperationalState = "auto_fully_disabled"

const SentineloneS2sInputOperationalStateFullyDisabled SentineloneS2sInputOperationalState = "fully_disabled"

const SentineloneS2sInputOperationalStateAutoPartiallyDisabled SentineloneS2sInputOperationalState = "auto_partially_disabled"

const SentineloneS2sInputOperationalStateDisabledError SentineloneS2sInputOperationalState = "disabled_error"

const SentineloneS2sInputOperationalStateDBCorruption SentineloneS2sInputOperationalState = "db_corruption"

Operator SentineloneS2sInputOperatoroptional

Operator.

One of the following:

const SentineloneS2sInputOperatorLess SentineloneS2sInputOperator = "<"

const SentineloneS2sInputOperatorLessOrEquals SentineloneS2sInputOperator = "<="

const SentineloneS2sInputOperatorGreater SentineloneS2sInputOperator = ">"

const SentineloneS2sInputOperatorGreaterOrEquals SentineloneS2sInputOperator = ">="

const SentineloneS2sInputOperatorEquals SentineloneS2sInputOperator = "=="

type TaniumInput struct{…}

ConnectionID string

Posture Integration ID.

EidLastSeen stringoptional

For more details on eid last seen, refer to the Tanium documentation.

Operator TaniumInputOperatoroptional

Operator to evaluate risk_level or eid_last_seen.

One of the following:

const TaniumInputOperatorLess TaniumInputOperator = "<"

const TaniumInputOperatorLessOrEquals TaniumInputOperator = "<="

const TaniumInputOperatorGreater TaniumInputOperator = ">"

const TaniumInputOperatorGreaterOrEquals TaniumInputOperator = ">="

const TaniumInputOperatorEquals TaniumInputOperator = "=="

RiskLevel TaniumInputRiskLeveloptional

For more details on risk level, refer to the Tanium documentation.

One of the following:

const TaniumInputRiskLevelLow TaniumInputRiskLevel = "low"

const TaniumInputRiskLevelMedium TaniumInputRiskLevel = "medium"

const TaniumInputRiskLevelHigh TaniumInputRiskLevel = "high"

const TaniumInputRiskLevelCritical TaniumInputRiskLevel = "critical"

ScoreOperator TaniumInputScoreOperatoroptional

Score Operator.

One of the following:

const TaniumInputScoreOperatorLess TaniumInputScoreOperator = "<"

const TaniumInputScoreOperatorLessOrEquals TaniumInputScoreOperator = "<="

const TaniumInputScoreOperatorGreater TaniumInputScoreOperator = ">"

const TaniumInputScoreOperatorGreaterOrEquals TaniumInputScoreOperator = ">="

const TaniumInputScoreOperatorEquals TaniumInputScoreOperator = "=="

TotalScore float64optional

For more details on total score, refer to the Tanium documentation.

type UniqueClientIDInput struct{…}

ID string

List ID.

OperatingSystem UniqueClientIDInputOperatingSystem

Operating System.

One of the following:

const UniqueClientIDInputOperatingSystemAndroid UniqueClientIDInputOperatingSystem = "android"

const UniqueClientIDInputOperatingSystemIos UniqueClientIDInputOperatingSystem = "ios"

const UniqueClientIDInputOperatingSystemChromeos UniqueClientIDInputOperatingSystem = "chromeos"

type WorkspaceOneInput struct{…}

ComplianceStatus WorkspaceOneInputComplianceStatus

Compliance Status.

One of the following:

const WorkspaceOneInputComplianceStatusCompliant WorkspaceOneInputComplianceStatus = "compliant"

const WorkspaceOneInputComplianceStatusNoncompliant WorkspaceOneInputComplianceStatus = "noncompliant"

const WorkspaceOneInputComplianceStatusUnknown WorkspaceOneInputComplianceStatus = "unknown"

ConnectionID string

Posture Integration ID.

DevicesPostureIntegrations

List your device posture integrations

client.ZeroTrust.Devices.Posture.Integrations.List(ctx, query) (*SinglePage[Integration], error)

GET/accounts/{account_id}/devices/posture/integration

Get device posture integration details

client.ZeroTrust.Devices.Posture.Integrations.Get(ctx, integrationID, query) (*Integration, error)

GET/accounts/{account_id}/devices/posture/integration/{integration_id}

Create a device posture integration

client.ZeroTrust.Devices.Posture.Integrations.New(ctx, params) (*Integration, error)

POST/accounts/{account_id}/devices/posture/integration

Update a device posture integration

client.ZeroTrust.Devices.Posture.Integrations.Edit(ctx, integrationID, params) (*Integration, error)

PATCH/accounts/{account_id}/devices/posture/integration/{integration_id}

Delete a device posture integration

client.ZeroTrust.Devices.Posture.Integrations.Delete(ctx, integrationID, body) (*unknown, error)

DELETE/accounts/{account_id}/devices/posture/integration/{integration_id}

ModelsExpand Collapse

type Integration struct{…}

ID stringoptional

API UUID.

maxLength36

Config IntegrationConfigoptional

The configuration object containing third-party integration information.

APIURL string

The Workspace One API URL provided in the Workspace One Admin Dashboard.

AuthURL string

The Workspace One Authorization URL depending on your region.

ClientID string

The Workspace One client ID provided in the Workspace One Admin Dashboard.

Interval stringoptional

The interval between each posture check with the third-party API. Use m for minutes (e.g. 5m) and h for hours (e.g. 12h).

Name stringoptional

The name of the device posture integration.

Type IntegrationTypeoptional

The type of device posture integration.

One of the following:

const IntegrationTypeWorkspaceOne IntegrationType = "workspace_one"

const IntegrationTypeCrowdstrikeS2s IntegrationType = "crowdstrike_s2s"

const IntegrationTypeUptycs IntegrationType = "uptycs"

const IntegrationTypeIntune IntegrationType = "intune"

const IntegrationTypeKolide IntegrationType = "kolide"

const IntegrationTypeTaniumS2s IntegrationType = "tanium_s2s"

const IntegrationTypeSentineloneS2s IntegrationType = "sentinelone_s2s"

const IntegrationTypeCustomS2s IntegrationType = "custom_s2s"

DevicesRevoke

Revoke devices (deprecated)

Deprecated

client.ZeroTrust.Devices.Revoke.New(ctx, params) (*unknown, error)

POST/accounts/{account_id}/devices/revoke

DevicesSettings

Get device settings for a Zero Trust account

client.ZeroTrust.Devices.Settings.Get(ctx, query) (*DeviceSettings, error)

GET/accounts/{account_id}/devices/settings

Update device settings for a Zero Trust account

client.ZeroTrust.Devices.Settings.Update(ctx, params) (*DeviceSettings, error)

PUT/accounts/{account_id}/devices/settings

Patch device settings for a Zero Trust account

client.ZeroTrust.Devices.Settings.Edit(ctx, params) (*DeviceSettings, error)

PATCH/accounts/{account_id}/devices/settings

Reset device settings for a Zero Trust account with defaults. This turns off all proxying.

client.ZeroTrust.Devices.Settings.Delete(ctx, body) (*DeviceSettings, error)

DELETE/accounts/{account_id}/devices/settings

ModelsExpand Collapse

type DeviceSettings struct{…}

DisableForTime float64optional

Sets the time limit, in seconds, that a user can use an override code to bypass WARP.

ExternalEmergencySignalEnabled booloptional

Controls whether the external emergency disconnect feature is enabled.

ExternalEmergencySignalFingerprint stringoptional

The SHA256 fingerprint (64 hexadecimal characters) of the HTTPS server certificate for the external_emergency_signal_url. If provided, the WARP client will use this value to verify the server's identity. The device will ignore any response if the server's certificate fingerprint does not exactly match this value.

ExternalEmergencySignalInterval stringoptional

The interval at which the WARP client fetches the emergency disconnect signal, formatted as a duration string (e.g., "5m", "2m30s", "1h"). Minimum 30 seconds.

ExternalEmergencySignalURL stringoptional

The HTTPS URL from which to fetch the emergency disconnect signal. Must use HTTPS and have an IPv4 or IPv6 address as the host.

GatewayProxyEnabled booloptional

Enable gateway proxy filtering on TCP.

GatewayUdpProxyEnabled booloptional

Enable gateway proxy filtering on UDP.

RootCertificateInstallationEnabled booloptional

Enable installation of cloudflare managed root certificate.

UseZtVirtualIP booloptional

Enable using CGNAT virtual IPv4.

DevicesUnrevoke

Unrevoke devices (deprecated)

Deprecated

client.ZeroTrust.Devices.Unrevoke.New(ctx, params) (*unknown, error)

POST/accounts/{account_id}/devices/unrevoke

DevicesOverride Codes

Get override codes (deprecated)

Deprecated

client.ZeroTrust.Devices.OverrideCodes.List(ctx, deviceID, query) (*SinglePage[DeviceOverrideCodeListResponse], error)

GET/accounts/{account_id}/devices/{device_id}/override_codes

Get override codes

client.ZeroTrust.Devices.OverrideCodes.Get(ctx, registrationID, query) (*DeviceOverrideCodeGetResponse, error)

GET/accounts/{account_id}/devices/registrations/{registration_id}/override_codes