AccessGroup
Source:
src/Cloudflare/Access/Group.ts
A Cloudflare Zero Trust Access group — a reusable, account-scoped set of
Access rule criteria. Groups are referenced from Access policies via a
{ group: { id } } rule, letting many policies share one membership
definition.
Creating a Group
Section titled “Creating a Group”Allow a single email domain
const group = yield* Cloudflare.AccessGroup("ExampleDomain", { include: [{ emailDomain: { domain: "example.com" } }],});Combine include, exclude and require rules
const group = yield* Cloudflare.AccessGroup("UsEngineers", { include: [{ emailDomain: { domain: "example.com" } }], exclude: [{ email: { email: "intern@example.com" } }], require: [{ geo: { countryCode: "US" } }],});Referencing a Group from a Policy
Section titled “Referencing a Group from a Policy”const group = yield* Cloudflare.AccessGroup("Team", { include: [{ emailDomain: { domain: "example.com" } }],});
const policy = yield* Cloudflare.AccessPolicy("AllowTeam", { decision: "allow", include: [{ group: { id: group.groupId } }],});