Viewing docs for sysdig 3.8.1
published on Wednesday, May 6, 2026 by sysdiglabs
published on Wednesday, May 6, 2026 by sysdiglabs
Viewing docs for sysdig 3.8.1
published on Wednesday, May 6, 2026 by sysdiglabs
published on Wednesday, May 6, 2026 by sysdiglabs
The sysdig.SecureZone data source allows you to retrieve information about a specific Sysdig Secure Zone.
Note: The
rulesattribute supports both v2 and legacy (v1) syntax. Legacy v1 syntax (labels,labelValues,agentTags) is deprecated — useexpressionblocks instead. Rules using v2-compatible field names are fully supported. See the resource documentation for migration guidance.
Example Usage
With expression-based scopes (recommended)
import * as pulumi from "@pulumi/pulumi";
import * as sysdig from "@pulumi/sysdig";
const sample = new sysdig.SecureZone("sample", {
name: "test-secure-zone",
description: "Test secure zone",
scopes: [{
targetType: "aws",
expressions: [
{
field: "organization",
operator: "in",
values: [
"o1",
"o2",
],
},
{
field: "account",
operator: "in",
values: [
"a1",
"a2",
],
},
],
}],
});
const test = sysdig.getSecureZoneOutput({
name: sample.name,
});
import pulumi
import pulumi_sysdig as sysdig
sample = sysdig.SecureZone("sample",
name="test-secure-zone",
description="Test secure zone",
scopes=[{
"target_type": "aws",
"expressions": [
{
"field": "organization",
"operator": "in",
"values": [
"o1",
"o2",
],
},
{
"field": "account",
"operator": "in",
"values": [
"a1",
"a2",
],
},
],
}])
test = sysdig.get_secure_zone_output(name=sample.name)
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/sysdig/v3/sysdig"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
sample, err := sysdig.NewSecureZone(ctx, "sample", &sysdig.SecureZoneArgs{
Name: pulumi.String("test-secure-zone"),
Description: pulumi.String("Test secure zone"),
Scopes: sysdig.SecureZoneScopeArray{
&sysdig.SecureZoneScopeArgs{
TargetType: pulumi.String("aws"),
Expressions: sysdig.SecureZoneScopeExpressionArray{
&sysdig.SecureZoneScopeExpressionArgs{
Field: pulumi.String("organization"),
Operator: pulumi.String("in"),
Values: pulumi.StringArray{
pulumi.String("o1"),
pulumi.String("o2"),
},
},
&sysdig.SecureZoneScopeExpressionArgs{
Field: pulumi.String("account"),
Operator: pulumi.String("in"),
Values: pulumi.StringArray{
pulumi.String("a1"),
pulumi.String("a2"),
},
},
},
},
},
})
if err != nil {
return err
}
_ = sysdig.LookupSecureZoneOutput(ctx, sysdig.GetSecureZoneOutputArgs{
Name: sample.Name,
}, nil)
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Sysdig = Pulumi.Sysdig;
return await Deployment.RunAsync(() =>
{
var sample = new Sysdig.SecureZone("sample", new()
{
Name = "test-secure-zone",
Description = "Test secure zone",
Scopes = new[]
{
new Sysdig.Inputs.SecureZoneScopeArgs
{
TargetType = "aws",
Expressions = new[]
{
new Sysdig.Inputs.SecureZoneScopeExpressionArgs
{
Field = "organization",
Operator = "in",
Values = new[]
{
"o1",
"o2",
},
},
new Sysdig.Inputs.SecureZoneScopeExpressionArgs
{
Field = "account",
Operator = "in",
Values = new[]
{
"a1",
"a2",
},
},
},
},
},
});
var test = Sysdig.GetSecureZone.Invoke(new()
{
Name = sample.Name,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.sysdig.SecureZone;
import com.pulumi.sysdig.SecureZoneArgs;
import com.pulumi.sysdig.inputs.SecureZoneScopeArgs;
import com.pulumi.sysdig.SysdigFunctions;
import com.pulumi.sysdig.inputs.GetSecureZoneArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var sample = new SecureZone("sample", SecureZoneArgs.builder()
.name("test-secure-zone")
.description("Test secure zone")
.scopes(SecureZoneScopeArgs.builder()
.targetType("aws")
.expressions(
SecureZoneScopeExpressionArgs.builder()
.field("organization")
.operator("in")
.values(
"o1",
"o2")
.build(),
SecureZoneScopeExpressionArgs.builder()
.field("account")
.operator("in")
.values(
"a1",
"a2")
.build())
.build())
.build());
final var test = SysdigFunctions.getSecureZone(GetSecureZoneArgs.builder()
.name(sample.name())
.build());
}
}
resources:
sample:
type: sysdig:SecureZone
properties:
name: test-secure-zone
description: Test secure zone
scopes:
- targetType: aws
expressions:
- field: organization
operator: in
values:
- o1
- o2
- field: account
operator: in
values:
- a1
- a2
variables:
test:
fn::invoke:
function: sysdig:getSecureZone
arguments:
name: ${sample.name}
With legacy rules scopes (deprecated)
import * as pulumi from "@pulumi/pulumi";
import * as sysdig from "@pulumi/sysdig";
const sample = new sysdig.SecureZone("sample", {
name: "test-secure-zone",
description: "Test secure zone",
scopes: [{
targetType: "aws",
rules: "organization in (\"o1\", \"o2\") and account in (\"a1\", \"a2\")",
}],
});
const test = sysdig.getSecureZoneOutput({
name: sample.name,
});
import pulumi
import pulumi_sysdig as sysdig
sample = sysdig.SecureZone("sample",
name="test-secure-zone",
description="Test secure zone",
scopes=[{
"target_type": "aws",
"rules": "organization in (\"o1\", \"o2\") and account in (\"a1\", \"a2\")",
}])
test = sysdig.get_secure_zone_output(name=sample.name)
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/sysdig/v3/sysdig"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
sample, err := sysdig.NewSecureZone(ctx, "sample", &sysdig.SecureZoneArgs{
Name: pulumi.String("test-secure-zone"),
Description: pulumi.String("Test secure zone"),
Scopes: sysdig.SecureZoneScopeArray{
&sysdig.SecureZoneScopeArgs{
TargetType: pulumi.String("aws"),
Rules: pulumi.String("organization in (\"o1\", \"o2\") and account in (\"a1\", \"a2\")"),
},
},
})
if err != nil {
return err
}
_ = sysdig.LookupSecureZoneOutput(ctx, sysdig.GetSecureZoneOutputArgs{
Name: sample.Name,
}, nil)
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Sysdig = Pulumi.Sysdig;
return await Deployment.RunAsync(() =>
{
var sample = new Sysdig.SecureZone("sample", new()
{
Name = "test-secure-zone",
Description = "Test secure zone",
Scopes = new[]
{
new Sysdig.Inputs.SecureZoneScopeArgs
{
TargetType = "aws",
Rules = "organization in (\"o1\", \"o2\") and account in (\"a1\", \"a2\")",
},
},
});
var test = Sysdig.GetSecureZone.Invoke(new()
{
Name = sample.Name,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.sysdig.SecureZone;
import com.pulumi.sysdig.SecureZoneArgs;
import com.pulumi.sysdig.inputs.SecureZoneScopeArgs;
import com.pulumi.sysdig.SysdigFunctions;
import com.pulumi.sysdig.inputs.GetSecureZoneArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var sample = new SecureZone("sample", SecureZoneArgs.builder()
.name("test-secure-zone")
.description("Test secure zone")
.scopes(SecureZoneScopeArgs.builder()
.targetType("aws")
.rules("organization in (\"o1\", \"o2\") and account in (\"a1\", \"a2\")")
.build())
.build());
final var test = SysdigFunctions.getSecureZone(GetSecureZoneArgs.builder()
.name(sample.name())
.build());
}
}
resources:
sample:
type: sysdig:SecureZone
properties:
name: test-secure-zone
description: Test secure zone
scopes:
- targetType: aws
rules: organization in ("o1", "o2") and account in ("a1", "a2")
variables:
test:
fn::invoke:
function: sysdig:getSecureZone
arguments:
name: ${sample.name}
Using getSecureZone
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getSecureZone(args: GetSecureZoneArgs, opts?: InvokeOptions): Promise<GetSecureZoneResult>
function getSecureZoneOutput(args: GetSecureZoneOutputArgs, opts?: InvokeOptions): Output<GetSecureZoneResult>def get_secure_zone(id: Optional[str] = None,
name: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetSecureZoneResult
def get_secure_zone_output(id: pulumi.Input[Optional[str]] = None,
name: pulumi.Input[Optional[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetSecureZoneResult]func LookupSecureZone(ctx *Context, args *LookupSecureZoneArgs, opts ...InvokeOption) (*LookupSecureZoneResult, error)
func LookupSecureZoneOutput(ctx *Context, args *LookupSecureZoneOutputArgs, opts ...InvokeOption) LookupSecureZoneResultOutput> Note: This function is named LookupSecureZone in the Go SDK.
public static class GetSecureZone
{
public static Task<GetSecureZoneResult> InvokeAsync(GetSecureZoneArgs args, InvokeOptions? opts = null)
public static Output<GetSecureZoneResult> Invoke(GetSecureZoneInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetSecureZoneResult> getSecureZone(GetSecureZoneArgs args, InvokeOptions options)
public static Output<GetSecureZoneResult> getSecureZone(GetSecureZoneArgs args, InvokeOptions options)
fn::invoke:
function: sysdig:index/getSecureZone:getSecureZone
arguments:
# arguments dictionaryThe following arguments are supported:
getSecureZone Result
The following output properties are available:
- string
- (Computed) The zone author.
- Description string
- Is
System bool - (Computed) Whether the Zone is a system zone.
- Last
Modified stringBy - (Computed) By whom is last modification made.
- Last
Updated string - (Computed) Timestamp of last modification of zone.
- Scopes
List<Get
Secure Zone Scope> - (Computed) The scope of the zone. Each scope contains:
- Id string
- The ID of the scope.
- Name string
- string
- (Computed) The zone author.
- Description string
- Is
System bool - (Computed) Whether the Zone is a system zone.
- Last
Modified stringBy - (Computed) By whom is last modification made.
- Last
Updated string - (Computed) Timestamp of last modification of zone.
- Scopes
[]Get
Secure Zone Scope - (Computed) The scope of the zone. Each scope contains:
- Id string
- The ID of the scope.
- Name string
- String
- (Computed) The zone author.
- description String
- is
System Boolean - (Computed) Whether the Zone is a system zone.
- last
Modified StringBy - (Computed) By whom is last modification made.
- last
Updated String - (Computed) Timestamp of last modification of zone.
- scopes
List<Get
Secure Zone Scope> - (Computed) The scope of the zone. Each scope contains:
- id String
- The ID of the scope.
- name String
- string
- (Computed) The zone author.
- description string
- is
System boolean - (Computed) Whether the Zone is a system zone.
- last
Modified stringBy - (Computed) By whom is last modification made.
- last
Updated string - (Computed) Timestamp of last modification of zone.
- scopes
Get
Secure Zone Scope[] - (Computed) The scope of the zone. Each scope contains:
- id string
- The ID of the scope.
- name string
- str
- (Computed) The zone author.
- description str
- is_
system bool - (Computed) Whether the Zone is a system zone.
- last_
modified_ strby - (Computed) By whom is last modification made.
- last_
updated str - (Computed) Timestamp of last modification of zone.
- scopes
Sequence[Get
Secure Zone Scope] - (Computed) The scope of the zone. Each scope contains:
- id str
- The ID of the scope.
- name str
- String
- (Computed) The zone author.
- description String
- is
System Boolean - (Computed) Whether the Zone is a system zone.
- last
Modified StringBy - (Computed) By whom is last modification made.
- last
Updated String - (Computed) Timestamp of last modification of zone.
- scopes List<Property Map>
- (Computed) The scope of the zone. Each scope contains:
- id String
- The ID of the scope.
- name String
Supporting Types
GetSecureZoneScope
- Expressions
List<Get
Secure Zone Scope Expression> - List of filter expressions, each containing:
- Id double
- The ID of the Sysdig Secure Zone.
- Rules string
- (Computed) Query language expression. Legacy v1 syntax is deprecated; v2-compatible syntax is fully supported.
- Target
Type string - The resource type this scope applies to (e.g.,
aws,gcp,azure,kubernetes,host,image,git,ibm,oci).
- Expressions
[]Get
Secure Zone Scope Expression - List of filter expressions, each containing:
- Id float64
- The ID of the Sysdig Secure Zone.
- Rules string
- (Computed) Query language expression. Legacy v1 syntax is deprecated; v2-compatible syntax is fully supported.
- Target
Type string - The resource type this scope applies to (e.g.,
aws,gcp,azure,kubernetes,host,image,git,ibm,oci).
- expressions
List<Get
Secure Zone Scope Expression> - List of filter expressions, each containing:
- id Double
- The ID of the Sysdig Secure Zone.
- rules String
- (Computed) Query language expression. Legacy v1 syntax is deprecated; v2-compatible syntax is fully supported.
- target
Type String - The resource type this scope applies to (e.g.,
aws,gcp,azure,kubernetes,host,image,git,ibm,oci).
- expressions
Get
Secure Zone Scope Expression[] - List of filter expressions, each containing:
- id number
- The ID of the Sysdig Secure Zone.
- rules string
- (Computed) Query language expression. Legacy v1 syntax is deprecated; v2-compatible syntax is fully supported.
- target
Type string - The resource type this scope applies to (e.g.,
aws,gcp,azure,kubernetes,host,image,git,ibm,oci).
- expressions
Sequence[Get
Secure Zone Scope Expression] - List of filter expressions, each containing:
- id float
- The ID of the Sysdig Secure Zone.
- rules str
- (Computed) Query language expression. Legacy v1 syntax is deprecated; v2-compatible syntax is fully supported.
- target_
type str - The resource type this scope applies to (e.g.,
aws,gcp,azure,kubernetes,host,image,git,ibm,oci).
- expressions List<Property Map>
- List of filter expressions, each containing:
- id Number
- The ID of the Sysdig Secure Zone.
- rules String
- (Computed) Query language expression. Legacy v1 syntax is deprecated; v2-compatible syntax is fully supported.
- target
Type String - The resource type this scope applies to (e.g.,
aws,gcp,azure,kubernetes,host,image,git,ibm,oci).
GetSecureZoneScopeExpression
Package Details
- Repository
- sysdig sysdiglabs/terraform-provider-sysdig
- License
- Notes
- This Pulumi package is based on the
sysdigTerraform Provider.
Viewing docs for sysdig 3.8.1
published on Wednesday, May 6, 2026 by sysdiglabs
published on Wednesday, May 6, 2026 by sysdiglabs
