@bdzscaler/pulumi-zia
Version:
A Pulumi package for creating and managing zia cloud resources.
188 lines (187 loc) • 8.13 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
import * as outputs from "./types/output";
/**
* * [Official documentation](https://help.zscaler.com/zia/about-locations)
* * [API documentation](https://help.zscaler.com/zia/location-management#/locations-get)
*
* Use the **zia_location_management** data source to get information about a location resource available in the Zscaler Internet Access Location Management. This resource can then be referenced in multiple other resources, such as URL Filtering Rules, Firewall rules etc.
*
* ## Example Usage
*/
export declare function getLocationManagement(args?: GetLocationManagementArgs, opts?: pulumi.InvokeOptions): Promise<GetLocationManagementResult>;
/**
* A collection of arguments for invoking getLocationManagement.
*/
export interface GetLocationManagementArgs {
basicAuthEnabled?: boolean;
/**
* The ID of the location to be exported.
*/
id?: number;
/**
* The name of the location to be exported.
*/
name?: string;
parentName?: string;
}
/**
* A collection of values returned by getLocationManagement.
*/
export interface GetLocationManagementResult {
/**
* (Boolean) For First Time AUP Behavior, Block Internet Access. When set, all internet access (including non-HTTP traffic) is disabled until the user accepts the AUP.
*/
readonly aupBlockInternetUntilAccepted: boolean;
/**
* (Boolean) Enable AUP. When set to true, AUP is enabled for the location.
*/
readonly aupEnabled: boolean;
/**
* (Boolean) For First Time AUP Behavior, Force SSL Inspection. When set, Zscaler will force SSL Inspection in order to enforce AUP for HTTPS traffic.
*/
readonly aupForceSslInspection: boolean;
/**
* (Number) Custom AUP Frequency. Refresh time (in days) to re-validate the AUP.
*/
readonly aupTimeoutInDays: number;
/**
* (Boolean) Enforce Authentication. Required when ports are enabled, IP Surrogate is enabled, or Kerberos Authentication is enabled.
*/
readonly authRequired: boolean;
readonly basicAuthEnabled: boolean;
/**
* (Boolean) Enable Caution. When set to true, a caution notifcation is enabled for the location.
*/
readonly cautionEnabled: boolean;
/**
* (String) Country
*/
readonly country: string;
readonly defaultExtranetDns: boolean;
readonly defaultExtranetTsPool: boolean;
/**
* (String) Additional notes or information regarding the location or sub-location. The description cannot exceed 1024 characters.
*/
readonly description: string;
readonly digestAuthEnabled: boolean;
/**
* (String) Display Time Unit. The time unit to display for IP Surrogate idle time to disassociation.
*/
readonly displayTimeUnit: string;
/**
* (Number) Download bandwidth in bytes. The value `0` implies no Bandwidth Control enforcement.
*/
readonly dnBandwidth: number;
/**
* (Block, Max: 1) The ID of the DNS server configuration used in the extranet
*/
readonly extranetDns: outputs.GetLocationManagementExtranetDn[];
/**
* (Block, Max: 1) The ID of the traffic selector specified in the extranet
*/
readonly extranetIpPools: outputs.GetLocationManagementExtranetIpPool[];
/**
* (Block, Max: 1) The ID of the extranet resource that must be assigned to the location
*/
readonly extranets: outputs.GetLocationManagementExtranet[];
/**
* (int) The Identifier that uniquely identifies an entity
*/
readonly id?: number;
/**
* (Number) Idle Time to Disassociation. The user mapping idle time (in minutes) is required if a Surrogate IP is enabled.
*/
readonly idleTimeInMinutes: number;
readonly iotDiscoveryEnabled: boolean;
/**
* (List of String) For locations: IP addresses of the egress points that are provisioned in the Zscaler Cloud. Each entry is a single IP address (e.g., `238.10.33.9`). For sub-locations: Egress, internal, or GRE tunnel IP addresses. Each entry is either a single IP address, CIDR (e.g., `10.10.33.0/24`), or range (e.g., `10.10.33.1-10.10.33.10`)).
*/
readonly ipAddresses: string[];
/**
* (Boolean) Enable IPS Control. When set to true, IPS Control is enabled for the location if Firewall is enabled.
*/
readonly ipsControl: boolean;
readonly kerberosAuthEnabled: boolean;
/**
* (String) The configured name of the entity
*/
readonly name?: string;
/**
* (Boolean) Enable Firewall. When set to true, Firewall is enabled for the location.
*/
readonly ofwEnabled: boolean;
/**
* (Number) - Parent Location ID. If this ID does not exist or is `0`, it is implied that it is a parent location. Otherwise, it is a sub-location whose parent has this ID. x-applicableTo: `SUB`
*/
readonly parentId: number;
readonly parentName?: string;
/**
* (List of String) IP ports that are associated with the location.
*/
readonly ports: string[];
/**
* (String) Profile tag that specifies the location traffic type. If not specified, this tag defaults to `Unassigned`.
*/
readonly profile: string;
/**
* (Boolean) This parameter was deprecated and no longer has an effect on SSL policy. It remains supported in the API payload in order to maintain backwards compatibility with existing scripts, but it will be removed in future.
*/
readonly sslScanEnabled: boolean;
/**
* (Boolean) Enable Surrogate IP. When set to true, users are mapped to internal device IP addresses.
*/
readonly surrogateIp: boolean;
/**
* (Boolean) Enforce Surrogate IP for Known Browsers. When set to true, IP Surrogate is enforced for all known browsers.
*/
readonly surrogateIpEnforcedForKnownBrowsers: boolean;
/**
* (Number) Refresh Time for re-validation of Surrogacy. The surrogate refresh time (in minutes) to re-validate the IP surrogates.
*/
readonly surrogateRefreshTimeInMinutes: number;
/**
* (String) Display Refresh Time Unit. The time unit to display for refresh time for re-validation of surrogacy.
*/
readonly surrogateRefreshTimeUnit: string;
/**
* (String) Timezone of the location. If not specified, it defaults to GMT.
*/
readonly tz: string;
/**
* (Number) Upload bandwidth in bytes. The value `0` implies no Bandwidth Control enforcement.
*/
readonly upBandwidth: number;
readonly vpnCredentials: outputs.GetLocationManagementVpnCredential[];
/**
* (Boolean) Enable XFF Forwarding. When set to true, traffic is passed to Zscaler Cloud via the X-Forwarded-For (XFF) header.
*/
readonly xffForwardEnabled: boolean;
/**
* (Boolean) This parameter was deprecated and no longer has an effect on SSL policy. It remains supported in the API payload in order to maintain backwards compatibility with existing scripts, but it will be removed in future.
*/
readonly zappSslScanEnabled: boolean;
}
/**
* * [Official documentation](https://help.zscaler.com/zia/about-locations)
* * [API documentation](https://help.zscaler.com/zia/location-management#/locations-get)
*
* Use the **zia_location_management** data source to get information about a location resource available in the Zscaler Internet Access Location Management. This resource can then be referenced in multiple other resources, such as URL Filtering Rules, Firewall rules etc.
*
* ## Example Usage
*/
export declare function getLocationManagementOutput(args?: GetLocationManagementOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output<GetLocationManagementResult>;
/**
* A collection of arguments for invoking getLocationManagement.
*/
export interface GetLocationManagementOutputArgs {
basicAuthEnabled?: pulumi.Input<boolean>;
/**
* The ID of the location to be exported.
*/
id?: pulumi.Input<number>;
/**
* The name of the location to be exported.
*/
name?: pulumi.Input<string>;
parentName?: pulumi.Input<string>;
}