Viewing docs for Cloudflare v6.15.0
published on Saturday, May 2, 2026 by Pulumi
published on Saturday, May 2, 2026 by Pulumi
Viewing docs for Cloudflare v6.15.0
published on Saturday, May 2, 2026 by Pulumi
published on Saturday, May 2, 2026 by Pulumi
Accepted Permissions
Zone Settings ReadZone Settings Write
Available Setting IDs
The following table lists all valid settingId values. Some settings may require a specific Cloudflare plan level. For more details, see the API documentation.
| Setting ID | Value Type | Description |
|---|---|---|
0rtt | "on" / "off" | 0-RTT session resumption enabled for this zone. |
advancedDdos | "on" / "off" | Advanced protection from Distributed Denial of Service (DDoS) attacks on your… |
aegis | Object | Aegis provides dedicated egress IPs (from Cloudflare to your origin) for your… |
alwaysOnline | "on" / "off" | When enabled, Cloudflare serves limited copies of web pages available from th… |
alwaysUseHttps | "on" / "off" | Reply to all requests for URLs that use “http” with a 301 redirect to the equ… |
automaticHttpsRewrites | "on" / "off" | Enable the Automatic HTTPS Rewrites feature for this zone. |
automaticPlatformOptimization | Object | [Automatic Platform Optimization for WordPress](https://developers.cloudflare… |
brotli | "on" / "off" | When the client requesting an asset supports the Brotli compression algorithm… |
browserCacheTtl | Number | Browser Cache TTL (in seconds) specifies how long Cloudflare-cached resources… |
browserCheck | "on" / "off" | Browser Integrity Check is similar to Bad Behavior and looks for common HTTP … |
cacheLevel | "aggressive", "basic", "simplified" | Cache Level functions based off the setting level. The basic setting will cac… |
challengeTtl | Number (14 values) | Specify how long a visitor is allowed access to your site after successfully … |
ciphers | Array of string | An allowlist of ciphers for TLS termination. These ciphers must be in the Bor… |
cnameFlattening | "flattenAtRoot", "flattenAll" | Whether or not cname flattening is on. |
contentConverter | "on" / "off" | When enabled and the client sends an Accept header requesting text/markdown, … |
developmentMode | "on" / "off" | Development Mode temporarily allows you to enter development mode for your we… |
earlyHints | "on" / "off" | When enabled, Cloudflare will attempt to speed up overall page loads by servi… |
edgeCacheTtl | Number (21 values) | Time (in seconds) that a resource will be ensured to remain on Cloudflare’s c… |
emailObfuscation | "on" / "off" | Encrypt email adresses on your web page from bots, while keeping them visible… |
h2Prioritization | "on", "off", "custom" | HTTP/2 Edge Prioritization optimises the delivery of resources served through… |
hotlinkProtection | "on" / "off" | When enabled, the Hotlink Protection option ensures that other sites cannot s… |
http2 | "on" / "off" | HTTP2 enabled for this zone. |
http3 | "on" / "off" | HTTP3 enabled for this zone. |
imageResizing | "on", "off", "open" | Image Transformations provides on-demand resizing, conversion and optimizatio… |
ipGeolocation | "on" / "off" | Enable IP Geolocation to have Cloudflare geolocate visitors to your website a… |
ipv6 | "on" / "off" | Enable IPv6 on all subdomains that are Cloudflare enabled. (https://support…. |
maxUpload | Number (18 values) | Maximum size of an allowable upload. |
minTlsVersion | "1.0", "1.1", "1.2", "1.3" | Only accepts HTTPS requests that use at least the TLS protocol version specif… |
mirage | "on" / "off" | Automatically optimize image loading for website visitors on mobile devices. … |
nel | Object | Enable Network Error Logging reporting on your zone. (Beta) |
opportunisticEncryption | "on" / "off" | Enables the Opportunistic Encryption feature for a zone. |
opportunisticOnion | "on" / "off" | Add an Alt-Svc header to all legitimate requests from Tor, allowing the conne… |
orangeToOrange | "on" / "off" | Orange to Orange (O2O) allows zones on Cloudflare to CNAME to other zones als… |
originErrorPagePassThru | "on" / "off" | Cloudflare will proxy customer error pages on any 502,504 errors on origin se… |
originH2MaxStreams | Number | Origin H2 Max Streams configures the max number of concurrent requests that C… |
originMaxHttpVersion | "2", "1" | Origin Max HTTP Setting Version sets the highest HTTP version Cloudflare will… |
polish | "off", "lossless", "lossy" | Removes metadata and compresses your images for faster page load times. Basic… |
prefetchPreload | "on" / "off" | Cloudflare will prefetch any URLs that are included in the response headers. … |
privacyPass | "on" / "off" | Privacy Pass v1 was a browser extension developed by the Privacy Pass Team to… |
proxyReadTimeout | Number | Maximum time between two read operations from origin. |
pseudoIpv4 | "off", "addHeader", "overwriteHeader" | The value set for the Pseudo IPv4 setting. |
redirectsForAiTraining | "on" / "off" | When enabled, Cloudflare will redirect verified AI training crawlers to canon… |
replaceInsecureJs | "on" / "off" | Automatically replace insecure JavaScript libraries with safer and faster alt… |
responseBuffering | "on" / "off" | Enables or disables buffering of responses from the proxied server. Cloudflar… |
rocketLoader | "on" / "off" | Rocket Loader is a general-purpose asynchronous JavaScript optimisation that … |
securityHeader | Object | Cloudflare security header for a zone. |
securityLevel | "off", "essentiallyOff", "low", "medium", "high", "underAttack" | Choose the appropriate security profile for your website, which will automati… |
serverSideExclude | "on" / "off" | If there is sensitive content on your website that you want visible to real v… |
sha1Support | "on" / "off" | Allow SHA1 support. |
sortQueryStringForCache | "on" / "off" | Cloudflare will treat files with the same query strings as the same file in c… |
ssl | "off", "flexible", "full", "strict" | SSL encrypts your visitor’s connection and safeguards credit card numbers and… |
sslRecommender | Uses enabled attr | Enrollment in the SSL/TLS Recommender service which tries to detect and recom… |
tls12Only | "on" / "off" | Only allows TLS1.2. |
tls13 | "on", "off", "zrt" | Enables Crypto TLS 1.3 feature for a zone. |
tlsClientAuth | "on" / "off" | TLS Client Auth requires Cloudflare to connect to your origin server using a … |
transformations | "on", "off", "open" | Media Transformations provides on-demand resizing, conversion and optimizatio… |
transformationsAllowedOrigins | String | Media Transformations Allowed Origins restricts transformations for images an… |
trueClientIpHeader | "on" / "off" | Allows customer to continue to use True Client IP (Akamai feature) in the hea… |
waf | "on" / "off" | The WAF examines HTTP requests to your website. It inspects both GET and POS… |
webp | "on" / "off" | When the client requesting the image supports the WebP image codec, and WebP … |
websockets | "on" / "off" | WebSockets are open connections sustained between the client and the origin s… |
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as cloudflare from "@pulumi/cloudflare";
const exampleZoneSetting = cloudflare.getZoneSetting({
zoneId: "023e105f4ecef8ad9ca31a8372d0c353",
settingId: "always_online",
});
import pulumi
import pulumi_cloudflare as cloudflare
example_zone_setting = cloudflare.get_zone_setting(zone_id="023e105f4ecef8ad9ca31a8372d0c353",
setting_id="always_online")
package main
import (
"github.com/pulumi/pulumi-cloudflare/sdk/v6/go/cloudflare"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cloudflare.GetZoneSetting(ctx, &cloudflare.LookupZoneSettingArgs{
ZoneId: pulumi.StringRef("023e105f4ecef8ad9ca31a8372d0c353"),
SettingId: "always_online",
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Cloudflare = Pulumi.Cloudflare;
return await Deployment.RunAsync(() =>
{
var exampleZoneSetting = Cloudflare.Index.GetZoneSetting.Invoke(new()
{
ZoneId = "023e105f4ecef8ad9ca31a8372d0c353",
SettingId = "always_online",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudflare.CloudflareFunctions;
import com.pulumi.cloudflare.inputs.GetZoneSettingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var exampleZoneSetting = CloudflareFunctions.getZoneSetting(GetZoneSettingArgs.builder()
.zoneId("023e105f4ecef8ad9ca31a8372d0c353")
.settingId("always_online")
.build());
}
}
variables:
exampleZoneSetting:
fn::invoke:
function: cloudflare:getZoneSetting
arguments:
zoneId: 023e105f4ecef8ad9ca31a8372d0c353
settingId: always_online
Using getZoneSetting
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getZoneSetting(args: GetZoneSettingArgs, opts?: InvokeOptions): Promise<GetZoneSettingResult>
function getZoneSettingOutput(args: GetZoneSettingOutputArgs, opts?: InvokeOptions): Output<GetZoneSettingResult>def get_zone_setting(setting_id: Optional[str] = None,
zone_id: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetZoneSettingResult
def get_zone_setting_output(setting_id: pulumi.Input[Optional[str]] = None,
zone_id: pulumi.Input[Optional[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetZoneSettingResult]func LookupZoneSetting(ctx *Context, args *LookupZoneSettingArgs, opts ...InvokeOption) (*LookupZoneSettingResult, error)
func LookupZoneSettingOutput(ctx *Context, args *LookupZoneSettingOutputArgs, opts ...InvokeOption) LookupZoneSettingResultOutput> Note: This function is named LookupZoneSetting in the Go SDK.
public static class GetZoneSetting
{
public static Task<GetZoneSettingResult> InvokeAsync(GetZoneSettingArgs args, InvokeOptions? opts = null)
public static Output<GetZoneSettingResult> Invoke(GetZoneSettingInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetZoneSettingResult> getZoneSetting(GetZoneSettingArgs args, InvokeOptions options)
public static Output<GetZoneSettingResult> getZoneSetting(GetZoneSettingArgs args, InvokeOptions options)
fn::invoke:
function: cloudflare:index/getZoneSetting:getZoneSetting
arguments:
# arguments dictionaryThe following arguments are supported:
- setting_
id str - Setting name
- zone_
id str - Identifier
getZoneSetting Result
The following output properties are available:
- Editable bool
- Whether or not this setting can be modified for this zone (based on your Cloudflare plan level).
- Enabled bool
- ssl-recommender enrollment setting.
- Id string
- Setting name
- Modified
On string - last time this setting was modified.
- Setting
Id string - Setting name
- Time
Remaining double - Value of the zone setting. Notes: The interval (in seconds) from when development mode expires (positive integer) or last expired (negative integer) for the domain. If development mode has never been enabled, this value is false.
- Value string
- Current value of the zone setting. Available values: "on", "off".
- Zone
Id string - Identifier
- Editable bool
- Whether or not this setting can be modified for this zone (based on your Cloudflare plan level).
- Enabled bool
- ssl-recommender enrollment setting.
- Id string
- Setting name
- Modified
On string - last time this setting was modified.
- Setting
Id string - Setting name
- Time
Remaining float64 - Value of the zone setting. Notes: The interval (in seconds) from when development mode expires (positive integer) or last expired (negative integer) for the domain. If development mode has never been enabled, this value is false.
- Value string
- Current value of the zone setting. Available values: "on", "off".
- Zone
Id string - Identifier
- editable Boolean
- Whether or not this setting can be modified for this zone (based on your Cloudflare plan level).
- enabled Boolean
- ssl-recommender enrollment setting.
- id String
- Setting name
- modified
On String - last time this setting was modified.
- setting
Id String - Setting name
- time
Remaining Double - Value of the zone setting. Notes: The interval (in seconds) from when development mode expires (positive integer) or last expired (negative integer) for the domain. If development mode has never been enabled, this value is false.
- value String
- Current value of the zone setting. Available values: "on", "off".
- zone
Id String - Identifier
- editable boolean
- Whether or not this setting can be modified for this zone (based on your Cloudflare plan level).
- enabled boolean
- ssl-recommender enrollment setting.
- id string
- Setting name
- modified
On string - last time this setting was modified.
- setting
Id string - Setting name
- time
Remaining number - Value of the zone setting. Notes: The interval (in seconds) from when development mode expires (positive integer) or last expired (negative integer) for the domain. If development mode has never been enabled, this value is false.
- value string
- Current value of the zone setting. Available values: "on", "off".
- zone
Id string - Identifier
- editable bool
- Whether or not this setting can be modified for this zone (based on your Cloudflare plan level).
- enabled bool
- ssl-recommender enrollment setting.
- id str
- Setting name
- modified_
on str - last time this setting was modified.
- setting_
id str - Setting name
- time_
remaining float - Value of the zone setting. Notes: The interval (in seconds) from when development mode expires (positive integer) or last expired (negative integer) for the domain. If development mode has never been enabled, this value is false.
- value str
- Current value of the zone setting. Available values: "on", "off".
- zone_
id str - Identifier
- editable Boolean
- Whether or not this setting can be modified for this zone (based on your Cloudflare plan level).
- enabled Boolean
- ssl-recommender enrollment setting.
- id String
- Setting name
- modified
On String - last time this setting was modified.
- setting
Id String - Setting name
- time
Remaining Number - Value of the zone setting. Notes: The interval (in seconds) from when development mode expires (positive integer) or last expired (negative integer) for the domain. If development mode has never been enabled, this value is false.
- value String
- Current value of the zone setting. Available values: "on", "off".
- zone
Id String - Identifier
Package Details
- Repository
- Cloudflare pulumi/pulumi-cloudflare
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
cloudflareTerraform Provider.
Viewing docs for Cloudflare v6.15.0
published on Saturday, May 2, 2026 by Pulumi
published on Saturday, May 2, 2026 by Pulumi
