[Missing] Device Posture - Serial Number List

I am trying to setup application with access only allowed to corporate devices

I was following this guide::
https://developers.cloudflare.com/cloudflare-one/tutorials/corp-device-tag

I already added serial number in Lists

But still can’t see Device Posture - Serial Number List option in Rules

Did you get a solution to this? I am having the same issue.

Yes! After making Device Serial Number List, we need to wait for some time. I read somewhere to wait for 20 mins, but my experience is to wait for 5-6 hours at least, and then it will start showing in Policy Rule selector.

Same thing if you update the Serial Number List. So the important thing is it takes some time to propagate the List.

1 Like

Thank you, I will give it some time and try again.

Hello,

I too have this issue. I have created a List with device serial numbers but could not find the option on the list of rules for a policy. I waited many hours after creating the List and nothing changes. I’m using the Free version but according to the documentation that feature is available for all plans.

Thank you!

I also have been trying this all day and can’t get the Device Posture - Serial Number List to show up in the rules selector. I created a Serial Number over 8 hours ago and still can’t see it as an option to select in the rules. Has anyone got this working? If so please can you share what needs doing in order to use this. Thanks.

By the way, I should add that other lists, like Email, IP, URL and Hostname work just fine. I create the list and save it, navigate to an application and add a new policy and see the corresponding option in the selector dropdown. For some reason, the Serial Number List never shows up!!!

Please can someone provide some clarity on how to get this working.

I still couldn’t find the way.

Perhaps @cscharff or kenny can give us a tip regarding this feature.

Well, I found the way after all:

First you need to create the list including the serial numbers.

Then you need to create the device posture. Can’t do it from the GUI, so the API call is like this:

(replace the $ACCOUNT_ID, $AUTH_EMAIL and $AUTH_KEY with your access info, and $LIST_UUID with the UUID of the serial number list, oh, and also $PLATFORM (windows,mac,linux,android,ios))

curl -v -X POST https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/devices/posture \
    -H "X-Auth-Email: $AUTH_EMAIL" -H "X-Auth-Key: $AUTH_KEY" -H "Content-Type: application/json" \
    --data '{"type":"serial_number","name":"Admin Serial Numbers","description":"The rule for admin serial numbers","schedule":"1h","match":[{"platform":"$PLATFORM"}],"input":{"id":"$LIST_UUID"},"expiration":"1h"}'

If you check the API documentation don’t use that example as it’s wrong and says type:file instead of type:serial_number.

Anyway, none of this will work unless you create a policy that fails the posture check, which is another thing that’s not available from the GUI but that’s correctly explained on the documentation, and it was posted: