@bdzscaler/pulumi-zia

import * as pulumi from "@pulumi/pulumi"; import * as inputs from "./types/input"; import * as outputs from "./types/output"; /** * ## Import * * Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language. * * Visit * * **zia_forwarding_control_rule** can be imported by using `<RULE ID>` or `<RULE NAME>` as the import ID. * * For example: * * ```sh * $ pulumi import zia:index/forwardingControlRule:ForwardingControlRule example <rule_id> * ``` * * or * * ```sh * $ pulumi import zia:index/forwardingControlRule:ForwardingControlRule example <rule_name> * ``` */ export declare class ForwardingControlRule extends pulumi.CustomResource { /** * Get an existing ForwardingControlRule resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ForwardingControlRuleState, opts?: pulumi.CustomResourceOptions): ForwardingControlRule; /** * Returns true if the given object is an instance of ForwardingControlRule. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is ForwardingControlRule; /** * (list) - Application service groups on which this rule is applied */ readonly appServiceGroups: pulumi.Output<outputs.ForwardingControlRuleAppServiceGroups | undefined>; /** * (list) Apply to any number of departments When not used it implies `Any` to apply the rule to all departments. */ readonly departments: pulumi.Output<outputs.ForwardingControlRuleDepartments | undefined>; /** * (string) - Additional information about the forwarding rule */ readonly description: pulumi.Output<string | undefined>; /** * ** - (list) - IP addresses and fully qualified domain names (FQDNs), if the domain has multiple destination IP addresses or if its IP addresses may change. For IP addresses, you can enter individual IP addresses, subnets, or address ranges. If adding multiple items, hit Enter after each entry. */ readonly destAddresses: pulumi.Output<string[] | undefined>; /** * ** - (list) destination countries for which the rule is applicable. If not set, the rule is not restricted to specific destination countries. Provide a 2 letter [ISO3166 Alpha2 Country code](https://en.wikipedia.org/wiki/List_of_ISO_3166_country_codes). */ readonly destCountries: pulumi.Output<string[]>; /** * ** - (list) identify destinations based on the URL category of the domain, select Any to apply the rule to all categories or select the specific categories you want to control. */ readonly destIpCategories: pulumi.Output<string[] | undefined>; /** * ** - (list) Any number of destination IP address groups that you want to control with this rule. */ readonly destIpGroups: pulumi.Output<outputs.ForwardingControlRuleDestIpGroups | undefined>; /** * ** - (list) Destination IPv6 address groups for which the rule is applicable. If not set, the rule is not restricted to a specific source IPv6 address group. */ readonly destIpv6Groups: pulumi.Output<outputs.ForwardingControlRuleDestIpv6Groups | undefined>; /** * (list) - Name-ID pairs of the Zscaler Cloud Connector groups to which the forwarding rule applies */ readonly ecGroups: pulumi.Output<outputs.ForwardingControlRuleEcGroups | undefined>; /** * The type of traffic forwarding method selected from the available options */ readonly forwardMethod: pulumi.Output<string>; /** * (list) You can manually select up to `8` groups. When not used it implies `Any` to apply the rule to all groups. */ readonly groups: pulumi.Output<outputs.ForwardingControlRuleGroups | undefined>; /** * (list) Labels that are applicable to the rule. */ readonly labels: pulumi.Output<outputs.ForwardingControlRuleLabels | undefined>; /** * (Optional) You can manually select up to `32` location groups. When not used it implies `Any` to apply the rule to all location groups. */ readonly locationGroups: pulumi.Output<outputs.ForwardingControlRuleLocationGroups | undefined>; /** * (Optional) You can manually select up to `8` locations. When not used it implies `Any` to apply the rule to all groups. */ readonly locations: pulumi.Output<outputs.ForwardingControlRuleLocations | undefined>; /** * (string) The configured name of the entity */ readonly name: pulumi.Output<string>; /** * (list) Any number of application groups that you want to control with this rule. The service provides predefined applications that you can group, but not modify */ readonly nwApplicationGroups: pulumi.Output<outputs.ForwardingControlRuleNwApplicationGroups | undefined>; /** * (list) Any number of predefined or custom network service groups to which the rule applies. */ readonly nwServiceGroups: pulumi.Output<outputs.ForwardingControlRuleNwServiceGroups | undefined>; /** * (list) When not used it applies the rule to all network services or you can select specific network services. The Zscaler firewall has predefined services and you can configure up to `1,024` additional custom services. */ readonly nwServices: pulumi.Output<outputs.ForwardingControlRuleNwServices | undefined>; /** * (int) - The order of execution for the forwarding rule order. */ readonly order: pulumi.Output<number>; /** * (set) The proxy gateway for which the rule is applicable. This field is applicable only for the `PROXYCHAIN` forwarding method. */ readonly proxyGateway: pulumi.Output<outputs.ForwardingControlRuleProxyGateway>; /** * Admin rank assigned to the forwarding rule */ readonly rank: pulumi.Output<number | undefined>; /** * ** - (list) List of destination domain categories to which the rule applies. */ readonly resCategories: pulumi.Output<string[] | undefined>; /** * A unique identifier assigned to the forwarding rule */ readonly ruleId: pulumi.Output<number>; /** * (list) Any number of source IP address groups that you want to control with this rule. */ readonly srcIpGroups: pulumi.Output<outputs.ForwardingControlRuleSrcIpGroups | undefined>; /** * (Optional) You can enter individual IP addresses, subnets, or address ranges. */ readonly srcIps: pulumi.Output<string[] | undefined>; /** * (list) Source IPv6 address groups for which the rule is applicable. If not set, the rule is not restricted to a specific source IPv6 address group. */ readonly srcIpv6Groups: pulumi.Output<outputs.ForwardingControlRuleSrcIpv6Groups | undefined>; /** * (string) - Indicates whether the forwarding rule is enabled or disabled. Supported values are: `ENABLED` and `DISABLED`. */ readonly state: pulumi.Output<string | undefined>; /** * The rule type selected from the available options */ readonly type: pulumi.Output<string | undefined>; /** * (list) You can manually select up to `4` general and/or special users. When not used it implies `Any` to apply the rule to all users. */ readonly users: pulumi.Output<outputs.ForwardingControlRuleUsers | undefined>; /** * (set) The list of ZPA Application Segments for which this rule is applicable. This field is applicable only for the `ZPA` Gateway forwarding method. */ readonly zpaAppSegments: pulumi.Output<outputs.ForwardingControlRuleZpaAppSegment[]>; /** * (set) List of ZPA Application Segment Groups for which this rule is applicable. This field is applicable only for the `ECZPA` forwarding method (used for Zscaler Cloud Connector). */ readonly zpaApplicationSegmentGroups: pulumi.Output<outputs.ForwardingControlRuleZpaApplicationSegmentGroups | undefined>; /** * (set) List of ZPA Application Segments for which this rule is applicable. This field is applicable only for the `ECZPA` forwarding method (used for Zscaler Cloud Connector). */ readonly zpaApplicationSegments: pulumi.Output<outputs.ForwardingControlRuleZpaApplicationSegments | undefined>; /** * (set) The ZPA Gateway for which this rule is applicable. This field is applicable only for the `ZPA` forwarding method. */ readonly zpaGateway: pulumi.Output<outputs.ForwardingControlRuleZpaGateway>; /** * Create a ForwardingControlRule resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: ForwardingControlRuleArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering ForwardingControlRule resources. */ export interface ForwardingControlRuleState { /** * (list) - Application service groups on which this rule is applied */ appServiceGroups?: pulumi.Input<inputs.ForwardingControlRuleAppServiceGroups>; /** * (list) Apply to any number of departments When not used it implies `Any` to apply the rule to all departments. */ departments?: pulumi.Input<inputs.ForwardingControlRuleDepartments>; /** * (string) - Additional information about the forwarding rule */ description?: pulumi.Input<string>; /** * ** - (list) - IP addresses and fully qualified domain names (FQDNs), if the domain has multiple destination IP addresses or if its IP addresses may change. For IP addresses, you can enter individual IP addresses, subnets, or address ranges. If adding multiple items, hit Enter after each entry. */ destAddresses?: pulumi.Input<pulumi.Input<string>[]>; /** * ** - (list) destination countries for which the rule is applicable. If not set, the rule is not restricted to specific destination countries. Provide a 2 letter [ISO3166 Alpha2 Country code](https://en.wikipedia.org/wiki/List_of_ISO_3166_country_codes). */ destCountries?: pulumi.Input<pulumi.Input<string>[]>; /** * ** - (list) identify destinations based on the URL category of the domain, select Any to apply the rule to all categories or select the specific categories you want to control. */ destIpCategories?: pulumi.Input<pulumi.Input<string>[]>; /** * ** - (list) Any number of destination IP address groups that you want to control with this rule. */ destIpGroups?: pulumi.Input<inputs.ForwardingControlRuleDestIpGroups>; /** * ** - (list) Destination IPv6 address groups for which the rule is applicable. If not set, the rule is not restricted to a specific source IPv6 address group. */ destIpv6Groups?: pulumi.Input<inputs.ForwardingControlRuleDestIpv6Groups>; /** * (list) - Name-ID pairs of the Zscaler Cloud Connector groups to which the forwarding rule applies */ ecGroups?: pulumi.Input<inputs.ForwardingControlRuleEcGroups>; /** * The type of traffic forwarding method selected from the available options */ forwardMethod?: pulumi.Input<string>; /** * (list) You can manually select up to `8` groups. When not used it implies `Any` to apply the rule to all groups. */ groups?: pulumi.Input<inputs.ForwardingControlRuleGroups>; /** * (list) Labels that are applicable to the rule. */ labels?: pulumi.Input<inputs.ForwardingControlRuleLabels>; /** * (Optional) You can manually select up to `32` location groups. When not used it implies `Any` to apply the rule to all location groups. */ locationGroups?: pulumi.Input<inputs.ForwardingControlRuleLocationGroups>; /** * (Optional) You can manually select up to `8` locations. When not used it implies `Any` to apply the rule to all groups. */ locations?: pulumi.Input<inputs.ForwardingControlRuleLocations>; /** * (string) The configured name of the entity */ name?: pulumi.Input<string>; /** * (list) Any number of application groups that you want to control with this rule. The service provides predefined applications that you can group, but not modify */ nwApplicationGroups?: pulumi.Input<inputs.ForwardingControlRuleNwApplicationGroups>; /** * (list) Any number of predefined or custom network service groups to which the rule applies. */ nwServiceGroups?: pulumi.Input<inputs.ForwardingControlRuleNwServiceGroups>; /** * (list) When not used it applies the rule to all network services or you can select specific network services. The Zscaler firewall has predefined services and you can configure up to `1,024` additional custom services. */ nwServices?: pulumi.Input<inputs.ForwardingControlRuleNwServices>; /** * (int) - The order of execution for the forwarding rule order. */ order?: pulumi.Input<number>; /** * (set) The proxy gateway for which the rule is applicable. This field is applicable only for the `PROXYCHAIN` forwarding method. */ proxyGateway?: pulumi.Input<inputs.ForwardingControlRuleProxyGateway>; /** * Admin rank assigned to the forwarding rule */ rank?: pulumi.Input<number>; /** * ** - (list) List of destination domain categories to which the rule applies. */ resCategories?: pulumi.Input<pulumi.Input<string>[]>; /** * A unique identifier assigned to the forwarding rule */ ruleId?: pulumi.Input<number>; /** * (list) Any number of source IP address groups that you want to control with this rule. */ srcIpGroups?: pulumi.Input<inputs.ForwardingControlRuleSrcIpGroups>; /** * (Optional) You can enter individual IP addresses, subnets, or address ranges. */ srcIps?: pulumi.Input<pulumi.Input<string>[]>; /** * (list) Source IPv6 address groups for which the rule is applicable. If not set, the rule is not restricted to a specific source IPv6 address group. */ srcIpv6Groups?: pulumi.Input<inputs.ForwardingControlRuleSrcIpv6Groups>; /** * (string) - Indicates whether the forwarding rule is enabled or disabled. Supported values are: `ENABLED` and `DISABLED`. */ state?: pulumi.Input<string>; /** * The rule type selected from the available options */ type?: pulumi.Input<string>; /** * (list) You can manually select up to `4` general and/or special users. When not used it implies `Any` to apply the rule to all users. */ users?: pulumi.Input<inputs.ForwardingControlRuleUsers>; /** * (set) The list of ZPA Application Segments for which this rule is applicable. This field is applicable only for the `ZPA` Gateway forwarding method. */ zpaAppSegments?: pulumi.Input<pulumi.Input<inputs.ForwardingControlRuleZpaAppSegment>[]>; /** * (set) List of ZPA Application Segment Groups for which this rule is applicable. This field is applicable only for the `ECZPA` forwarding method (used for Zscaler Cloud Connector). */ zpaApplicationSegmentGroups?: pulumi.Input<inputs.ForwardingControlRuleZpaApplicationSegmentGroups>; /** * (set) List of ZPA Application Segments for which this rule is applicable. This field is applicable only for the `ECZPA` forwarding method (used for Zscaler Cloud Connector). */ zpaApplicationSegments?: pulumi.Input<inputs.ForwardingControlRuleZpaApplicationSegments>; /** * (set) The ZPA Gateway for which this rule is applicable. This field is applicable only for the `ZPA` forwarding method. */ zpaGateway?: pulumi.Input<inputs.ForwardingControlRuleZpaGateway>; } /** * The set of arguments for constructing a ForwardingControlRule resource. */ export interface ForwardingControlRuleArgs { /** * (list) - Application service groups on which this rule is applied */ appServiceGroups?: pulumi.Input<inputs.ForwardingControlRuleAppServiceGroups>; /** * (list) Apply to any number of departments When not used it implies `Any` to apply the rule to all departments. */ departments?: pulumi.Input<inputs.ForwardingControlRuleDepartments>; /** * (string) - Additional information about the forwarding rule */ description?: pulumi.Input<string>; /** * ** - (list) - IP addresses and fully qualified domain names (FQDNs), if the domain has multiple destination IP addresses or if its IP addresses may change. For IP addresses, you can enter individual IP addresses, subnets, or address ranges. If adding multiple items, hit Enter after each entry. */ destAddresses?: pulumi.Input<pulumi.Input<string>[]>; /** * ** - (list) destination countries for which the rule is applicable. If not set, the rule is not restricted to specific destination countries. Provide a 2 letter [ISO3166 Alpha2 Country code](https://en.wikipedia.org/wiki/List_of_ISO_3166_country_codes). */ destCountries?: pulumi.Input<pulumi.Input<string>[]>; /** * ** - (list) identify destinations based on the URL category of the domain, select Any to apply the rule to all categories or select the specific categories you want to control. */ destIpCategories?: pulumi.Input<pulumi.Input<string>[]>; /** * ** - (list) Any number of destination IP address groups that you want to control with this rule. */ destIpGroups?: pulumi.Input<inputs.ForwardingControlRuleDestIpGroups>; /** * ** - (list) Destination IPv6 address groups for which the rule is applicable. If not set, the rule is not restricted to a specific source IPv6 address group. */ destIpv6Groups?: pulumi.Input<inputs.ForwardingControlRuleDestIpv6Groups>; /** * (list) - Name-ID pairs of the Zscaler Cloud Connector groups to which the forwarding rule applies */ ecGroups?: pulumi.Input<inputs.ForwardingControlRuleEcGroups>; /** * The type of traffic forwarding method selected from the available options */ forwardMethod: pulumi.Input<string>; /** * (list) You can manually select up to `8` groups. When not used it implies `Any` to apply the rule to all groups. */ groups?: pulumi.Input<inputs.ForwardingControlRuleGroups>; /** * (list) Labels that are applicable to the rule. */ labels?: pulumi.Input<inputs.ForwardingControlRuleLabels>; /** * (Optional) You can manually select up to `32` location groups. When not used it implies `Any` to apply the rule to all location groups. */ locationGroups?: pulumi.Input<inputs.ForwardingControlRuleLocationGroups>; /** * (Optional) You can manually select up to `8` locations. When not used it implies `Any` to apply the rule to all groups. */ locations?: pulumi.Input<inputs.ForwardingControlRuleLocations>; /** * (string) The configured name of the entity */ name?: pulumi.Input<string>; /** * (list) Any number of application groups that you want to control with this rule. The service provides predefined applications that you can group, but not modify */ nwApplicationGroups?: pulumi.Input<inputs.ForwardingControlRuleNwApplicationGroups>; /** * (list) Any number of predefined or custom network service groups to which the rule applies. */ nwServiceGroups?: pulumi.Input<inputs.ForwardingControlRuleNwServiceGroups>; /** * (list) When not used it applies the rule to all network services or you can select specific network services. The Zscaler firewall has predefined services and you can configure up to `1,024` additional custom services. */ nwServices?: pulumi.Input<inputs.ForwardingControlRuleNwServices>; /** * (int) - The order of execution for the forwarding rule order. */ order: pulumi.Input<number>; /** * (set) The proxy gateway for which the rule is applicable. This field is applicable only for the `PROXYCHAIN` forwarding method. */ proxyGateway?: pulumi.Input<inputs.ForwardingControlRuleProxyGateway>; /** * Admin rank assigned to the forwarding rule */ rank?: pulumi.Input<number>; /** * ** - (list) List of destination domain categories to which the rule applies. */ resCategories?: pulumi.Input<pulumi.Input<string>[]>; /** * (list) Any number of source IP address groups that you want to control with this rule. */ srcIpGroups?: pulumi.Input<inputs.ForwardingControlRuleSrcIpGroups>; /** * (Optional) You can enter individual IP addresses, subnets, or address ranges. */ srcIps?: pulumi.Input<pulumi.Input<string>[]>; /** * (list) Source IPv6 address groups for which the rule is applicable. If not set, the rule is not restricted to a specific source IPv6 address group. */ srcIpv6Groups?: pulumi.Input<inputs.ForwardingControlRuleSrcIpv6Groups>; /** * (string) - Indicates whether the forwarding rule is enabled or disabled. Supported values are: `ENABLED` and `DISABLED`. */ state?: pulumi.Input<string>; /** * The rule type selected from the available options */ type?: pulumi.Input<string>; /** * (list) You can manually select up to `4` general and/or special users. When not used it implies `Any` to apply the rule to all users. */ users?: pulumi.Input<inputs.ForwardingControlRuleUsers>; /** * (set) The list of ZPA Application Segments for which this rule is applicable. This field is applicable only for the `ZPA` Gateway forwarding method. */ zpaAppSegments?: pulumi.Input<pulumi.Input<inputs.ForwardingControlRuleZpaAppSegment>[]>; /** * (set) List of ZPA Application Segment Groups for which this rule is applicable. This field is applicable only for the `ECZPA` forwarding method (used for Zscaler Cloud Connector). */ zpaApplicationSegmentGroups?: pulumi.Input<inputs.ForwardingControlRuleZpaApplicationSegmentGroups>; /** * (set) List of ZPA Application Segments for which this rule is applicable. This field is applicable only for the `ECZPA` forwarding method (used for Zscaler Cloud Connector). */ zpaApplicationSegments?: pulumi.Input<inputs.ForwardingControlRuleZpaApplicationSegments>; /** * (set) The ZPA Gateway for which this rule is applicable. This field is applicable only for the `ZPA` forwarding method. */ zpaGateway?: pulumi.Input<inputs.ForwardingControlRuleZpaGateway>; }