Docs Home
Zscaler Internet Access v1.1.1 published on Tuesday, Jun 24, 2025 by Zscaler
zia.AdminRoles
Explore with Pulumi AI
The zia_admin_roles resource allows the creation and management of admin roles in the Zscaler Internet Access cloud or via the API.
Example Usage
Create Admin Role
# ZIA Admin Roles Resource
resource "zia_admin_roles" "this" {
name = "AdminRoleTerraform"
rank = 7
alerting_access = "READ_WRITE"
dashboard_access = "READ_WRITE"
report_access = "READ_WRITE"
analysis_access = "READ_ONLY"
username_access = "READ_ONLY"
device_info_access = "READ_ONLY"
admin_acct_access = "READ_WRITE"
policy_access = "READ_WRITE"
permissions = [
"NSS_CONFIGURATION", "LOCATIONS", "HOSTED_PAC_FILES", "EZ_AGENT_CONFIGURATIONS",
"SECURE_AGENT_NOTIFICATIONS", "VPN_CREDENTIALS", "AUTHENTICATION_SETTINGS", "STATIC_IPS",
"GRE_TUNNELS", "CLIENT_CONNECTOR_PORTAL", "SECURE", "POLICY_RESOURCE_MANAGEMENT",
"CUSTOM_URL_CAT", "OVERRIDE_EXISTING_CAT", "TENANT_PROFILE_MANAGEMENT", "COMPLY",
"SSL_POLICY", "ADVANCED_SETTINGS", "PROXY_GATEWAY", "SUBCLOUDS", "IDENTITY_PROXY_SETTINGS",
"USER_MANAGEMENT", "APIKEY_MANAGEMENT", "FIREWALL_DNS", "VZEN_CONFIGURATION",
"PARTNER_INTEGRATION", "USER_ACCESS", "CUSTOMER_ACCT_INFO", "CUSTOMER_SUBSCRIPTION",
"CUSTOMER_ORG_SETTINGS", "ZIA_TRAFFIC_CAPTURE", "REMOTE_ASSISTANCE_MANAGEMENT"
]
}
Create Admin SDWAN Role
resource "zia_admin_roles" "this" {
name = "SDWANAdminRoleTerraform"
rank = 7
policy_access = "READ_WRITE"
alerting_access = "NONE"
role_type = "SDWAN"
}
Create AdminRoles Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new AdminRoles(name: string, args?: AdminRolesArgs, opts?: CustomResourceOptions);@overload
def AdminRoles(resource_name: str,
args: Optional[AdminRolesArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def AdminRoles(resource_name: str,
opts: Optional[ResourceOptions] = None,
admin_acct_access: Optional[str] = None,
alerting_access: Optional[str] = None,
analysis_access: Optional[str] = None,
dashboard_access: Optional[str] = None,
device_info_access: Optional[str] = None,
ext_feature_permissions: Optional[Mapping[str, str]] = None,
feature_permissions: Optional[Mapping[str, str]] = None,
is_auditor: Optional[bool] = None,
is_non_editable: Optional[bool] = None,
logs_limit: Optional[str] = None,
name: Optional[str] = None,
permissions: Optional[Sequence[str]] = None,
policy_access: Optional[str] = None,
rank: Optional[int] = None,
report_access: Optional[str] = None,
report_time_duration: Optional[int] = None,
role_type: Optional[str] = None,
username_access: Optional[str] = None)func NewAdminRoles(ctx *Context, name string, args *AdminRolesArgs, opts ...ResourceOption) (*AdminRoles, error)public AdminRoles(string name, AdminRolesArgs? args = null, CustomResourceOptions? opts = null)
public AdminRoles(String name, AdminRolesArgs args)
public AdminRoles(String name, AdminRolesArgs args, CustomResourceOptions options)
type: zia:AdminRoles
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args AdminRolesArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AdminRolesArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AdminRolesArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AdminRolesArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AdminRolesArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var adminRolesResource = new Zia.AdminRoles("adminRolesResource", new()
{
AdminAcctAccess = "string",
AlertingAccess = "string",
AnalysisAccess = "string",
DashboardAccess = "string",
DeviceInfoAccess = "string",
ExtFeaturePermissions =
{
{ "string", "string" },
},
FeaturePermissions =
{
{ "string", "string" },
},
IsAuditor = false,
IsNonEditable = false,
LogsLimit = "string",
Name = "string",
Permissions = new[]
{
"string",
},
PolicyAccess = "string",
Rank = 0,
ReportAccess = "string",
ReportTimeDuration = 0,
RoleType = "string",
UsernameAccess = "string",
});
example, err := zia.NewAdminRoles(ctx, "adminRolesResource", &zia.AdminRolesArgs{
AdminAcctAccess: pulumi.String("string"),
AlertingAccess: pulumi.String("string"),
AnalysisAccess: pulumi.String("string"),
DashboardAccess: pulumi.String("string"),
DeviceInfoAccess: pulumi.String("string"),
ExtFeaturePermissions: pulumi.StringMap{
"string": pulumi.String("string"),
},
FeaturePermissions: pulumi.StringMap{
"string": pulumi.String("string"),
},
IsAuditor: pulumi.Bool(false),
IsNonEditable: pulumi.Bool(false),
LogsLimit: pulumi.String("string"),
Name: pulumi.String("string"),
Permissions: pulumi.StringArray{
pulumi.String("string"),
},
PolicyAccess: pulumi.String("string"),
Rank: pulumi.Int(0),
ReportAccess: pulumi.String("string"),
ReportTimeDuration: pulumi.Int(0),
RoleType: pulumi.String("string"),
UsernameAccess: pulumi.String("string"),
})
var adminRolesResource = new AdminRoles("adminRolesResource", AdminRolesArgs.builder()
.adminAcctAccess("string")
.alertingAccess("string")
.analysisAccess("string")
.dashboardAccess("string")
.deviceInfoAccess("string")
.extFeaturePermissions(Map.of("string", "string"))
.featurePermissions(Map.of("string", "string"))
.isAuditor(false)
.isNonEditable(false)
.logsLimit("string")
.name("string")
.permissions("string")
.policyAccess("string")
.rank(0)
.reportAccess("string")
.reportTimeDuration(0)
.roleType("string")
.usernameAccess("string")
.build());
admin_roles_resource = zia.AdminRoles("adminRolesResource",
admin_acct_access="string",
alerting_access="string",
analysis_access="string",
dashboard_access="string",
device_info_access="string",
ext_feature_permissions={
"string": "string",
},
feature_permissions={
"string": "string",
},
is_auditor=False,
is_non_editable=False,
logs_limit="string",
name="string",
permissions=["string"],
policy_access="string",
rank=0,
report_access="string",
report_time_duration=0,
role_type="string",
username_access="string")
const adminRolesResource = new zia.AdminRoles("adminRolesResource", {
adminAcctAccess: "string",
alertingAccess: "string",
analysisAccess: "string",
dashboardAccess: "string",
deviceInfoAccess: "string",
extFeaturePermissions: {
string: "string",
},
featurePermissions: {
string: "string",
},
isAuditor: false,
isNonEditable: false,
logsLimit: "string",
name: "string",
permissions: ["string"],
policyAccess: "string",
rank: 0,
reportAccess: "string",
reportTimeDuration: 0,
roleType: "string",
usernameAccess: "string",
});
type: zia:AdminRoles
properties:
adminAcctAccess: string
alertingAccess: string
analysisAccess: string
dashboardAccess: string
deviceInfoAccess: string
extFeaturePermissions:
string: string
featurePermissions:
string: string
isAuditor: false
isNonEditable: false
logsLimit: string
name: string
permissions:
- string
policyAccess: string
rank: 0
reportAccess: string
reportTimeDuration: 0
roleType: string
usernameAccess: string
AdminRoles Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The AdminRoles resource accepts the following input properties:
- Admin
Acct stringAccess - Admin and role management access permission.
- Alerting
Access string - Alerting access permission
- Analysis
Access string - Insights logs access permission.
- Dashboard
Access string - Dashboard access permission.
- Device
Info stringAccess - Device information access permission. When set to NONE, device information is obfuscated.
- Ext
Feature Dictionary<string, string>Permissions - External feature access permission.
- Feature
Permissions Dictionary<string, string> - Feature access permission. Indicates which features an admin role can access and if the admin has both read and write access, or read-only access.
- Is
Auditor bool - Indicates whether this is an auditor role.
- Is
Non boolEditable - Indicates whether or not this admin user is editable/deletable.
- Logs
Limit string - Log range limit.
- Name string
- The Name of the admin role
- Permissions List<string>
- Request method for which the rule must be applied. If not set, rule will be applied to all methods
- Policy
Access string - Policy access permission.
- Rank int
- Admin rank of this admin role. This is applicable only when admin rank is enabled in the advanced settings. Default value is 7 (the lowest rank). The assigned admin rank determines the roles or admin users this user can manage, and which rule orders this admin can access.
- Report
Access string - Report access permission.
- Report
Time intDuration - Time duration allocated to the report dashboard.
- Role
Type string - The admin role type. ()This attribute is subject to change.)
- Username
Access string - Username access permission. When set to NONE, the username will be obfuscated.
- Admin
Acct stringAccess - Admin and role management access permission.
- Alerting
Access string - Alerting access permission
- Analysis
Access string - Insights logs access permission.
- Dashboard
Access string - Dashboard access permission.
- Device
Info stringAccess - Device information access permission. When set to NONE, device information is obfuscated.
- Ext
Feature map[string]stringPermissions - External feature access permission.
- Feature
Permissions map[string]string - Feature access permission. Indicates which features an admin role can access and if the admin has both read and write access, or read-only access.
- Is
Auditor bool - Indicates whether this is an auditor role.
- Is
Non boolEditable - Indicates whether or not this admin user is editable/deletable.
- Logs
Limit string - Log range limit.
- Name string
- The Name of the admin role
- Permissions []string
- Request method for which the rule must be applied. If not set, rule will be applied to all methods
- Policy
Access string - Policy access permission.
- Rank int
- Admin rank of this admin role. This is applicable only when admin rank is enabled in the advanced settings. Default value is 7 (the lowest rank). The assigned admin rank determines the roles or admin users this user can manage, and which rule orders this admin can access.
- Report
Access string - Report access permission.
- Report
Time intDuration - Time duration allocated to the report dashboard.
- Role
Type string - The admin role type. ()This attribute is subject to change.)
- Username
Access string - Username access permission. When set to NONE, the username will be obfuscated.
- admin
Acct StringAccess - Admin and role management access permission.
- alerting
Access String - Alerting access permission
- analysis
Access String - Insights logs access permission.
- dashboard
Access String - Dashboard access permission.
- device
Info StringAccess - Device information access permission. When set to NONE, device information is obfuscated.
- ext
Feature Map<String,String>Permissions - External feature access permission.
- feature
Permissions Map<String,String> - Feature access permission. Indicates which features an admin role can access and if the admin has both read and write access, or read-only access.
- is
Auditor Boolean - Indicates whether this is an auditor role.
- is
Non BooleanEditable - Indicates whether or not this admin user is editable/deletable.
- logs
Limit String - Log range limit.
- name String
- The Name of the admin role
- permissions List<String>
- Request method for which the rule must be applied. If not set, rule will be applied to all methods
- policy
Access String - Policy access permission.
- rank Integer
- Admin rank of this admin role. This is applicable only when admin rank is enabled in the advanced settings. Default value is 7 (the lowest rank). The assigned admin rank determines the roles or admin users this user can manage, and which rule orders this admin can access.
- report
Access String - Report access permission.
- report
Time IntegerDuration - Time duration allocated to the report dashboard.
- role
Type String - The admin role type. ()This attribute is subject to change.)
- username
Access String - Username access permission. When set to NONE, the username will be obfuscated.
- admin
Acct stringAccess - Admin and role management access permission.
- alerting
Access string - Alerting access permission
- analysis
Access string - Insights logs access permission.
- dashboard
Access string - Dashboard access permission.
- device
Info stringAccess - Device information access permission. When set to NONE, device information is obfuscated.
- ext
Feature {[key: string]: string}Permissions - External feature access permission.
- feature
Permissions {[key: string]: string} - Feature access permission. Indicates which features an admin role can access and if the admin has both read and write access, or read-only access.
- is
Auditor boolean - Indicates whether this is an auditor role.
- is
Non booleanEditable - Indicates whether or not this admin user is editable/deletable.
- logs
Limit string - Log range limit.
- name string
- The Name of the admin role
- permissions string[]
- Request method for which the rule must be applied. If not set, rule will be applied to all methods
- policy
Access string - Policy access permission.
- rank number
- Admin rank of this admin role. This is applicable only when admin rank is enabled in the advanced settings. Default value is 7 (the lowest rank). The assigned admin rank determines the roles or admin users this user can manage, and which rule orders this admin can access.
- report
Access string - Report access permission.
- report
Time numberDuration - Time duration allocated to the report dashboard.
- role
Type string - The admin role type. ()This attribute is subject to change.)
- username
Access string - Username access permission. When set to NONE, the username will be obfuscated.
- admin_
acct_ straccess - Admin and role management access permission.
- alerting_
access str - Alerting access permission
- analysis_
access str - Insights logs access permission.
- dashboard_
access str - Dashboard access permission.
- device_
info_ straccess - Device information access permission. When set to NONE, device information is obfuscated.
- ext_
feature_ Mapping[str, str]permissions - External feature access permission.
- feature_
permissions Mapping[str, str] - Feature access permission. Indicates which features an admin role can access and if the admin has both read and write access, or read-only access.
- is_
auditor bool - Indicates whether this is an auditor role.
- is_
non_ booleditable - Indicates whether or not this admin user is editable/deletable.
- logs_
limit str - Log range limit.
- name str
- The Name of the admin role
- permissions Sequence[str]
- Request method for which the rule must be applied. If not set, rule will be applied to all methods
- policy_
access str - Policy access permission.
- rank int
- Admin rank of this admin role. This is applicable only when admin rank is enabled in the advanced settings. Default value is 7 (the lowest rank). The assigned admin rank determines the roles or admin users this user can manage, and which rule orders this admin can access.
- report_
access str - Report access permission.
- report_
time_ intduration - Time duration allocated to the report dashboard.
- role_
type str - The admin role type. ()This attribute is subject to change.)
- username_
access str - Username access permission. When set to NONE, the username will be obfuscated.
- admin
Acct StringAccess - Admin and role management access permission.
- alerting
Access String - Alerting access permission
- analysis
Access String - Insights logs access permission.
- dashboard
Access String - Dashboard access permission.
- device
Info StringAccess - Device information access permission. When set to NONE, device information is obfuscated.
- ext
Feature Map<String>Permissions - External feature access permission.
- feature
Permissions Map<String> - Feature access permission. Indicates which features an admin role can access and if the admin has both read and write access, or read-only access.
- is
Auditor Boolean - Indicates whether this is an auditor role.
- is
Non BooleanEditable - Indicates whether or not this admin user is editable/deletable.
- logs
Limit String - Log range limit.
- name String
- The Name of the admin role
- permissions List<String>
- Request method for which the rule must be applied. If not set, rule will be applied to all methods
- policy
Access String - Policy access permission.
- rank Number
- Admin rank of this admin role. This is applicable only when admin rank is enabled in the advanced settings. Default value is 7 (the lowest rank). The assigned admin rank determines the roles or admin users this user can manage, and which rule orders this admin can access.
- report
Access String - Report access permission.
- report
Time NumberDuration - Time duration allocated to the report dashboard.
- role
Type String - The admin role type. ()This attribute is subject to change.)
- username
Access String - Username access permission. When set to NONE, the username will be obfuscated.
Outputs
All input properties are implicitly available as output properties. Additionally, the AdminRoles resource produces the following output properties:
Look up Existing AdminRoles Resource
Get an existing AdminRoles resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AdminRolesState, opts?: CustomResourceOptions): AdminRoles@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
admin_acct_access: Optional[str] = None,
alerting_access: Optional[str] = None,
analysis_access: Optional[str] = None,
dashboard_access: Optional[str] = None,
device_info_access: Optional[str] = None,
ext_feature_permissions: Optional[Mapping[str, str]] = None,
feature_permissions: Optional[Mapping[str, str]] = None,
is_auditor: Optional[bool] = None,
is_non_editable: Optional[bool] = None,
logs_limit: Optional[str] = None,
name: Optional[str] = None,
permissions: Optional[Sequence[str]] = None,
policy_access: Optional[str] = None,
rank: Optional[int] = None,
report_access: Optional[str] = None,
report_time_duration: Optional[int] = None,
role_id: Optional[int] = None,
role_type: Optional[str] = None,
username_access: Optional[str] = None) -> AdminRolesfunc GetAdminRoles(ctx *Context, name string, id IDInput, state *AdminRolesState, opts ...ResourceOption) (*AdminRoles, error)public static AdminRoles Get(string name, Input<string> id, AdminRolesState? state, CustomResourceOptions? opts = null)public static AdminRoles get(String name, Output<String> id, AdminRolesState state, CustomResourceOptions options)resources: _: type: zia:AdminRoles get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Admin
Acct stringAccess - Admin and role management access permission.
- Alerting
Access string - Alerting access permission
- Analysis
Access string - Insights logs access permission.
- Dashboard
Access string - Dashboard access permission.
- Device
Info stringAccess - Device information access permission. When set to NONE, device information is obfuscated.
- Ext
Feature Dictionary<string, string>Permissions - External feature access permission.
- Feature
Permissions Dictionary<string, string> - Feature access permission. Indicates which features an admin role can access and if the admin has both read and write access, or read-only access.
- Is
Auditor bool - Indicates whether this is an auditor role.
- Is
Non boolEditable - Indicates whether or not this admin user is editable/deletable.
- Logs
Limit string - Log range limit.
- Name string
- The Name of the admin role
- Permissions List<string>
- Request method for which the rule must be applied. If not set, rule will be applied to all methods
- Policy
Access string - Policy access permission.
- Rank int
- Admin rank of this admin role. This is applicable only when admin rank is enabled in the advanced settings. Default value is 7 (the lowest rank). The assigned admin rank determines the roles or admin users this user can manage, and which rule orders this admin can access.
- Report
Access string - Report access permission.
- Report
Time intDuration - Time duration allocated to the report dashboard.
- Role
Id int - Role
Type string - The admin role type. ()This attribute is subject to change.)
- Username
Access string - Username access permission. When set to NONE, the username will be obfuscated.
- Admin
Acct stringAccess - Admin and role management access permission.
- Alerting
Access string - Alerting access permission
- Analysis
Access string - Insights logs access permission.
- Dashboard
Access string - Dashboard access permission.
- Device
Info stringAccess - Device information access permission. When set to NONE, device information is obfuscated.
- Ext
Feature map[string]stringPermissions - External feature access permission.
- Feature
Permissions map[string]string - Feature access permission. Indicates which features an admin role can access and if the admin has both read and write access, or read-only access.
- Is
Auditor bool - Indicates whether this is an auditor role.
- Is
Non boolEditable - Indicates whether or not this admin user is editable/deletable.
- Logs
Limit string - Log range limit.
- Name string
- The Name of the admin role
- Permissions []string
- Request method for which the rule must be applied. If not set, rule will be applied to all methods
- Policy
Access string - Policy access permission.
- Rank int
- Admin rank of this admin role. This is applicable only when admin rank is enabled in the advanced settings. Default value is 7 (the lowest rank). The assigned admin rank determines the roles or admin users this user can manage, and which rule orders this admin can access.
- Report
Access string - Report access permission.
- Report
Time intDuration - Time duration allocated to the report dashboard.
- Role
Id int - Role
Type string - The admin role type. ()This attribute is subject to change.)
- Username
Access string - Username access permission. When set to NONE, the username will be obfuscated.
- admin
Acct StringAccess - Admin and role management access permission.
- alerting
Access String - Alerting access permission
- analysis
Access String - Insights logs access permission.
- dashboard
Access String - Dashboard access permission.
- device
Info StringAccess - Device information access permission. When set to NONE, device information is obfuscated.
- ext
Feature Map<String,String>Permissions - External feature access permission.
- feature
Permissions Map<String,String> - Feature access permission. Indicates which features an admin role can access and if the admin has both read and write access, or read-only access.
- is
Auditor Boolean - Indicates whether this is an auditor role.
- is
Non BooleanEditable - Indicates whether or not this admin user is editable/deletable.
- logs
Limit String - Log range limit.
- name String
- The Name of the admin role
- permissions List<String>
- Request method for which the rule must be applied. If not set, rule will be applied to all methods
- policy
Access String - Policy access permission.
- rank Integer
- Admin rank of this admin role. This is applicable only when admin rank is enabled in the advanced settings. Default value is 7 (the lowest rank). The assigned admin rank determines the roles or admin users this user can manage, and which rule orders this admin can access.
- report
Access String - Report access permission.
- report
Time IntegerDuration - Time duration allocated to the report dashboard.
- role
Id Integer - role
Type String - The admin role type. ()This attribute is subject to change.)
- username
Access String - Username access permission. When set to NONE, the username will be obfuscated.
- admin
Acct stringAccess - Admin and role management access permission.
- alerting
Access string - Alerting access permission
- analysis
Access string - Insights logs access permission.
- dashboard
Access string - Dashboard access permission.
- device
Info stringAccess - Device information access permission. When set to NONE, device information is obfuscated.
- ext
Feature {[key: string]: string}Permissions - External feature access permission.
- feature
Permissions {[key: string]: string} - Feature access permission. Indicates which features an admin role can access and if the admin has both read and write access, or read-only access.
- is
Auditor boolean - Indicates whether this is an auditor role.
- is
Non booleanEditable - Indicates whether or not this admin user is editable/deletable.
- logs
Limit string - Log range limit.
- name string
- The Name of the admin role
- permissions string[]
- Request method for which the rule must be applied. If not set, rule will be applied to all methods
- policy
Access string - Policy access permission.
- rank number
- Admin rank of this admin role. This is applicable only when admin rank is enabled in the advanced settings. Default value is 7 (the lowest rank). The assigned admin rank determines the roles or admin users this user can manage, and which rule orders this admin can access.
- report
Access string - Report access permission.
- report
Time numberDuration - Time duration allocated to the report dashboard.
- role
Id number - role
Type string - The admin role type. ()This attribute is subject to change.)
- username
Access string - Username access permission. When set to NONE, the username will be obfuscated.
- admin_
acct_ straccess - Admin and role management access permission.
- alerting_
access str - Alerting access permission
- analysis_
access str - Insights logs access permission.
- dashboard_
access str - Dashboard access permission.
- device_
info_ straccess - Device information access permission. When set to NONE, device information is obfuscated.
- ext_
feature_ Mapping[str, str]permissions - External feature access permission.
- feature_
permissions Mapping[str, str] - Feature access permission. Indicates which features an admin role can access and if the admin has both read and write access, or read-only access.
- is_
auditor bool - Indicates whether this is an auditor role.
- is_
non_ booleditable - Indicates whether or not this admin user is editable/deletable.
- logs_
limit str - Log range limit.
- name str
- The Name of the admin role
- permissions Sequence[str]
- Request method for which the rule must be applied. If not set, rule will be applied to all methods
- policy_
access str - Policy access permission.
- rank int
- Admin rank of this admin role. This is applicable only when admin rank is enabled in the advanced settings. Default value is 7 (the lowest rank). The assigned admin rank determines the roles or admin users this user can manage, and which rule orders this admin can access.
- report_
access str - Report access permission.
- report_
time_ intduration - Time duration allocated to the report dashboard.
- role_
id int - role_
type str - The admin role type. ()This attribute is subject to change.)
- username_
access str - Username access permission. When set to NONE, the username will be obfuscated.
- admin
Acct StringAccess - Admin and role management access permission.
- alerting
Access String - Alerting access permission
- analysis
Access String - Insights logs access permission.
- dashboard
Access String - Dashboard access permission.
- device
Info StringAccess - Device information access permission. When set to NONE, device information is obfuscated.
- ext
Feature Map<String>Permissions - External feature access permission.
- feature
Permissions Map<String> - Feature access permission. Indicates which features an admin role can access and if the admin has both read and write access, or read-only access.
- is
Auditor Boolean - Indicates whether this is an auditor role.
- is
Non BooleanEditable - Indicates whether or not this admin user is editable/deletable.
- logs
Limit String - Log range limit.
- name String
- The Name of the admin role
- permissions List<String>
- Request method for which the rule must be applied. If not set, rule will be applied to all methods
- policy
Access String - Policy access permission.
- rank Number
- Admin rank of this admin role. This is applicable only when admin rank is enabled in the advanced settings. Default value is 7 (the lowest rank). The assigned admin rank determines the roles or admin users this user can manage, and which rule orders this admin can access.
- report
Access String - Report access permission.
- report
Time NumberDuration - Time duration allocated to the report dashboard.
- role
Id Number - role
Type String - The admin role type. ()This attribute is subject to change.)
- username
Access String - Username access permission. When set to NONE, the username will be obfuscated.
Import
Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language.
Visit
zia_rule_labels can be imported by using <LABEL_ID> or <LABEL_NAME> as the import ID.
For example:
$ pulumi import zia:index/adminRoles:AdminRoles example <label_id>
or
$ pulumi import zia:index/adminRoles:AdminRoles example <label_name>
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- zia zscaler/pulumi-zia
- License
- MIT
- Notes
- This Pulumi package is based on the
ziaTerraform Provider.