1. Packages
  2. Zscaler Internet Access (ZIA)
  3. API Docs
  4. AdminRoles
Zscaler Internet Access v1.0.1 published on Friday, Jun 6, 2025 by Zscaler

zia.AdminRoles

Explore with Pulumi AI

zia logo
Zscaler Internet Access v1.0.1 published on Friday, Jun 6, 2025 by Zscaler

    The zia_admin_roles resource allows the creation and management of admin roles in the Zscaler Internet Access cloud or via the API.

    Example Usage

    Create Admin Role

    # ZIA Admin Roles Resource
    resource "zia_admin_roles" "this" {
      name               = "AdminRoleTerraform"
      rank               = 7
      alerting_access    = "READ_WRITE"
      dashboard_access   = "READ_WRITE"
      report_access      = "READ_WRITE"
      analysis_access    = "READ_ONLY"
      username_access    = "READ_ONLY"
      device_info_access = "READ_ONLY"
      admin_acct_access  = "READ_WRITE"
      policy_access      = "READ_WRITE"
      permissions = [
     "NSS_CONFIGURATION", "LOCATIONS", "HOSTED_PAC_FILES", "EZ_AGENT_CONFIGURATIONS",
     "SECURE_AGENT_NOTIFICATIONS", "VPN_CREDENTIALS", "AUTHENTICATION_SETTINGS", "STATIC_IPS",
     "GRE_TUNNELS", "CLIENT_CONNECTOR_PORTAL", "SECURE", "POLICY_RESOURCE_MANAGEMENT",
     "CUSTOM_URL_CAT", "OVERRIDE_EXISTING_CAT", "TENANT_PROFILE_MANAGEMENT", "COMPLY",
     "SSL_POLICY", "ADVANCED_SETTINGS", "PROXY_GATEWAY", "SUBCLOUDS", "IDENTITY_PROXY_SETTINGS",
     "USER_MANAGEMENT", "APIKEY_MANAGEMENT", "FIREWALL_DNS", "VZEN_CONFIGURATION",
     "PARTNER_INTEGRATION", "USER_ACCESS", "CUSTOMER_ACCT_INFO", "CUSTOMER_SUBSCRIPTION",
     "CUSTOMER_ORG_SETTINGS", "ZIA_TRAFFIC_CAPTURE", "REMOTE_ASSISTANCE_MANAGEMENT"
      ]
    }
    

    Create Admin SDWAN Role

    resource "zia_admin_roles" "this" {
      name               = "SDWANAdminRoleTerraform"
      rank               = 7
      policy_access      = "READ_WRITE"
      alerting_access    = "NONE"
      role_type          = "SDWAN"
    }
    

    Create AdminRoles Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new AdminRoles(name: string, args?: AdminRolesArgs, opts?: CustomResourceOptions);
    @overload
    def AdminRoles(resource_name: str,
                   args: Optional[AdminRolesArgs] = None,
                   opts: Optional[ResourceOptions] = None)
    
    @overload
    def AdminRoles(resource_name: str,
                   opts: Optional[ResourceOptions] = None,
                   admin_acct_access: Optional[str] = None,
                   alerting_access: Optional[str] = None,
                   analysis_access: Optional[str] = None,
                   dashboard_access: Optional[str] = None,
                   device_info_access: Optional[str] = None,
                   ext_feature_permissions: Optional[Mapping[str, str]] = None,
                   feature_permissions: Optional[Mapping[str, str]] = None,
                   is_auditor: Optional[bool] = None,
                   is_non_editable: Optional[bool] = None,
                   logs_limit: Optional[str] = None,
                   name: Optional[str] = None,
                   permissions: Optional[Sequence[str]] = None,
                   policy_access: Optional[str] = None,
                   rank: Optional[int] = None,
                   report_access: Optional[str] = None,
                   report_time_duration: Optional[int] = None,
                   role_type: Optional[str] = None,
                   username_access: Optional[str] = None)
    func NewAdminRoles(ctx *Context, name string, args *AdminRolesArgs, opts ...ResourceOption) (*AdminRoles, error)
    public AdminRoles(string name, AdminRolesArgs? args = null, CustomResourceOptions? opts = null)
    public AdminRoles(String name, AdminRolesArgs args)
    public AdminRoles(String name, AdminRolesArgs args, CustomResourceOptions options)
    
    type: zia:AdminRoles
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args AdminRolesArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args AdminRolesArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args AdminRolesArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args AdminRolesArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args AdminRolesArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var adminRolesResource = new Zia.AdminRoles("adminRolesResource", new()
    {
        AdminAcctAccess = "string",
        AlertingAccess = "string",
        AnalysisAccess = "string",
        DashboardAccess = "string",
        DeviceInfoAccess = "string",
        ExtFeaturePermissions = 
        {
            { "string", "string" },
        },
        FeaturePermissions = 
        {
            { "string", "string" },
        },
        IsAuditor = false,
        IsNonEditable = false,
        LogsLimit = "string",
        Name = "string",
        Permissions = new[]
        {
            "string",
        },
        PolicyAccess = "string",
        Rank = 0,
        ReportAccess = "string",
        ReportTimeDuration = 0,
        RoleType = "string",
        UsernameAccess = "string",
    });
    
    example, err := zia.NewAdminRoles(ctx, "adminRolesResource", &zia.AdminRolesArgs{
    	AdminAcctAccess:  pulumi.String("string"),
    	AlertingAccess:   pulumi.String("string"),
    	AnalysisAccess:   pulumi.String("string"),
    	DashboardAccess:  pulumi.String("string"),
    	DeviceInfoAccess: pulumi.String("string"),
    	ExtFeaturePermissions: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    	FeaturePermissions: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    	IsAuditor:     pulumi.Bool(false),
    	IsNonEditable: pulumi.Bool(false),
    	LogsLimit:     pulumi.String("string"),
    	Name:          pulumi.String("string"),
    	Permissions: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	PolicyAccess:       pulumi.String("string"),
    	Rank:               pulumi.Int(0),
    	ReportAccess:       pulumi.String("string"),
    	ReportTimeDuration: pulumi.Int(0),
    	RoleType:           pulumi.String("string"),
    	UsernameAccess:     pulumi.String("string"),
    })
    
    var adminRolesResource = new AdminRoles("adminRolesResource", AdminRolesArgs.builder()
        .adminAcctAccess("string")
        .alertingAccess("string")
        .analysisAccess("string")
        .dashboardAccess("string")
        .deviceInfoAccess("string")
        .extFeaturePermissions(Map.of("string", "string"))
        .featurePermissions(Map.of("string", "string"))
        .isAuditor(false)
        .isNonEditable(false)
        .logsLimit("string")
        .name("string")
        .permissions("string")
        .policyAccess("string")
        .rank(0)
        .reportAccess("string")
        .reportTimeDuration(0)
        .roleType("string")
        .usernameAccess("string")
        .build());
    
    admin_roles_resource = zia.AdminRoles("adminRolesResource",
        admin_acct_access="string",
        alerting_access="string",
        analysis_access="string",
        dashboard_access="string",
        device_info_access="string",
        ext_feature_permissions={
            "string": "string",
        },
        feature_permissions={
            "string": "string",
        },
        is_auditor=False,
        is_non_editable=False,
        logs_limit="string",
        name="string",
        permissions=["string"],
        policy_access="string",
        rank=0,
        report_access="string",
        report_time_duration=0,
        role_type="string",
        username_access="string")
    
    const adminRolesResource = new zia.AdminRoles("adminRolesResource", {
        adminAcctAccess: "string",
        alertingAccess: "string",
        analysisAccess: "string",
        dashboardAccess: "string",
        deviceInfoAccess: "string",
        extFeaturePermissions: {
            string: "string",
        },
        featurePermissions: {
            string: "string",
        },
        isAuditor: false,
        isNonEditable: false,
        logsLimit: "string",
        name: "string",
        permissions: ["string"],
        policyAccess: "string",
        rank: 0,
        reportAccess: "string",
        reportTimeDuration: 0,
        roleType: "string",
        usernameAccess: "string",
    });
    
    type: zia:AdminRoles
    properties:
        adminAcctAccess: string
        alertingAccess: string
        analysisAccess: string
        dashboardAccess: string
        deviceInfoAccess: string
        extFeaturePermissions:
            string: string
        featurePermissions:
            string: string
        isAuditor: false
        isNonEditable: false
        logsLimit: string
        name: string
        permissions:
            - string
        policyAccess: string
        rank: 0
        reportAccess: string
        reportTimeDuration: 0
        roleType: string
        usernameAccess: string
    

    AdminRoles Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The AdminRoles resource accepts the following input properties:

    AdminAcctAccess string
    Admin and role management access permission.
    AlertingAccess string
    Alerting access permission
    AnalysisAccess string
    Insights logs access permission.
    DashboardAccess string
    Dashboard access permission.
    DeviceInfoAccess string
    Device information access permission. When set to NONE, device information is obfuscated.
    ExtFeaturePermissions Dictionary<string, string>
    External feature access permission.
    FeaturePermissions Dictionary<string, string>
    Feature access permission. Indicates which features an admin role can access and if the admin has both read and write access, or read-only access.
    IsAuditor bool
    Indicates whether this is an auditor role.
    IsNonEditable bool
    Indicates whether or not this admin user is editable/deletable.
    LogsLimit string
    Log range limit.
    Name string
    The Name of the admin role
    Permissions List<string>
    Request method for which the rule must be applied. If not set, rule will be applied to all methods
    PolicyAccess string
    Policy access permission.
    Rank int
    Admin rank of this admin role. This is applicable only when admin rank is enabled in the advanced settings. Default value is 7 (the lowest rank). The assigned admin rank determines the roles or admin users this user can manage, and which rule orders this admin can access.
    ReportAccess string
    Report access permission.
    ReportTimeDuration int
    Time duration allocated to the report dashboard.
    RoleType string
    The admin role type. ()This attribute is subject to change.)
    UsernameAccess string
    Username access permission. When set to NONE, the username will be obfuscated.
    AdminAcctAccess string
    Admin and role management access permission.
    AlertingAccess string
    Alerting access permission
    AnalysisAccess string
    Insights logs access permission.
    DashboardAccess string
    Dashboard access permission.
    DeviceInfoAccess string
    Device information access permission. When set to NONE, device information is obfuscated.
    ExtFeaturePermissions map[string]string
    External feature access permission.
    FeaturePermissions map[string]string
    Feature access permission. Indicates which features an admin role can access and if the admin has both read and write access, or read-only access.
    IsAuditor bool
    Indicates whether this is an auditor role.
    IsNonEditable bool
    Indicates whether or not this admin user is editable/deletable.
    LogsLimit string
    Log range limit.
    Name string
    The Name of the admin role
    Permissions []string
    Request method for which the rule must be applied. If not set, rule will be applied to all methods
    PolicyAccess string
    Policy access permission.
    Rank int
    Admin rank of this admin role. This is applicable only when admin rank is enabled in the advanced settings. Default value is 7 (the lowest rank). The assigned admin rank determines the roles or admin users this user can manage, and which rule orders this admin can access.
    ReportAccess string
    Report access permission.
    ReportTimeDuration int
    Time duration allocated to the report dashboard.
    RoleType string
    The admin role type. ()This attribute is subject to change.)
    UsernameAccess string
    Username access permission. When set to NONE, the username will be obfuscated.
    adminAcctAccess String
    Admin and role management access permission.
    alertingAccess String
    Alerting access permission
    analysisAccess String
    Insights logs access permission.
    dashboardAccess String
    Dashboard access permission.
    deviceInfoAccess String
    Device information access permission. When set to NONE, device information is obfuscated.
    extFeaturePermissions Map<String,String>
    External feature access permission.
    featurePermissions Map<String,String>
    Feature access permission. Indicates which features an admin role can access and if the admin has both read and write access, or read-only access.
    isAuditor Boolean
    Indicates whether this is an auditor role.
    isNonEditable Boolean
    Indicates whether or not this admin user is editable/deletable.
    logsLimit String
    Log range limit.
    name String
    The Name of the admin role
    permissions List<String>
    Request method for which the rule must be applied. If not set, rule will be applied to all methods
    policyAccess String
    Policy access permission.
    rank Integer
    Admin rank of this admin role. This is applicable only when admin rank is enabled in the advanced settings. Default value is 7 (the lowest rank). The assigned admin rank determines the roles or admin users this user can manage, and which rule orders this admin can access.
    reportAccess String
    Report access permission.
    reportTimeDuration Integer
    Time duration allocated to the report dashboard.
    roleType String
    The admin role type. ()This attribute is subject to change.)
    usernameAccess String
    Username access permission. When set to NONE, the username will be obfuscated.
    adminAcctAccess string
    Admin and role management access permission.
    alertingAccess string
    Alerting access permission
    analysisAccess string
    Insights logs access permission.
    dashboardAccess string
    Dashboard access permission.
    deviceInfoAccess string
    Device information access permission. When set to NONE, device information is obfuscated.
    extFeaturePermissions {[key: string]: string}
    External feature access permission.
    featurePermissions {[key: string]: string}
    Feature access permission. Indicates which features an admin role can access and if the admin has both read and write access, or read-only access.
    isAuditor boolean
    Indicates whether this is an auditor role.
    isNonEditable boolean
    Indicates whether or not this admin user is editable/deletable.
    logsLimit string
    Log range limit.
    name string
    The Name of the admin role
    permissions string[]
    Request method for which the rule must be applied. If not set, rule will be applied to all methods
    policyAccess string
    Policy access permission.
    rank number
    Admin rank of this admin role. This is applicable only when admin rank is enabled in the advanced settings. Default value is 7 (the lowest rank). The assigned admin rank determines the roles or admin users this user can manage, and which rule orders this admin can access.
    reportAccess string
    Report access permission.
    reportTimeDuration number
    Time duration allocated to the report dashboard.
    roleType string
    The admin role type. ()This attribute is subject to change.)
    usernameAccess string
    Username access permission. When set to NONE, the username will be obfuscated.
    admin_acct_access str
    Admin and role management access permission.
    alerting_access str
    Alerting access permission
    analysis_access str
    Insights logs access permission.
    dashboard_access str
    Dashboard access permission.
    device_info_access str
    Device information access permission. When set to NONE, device information is obfuscated.
    ext_feature_permissions Mapping[str, str]
    External feature access permission.
    feature_permissions Mapping[str, str]
    Feature access permission. Indicates which features an admin role can access and if the admin has both read and write access, or read-only access.
    is_auditor bool
    Indicates whether this is an auditor role.
    is_non_editable bool
    Indicates whether or not this admin user is editable/deletable.
    logs_limit str
    Log range limit.
    name str
    The Name of the admin role
    permissions Sequence[str]
    Request method for which the rule must be applied. If not set, rule will be applied to all methods
    policy_access str
    Policy access permission.
    rank int
    Admin rank of this admin role. This is applicable only when admin rank is enabled in the advanced settings. Default value is 7 (the lowest rank). The assigned admin rank determines the roles or admin users this user can manage, and which rule orders this admin can access.
    report_access str
    Report access permission.
    report_time_duration int
    Time duration allocated to the report dashboard.
    role_type str
    The admin role type. ()This attribute is subject to change.)
    username_access str
    Username access permission. When set to NONE, the username will be obfuscated.
    adminAcctAccess String
    Admin and role management access permission.
    alertingAccess String
    Alerting access permission
    analysisAccess String
    Insights logs access permission.
    dashboardAccess String
    Dashboard access permission.
    deviceInfoAccess String
    Device information access permission. When set to NONE, device information is obfuscated.
    extFeaturePermissions Map<String>
    External feature access permission.
    featurePermissions Map<String>
    Feature access permission. Indicates which features an admin role can access and if the admin has both read and write access, or read-only access.
    isAuditor Boolean
    Indicates whether this is an auditor role.
    isNonEditable Boolean
    Indicates whether or not this admin user is editable/deletable.
    logsLimit String
    Log range limit.
    name String
    The Name of the admin role
    permissions List<String>
    Request method for which the rule must be applied. If not set, rule will be applied to all methods
    policyAccess String
    Policy access permission.
    rank Number
    Admin rank of this admin role. This is applicable only when admin rank is enabled in the advanced settings. Default value is 7 (the lowest rank). The assigned admin rank determines the roles or admin users this user can manage, and which rule orders this admin can access.
    reportAccess String
    Report access permission.
    reportTimeDuration Number
    Time duration allocated to the report dashboard.
    roleType String
    The admin role type. ()This attribute is subject to change.)
    usernameAccess String
    Username access permission. When set to NONE, the username will be obfuscated.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the AdminRoles resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    RoleId int
    Id string
    The provider-assigned unique ID for this managed resource.
    RoleId int
    id String
    The provider-assigned unique ID for this managed resource.
    roleId Integer
    id string
    The provider-assigned unique ID for this managed resource.
    roleId number
    id str
    The provider-assigned unique ID for this managed resource.
    role_id int
    id String
    The provider-assigned unique ID for this managed resource.
    roleId Number

    Look up Existing AdminRoles Resource

    Get an existing AdminRoles resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: AdminRolesState, opts?: CustomResourceOptions): AdminRoles
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            admin_acct_access: Optional[str] = None,
            alerting_access: Optional[str] = None,
            analysis_access: Optional[str] = None,
            dashboard_access: Optional[str] = None,
            device_info_access: Optional[str] = None,
            ext_feature_permissions: Optional[Mapping[str, str]] = None,
            feature_permissions: Optional[Mapping[str, str]] = None,
            is_auditor: Optional[bool] = None,
            is_non_editable: Optional[bool] = None,
            logs_limit: Optional[str] = None,
            name: Optional[str] = None,
            permissions: Optional[Sequence[str]] = None,
            policy_access: Optional[str] = None,
            rank: Optional[int] = None,
            report_access: Optional[str] = None,
            report_time_duration: Optional[int] = None,
            role_id: Optional[int] = None,
            role_type: Optional[str] = None,
            username_access: Optional[str] = None) -> AdminRoles
    func GetAdminRoles(ctx *Context, name string, id IDInput, state *AdminRolesState, opts ...ResourceOption) (*AdminRoles, error)
    public static AdminRoles Get(string name, Input<string> id, AdminRolesState? state, CustomResourceOptions? opts = null)
    public static AdminRoles get(String name, Output<String> id, AdminRolesState state, CustomResourceOptions options)
    resources:  _:    type: zia:AdminRoles    get:      id: ${id}
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AdminAcctAccess string
    Admin and role management access permission.
    AlertingAccess string
    Alerting access permission
    AnalysisAccess string
    Insights logs access permission.
    DashboardAccess string
    Dashboard access permission.
    DeviceInfoAccess string
    Device information access permission. When set to NONE, device information is obfuscated.
    ExtFeaturePermissions Dictionary<string, string>
    External feature access permission.
    FeaturePermissions Dictionary<string, string>
    Feature access permission. Indicates which features an admin role can access and if the admin has both read and write access, or read-only access.
    IsAuditor bool
    Indicates whether this is an auditor role.
    IsNonEditable bool
    Indicates whether or not this admin user is editable/deletable.
    LogsLimit string
    Log range limit.
    Name string
    The Name of the admin role
    Permissions List<string>
    Request method for which the rule must be applied. If not set, rule will be applied to all methods
    PolicyAccess string
    Policy access permission.
    Rank int
    Admin rank of this admin role. This is applicable only when admin rank is enabled in the advanced settings. Default value is 7 (the lowest rank). The assigned admin rank determines the roles or admin users this user can manage, and which rule orders this admin can access.
    ReportAccess string
    Report access permission.
    ReportTimeDuration int
    Time duration allocated to the report dashboard.
    RoleId int
    RoleType string
    The admin role type. ()This attribute is subject to change.)
    UsernameAccess string
    Username access permission. When set to NONE, the username will be obfuscated.
    AdminAcctAccess string
    Admin and role management access permission.
    AlertingAccess string
    Alerting access permission
    AnalysisAccess string
    Insights logs access permission.
    DashboardAccess string
    Dashboard access permission.
    DeviceInfoAccess string
    Device information access permission. When set to NONE, device information is obfuscated.
    ExtFeaturePermissions map[string]string
    External feature access permission.
    FeaturePermissions map[string]string
    Feature access permission. Indicates which features an admin role can access and if the admin has both read and write access, or read-only access.
    IsAuditor bool
    Indicates whether this is an auditor role.
    IsNonEditable bool
    Indicates whether or not this admin user is editable/deletable.
    LogsLimit string
    Log range limit.
    Name string
    The Name of the admin role
    Permissions []string
    Request method for which the rule must be applied. If not set, rule will be applied to all methods
    PolicyAccess string
    Policy access permission.
    Rank int
    Admin rank of this admin role. This is applicable only when admin rank is enabled in the advanced settings. Default value is 7 (the lowest rank). The assigned admin rank determines the roles or admin users this user can manage, and which rule orders this admin can access.
    ReportAccess string
    Report access permission.
    ReportTimeDuration int
    Time duration allocated to the report dashboard.
    RoleId int
    RoleType string
    The admin role type. ()This attribute is subject to change.)
    UsernameAccess string
    Username access permission. When set to NONE, the username will be obfuscated.
    adminAcctAccess String
    Admin and role management access permission.
    alertingAccess String
    Alerting access permission
    analysisAccess String
    Insights logs access permission.
    dashboardAccess String
    Dashboard access permission.
    deviceInfoAccess String
    Device information access permission. When set to NONE, device information is obfuscated.
    extFeaturePermissions Map<String,String>
    External feature access permission.
    featurePermissions Map<String,String>
    Feature access permission. Indicates which features an admin role can access and if the admin has both read and write access, or read-only access.
    isAuditor Boolean
    Indicates whether this is an auditor role.
    isNonEditable Boolean
    Indicates whether or not this admin user is editable/deletable.
    logsLimit String
    Log range limit.
    name String
    The Name of the admin role
    permissions List<String>
    Request method for which the rule must be applied. If not set, rule will be applied to all methods
    policyAccess String
    Policy access permission.
    rank Integer
    Admin rank of this admin role. This is applicable only when admin rank is enabled in the advanced settings. Default value is 7 (the lowest rank). The assigned admin rank determines the roles or admin users this user can manage, and which rule orders this admin can access.
    reportAccess String
    Report access permission.
    reportTimeDuration Integer
    Time duration allocated to the report dashboard.
    roleId Integer
    roleType String
    The admin role type. ()This attribute is subject to change.)
    usernameAccess String
    Username access permission. When set to NONE, the username will be obfuscated.
    adminAcctAccess string
    Admin and role management access permission.
    alertingAccess string
    Alerting access permission
    analysisAccess string
    Insights logs access permission.
    dashboardAccess string
    Dashboard access permission.
    deviceInfoAccess string
    Device information access permission. When set to NONE, device information is obfuscated.
    extFeaturePermissions {[key: string]: string}
    External feature access permission.
    featurePermissions {[key: string]: string}
    Feature access permission. Indicates which features an admin role can access and if the admin has both read and write access, or read-only access.
    isAuditor boolean
    Indicates whether this is an auditor role.
    isNonEditable boolean
    Indicates whether or not this admin user is editable/deletable.
    logsLimit string
    Log range limit.
    name string
    The Name of the admin role
    permissions string[]
    Request method for which the rule must be applied. If not set, rule will be applied to all methods
    policyAccess string
    Policy access permission.
    rank number
    Admin rank of this admin role. This is applicable only when admin rank is enabled in the advanced settings. Default value is 7 (the lowest rank). The assigned admin rank determines the roles or admin users this user can manage, and which rule orders this admin can access.
    reportAccess string
    Report access permission.
    reportTimeDuration number
    Time duration allocated to the report dashboard.
    roleId number
    roleType string
    The admin role type. ()This attribute is subject to change.)
    usernameAccess string
    Username access permission. When set to NONE, the username will be obfuscated.
    admin_acct_access str
    Admin and role management access permission.
    alerting_access str
    Alerting access permission
    analysis_access str
    Insights logs access permission.
    dashboard_access str
    Dashboard access permission.
    device_info_access str
    Device information access permission. When set to NONE, device information is obfuscated.
    ext_feature_permissions Mapping[str, str]
    External feature access permission.
    feature_permissions Mapping[str, str]
    Feature access permission. Indicates which features an admin role can access and if the admin has both read and write access, or read-only access.
    is_auditor bool
    Indicates whether this is an auditor role.
    is_non_editable bool
    Indicates whether or not this admin user is editable/deletable.
    logs_limit str
    Log range limit.
    name str
    The Name of the admin role
    permissions Sequence[str]
    Request method for which the rule must be applied. If not set, rule will be applied to all methods
    policy_access str
    Policy access permission.
    rank int
    Admin rank of this admin role. This is applicable only when admin rank is enabled in the advanced settings. Default value is 7 (the lowest rank). The assigned admin rank determines the roles or admin users this user can manage, and which rule orders this admin can access.
    report_access str
    Report access permission.
    report_time_duration int
    Time duration allocated to the report dashboard.
    role_id int
    role_type str
    The admin role type. ()This attribute is subject to change.)
    username_access str
    Username access permission. When set to NONE, the username will be obfuscated.
    adminAcctAccess String
    Admin and role management access permission.
    alertingAccess String
    Alerting access permission
    analysisAccess String
    Insights logs access permission.
    dashboardAccess String
    Dashboard access permission.
    deviceInfoAccess String
    Device information access permission. When set to NONE, device information is obfuscated.
    extFeaturePermissions Map<String>
    External feature access permission.
    featurePermissions Map<String>
    Feature access permission. Indicates which features an admin role can access and if the admin has both read and write access, or read-only access.
    isAuditor Boolean
    Indicates whether this is an auditor role.
    isNonEditable Boolean
    Indicates whether or not this admin user is editable/deletable.
    logsLimit String
    Log range limit.
    name String
    The Name of the admin role
    permissions List<String>
    Request method for which the rule must be applied. If not set, rule will be applied to all methods
    policyAccess String
    Policy access permission.
    rank Number
    Admin rank of this admin role. This is applicable only when admin rank is enabled in the advanced settings. Default value is 7 (the lowest rank). The assigned admin rank determines the roles or admin users this user can manage, and which rule orders this admin can access.
    reportAccess String
    Report access permission.
    reportTimeDuration Number
    Time duration allocated to the report dashboard.
    roleId Number
    roleType String
    The admin role type. ()This attribute is subject to change.)
    usernameAccess String
    Username access permission. When set to NONE, the username will be obfuscated.

    Import

    Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language.

    Visit

    zia_rule_labels can be imported by using <LABEL_ID> or <LABEL_NAME> as the import ID.

    For example:

    $ pulumi import zia:index/adminRoles:AdminRoles example <label_id>
    

    or

    $ pulumi import zia:index/adminRoles:AdminRoles example <label_name>
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    zia zscaler/pulumi-zia
    License
    MIT
    Notes
    This Pulumi package is based on the zia Terraform Provider.
    zia logo
    Zscaler Internet Access v1.0.1 published on Friday, Jun 6, 2025 by Zscaler