Viewing docs for pulumi-resource-zia v1.3.3
published on Friday, Feb 27, 2026 by Zscaler
published on Friday, Feb 27, 2026 by Zscaler
Viewing docs for pulumi-resource-zia v1.3.3
published on Friday, Feb 27, 2026 by Zscaler
published on Friday, Feb 27, 2026 by Zscaler
The zia_casb_dlp_rules resource manages CASB (Cloud Access Security Broker) DLP rules in the Zscaler Internet Access (ZIA) cloud service. CASB DLP rules define data loss prevention policies for SaaS applications to protect sensitive data from unauthorized access or sharing.
Example Usage
CASB DLP Rule
Example coming soon!
Example coming soon!
Example coming soon!
import * as zia from "@bdzscaler/pulumi-zia";
const example = new zia.CasbDlpRule("example", {
name: "Example CASB DLP Rule",
type: "CASB_DLP",
order: 1,
state: "ENABLED",
action: "BLOCK",
severity: "HIGH",
});
import zscaler_pulumi_zia as zia
example = zia.CasbDlpRule("example",
name="Example CASB DLP Rule",
type="CASB_DLP",
order=1,
state="ENABLED",
action="BLOCK",
severity="HIGH",
)
resources:
example:
type: zia:CasbDlpRule
properties:
name: Example CASB DLP Rule
type: CASB_DLP
order: 1
state: ENABLED
action: BLOCK
severity: HIGH
Create CasbDlpRule Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new CasbDlpRule(name: string, args: CasbDlpRuleArgs, opts?: CustomResourceOptions);@overload
def CasbDlpRule(resource_name: str,
args: CasbDlpRuleArgs,
opts: Optional[ResourceOptions] = None)
@overload
def CasbDlpRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
name: Optional[str] = None,
type: Optional[str] = None,
order: Optional[int] = None,
file_types: Optional[Sequence[str]] = None,
include_entity_groups: Optional[bool] = None,
components: Optional[Sequence[str]] = None,
content_location: Optional[str] = None,
criteria_domain_profiles: Optional[Sequence[int]] = None,
departments: Optional[Sequence[int]] = None,
description: Optional[str] = None,
dlp_engines: Optional[Sequence[int]] = None,
include_email_recipient_profile: Optional[bool] = None,
email_recipient_profiles: Optional[Sequence[int]] = None,
entity_groups: Optional[Sequence[int]] = None,
excluded_domain_profiles: Optional[Sequence[int]] = None,
external_auditor_email: Optional[str] = None,
action: Optional[str] = None,
collaboration_scope: Optional[Sequence[str]] = None,
groups: Optional[Sequence[int]] = None,
domains: Optional[Sequence[str]] = None,
include_criteria_domain_profile: Optional[bool] = None,
included_domain_profiles: Optional[Sequence[int]] = None,
labels: Optional[Sequence[int]] = None,
cloud_app_tenants: Optional[Sequence[int]] = None,
object_types: Optional[Sequence[int]] = None,
buckets: Optional[Sequence[int]] = None,
quarantine_location: Optional[str] = None,
rank: Optional[int] = None,
recipient: Optional[str] = None,
severity: Optional[str] = None,
state: Optional[str] = None,
bucket_owner: Optional[str] = None,
users: Optional[Sequence[int]] = None,
watermark_delete_old_version: Optional[bool] = None,
without_content_inspection: Optional[bool] = None)func NewCasbDlpRule(ctx *Context, name string, args CasbDlpRuleArgs, opts ...ResourceOption) (*CasbDlpRule, error)public CasbDlpRule(string name, CasbDlpRuleArgs args, CustomResourceOptions? opts = null)
public CasbDlpRule(String name, CasbDlpRuleArgs args)
public CasbDlpRule(String name, CasbDlpRuleArgs args, CustomResourceOptions options)
type: zia:CasbDlpRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args CasbDlpRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args CasbDlpRuleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args CasbDlpRuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CasbDlpRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args CasbDlpRuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var casbDlpRuleResource = new Zia.CasbDlpRule("casbDlpRuleResource", new()
{
Name = "string",
Type = "string",
Order = 0,
FileTypes = new[]
{
"string",
},
IncludeEntityGroups = false,
Components = new[]
{
"string",
},
ContentLocation = "string",
CriteriaDomainProfiles = new[]
{
0,
},
Departments = new[]
{
0,
},
Description = "string",
DlpEngines = new[]
{
0,
},
IncludeEmailRecipientProfile = false,
EmailRecipientProfiles = new[]
{
0,
},
EntityGroups = new[]
{
0,
},
ExcludedDomainProfiles = new[]
{
0,
},
ExternalAuditorEmail = "string",
Action = "string",
CollaborationScope = new[]
{
"string",
},
Groups = new[]
{
0,
},
Domains = new[]
{
"string",
},
IncludeCriteriaDomainProfile = false,
IncludedDomainProfiles = new[]
{
0,
},
Labels = new[]
{
0,
},
CloudAppTenants = new[]
{
0,
},
ObjectTypes = new[]
{
0,
},
Buckets = new[]
{
0,
},
QuarantineLocation = "string",
Rank = 0,
Recipient = "string",
Severity = "string",
State = "string",
BucketOwner = "string",
Users = new[]
{
0,
},
WatermarkDeleteOldVersion = false,
WithoutContentInspection = false,
});
example, err := zia.NewCasbDlpRule(ctx, "casbDlpRuleResource", &zia.CasbDlpRuleArgs{
Name: pulumi.String("string"),
Type: pulumi.String("string"),
Order: pulumi.Int(0),
FileTypes: pulumi.StringArray{
pulumi.String("string"),
},
IncludeEntityGroups: pulumi.Bool(false),
Components: pulumi.StringArray{
pulumi.String("string"),
},
ContentLocation: pulumi.String("string"),
CriteriaDomainProfiles: pulumi.IntArray{
pulumi.Int(0),
},
Departments: pulumi.IntArray{
pulumi.Int(0),
},
Description: pulumi.String("string"),
DlpEngines: pulumi.IntArray{
pulumi.Int(0),
},
IncludeEmailRecipientProfile: pulumi.Bool(false),
EmailRecipientProfiles: pulumi.IntArray{
pulumi.Int(0),
},
EntityGroups: pulumi.IntArray{
pulumi.Int(0),
},
ExcludedDomainProfiles: pulumi.IntArray{
pulumi.Int(0),
},
ExternalAuditorEmail: pulumi.String("string"),
Action: pulumi.String("string"),
CollaborationScope: pulumi.StringArray{
pulumi.String("string"),
},
Groups: pulumi.IntArray{
pulumi.Int(0),
},
Domains: pulumi.StringArray{
pulumi.String("string"),
},
IncludeCriteriaDomainProfile: pulumi.Bool(false),
IncludedDomainProfiles: pulumi.IntArray{
pulumi.Int(0),
},
Labels: pulumi.IntArray{
pulumi.Int(0),
},
CloudAppTenants: pulumi.IntArray{
pulumi.Int(0),
},
ObjectTypes: pulumi.IntArray{
pulumi.Int(0),
},
Buckets: pulumi.IntArray{
pulumi.Int(0),
},
QuarantineLocation: pulumi.String("string"),
Rank: pulumi.Int(0),
Recipient: pulumi.String("string"),
Severity: pulumi.String("string"),
State: pulumi.String("string"),
BucketOwner: pulumi.String("string"),
Users: pulumi.IntArray{
pulumi.Int(0),
},
WatermarkDeleteOldVersion: pulumi.Bool(false),
WithoutContentInspection: pulumi.Bool(false),
})
var casbDlpRuleResource = new CasbDlpRule("casbDlpRuleResource", CasbDlpRuleArgs.builder()
.name("string")
.type("string")
.order(0)
.fileTypes("string")
.includeEntityGroups(false)
.components("string")
.contentLocation("string")
.criteriaDomainProfiles(0)
.departments(0)
.description("string")
.dlpEngines(0)
.includeEmailRecipientProfile(false)
.emailRecipientProfiles(0)
.entityGroups(0)
.excludedDomainProfiles(0)
.externalAuditorEmail("string")
.action("string")
.collaborationScope("string")
.groups(0)
.domains("string")
.includeCriteriaDomainProfile(false)
.includedDomainProfiles(0)
.labels(0)
.cloudAppTenants(0)
.objectTypes(0)
.buckets(0)
.quarantineLocation("string")
.rank(0)
.recipient("string")
.severity("string")
.state("string")
.bucketOwner("string")
.users(0)
.watermarkDeleteOldVersion(false)
.withoutContentInspection(false)
.build());
casb_dlp_rule_resource = zia.CasbDlpRule("casbDlpRuleResource",
name="string",
type="string",
order=0,
file_types=["string"],
include_entity_groups=False,
components=["string"],
content_location="string",
criteria_domain_profiles=[0],
departments=[0],
description="string",
dlp_engines=[0],
include_email_recipient_profile=False,
email_recipient_profiles=[0],
entity_groups=[0],
excluded_domain_profiles=[0],
external_auditor_email="string",
action="string",
collaboration_scope=["string"],
groups=[0],
domains=["string"],
include_criteria_domain_profile=False,
included_domain_profiles=[0],
labels=[0],
cloud_app_tenants=[0],
object_types=[0],
buckets=[0],
quarantine_location="string",
rank=0,
recipient="string",
severity="string",
state="string",
bucket_owner="string",
users=[0],
watermark_delete_old_version=False,
without_content_inspection=False)
const casbDlpRuleResource = new zia.CasbDlpRule("casbDlpRuleResource", {
name: "string",
type: "string",
order: 0,
fileTypes: ["string"],
includeEntityGroups: false,
components: ["string"],
contentLocation: "string",
criteriaDomainProfiles: [0],
departments: [0],
description: "string",
dlpEngines: [0],
includeEmailRecipientProfile: false,
emailRecipientProfiles: [0],
entityGroups: [0],
excludedDomainProfiles: [0],
externalAuditorEmail: "string",
action: "string",
collaborationScope: ["string"],
groups: [0],
domains: ["string"],
includeCriteriaDomainProfile: false,
includedDomainProfiles: [0],
labels: [0],
cloudAppTenants: [0],
objectTypes: [0],
buckets: [0],
quarantineLocation: "string",
rank: 0,
recipient: "string",
severity: "string",
state: "string",
bucketOwner: "string",
users: [0],
watermarkDeleteOldVersion: false,
withoutContentInspection: false,
});
type: zia:CasbDlpRule
properties:
action: string
bucketOwner: string
buckets:
- 0
cloudAppTenants:
- 0
collaborationScope:
- string
components:
- string
contentLocation: string
criteriaDomainProfiles:
- 0
departments:
- 0
description: string
dlpEngines:
- 0
domains:
- string
emailRecipientProfiles:
- 0
entityGroups:
- 0
excludedDomainProfiles:
- 0
externalAuditorEmail: string
fileTypes:
- string
groups:
- 0
includeCriteriaDomainProfile: false
includeEmailRecipientProfile: false
includeEntityGroups: false
includedDomainProfiles:
- 0
labels:
- 0
name: string
objectTypes:
- 0
order: 0
quarantineLocation: string
rank: 0
recipient: string
severity: string
state: string
type: string
users:
- 0
watermarkDeleteOldVersion: false
withoutContentInspection: false
CasbDlpRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The CasbDlpRule resource accepts the following input properties:
- Name string
- The name of the CASB DLP rule. Must be unique.
- Order int
- The order of execution of the rule with respect to other CASB DLP rules.
- Type string
- The rule type (e.g.
CASB_DLP). - Action string
- Action taken when the rule is matched (e.g.
BLOCK,ALLOW,QUARANTINE). - Bucket
Owner string - The bucket owner identifier.
- Buckets List<int>
- IDs of buckets.
- Cloud
App List<int>Tenants - IDs of cloud application tenants.
- Collaboration
Scope List<string> - Collaboration scope for the rule.
- Components List<string>
- List of components for the rule.
- Content
Location string - Content location scope for the rule.
- Criteria
Domain List<int>Profiles - IDs of criteria-based domain profiles.
- Departments List<int>
- IDs of departments for which the rule applies.
- Description string
- Additional information about the CASB DLP rule.
- Dlp
Engines List<int> - IDs of DLP engines.
- Domains List<string>
- List of domains for the rule.
- Email
Recipient List<int>Profiles - IDs of email recipient profiles.
- Entity
Groups List<int> - IDs of entity groups.
- Excluded
Domain List<int>Profiles - IDs of excluded domain profiles.
- External
Auditor stringEmail - Email address of the external auditor.
- File
Types List<string> - List of file types the rule applies to.
- Groups List<int>
- IDs of groups for which the rule applies.
- Include
Criteria boolDomain Profile - Whether to include criteria based on domain profiles.
- Include
Email boolRecipient Profile - Whether to include email recipient profile criteria.
- Include
Entity boolGroups - Whether to include entity groups in the rule criteria.
- Included
Domain List<int>Profiles - IDs of included domain profiles.
- Labels List<int>
- IDs of labels associated with the rule.
- Object
Types List<int> - IDs of object types.
- Quarantine
Location string - Quarantine location for matched content.
- Rank int
- Admin rank of the CASB DLP rule. Valid values: 0-7. Default: 7.
- Recipient string
- Notification recipient.
- Severity string
- Severity level of the rule (e.g.
HIGH,MEDIUM,LOW). - State string
- Rule state. Valid values:
ENABLED,DISABLED. - Users List<int>
- IDs of users for which the rule applies.
- Watermark
Delete boolOld Version - Whether to delete old versions when watermarking.
- Without
Content boolInspection - Whether the rule applies without content inspection.
- Name string
- The name of the CASB DLP rule. Must be unique.
- Order int
- The order of execution of the rule with respect to other CASB DLP rules.
- Type string
- The rule type (e.g.
CASB_DLP). - Action string
- Action taken when the rule is matched (e.g.
BLOCK,ALLOW,QUARANTINE). - Bucket
Owner string - The bucket owner identifier.
- Buckets []int
- IDs of buckets.
- Cloud
App []intTenants - IDs of cloud application tenants.
- Collaboration
Scope []string - Collaboration scope for the rule.
- Components []string
- List of components for the rule.
- Content
Location string - Content location scope for the rule.
- Criteria
Domain []intProfiles - IDs of criteria-based domain profiles.
- Departments []int
- IDs of departments for which the rule applies.
- Description string
- Additional information about the CASB DLP rule.
- Dlp
Engines []int - IDs of DLP engines.
- Domains []string
- List of domains for the rule.
- Email
Recipient []intProfiles - IDs of email recipient profiles.
- Entity
Groups []int - IDs of entity groups.
- Excluded
Domain []intProfiles - IDs of excluded domain profiles.
- External
Auditor stringEmail - Email address of the external auditor.
- File
Types []string - List of file types the rule applies to.
- Groups []int
- IDs of groups for which the rule applies.
- Include
Criteria boolDomain Profile - Whether to include criteria based on domain profiles.
- Include
Email boolRecipient Profile - Whether to include email recipient profile criteria.
- Include
Entity boolGroups - Whether to include entity groups in the rule criteria.
- Included
Domain []intProfiles - IDs of included domain profiles.
- Labels []int
- IDs of labels associated with the rule.
- Object
Types []int - IDs of object types.
- Quarantine
Location string - Quarantine location for matched content.
- Rank int
- Admin rank of the CASB DLP rule. Valid values: 0-7. Default: 7.
- Recipient string
- Notification recipient.
- Severity string
- Severity level of the rule (e.g.
HIGH,MEDIUM,LOW). - State string
- Rule state. Valid values:
ENABLED,DISABLED. - Users []int
- IDs of users for which the rule applies.
- Watermark
Delete boolOld Version - Whether to delete old versions when watermarking.
- Without
Content boolInspection - Whether the rule applies without content inspection.
- name String
- The name of the CASB DLP rule. Must be unique.
- order Integer
- The order of execution of the rule with respect to other CASB DLP rules.
- type String
- The rule type (e.g.
CASB_DLP). - action String
- Action taken when the rule is matched (e.g.
BLOCK,ALLOW,QUARANTINE). - bucket
Owner String - The bucket owner identifier.
- buckets List<Integer>
- IDs of buckets.
- cloud
App List<Integer>Tenants - IDs of cloud application tenants.
- collaboration
Scope List<String> - Collaboration scope for the rule.
- components List<String>
- List of components for the rule.
- content
Location String - Content location scope for the rule.
- criteria
Domain List<Integer>Profiles - IDs of criteria-based domain profiles.
- departments List<Integer>
- IDs of departments for which the rule applies.
- description String
- Additional information about the CASB DLP rule.
- dlp
Engines List<Integer> - IDs of DLP engines.
- domains List<String>
- List of domains for the rule.
- email
Recipient List<Integer>Profiles - IDs of email recipient profiles.
- entity
Groups List<Integer> - IDs of entity groups.
- excluded
Domain List<Integer>Profiles - IDs of excluded domain profiles.
- external
Auditor StringEmail - Email address of the external auditor.
- file
Types List<String> - List of file types the rule applies to.
- groups List<Integer>
- IDs of groups for which the rule applies.
- include
Criteria BooleanDomain Profile - Whether to include criteria based on domain profiles.
- include
Email BooleanRecipient Profile - Whether to include email recipient profile criteria.
- include
Entity BooleanGroups - Whether to include entity groups in the rule criteria.
- included
Domain List<Integer>Profiles - IDs of included domain profiles.
- labels List<Integer>
- IDs of labels associated with the rule.
- object
Types List<Integer> - IDs of object types.
- quarantine
Location String - Quarantine location for matched content.
- rank Integer
- Admin rank of the CASB DLP rule. Valid values: 0-7. Default: 7.
- recipient String
- Notification recipient.
- severity String
- Severity level of the rule (e.g.
HIGH,MEDIUM,LOW). - state String
- Rule state. Valid values:
ENABLED,DISABLED. - users List<Integer>
- IDs of users for which the rule applies.
- watermark
Delete BooleanOld Version - Whether to delete old versions when watermarking.
- without
Content BooleanInspection - Whether the rule applies without content inspection.
- name string
- The name of the CASB DLP rule. Must be unique.
- order number
- The order of execution of the rule with respect to other CASB DLP rules.
- type string
- The rule type (e.g.
CASB_DLP). - action string
- Action taken when the rule is matched (e.g.
BLOCK,ALLOW,QUARANTINE). - bucket
Owner string - The bucket owner identifier.
- buckets number[]
- IDs of buckets.
- cloud
App number[]Tenants - IDs of cloud application tenants.
- collaboration
Scope string[] - Collaboration scope for the rule.
- components string[]
- List of components for the rule.
- content
Location string - Content location scope for the rule.
- criteria
Domain number[]Profiles - IDs of criteria-based domain profiles.
- departments number[]
- IDs of departments for which the rule applies.
- description string
- Additional information about the CASB DLP rule.
- dlp
Engines number[] - IDs of DLP engines.
- domains string[]
- List of domains for the rule.
- email
Recipient number[]Profiles - IDs of email recipient profiles.
- entity
Groups number[] - IDs of entity groups.
- excluded
Domain number[]Profiles - IDs of excluded domain profiles.
- external
Auditor stringEmail - Email address of the external auditor.
- file
Types string[] - List of file types the rule applies to.
- groups number[]
- IDs of groups for which the rule applies.
- include
Criteria booleanDomain Profile - Whether to include criteria based on domain profiles.
- include
Email booleanRecipient Profile - Whether to include email recipient profile criteria.
- include
Entity booleanGroups - Whether to include entity groups in the rule criteria.
- included
Domain number[]Profiles - IDs of included domain profiles.
- labels number[]
- IDs of labels associated with the rule.
- object
Types number[] - IDs of object types.
- quarantine
Location string - Quarantine location for matched content.
- rank number
- Admin rank of the CASB DLP rule. Valid values: 0-7. Default: 7.
- recipient string
- Notification recipient.
- severity string
- Severity level of the rule (e.g.
HIGH,MEDIUM,LOW). - state string
- Rule state. Valid values:
ENABLED,DISABLED. - users number[]
- IDs of users for which the rule applies.
- watermark
Delete booleanOld Version - Whether to delete old versions when watermarking.
- without
Content booleanInspection - Whether the rule applies without content inspection.
- name str
- The name of the CASB DLP rule. Must be unique.
- order int
- The order of execution of the rule with respect to other CASB DLP rules.
- type str
- The rule type (e.g.
CASB_DLP). - action str
- Action taken when the rule is matched (e.g.
BLOCK,ALLOW,QUARANTINE). - bucket_
owner str - The bucket owner identifier.
- buckets Sequence[int]
- IDs of buckets.
- cloud_
app_ Sequence[int]tenants - IDs of cloud application tenants.
- collaboration_
scope Sequence[str] - Collaboration scope for the rule.
- components Sequence[str]
- List of components for the rule.
- content_
location str - Content location scope for the rule.
- criteria_
domain_ Sequence[int]profiles - IDs of criteria-based domain profiles.
- departments Sequence[int]
- IDs of departments for which the rule applies.
- description str
- Additional information about the CASB DLP rule.
- dlp_
engines Sequence[int] - IDs of DLP engines.
- domains Sequence[str]
- List of domains for the rule.
- email_
recipient_ Sequence[int]profiles - IDs of email recipient profiles.
- entity_
groups Sequence[int] - IDs of entity groups.
- excluded_
domain_ Sequence[int]profiles - IDs of excluded domain profiles.
- external_
auditor_ stremail - Email address of the external auditor.
- file_
types Sequence[str] - List of file types the rule applies to.
- groups Sequence[int]
- IDs of groups for which the rule applies.
- include_
criteria_ booldomain_ profile - Whether to include criteria based on domain profiles.
- include_
email_ boolrecipient_ profile - Whether to include email recipient profile criteria.
- include_
entity_ boolgroups - Whether to include entity groups in the rule criteria.
- included_
domain_ Sequence[int]profiles - IDs of included domain profiles.
- labels Sequence[int]
- IDs of labels associated with the rule.
- object_
types Sequence[int] - IDs of object types.
- quarantine_
location str - Quarantine location for matched content.
- rank int
- Admin rank of the CASB DLP rule. Valid values: 0-7. Default: 7.
- recipient str
- Notification recipient.
- severity str
- Severity level of the rule (e.g.
HIGH,MEDIUM,LOW). - state str
- Rule state. Valid values:
ENABLED,DISABLED. - users Sequence[int]
- IDs of users for which the rule applies.
- watermark_
delete_ boolold_ version - Whether to delete old versions when watermarking.
- without_
content_ boolinspection - Whether the rule applies without content inspection.
- name String
- The name of the CASB DLP rule. Must be unique.
- order Number
- The order of execution of the rule with respect to other CASB DLP rules.
- type String
- The rule type (e.g.
CASB_DLP). - action String
- Action taken when the rule is matched (e.g.
BLOCK,ALLOW,QUARANTINE). - bucket
Owner String - The bucket owner identifier.
- buckets List<Number>
- IDs of buckets.
- cloud
App List<Number>Tenants - IDs of cloud application tenants.
- collaboration
Scope List<String> - Collaboration scope for the rule.
- components List<String>
- List of components for the rule.
- content
Location String - Content location scope for the rule.
- criteria
Domain List<Number>Profiles - IDs of criteria-based domain profiles.
- departments List<Number>
- IDs of departments for which the rule applies.
- description String
- Additional information about the CASB DLP rule.
- dlp
Engines List<Number> - IDs of DLP engines.
- domains List<String>
- List of domains for the rule.
- email
Recipient List<Number>Profiles - IDs of email recipient profiles.
- entity
Groups List<Number> - IDs of entity groups.
- excluded
Domain List<Number>Profiles - IDs of excluded domain profiles.
- external
Auditor StringEmail - Email address of the external auditor.
- file
Types List<String> - List of file types the rule applies to.
- groups List<Number>
- IDs of groups for which the rule applies.
- include
Criteria BooleanDomain Profile - Whether to include criteria based on domain profiles.
- include
Email BooleanRecipient Profile - Whether to include email recipient profile criteria.
- include
Entity BooleanGroups - Whether to include entity groups in the rule criteria.
- included
Domain List<Number>Profiles - IDs of included domain profiles.
- labels List<Number>
- IDs of labels associated with the rule.
- object
Types List<Number> - IDs of object types.
- quarantine
Location String - Quarantine location for matched content.
- rank Number
- Admin rank of the CASB DLP rule. Valid values: 0-7. Default: 7.
- recipient String
- Notification recipient.
- severity String
- Severity level of the rule (e.g.
HIGH,MEDIUM,LOW). - state String
- Rule state. Valid values:
ENABLED,DISABLED. - users List<Number>
- IDs of users for which the rule applies.
- watermark
Delete BooleanOld Version - Whether to delete old versions when watermarking.
- without
Content BooleanInspection - Whether the rule applies without content inspection.
Outputs
All input properties are implicitly available as output properties. Additionally, the CasbDlpRule resource produces the following output properties:
Import
An existing CASB DLP Rule can be imported using its resource ID, e.g.
$ pulumi import zia:index:CasbDlpRule example 12345
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- zia zscaler/pulumi-zia
- License
Viewing docs for pulumi-resource-zia v1.3.3
published on Friday, Feb 27, 2026 by Zscaler
published on Friday, Feb 27, 2026 by Zscaler
