UNPKG

@bdzscaler/pulumi-zia

Version:

A Pulumi package for creating and managing zia cloud resources.

www.zscaler.com

zscaler/pulumi-zia

118 lines 9.16 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
"use strict"; // *** WARNING: this file was generated by pulumi-language-nodejs. *** // *** Do not edit by hand unless you're certain you know what you are doing! *** Object.defineProperty(exports, "__esModule", { value: true }); exports.getSandboxRulesOutput = exports.getSandboxRules = void 0; const pulumi = require("@pulumi/pulumi"); const utilities = require("./utilities"); /** * * [Official documentation](https://help.zscaler.com/zia/about-sandbox) * * [API documentation](https://help.zscaler.com/zia/sandbox-policy-settings#/sandboxRules-get) * * Use the **zia_sandbox_rules** data source to get information about a sandbox rule in the Zscaler Internet Access. * * ## Example Usage * * ## Read-Only * * In addition to all arguments above, the following attributes are exported: * * * `description` - (String) Enter additional notes or information. The description cannot exceed 10,240 characters. * * `order` - (Integer) Policy rules are evaluated in ascending numerical order (Rule 1 before Rule 2, and so on), and the Rule Order reflects this rule's place in the order. * * `state` - (String) The state of the rule indicating whether it is enabled or disabled. Supported values: `ENABLED` or `DISABLED` * * `rank` - (Integer) The admin rank specified for the rule based on your assigned admin rank. Admin rank determines the rule order that can be specified for the rule. Admin rank can be configured if it is enabled in the Advanced Settings. * * `baRuleAction` - (String) The action configured for the rule that must take place if the traffic matches the rule criteria. Supported Values: `ALLOW` or `BLOCK` * * `firstTimeEnable` - (Boolean) A Boolean value indicating whether a First-Time Action is specifically configured for the rule. The First-Time Action takes place when users download unknown files. The action to be applied is specified using the firstTimeOperation field. * * `firstTimeOperation` - (String) The action that must take place when users download unknown files for the first time. Supported Values: `ALLOW_SCAN`, `QUARANTINE`, `ALLOW_NOSCAN`, `QUARANTINE_ISOLATE` * * `mlActionEnabled` - (Boolean) A Boolean value indicating whether to enable or disable the AI Instant Verdict option to have the Zscaler service use AI analysis to instantly assign threat scores to unknown files. This option is available to use only with specific rule actions such as Quarantine and Allow and Scan for First-Time Action. * * `byThreatScore` - (Integer) * * `defaultRule` - (Boolean) Value that indicates whether the rule is the Default Cloud IPS Rule or not * * * `urlCategories` - (List of Strings) The list of URL categories to which the DLP policy rule must be applied. * * `fileTypes` - (List of Strings) File type categories for which the policy is applied. If not set, the rule is applied across all file types. * * `Who, Where and When` supports the following attributes: * * * `locations` - (List of Objects) You can manually select up to `8` locations. When not used it implies `Any` to apply the rule to all groups. * - `id` - (Integer) Identifier that uniquely identifies an entity * * `locationGroups` - (List of Objects)You can manually select up to `32` location groups. When not used it implies `Any` to apply the rule to all location groups. * - `id` - (Integer) Identifier that uniquely identifies an entity * * `users` - (List of Objects) You can manually select up to `4` general and/or special users. When not used it implies `Any` to apply the rule to all users. * - `id` - (Integer) Identifier that uniquely identifies an entity * * `groups` - (List of Objects) You can manually select up to `8` groups. When not used it implies `Any` to apply the rule to all groups. * - `id` - (Integer) Identifier that uniquely identifies an entity * * `departments` - (List of Objects) Apply to any number of departments When not used it implies `Any` to apply the rule to all departments. * - `id` - (Integer) Identifier that uniquely identifies an entity * * * `labels` (List of Objects) Labels that are applicable to the rule. * - `id` - (Integer) Identifier that uniquely identifies an entity * * * `zpaAppSegments` (List of Objects) The ZPA application segments to which the rule applies * - `id` - (Integer) Identifier that uniquely identifies an entity */ function getSandboxRules(args, opts) { args = args || {}; opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("zia:index/getSandboxRules:getSandboxRules", { "id": args.id, "name": args.name, "urlCategories": args.urlCategories, }, opts); } exports.getSandboxRules = getSandboxRules; /** * * [Official documentation](https://help.zscaler.com/zia/about-sandbox) * * [API documentation](https://help.zscaler.com/zia/sandbox-policy-settings#/sandboxRules-get) * * Use the **zia_sandbox_rules** data source to get information about a sandbox rule in the Zscaler Internet Access. * * ## Example Usage * * ## Read-Only * * In addition to all arguments above, the following attributes are exported: * * * `description` - (String) Enter additional notes or information. The description cannot exceed 10,240 characters. * * `order` - (Integer) Policy rules are evaluated in ascending numerical order (Rule 1 before Rule 2, and so on), and the Rule Order reflects this rule's place in the order. * * `state` - (String) The state of the rule indicating whether it is enabled or disabled. Supported values: `ENABLED` or `DISABLED` * * `rank` - (Integer) The admin rank specified for the rule based on your assigned admin rank. Admin rank determines the rule order that can be specified for the rule. Admin rank can be configured if it is enabled in the Advanced Settings. * * `baRuleAction` - (String) The action configured for the rule that must take place if the traffic matches the rule criteria. Supported Values: `ALLOW` or `BLOCK` * * `firstTimeEnable` - (Boolean) A Boolean value indicating whether a First-Time Action is specifically configured for the rule. The First-Time Action takes place when users download unknown files. The action to be applied is specified using the firstTimeOperation field. * * `firstTimeOperation` - (String) The action that must take place when users download unknown files for the first time. Supported Values: `ALLOW_SCAN`, `QUARANTINE`, `ALLOW_NOSCAN`, `QUARANTINE_ISOLATE` * * `mlActionEnabled` - (Boolean) A Boolean value indicating whether to enable or disable the AI Instant Verdict option to have the Zscaler service use AI analysis to instantly assign threat scores to unknown files. This option is available to use only with specific rule actions such as Quarantine and Allow and Scan for First-Time Action. * * `byThreatScore` - (Integer) * * `defaultRule` - (Boolean) Value that indicates whether the rule is the Default Cloud IPS Rule or not * * * `urlCategories` - (List of Strings) The list of URL categories to which the DLP policy rule must be applied. * * `fileTypes` - (List of Strings) File type categories for which the policy is applied. If not set, the rule is applied across all file types. * * `Who, Where and When` supports the following attributes: * * * `locations` - (List of Objects) You can manually select up to `8` locations. When not used it implies `Any` to apply the rule to all groups. * - `id` - (Integer) Identifier that uniquely identifies an entity * * `locationGroups` - (List of Objects)You can manually select up to `32` location groups. When not used it implies `Any` to apply the rule to all location groups. * - `id` - (Integer) Identifier that uniquely identifies an entity * * `users` - (List of Objects) You can manually select up to `4` general and/or special users. When not used it implies `Any` to apply the rule to all users. * - `id` - (Integer) Identifier that uniquely identifies an entity * * `groups` - (List of Objects) You can manually select up to `8` groups. When not used it implies `Any` to apply the rule to all groups. * - `id` - (Integer) Identifier that uniquely identifies an entity * * `departments` - (List of Objects) Apply to any number of departments When not used it implies `Any` to apply the rule to all departments. * - `id` - (Integer) Identifier that uniquely identifies an entity * * * `labels` (List of Objects) Labels that are applicable to the rule. * - `id` - (Integer) Identifier that uniquely identifies an entity * * * `zpaAppSegments` (List of Objects) The ZPA application segments to which the rule applies * - `id` - (Integer) Identifier that uniquely identifies an entity */ function getSandboxRulesOutput(args, opts) { args = args || {}; opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invokeOutput("zia:index/getSandboxRules:getSandboxRules", { "id": args.id, "name": args.name, "urlCategories": args.urlCategories, }, opts); } exports.getSandboxRulesOutput = getSandboxRulesOutput; //# sourceMappingURL=getSandboxRules.js.map