@bdzscaler/pulumi-zia

import * as pulumi from "@pulumi/pulumi"; import * as outputs from "./types/output"; /** * * [Official documentation](https://help.zscaler.com/zia/about-nat-control) * * [API documentation](https://help.zscaler.com/zia/nat-control-policy#/dnatRules-get) * * Use the **zia_nat_control_rules** data source to get information about a NAT Control rule available in the Zscaler Internet Access. * * ## Example Usage * * ### By Name * * ### By ID */ export declare function getNatControlRules(args?: GetNatControlRulesArgs, opts?: pulumi.InvokeOptions): Promise<GetNatControlRulesResult>; /** * A collection of arguments for invoking getNatControlRules. */ export interface GetNatControlRulesArgs { /** * A unique identifier assigned to the forwarding rule. */ id?: number; /** * The name of the forwarding rule. */ name?: string; /** * (string) - FQDN to which the traffic is redirected to when the DNAT rule is triggered. This is mutually exclusive to redirect IP. */ redirectFqdn?: string; /** * (string) - IP address to which the traffic is redirected to when the DNAT rule is triggered. If not set, no redirection is done to the specific IP address. */ redirectIp?: string; /** * (string) - Port to which the traffic is redirected to when the DNAT rule is triggered. If not set, no redirection is done to the specific port. */ redirectPort?: number; } /** * A collection of values returned by getNatControlRules. */ export interface GetNatControlRulesResult { /** * (Boolean) If set to true, the default rule is applied */ readonly defaultRule: boolean; /** * (Block List, Max: 1) Apply to any number of departments When not used it implies `Any` to apply the rule to all departments. */ readonly departments: outputs.GetNatControlRulesDepartment[]; /** * (string) - Additional information about the forwarding rule */ readonly description: string; /** * ** - (List of String) - IP addresses and fully qualified domain names (FQDNs), if the domain has multiple destination IP addresses or if its IP addresses may change. For IP addresses, you can enter individual IP addresses, subnets, or address ranges. If adding multiple items, hit Enter after each entry. */ readonly destAddresses: string[]; /** * ** - (List of String) Destination countries for which the rule is applicable. If not set, the rule is not restricted to specific destination countries. */ readonly destCountries: string[]; /** * ** - (List of String) IP address categories of destination for which the DNAT rule is applicable. If not set, the rule is not restricted to specific destination IP categories. */ readonly destIpCategories: string[]; /** * ** - (Block List, Max: 1) Any number of destination IP address groups that you want to control with this rule. */ readonly destIpGroups: outputs.GetNatControlRulesDestIpGroup[]; /** * ** - (Block List, Max: 1) Any number of destination IPv6 address groups that you want to control with this rule. */ readonly destIpv6Groups: outputs.GetNatControlRulesDestIpv6Group[]; readonly deviceGroups: outputs.GetNatControlRulesDeviceGroup[]; readonly devices: outputs.GetNatControlRulesDevice[]; /** * (Boolean) */ readonly enableFullLogging: boolean; /** * (Block List, Max: 1) You can manually select up to `8` groups. When not used it implies `Any` to apply the rule to all groups. */ readonly groups: outputs.GetNatControlRulesGroup[]; /** * (int) The ID of this resource. */ readonly id: number; /** * (Block List, Max: 1) Labels that are applicable to the rule. */ readonly labels: outputs.GetNatControlRulesLabel[]; readonly lastModifiedBies: outputs.GetNatControlRulesLastModifiedBy[]; /** * (Number) */ readonly lastModifiedTime: number; /** * (Block List, Max: 1) You can manually select up to `32` location groups. When not used it implies `Any` to apply the rule to all location groups. */ readonly locationGroups: outputs.GetNatControlRulesLocationGroup[]; /** * (Block List, Max: 1) You can manually select up to `8` locations. When not used it implies `Any` to apply the rule to all groups. */ readonly locations: outputs.GetNatControlRulesLocation[]; /** * (String) The configured name of the entity */ readonly name: string; /** * (Block List, Max: 1) Any number of predefined or custom network service groups to which the rule applies. */ readonly nwServiceGroups: outputs.GetNatControlRulesNwServiceGroup[]; /** * (Block List, Max: 1) When not used it applies the rule to all network services or you can select specific network services. The Zscaler firewall has predefined services and you can configure up to `1,024` additional custom services. */ readonly nwServices: outputs.GetNatControlRulesNwService[]; /** * (string) - The order of execution for the forwarding rule order. */ readonly order: number; /** * (Boolean) If set to true, a predefined rule is applied */ readonly predefined: boolean; readonly rank: number; /** * (string) - FQDN to which the traffic is redirected to when the DNAT rule is triggered. This is mutually exclusive to redirect IP. */ readonly redirectFqdn?: string; /** * (string) - IP address to which the traffic is redirected to when the DNAT rule is triggered. If not set, no redirection is done to the specific IP address. */ readonly redirectIp?: string; /** * (string) - Port to which the traffic is redirected to when the DNAT rule is triggered. If not set, no redirection is done to the specific port. */ readonly redirectPort?: number; readonly resCategories: string[]; /** * (Block List, Max: 1) Any number of source IP address groups that you want to control with this rule. */ readonly srcIpGroups: outputs.GetNatControlRulesSrcIpGroup[]; /** * (List of String) You can enter individual IP addresses, subnets, or address ranges. */ readonly srcIps: string[]; /** * (Block List, Max: 1) Any number of source IPv6 address groups that you want to control with this rule. */ readonly srcIpv6Groups: outputs.GetNatControlRulesSrcIpv6Group[]; readonly state: string; /** * (Block List, Max: 1) You can manually select up to `2` time intervals. When not used it implies `always` to apply the rule to all time intervals. */ readonly timeWindows: outputs.GetNatControlRulesTimeWindow[]; /** * (Block List, Max: 1) You can manually select up to `4` general and/or special users. When not used it implies `Any` to apply the rule to all users. */ readonly users: outputs.GetNatControlRulesUser[]; } /** * * [Official documentation](https://help.zscaler.com/zia/about-nat-control) * * [API documentation](https://help.zscaler.com/zia/nat-control-policy#/dnatRules-get) * * Use the **zia_nat_control_rules** data source to get information about a NAT Control rule available in the Zscaler Internet Access. * * ## Example Usage * * ### By Name * * ### By ID */ export declare function getNatControlRulesOutput(args?: GetNatControlRulesOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output<GetNatControlRulesResult>; /** * A collection of arguments for invoking getNatControlRules. */ export interface GetNatControlRulesOutputArgs { /** * A unique identifier assigned to the forwarding rule. */ id?: pulumi.Input<number>; /** * The name of the forwarding rule. */ name?: pulumi.Input<string>; /** * (string) - FQDN to which the traffic is redirected to when the DNAT rule is triggered. This is mutually exclusive to redirect IP. */ redirectFqdn?: pulumi.Input<string>; /** * (string) - IP address to which the traffic is redirected to when the DNAT rule is triggered. If not set, no redirection is done to the specific IP address. */ redirectIp?: pulumi.Input<string>; /** * (string) - Port to which the traffic is redirected to when the DNAT rule is triggered. If not set, no redirection is done to the specific port. */ redirectPort?: pulumi.Input<number>; }