Viewing docs for pulumi-resource-zia v1.3.8
published on Friday, Mar 13, 2026 by Zscaler
published on Friday, Mar 13, 2026 by Zscaler
Viewing docs for pulumi-resource-zia v1.3.8
published on Friday, Mar 13, 2026 by Zscaler
published on Friday, Mar 13, 2026 by Zscaler
The zia_admin_users resource manages administrator users in the Zscaler Internet Access (ZIA) cloud service. Administrator users have access to the ZIA Admin Portal and can manage policies, configurations, and other administrative tasks based on their assigned role.
For more information, see the ZIA Admin User Management documentation.
Example Usage
Basic Admin User
Example coming soon!
Example coming soon!
Example coming soon!
import * as zia from "@bdzscaler/pulumi-zia";
import * as pulumi from "@pulumi/pulumi";
const cfg = new pulumi.Config();
const adminPassword = cfg.requireSecret("adminPassword");
const example = new zia.AdminUsers("example", {
loginName: "admin@example.com",
username: "Example Admin",
email: "admin@example.com",
password: adminPassword,
isPasswordLoginAllowed: true,
role: { id: 12345 },
adminScopeType: "ORGANIZATION",
});
import zscaler_pulumi_zia as zia
cfg = pulumi.Config()
admin_password = cfg.require_secret("adminPassword")
example = zia.AdminUsers("example",
login_name="admin@example.com",
username="Example Admin",
email="admin@example.com",
password=admin_password,
is_password_login_allowed=True,
role={"id": 12345},
admin_scope_type="ORGANIZATION",
)
resources:
example:
type: zia:AdminUsers
properties:
loginName: admin@example.com
username: Example Admin
email: admin@example.com
password:
fn::secret: ${adminPassword}
isPasswordLoginAllowed: true
role:
id: 12345
adminScopeType: ORGANIZATION
Create AdminUsers Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new AdminUsers(name: string, args: AdminUsersArgs, opts?: CustomResourceOptions);@overload
def AdminUsers(resource_name: str,
args: AdminUsersArgs,
opts: Optional[ResourceOptions] = None)
@overload
def AdminUsers(resource_name: str,
opts: Optional[ResourceOptions] = None,
email: Optional[str] = None,
username: Optional[str] = None,
login_name: Optional[str] = None,
is_password_expired: Optional[bool] = None,
is_product_update_comm_enabled: Optional[bool] = None,
is_auditor: Optional[bool] = None,
is_exec_mobile_app_enabled: Optional[bool] = None,
is_non_editable: Optional[bool] = None,
admin_scope_entities: Optional[Sequence[int]] = None,
is_password_login_allowed: Optional[bool] = None,
disabled: Optional[bool] = None,
is_security_report_comm_enabled: Optional[bool] = None,
is_service_update_comm_enabled: Optional[bool] = None,
comments: Optional[str] = None,
password: Optional[str] = None,
role: Optional[AdminUserRoleInputArgs] = None,
admin_scope_type: Optional[str] = None)func NewAdminUsers(ctx *Context, name string, args AdminUsersArgs, opts ...ResourceOption) (*AdminUsers, error)public AdminUsers(string name, AdminUsersArgs args, CustomResourceOptions? opts = null)
public AdminUsers(String name, AdminUsersArgs args)
public AdminUsers(String name, AdminUsersArgs args, CustomResourceOptions options)
type: zia:AdminUsers
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args AdminUsersArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AdminUsersArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AdminUsersArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AdminUsersArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AdminUsersArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var adminUsersResource = new Zia.AdminUsers("adminUsersResource", new()
{
Email = "string",
Username = "string",
LoginName = "string",
IsPasswordExpired = false,
IsProductUpdateCommEnabled = false,
IsAuditor = false,
IsExecMobileAppEnabled = false,
IsNonEditable = false,
AdminScopeEntities = new[]
{
0,
},
IsPasswordLoginAllowed = false,
Disabled = false,
IsSecurityReportCommEnabled = false,
IsServiceUpdateCommEnabled = false,
Comments = "string",
Password = "string",
Role = new Zia.Inputs.AdminUserRoleInputArgs
{
Id = 0,
},
AdminScopeType = "string",
});
example, err := zia.NewAdminUsers(ctx, "adminUsersResource", &zia.AdminUsersArgs{
Email: pulumi.String("string"),
Username: pulumi.String("string"),
LoginName: pulumi.String("string"),
IsPasswordExpired: pulumi.Bool(false),
IsProductUpdateCommEnabled: pulumi.Bool(false),
IsAuditor: pulumi.Bool(false),
IsExecMobileAppEnabled: pulumi.Bool(false),
IsNonEditable: pulumi.Bool(false),
AdminScopeEntities: pulumi.IntArray{
pulumi.Int(0),
},
IsPasswordLoginAllowed: pulumi.Bool(false),
Disabled: pulumi.Bool(false),
IsSecurityReportCommEnabled: pulumi.Bool(false),
IsServiceUpdateCommEnabled: pulumi.Bool(false),
Comments: pulumi.String("string"),
Password: pulumi.String("string"),
Role: &pulumizia.AdminUserRoleInputArgs{
Id: pulumi.Int(0),
},
AdminScopeType: pulumi.String("string"),
})
var adminUsersResource = new AdminUsers("adminUsersResource", AdminUsersArgs.builder()
.email("string")
.username("string")
.loginName("string")
.isPasswordExpired(false)
.isProductUpdateCommEnabled(false)
.isAuditor(false)
.isExecMobileAppEnabled(false)
.isNonEditable(false)
.adminScopeEntities(0)
.isPasswordLoginAllowed(false)
.disabled(false)
.isSecurityReportCommEnabled(false)
.isServiceUpdateCommEnabled(false)
.comments("string")
.password("string")
.role(AdminUserRoleInputArgs.builder()
.id(0)
.build())
.adminScopeType("string")
.build());
admin_users_resource = zia.AdminUsers("adminUsersResource",
email="string",
username="string",
login_name="string",
is_password_expired=False,
is_product_update_comm_enabled=False,
is_auditor=False,
is_exec_mobile_app_enabled=False,
is_non_editable=False,
admin_scope_entities=[0],
is_password_login_allowed=False,
disabled=False,
is_security_report_comm_enabled=False,
is_service_update_comm_enabled=False,
comments="string",
password="string",
role={
"id": 0,
},
admin_scope_type="string")
const adminUsersResource = new zia.AdminUsers("adminUsersResource", {
email: "string",
username: "string",
loginName: "string",
isPasswordExpired: false,
isProductUpdateCommEnabled: false,
isAuditor: false,
isExecMobileAppEnabled: false,
isNonEditable: false,
adminScopeEntities: [0],
isPasswordLoginAllowed: false,
disabled: false,
isSecurityReportCommEnabled: false,
isServiceUpdateCommEnabled: false,
comments: "string",
password: "string",
role: {
id: 0,
},
adminScopeType: "string",
});
type: zia:AdminUsers
properties:
adminScopeEntities:
- 0
adminScopeType: string
comments: string
disabled: false
email: string
isAuditor: false
isExecMobileAppEnabled: false
isNonEditable: false
isPasswordExpired: false
isPasswordLoginAllowed: false
isProductUpdateCommEnabled: false
isSecurityReportCommEnabled: false
isServiceUpdateCommEnabled: false
loginName: string
password: string
role:
id: 0
username: string
AdminUsers Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The AdminUsers resource accepts the following input properties:
- Email string
- The admin user's email address.
- Login
Name string - The admin user's login name (email format). Must be unique.
- Username string
- The admin user's display name.
- Admin
Scope List<int>Entities - IDs of the admin scope entities (departments, locations, or location groups) when adminScopeType is not
ORGANIZATION. - Admin
Scope stringType - The admin scope type. Valid values:
ORGANIZATION,DEPARTMENT,LOCATION,LOCATION_GROUP. - Comments string
- Additional information about the admin user.
- Disabled bool
- Whether the admin account is disabled.
- Is
Auditor bool - Indicates whether the admin is an auditor.
- Is
Exec boolMobile App Enabled - Whether Executive Insights App access is enabled. Can only be set when adminScopeType is
ORGANIZATION. - Is
Non boolEditable - Indicates whether the admin user is non-editable (read-only in the ZIA Admin Portal).
- Is
Password boolExpired - Indicates whether the admin user's password has expired.
- Is
Password boolLogin Allowed - Whether password-based login is allowed for the admin user.
- Is
Product boolUpdate Comm Enabled - Whether the admin can receive product update communications.
- Is
Security boolReport Comm Enabled - Whether the admin can receive security report communications.
- Is
Service boolUpdate Comm Enabled - Whether the admin can receive service update communications.
- Password string
- The admin user's password. Required when isPasswordLoginAllowed is true. Must be 8 to 100 characters.
- Role
zscaler.
Pulumi Package. Zia. Inputs. Admin User Role Input - The role assigned to the admin user. Provide the role ID.
- Email string
- The admin user's email address.
- Login
Name string - The admin user's login name (email format). Must be unique.
- Username string
- The admin user's display name.
- Admin
Scope []intEntities - IDs of the admin scope entities (departments, locations, or location groups) when adminScopeType is not
ORGANIZATION. - Admin
Scope stringType - The admin scope type. Valid values:
ORGANIZATION,DEPARTMENT,LOCATION,LOCATION_GROUP. - Comments string
- Additional information about the admin user.
- Disabled bool
- Whether the admin account is disabled.
- Is
Auditor bool - Indicates whether the admin is an auditor.
- Is
Exec boolMobile App Enabled - Whether Executive Insights App access is enabled. Can only be set when adminScopeType is
ORGANIZATION. - Is
Non boolEditable - Indicates whether the admin user is non-editable (read-only in the ZIA Admin Portal).
- Is
Password boolExpired - Indicates whether the admin user's password has expired.
- Is
Password boolLogin Allowed - Whether password-based login is allowed for the admin user.
- Is
Product boolUpdate Comm Enabled - Whether the admin can receive product update communications.
- Is
Security boolReport Comm Enabled - Whether the admin can receive security report communications.
- Is
Service boolUpdate Comm Enabled - Whether the admin can receive service update communications.
- Password string
- The admin user's password. Required when isPasswordLoginAllowed is true. Must be 8 to 100 characters.
- Role
Admin
User Role Input Args - The role assigned to the admin user. Provide the role ID.
- email String
- The admin user's email address.
- login
Name String - The admin user's login name (email format). Must be unique.
- username String
- The admin user's display name.
- admin
Scope List<Integer>Entities - IDs of the admin scope entities (departments, locations, or location groups) when adminScopeType is not
ORGANIZATION. - admin
Scope StringType - The admin scope type. Valid values:
ORGANIZATION,DEPARTMENT,LOCATION,LOCATION_GROUP. - comments String
- Additional information about the admin user.
- disabled Boolean
- Whether the admin account is disabled.
- is
Auditor Boolean - Indicates whether the admin is an auditor.
- is
Exec BooleanMobile App Enabled - Whether Executive Insights App access is enabled. Can only be set when adminScopeType is
ORGANIZATION. - is
Non BooleanEditable - Indicates whether the admin user is non-editable (read-only in the ZIA Admin Portal).
- is
Password BooleanExpired - Indicates whether the admin user's password has expired.
- is
Password BooleanLogin Allowed - Whether password-based login is allowed for the admin user.
- is
Product BooleanUpdate Comm Enabled - Whether the admin can receive product update communications.
- is
Security BooleanReport Comm Enabled - Whether the admin can receive security report communications.
- is
Service BooleanUpdate Comm Enabled - Whether the admin can receive service update communications.
- password String
- The admin user's password. Required when isPasswordLoginAllowed is true. Must be 8 to 100 characters.
- role
Admin
User Role Input - The role assigned to the admin user. Provide the role ID.
- email string
- The admin user's email address.
- login
Name string - The admin user's login name (email format). Must be unique.
- username string
- The admin user's display name.
- admin
Scope number[]Entities - IDs of the admin scope entities (departments, locations, or location groups) when adminScopeType is not
ORGANIZATION. - admin
Scope stringType - The admin scope type. Valid values:
ORGANIZATION,DEPARTMENT,LOCATION,LOCATION_GROUP. - comments string
- Additional information about the admin user.
- disabled boolean
- Whether the admin account is disabled.
- is
Auditor boolean - Indicates whether the admin is an auditor.
- is
Exec booleanMobile App Enabled - Whether Executive Insights App access is enabled. Can only be set when adminScopeType is
ORGANIZATION. - is
Non booleanEditable - Indicates whether the admin user is non-editable (read-only in the ZIA Admin Portal).
- is
Password booleanExpired - Indicates whether the admin user's password has expired.
- is
Password booleanLogin Allowed - Whether password-based login is allowed for the admin user.
- is
Product booleanUpdate Comm Enabled - Whether the admin can receive product update communications.
- is
Security booleanReport Comm Enabled - Whether the admin can receive security report communications.
- is
Service booleanUpdate Comm Enabled - Whether the admin can receive service update communications.
- password string
- The admin user's password. Required when isPasswordLoginAllowed is true. Must be 8 to 100 characters.
- role
Admin
User Role Input - The role assigned to the admin user. Provide the role ID.
- email str
- The admin user's email address.
- login_
name str - The admin user's login name (email format). Must be unique.
- username str
- The admin user's display name.
- admin_
scope_ Sequence[int]entities - IDs of the admin scope entities (departments, locations, or location groups) when adminScopeType is not
ORGANIZATION. - admin_
scope_ strtype - The admin scope type. Valid values:
ORGANIZATION,DEPARTMENT,LOCATION,LOCATION_GROUP. - comments str
- Additional information about the admin user.
- disabled bool
- Whether the admin account is disabled.
- is_
auditor bool - Indicates whether the admin is an auditor.
- is_
exec_ boolmobile_ app_ enabled - Whether Executive Insights App access is enabled. Can only be set when adminScopeType is
ORGANIZATION. - is_
non_ booleditable - Indicates whether the admin user is non-editable (read-only in the ZIA Admin Portal).
- is_
password_ boolexpired - Indicates whether the admin user's password has expired.
- is_
password_ boollogin_ allowed - Whether password-based login is allowed for the admin user.
- is_
product_ boolupdate_ comm_ enabled - Whether the admin can receive product update communications.
- is_
security_ boolreport_ comm_ enabled - Whether the admin can receive security report communications.
- is_
service_ boolupdate_ comm_ enabled - Whether the admin can receive service update communications.
- password str
- The admin user's password. Required when isPasswordLoginAllowed is true. Must be 8 to 100 characters.
- role
Admin
User Role Input Args - The role assigned to the admin user. Provide the role ID.
- email String
- The admin user's email address.
- login
Name String - The admin user's login name (email format). Must be unique.
- username String
- The admin user's display name.
- admin
Scope List<Number>Entities - IDs of the admin scope entities (departments, locations, or location groups) when adminScopeType is not
ORGANIZATION. - admin
Scope StringType - The admin scope type. Valid values:
ORGANIZATION,DEPARTMENT,LOCATION,LOCATION_GROUP. - comments String
- Additional information about the admin user.
- disabled Boolean
- Whether the admin account is disabled.
- is
Auditor Boolean - Indicates whether the admin is an auditor.
- is
Exec BooleanMobile App Enabled - Whether Executive Insights App access is enabled. Can only be set when adminScopeType is
ORGANIZATION. - is
Non BooleanEditable - Indicates whether the admin user is non-editable (read-only in the ZIA Admin Portal).
- is
Password BooleanExpired - Indicates whether the admin user's password has expired.
- is
Password BooleanLogin Allowed - Whether password-based login is allowed for the admin user.
- is
Product BooleanUpdate Comm Enabled - Whether the admin can receive product update communications.
- is
Security BooleanReport Comm Enabled - Whether the admin can receive security report communications.
- is
Service BooleanUpdate Comm Enabled - Whether the admin can receive service update communications.
- password String
- The admin user's password. Required when isPasswordLoginAllowed is true. Must be 8 to 100 characters.
- role Property Map
- The role assigned to the admin user. Provide the role ID.
Outputs
All input properties are implicitly available as output properties. Additionally, the AdminUsers resource produces the following output properties:
Supporting Types
AdminUserRoleInput, AdminUserRoleInputArgs
- Id int
- Id int
- id Integer
- id number
- id int
- id Number
Import
An existing admin user can be imported using its resource ID, e.g.
$ pulumi import zia:index:AdminUsers example 12345
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- zia zscaler/pulumi-zia
- License
Viewing docs for pulumi-resource-zia v1.3.8
published on Friday, Mar 13, 2026 by Zscaler
published on Friday, Mar 13, 2026 by Zscaler
