1. Packages
  2. Zscaler Internet Access (ZIA)
  3. API Docs
  4. DLPWebRules
Zscaler Internet Access v0.0.6 published on Wednesday, Apr 10, 2024 by Zscaler

zia.DLPWebRules

Explore with Pulumi AI

zia logo
Zscaler Internet Access v0.0.6 published on Wednesday, Apr 10, 2024 by Zscaler

    The zia_dlp_web_rules resource allows the creation and management of ZIA DLP Web Rules in the Zscaler Internet Access cloud or via the API.

    ⚠️ WARNING: Zscaler Internet Access DLP supports a maximum of 127 Web DLP Rules to be created via API.

    Example Usage

    OCR ENABLED

    import * as pulumi from "@pulumi/pulumi";
    import * as zia from "@bdzscaler/pulumi-zia";
    
    const test = new zia.DLPWebRules("test", {
        action: "ALLOW",
        cloudApplications: [
            "ZENDESK",
            "LUCKY_ORANGE",
            "MICROSOFT_POWERAPPS",
            "MICROSOFTLIVEMEETING",
        ],
        description: "Test",
        fileTypes: [
            "BITMAP",
            "JPEG",
            "PNG",
            "TIFF",
        ],
        matchOnly: false,
        minSize: 20,
        ocrEnabled: true,
        order: 1,
        protocols: [
            "FTP_RULE",
            "HTTPS_RULE",
            "HTTP_RULE",
        ],
        rank: 7,
        state: "ENABLED",
        withoutContentInspection: false,
        zscalerIncidentReceiver: true,
    });
    
    import pulumi
    import zscaler_pulumi_zia as zia
    
    test = zia.DLPWebRules("test",
        action="ALLOW",
        cloud_applications=[
            "ZENDESK",
            "LUCKY_ORANGE",
            "MICROSOFT_POWERAPPS",
            "MICROSOFTLIVEMEETING",
        ],
        description="Test",
        file_types=[
            "BITMAP",
            "JPEG",
            "PNG",
            "TIFF",
        ],
        match_only=False,
        min_size=20,
        ocr_enabled=True,
        order=1,
        protocols=[
            "FTP_RULE",
            "HTTPS_RULE",
            "HTTP_RULE",
        ],
        rank=7,
        state="ENABLED",
        without_content_inspection=False,
        zscaler_incident_receiver=True)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    	"github.com/zscaler/pulumi-zia/sdk/go/zia"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := zia.NewDLPWebRules(ctx, "test", &zia.DLPWebRulesArgs{
    			Action: pulumi.String("ALLOW"),
    			CloudApplications: pulumi.StringArray{
    				pulumi.String("ZENDESK"),
    				pulumi.String("LUCKY_ORANGE"),
    				pulumi.String("MICROSOFT_POWERAPPS"),
    				pulumi.String("MICROSOFTLIVEMEETING"),
    			},
    			Description: pulumi.String("Test"),
    			FileTypes: pulumi.StringArray{
    				pulumi.String("BITMAP"),
    				pulumi.String("JPEG"),
    				pulumi.String("PNG"),
    				pulumi.String("TIFF"),
    			},
    			MatchOnly:  pulumi.Bool(false),
    			MinSize:    pulumi.Int(20),
    			OcrEnabled: pulumi.Bool(true),
    			Order:      pulumi.Int(1),
    			Protocols: pulumi.StringArray{
    				pulumi.String("FTP_RULE"),
    				pulumi.String("HTTPS_RULE"),
    				pulumi.String("HTTP_RULE"),
    			},
    			Rank:                     pulumi.Int(7),
    			State:                    pulumi.String("ENABLED"),
    			WithoutContentInspection: pulumi.Bool(false),
    			ZscalerIncidentReceiver:  pulumi.Bool(true),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Zia = zscaler.PulumiPackage.Zia;
    
    return await Deployment.RunAsync(() => 
    {
        var test = new Zia.DLPWebRules("test", new()
        {
            Action = "ALLOW",
            CloudApplications = new[]
            {
                "ZENDESK",
                "LUCKY_ORANGE",
                "MICROSOFT_POWERAPPS",
                "MICROSOFTLIVEMEETING",
            },
            Description = "Test",
            FileTypes = new[]
            {
                "BITMAP",
                "JPEG",
                "PNG",
                "TIFF",
            },
            MatchOnly = false,
            MinSize = 20,
            OcrEnabled = true,
            Order = 1,
            Protocols = new[]
            {
                "FTP_RULE",
                "HTTPS_RULE",
                "HTTP_RULE",
            },
            Rank = 7,
            State = "ENABLED",
            WithoutContentInspection = false,
            ZscalerIncidentReceiver = true,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.zia.DLPWebRules;
    import com.pulumi.zia.DLPWebRulesArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var test = new DLPWebRules("test", DLPWebRulesArgs.builder()        
                .action("ALLOW")
                .cloudApplications(            
                    "ZENDESK",
                    "LUCKY_ORANGE",
                    "MICROSOFT_POWERAPPS",
                    "MICROSOFTLIVEMEETING")
                .description("Test")
                .fileTypes(            
                    "BITMAP",
                    "JPEG",
                    "PNG",
                    "TIFF")
                .matchOnly(false)
                .minSize(20)
                .ocrEnabled(true)
                .order(1)
                .protocols(            
                    "FTP_RULE",
                    "HTTPS_RULE",
                    "HTTP_RULE")
                .rank(7)
                .state("ENABLED")
                .withoutContentInspection(false)
                .zscalerIncidentReceiver(true)
                .build());
    
        }
    }
    
    resources:
      test:
        type: zia:DLPWebRules
        properties:
          action: ALLOW
          cloudApplications:
            - ZENDESK
            - LUCKY_ORANGE
            - MICROSOFT_POWERAPPS
            - MICROSOFTLIVEMEETING
          description: Test
          fileTypes:
            - BITMAP
            - JPEG
            - PNG
            - TIFF
          matchOnly: false
          minSize: 20
          ocrEnabled: true
          order: 1
          protocols:
            - FTP_RULE
            - HTTPS_RULE
            - HTTP_RULE
          rank: 7
          state: ENABLED
          withoutContentInspection: false
          zscalerIncidentReceiver: true
    

    “ALL_OUTBOUND” File Type

    import * as pulumi from "@pulumi/pulumi";
    import * as zia from "@bdzscaler/pulumi-zia";
    import * as zia from "@pulumi/zia";
    
    const thisDLPEngines = zia.getDLPEngines({
        predefinedEngineName: "EXTERNAL",
    });
    const thisDLPWebRules = new zia.DLPWebRules("thisDLPWebRules", {
        description: "Example",
        action: "BLOCK",
        order: 1,
        rank: 7,
        state: "ENABLED",
        protocols: [
            "FTP_RULE",
            "HTTPS_RULE",
            "HTTP_RULE",
        ],
        fileTypes: ["ALL_OUTBOUND"],
        zscalerIncidentReceiver: true,
        withoutContentInspection: false,
        userRiskScoreLevels: [
            "LOW",
            "MEDIUM",
            "HIGH",
            "CRITICAL",
        ],
        severity: "RULE_SEVERITY_HIGH",
        dlpEngines: {
            ids: [thisDLPEngines.then(thisDLPEngines => thisDLPEngines.id)],
        },
    });
    
    import pulumi
    import pulumi_zia as zia
    import zscaler_pulumi_zia as zia
    
    this_dlp_engines = zia.get_dlp_engines(predefined_engine_name="EXTERNAL")
    this_dlp_web_rules = zia.DLPWebRules("thisDLPWebRules",
        description="Example",
        action="BLOCK",
        order=1,
        rank=7,
        state="ENABLED",
        protocols=[
            "FTP_RULE",
            "HTTPS_RULE",
            "HTTP_RULE",
        ],
        file_types=["ALL_OUTBOUND"],
        zscaler_incident_receiver=True,
        without_content_inspection=False,
        user_risk_score_levels=[
            "LOW",
            "MEDIUM",
            "HIGH",
            "CRITICAL",
        ],
        severity="RULE_SEVERITY_HIGH",
        dlp_engines=zia.DLPWebRulesDlpEnginesArgs(
            ids=[this_dlp_engines.id],
        ))
    
    package main
    
    import (
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    	"github.com/zscaler/pulumi-zia/sdk/go/zia"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		thisDLPEngines, err := zia.LookupDLPEngines(ctx, &zia.LookupDLPEnginesArgs{
    			PredefinedEngineName: pulumi.StringRef("EXTERNAL"),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		_, err = zia.NewDLPWebRules(ctx, "thisDLPWebRules", &zia.DLPWebRulesArgs{
    			Description: pulumi.String("Example"),
    			Action:      pulumi.String("BLOCK"),
    			Order:       pulumi.Int(1),
    			Rank:        pulumi.Int(7),
    			State:       pulumi.String("ENABLED"),
    			Protocols: pulumi.StringArray{
    				pulumi.String("FTP_RULE"),
    				pulumi.String("HTTPS_RULE"),
    				pulumi.String("HTTP_RULE"),
    			},
    			FileTypes: pulumi.StringArray{
    				pulumi.String("ALL_OUTBOUND"),
    			},
    			ZscalerIncidentReceiver:  pulumi.Bool(true),
    			WithoutContentInspection: pulumi.Bool(false),
    			UserRiskScoreLevels: pulumi.StringArray{
    				pulumi.String("LOW"),
    				pulumi.String("MEDIUM"),
    				pulumi.String("HIGH"),
    				pulumi.String("CRITICAL"),
    			},
    			Severity: pulumi.String("RULE_SEVERITY_HIGH"),
    			DlpEngines: &zia.DLPWebRulesDlpEnginesArgs{
    				Ids: pulumi.IntArray{
    					pulumi.Int(thisDLPEngines.Id),
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Zia = Pulumi.Zia;
    using Zia = zscaler.PulumiPackage.Zia;
    
    return await Deployment.RunAsync(() => 
    {
        var thisDLPEngines = Zia.GetDLPEngines.Invoke(new()
        {
            PredefinedEngineName = "EXTERNAL",
        });
    
        var thisDLPWebRules = new Zia.DLPWebRules("thisDLPWebRules", new()
        {
            Description = "Example",
            Action = "BLOCK",
            Order = 1,
            Rank = 7,
            State = "ENABLED",
            Protocols = new[]
            {
                "FTP_RULE",
                "HTTPS_RULE",
                "HTTP_RULE",
            },
            FileTypes = new[]
            {
                "ALL_OUTBOUND",
            },
            ZscalerIncidentReceiver = true,
            WithoutContentInspection = false,
            UserRiskScoreLevels = new[]
            {
                "LOW",
                "MEDIUM",
                "HIGH",
                "CRITICAL",
            },
            Severity = "RULE_SEVERITY_HIGH",
            DlpEngines = new Zia.Inputs.DLPWebRulesDlpEnginesArgs
            {
                Ids = new[]
                {
                    thisDLPEngines.Apply(getDLPEnginesResult => getDLPEnginesResult.Id),
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.zia.ZiaFunctions;
    import com.pulumi.zia.inputs.GetDLPEnginesArgs;
    import com.pulumi.zia.DLPWebRules;
    import com.pulumi.zia.DLPWebRulesArgs;
    import com.pulumi.zia.inputs.DLPWebRulesDlpEnginesArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var thisDLPEngines = ZiaFunctions.getDLPEngines(GetDLPEnginesArgs.builder()
                .predefinedEngineName("EXTERNAL")
                .build());
    
            var thisDLPWebRules = new DLPWebRules("thisDLPWebRules", DLPWebRulesArgs.builder()        
                .description("Example")
                .action("BLOCK")
                .order(1)
                .rank(7)
                .state("ENABLED")
                .protocols(            
                    "FTP_RULE",
                    "HTTPS_RULE",
                    "HTTP_RULE")
                .fileTypes("ALL_OUTBOUND")
                .zscalerIncidentReceiver(true)
                .withoutContentInspection(false)
                .userRiskScoreLevels(            
                    "LOW",
                    "MEDIUM",
                    "HIGH",
                    "CRITICAL")
                .severity("RULE_SEVERITY_HIGH")
                .dlpEngines(DLPWebRulesDlpEnginesArgs.builder()
                    .ids(thisDLPEngines.applyValue(getDLPEnginesResult -> getDLPEnginesResult.id()))
                    .build())
                .build());
    
        }
    }
    
    resources:
      thisDLPWebRules:
        type: zia:DLPWebRules
        properties:
          description: Example
          action: BLOCK
          order: 1
          rank: 7
          state: ENABLED
          # ocr_enabled              = true
          protocols:
            - FTP_RULE
            - HTTPS_RULE
            - HTTP_RULE
          fileTypes:
            - ALL_OUTBOUND
          zscalerIncidentReceiver: true
          withoutContentInspection: false
          userRiskScoreLevels:
            - LOW
            - MEDIUM
            - HIGH
            - CRITICAL
          severity: RULE_SEVERITY_HIGH
          dlpEngines:
            ids:
              - ${thisDLPEngines.id}
    variables:
      thisDLPEngines:
        fn::invoke:
          Function: zia:getDLPEngines
          Arguments:
            predefinedEngineName: EXTERNAL
    

    Create DLPWebRules Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new DLPWebRules(name: string, args?: DLPWebRulesArgs, opts?: CustomResourceOptions);
    @overload
    def DLPWebRules(resource_name: str,
                    args: Optional[DLPWebRulesArgs] = None,
                    opts: Optional[ResourceOptions] = None)
    
    @overload
    def DLPWebRules(resource_name: str,
                    opts: Optional[ResourceOptions] = None,
                    action: Optional[str] = None,
                    auditor: Optional[DLPWebRulesAuditorArgs] = None,
                    cloud_applications: Optional[Sequence[str]] = None,
                    departments: Optional[DLPWebRulesDepartmentsArgs] = None,
                    description: Optional[str] = None,
                    dlp_download_scan_enabled: Optional[bool] = None,
                    dlp_engines: Optional[DLPWebRulesDlpEnginesArgs] = None,
                    excluded_departments: Optional[DLPWebRulesExcludedDepartmentsArgs] = None,
                    excluded_groups: Optional[DLPWebRulesExcludedGroupsArgs] = None,
                    excluded_users: Optional[DLPWebRulesExcludedUsersArgs] = None,
                    external_auditor_email: Optional[str] = None,
                    file_types: Optional[Sequence[str]] = None,
                    groups: Optional[DLPWebRulesGroupsArgs] = None,
                    icap_server: Optional[DLPWebRulesIcapServerArgs] = None,
                    labels: Optional[DLPWebRulesLabelsArgs] = None,
                    location_groups: Optional[DLPWebRulesLocationGroupsArgs] = None,
                    locations: Optional[DLPWebRulesLocationsArgs] = None,
                    match_only: Optional[bool] = None,
                    min_size: Optional[int] = None,
                    name: Optional[str] = None,
                    notification_template: Optional[DLPWebRulesNotificationTemplateArgs] = None,
                    ocr_enabled: Optional[bool] = None,
                    order: Optional[int] = None,
                    parent_rule: Optional[int] = None,
                    protocols: Optional[Sequence[str]] = None,
                    rank: Optional[int] = None,
                    severity: Optional[str] = None,
                    state: Optional[str] = None,
                    sub_rules: Optional[Sequence[str]] = None,
                    time_windows: Optional[DLPWebRulesTimeWindowsArgs] = None,
                    url_categories: Optional[DLPWebRulesUrlCategoriesArgs] = None,
                    user_risk_score_levels: Optional[Sequence[str]] = None,
                    users: Optional[DLPWebRulesUsersArgs] = None,
                    without_content_inspection: Optional[bool] = None,
                    workload_groups: Optional[Sequence[DLPWebRulesWorkloadGroupArgs]] = None,
                    zcc_notifications_enabled: Optional[bool] = None,
                    zscaler_incident_receiver: Optional[bool] = None)
    func NewDLPWebRules(ctx *Context, name string, args *DLPWebRulesArgs, opts ...ResourceOption) (*DLPWebRules, error)
    public DLPWebRules(string name, DLPWebRulesArgs? args = null, CustomResourceOptions? opts = null)
    public DLPWebRules(String name, DLPWebRulesArgs args)
    public DLPWebRules(String name, DLPWebRulesArgs args, CustomResourceOptions options)
    
    type: zia:DLPWebRules
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args DLPWebRulesArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args DLPWebRulesArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args DLPWebRulesArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args DLPWebRulesArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args DLPWebRulesArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Example

    The following reference example uses placeholder values for all input properties.

    var dlpwebRulesResource = new Zia.DLPWebRules("dlpwebRulesResource", new()
    {
        Action = "string",
        Auditor = new Zia.Inputs.DLPWebRulesAuditorArgs
        {
            Id = 0,
        },
        CloudApplications = new[]
        {
            "string",
        },
        Departments = new Zia.Inputs.DLPWebRulesDepartmentsArgs
        {
            Ids = new[]
            {
                0,
            },
        },
        Description = "string",
        DlpDownloadScanEnabled = false,
        DlpEngines = new Zia.Inputs.DLPWebRulesDlpEnginesArgs
        {
            Ids = new[]
            {
                0,
            },
        },
        ExcludedDepartments = new Zia.Inputs.DLPWebRulesExcludedDepartmentsArgs
        {
            Ids = new[]
            {
                0,
            },
        },
        ExcludedGroups = new Zia.Inputs.DLPWebRulesExcludedGroupsArgs
        {
            Ids = new[]
            {
                0,
            },
        },
        ExcludedUsers = new Zia.Inputs.DLPWebRulesExcludedUsersArgs
        {
            Ids = new[]
            {
                0,
            },
        },
        ExternalAuditorEmail = "string",
        FileTypes = new[]
        {
            "string",
        },
        Groups = new Zia.Inputs.DLPWebRulesGroupsArgs
        {
            Ids = new[]
            {
                0,
            },
        },
        IcapServer = new Zia.Inputs.DLPWebRulesIcapServerArgs
        {
            Id = 0,
        },
        Labels = new Zia.Inputs.DLPWebRulesLabelsArgs
        {
            Id = 0,
        },
        LocationGroups = new Zia.Inputs.DLPWebRulesLocationGroupsArgs
        {
            Ids = new[]
            {
                0,
            },
        },
        Locations = new Zia.Inputs.DLPWebRulesLocationsArgs
        {
            Ids = new[]
            {
                0,
            },
        },
        MatchOnly = false,
        MinSize = 0,
        Name = "string",
        NotificationTemplate = new Zia.Inputs.DLPWebRulesNotificationTemplateArgs
        {
            Id = 0,
        },
        OcrEnabled = false,
        Order = 0,
        ParentRule = 0,
        Protocols = new[]
        {
            "string",
        },
        Rank = 0,
        Severity = "string",
        State = "string",
        SubRules = new[]
        {
            "string",
        },
        TimeWindows = new Zia.Inputs.DLPWebRulesTimeWindowsArgs
        {
            Ids = new[]
            {
                0,
            },
        },
        UrlCategories = new Zia.Inputs.DLPWebRulesUrlCategoriesArgs
        {
            Ids = new[]
            {
                0,
            },
        },
        UserRiskScoreLevels = new[]
        {
            "string",
        },
        Users = new Zia.Inputs.DLPWebRulesUsersArgs
        {
            Ids = new[]
            {
                0,
            },
        },
        WithoutContentInspection = false,
        WorkloadGroups = new[]
        {
            new Zia.Inputs.DLPWebRulesWorkloadGroupArgs
            {
                Id = 0,
                Name = "string",
            },
        },
        ZccNotificationsEnabled = false,
        ZscalerIncidentReceiver = false,
    });
    
    example, err := zia.NewDLPWebRules(ctx, "dlpwebRulesResource", &zia.DLPWebRulesArgs{
    	Action: pulumi.String("string"),
    	Auditor: &zia.DLPWebRulesAuditorArgs{
    		Id: pulumi.Int(0),
    	},
    	CloudApplications: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Departments: &zia.DLPWebRulesDepartmentsArgs{
    		Ids: pulumi.IntArray{
    			pulumi.Int(0),
    		},
    	},
    	Description:            pulumi.String("string"),
    	DlpDownloadScanEnabled: pulumi.Bool(false),
    	DlpEngines: &zia.DLPWebRulesDlpEnginesArgs{
    		Ids: pulumi.IntArray{
    			pulumi.Int(0),
    		},
    	},
    	ExcludedDepartments: &zia.DLPWebRulesExcludedDepartmentsArgs{
    		Ids: pulumi.IntArray{
    			pulumi.Int(0),
    		},
    	},
    	ExcludedGroups: &zia.DLPWebRulesExcludedGroupsArgs{
    		Ids: pulumi.IntArray{
    			pulumi.Int(0),
    		},
    	},
    	ExcludedUsers: &zia.DLPWebRulesExcludedUsersArgs{
    		Ids: pulumi.IntArray{
    			pulumi.Int(0),
    		},
    	},
    	ExternalAuditorEmail: pulumi.String("string"),
    	FileTypes: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Groups: &zia.DLPWebRulesGroupsArgs{
    		Ids: pulumi.IntArray{
    			pulumi.Int(0),
    		},
    	},
    	IcapServer: &zia.DLPWebRulesIcapServerArgs{
    		Id: pulumi.Int(0),
    	},
    	Labels: &zia.DLPWebRulesLabelsArgs{
    		Id: pulumi.Int(0),
    	},
    	LocationGroups: &zia.DLPWebRulesLocationGroupsArgs{
    		Ids: pulumi.IntArray{
    			pulumi.Int(0),
    		},
    	},
    	Locations: &zia.DLPWebRulesLocationsArgs{
    		Ids: pulumi.IntArray{
    			pulumi.Int(0),
    		},
    	},
    	MatchOnly: pulumi.Bool(false),
    	MinSize:   pulumi.Int(0),
    	Name:      pulumi.String("string"),
    	NotificationTemplate: &zia.DLPWebRulesNotificationTemplateArgs{
    		Id: pulumi.Int(0),
    	},
    	OcrEnabled: pulumi.Bool(false),
    	Order:      pulumi.Int(0),
    	ParentRule: pulumi.Int(0),
    	Protocols: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Rank:     pulumi.Int(0),
    	Severity: pulumi.String("string"),
    	State:    pulumi.String("string"),
    	SubRules: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	TimeWindows: &zia.DLPWebRulesTimeWindowsArgs{
    		Ids: pulumi.IntArray{
    			pulumi.Int(0),
    		},
    	},
    	UrlCategories: &zia.DLPWebRulesUrlCategoriesArgs{
    		Ids: pulumi.IntArray{
    			pulumi.Int(0),
    		},
    	},
    	UserRiskScoreLevels: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Users: &zia.DLPWebRulesUsersArgs{
    		Ids: pulumi.IntArray{
    			pulumi.Int(0),
    		},
    	},
    	WithoutContentInspection: pulumi.Bool(false),
    	WorkloadGroups: zia.DLPWebRulesWorkloadGroupArray{
    		&zia.DLPWebRulesWorkloadGroupArgs{
    			Id:   pulumi.Int(0),
    			Name: pulumi.String("string"),
    		},
    	},
    	ZccNotificationsEnabled: pulumi.Bool(false),
    	ZscalerIncidentReceiver: pulumi.Bool(false),
    })
    
    var dlpwebRulesResource = new DLPWebRules("dlpwebRulesResource", DLPWebRulesArgs.builder()        
        .action("string")
        .auditor(DLPWebRulesAuditorArgs.builder()
            .id(0)
            .build())
        .cloudApplications("string")
        .departments(DLPWebRulesDepartmentsArgs.builder()
            .ids(0)
            .build())
        .description("string")
        .dlpDownloadScanEnabled(false)
        .dlpEngines(DLPWebRulesDlpEnginesArgs.builder()
            .ids(0)
            .build())
        .excludedDepartments(DLPWebRulesExcludedDepartmentsArgs.builder()
            .ids(0)
            .build())
        .excludedGroups(DLPWebRulesExcludedGroupsArgs.builder()
            .ids(0)
            .build())
        .excludedUsers(DLPWebRulesExcludedUsersArgs.builder()
            .ids(0)
            .build())
        .externalAuditorEmail("string")
        .fileTypes("string")
        .groups(DLPWebRulesGroupsArgs.builder()
            .ids(0)
            .build())
        .icapServer(DLPWebRulesIcapServerArgs.builder()
            .id(0)
            .build())
        .labels(DLPWebRulesLabelsArgs.builder()
            .id(0)
            .build())
        .locationGroups(DLPWebRulesLocationGroupsArgs.builder()
            .ids(0)
            .build())
        .locations(DLPWebRulesLocationsArgs.builder()
            .ids(0)
            .build())
        .matchOnly(false)
        .minSize(0)
        .name("string")
        .notificationTemplate(DLPWebRulesNotificationTemplateArgs.builder()
            .id(0)
            .build())
        .ocrEnabled(false)
        .order(0)
        .parentRule(0)
        .protocols("string")
        .rank(0)
        .severity("string")
        .state("string")
        .subRules("string")
        .timeWindows(DLPWebRulesTimeWindowsArgs.builder()
            .ids(0)
            .build())
        .urlCategories(DLPWebRulesUrlCategoriesArgs.builder()
            .ids(0)
            .build())
        .userRiskScoreLevels("string")
        .users(DLPWebRulesUsersArgs.builder()
            .ids(0)
            .build())
        .withoutContentInspection(false)
        .workloadGroups(DLPWebRulesWorkloadGroupArgs.builder()
            .id(0)
            .name("string")
            .build())
        .zccNotificationsEnabled(false)
        .zscalerIncidentReceiver(false)
        .build());
    
    dlpweb_rules_resource = zia.DLPWebRules("dlpwebRulesResource",
        action="string",
        auditor=zia.DLPWebRulesAuditorArgs(
            id=0,
        ),
        cloud_applications=["string"],
        departments=zia.DLPWebRulesDepartmentsArgs(
            ids=[0],
        ),
        description="string",
        dlp_download_scan_enabled=False,
        dlp_engines=zia.DLPWebRulesDlpEnginesArgs(
            ids=[0],
        ),
        excluded_departments=zia.DLPWebRulesExcludedDepartmentsArgs(
            ids=[0],
        ),
        excluded_groups=zia.DLPWebRulesExcludedGroupsArgs(
            ids=[0],
        ),
        excluded_users=zia.DLPWebRulesExcludedUsersArgs(
            ids=[0],
        ),
        external_auditor_email="string",
        file_types=["string"],
        groups=zia.DLPWebRulesGroupsArgs(
            ids=[0],
        ),
        icap_server=zia.DLPWebRulesIcapServerArgs(
            id=0,
        ),
        labels=zia.DLPWebRulesLabelsArgs(
            id=0,
        ),
        location_groups=zia.DLPWebRulesLocationGroupsArgs(
            ids=[0],
        ),
        locations=zia.DLPWebRulesLocationsArgs(
            ids=[0],
        ),
        match_only=False,
        min_size=0,
        name="string",
        notification_template=zia.DLPWebRulesNotificationTemplateArgs(
            id=0,
        ),
        ocr_enabled=False,
        order=0,
        parent_rule=0,
        protocols=["string"],
        rank=0,
        severity="string",
        state="string",
        sub_rules=["string"],
        time_windows=zia.DLPWebRulesTimeWindowsArgs(
            ids=[0],
        ),
        url_categories=zia.DLPWebRulesUrlCategoriesArgs(
            ids=[0],
        ),
        user_risk_score_levels=["string"],
        users=zia.DLPWebRulesUsersArgs(
            ids=[0],
        ),
        without_content_inspection=False,
        workload_groups=[zia.DLPWebRulesWorkloadGroupArgs(
            id=0,
            name="string",
        )],
        zcc_notifications_enabled=False,
        zscaler_incident_receiver=False)
    
    const dlpwebRulesResource = new zia.DLPWebRules("dlpwebRulesResource", {
        action: "string",
        auditor: {
            id: 0,
        },
        cloudApplications: ["string"],
        departments: {
            ids: [0],
        },
        description: "string",
        dlpDownloadScanEnabled: false,
        dlpEngines: {
            ids: [0],
        },
        excludedDepartments: {
            ids: [0],
        },
        excludedGroups: {
            ids: [0],
        },
        excludedUsers: {
            ids: [0],
        },
        externalAuditorEmail: "string",
        fileTypes: ["string"],
        groups: {
            ids: [0],
        },
        icapServer: {
            id: 0,
        },
        labels: {
            id: 0,
        },
        locationGroups: {
            ids: [0],
        },
        locations: {
            ids: [0],
        },
        matchOnly: false,
        minSize: 0,
        name: "string",
        notificationTemplate: {
            id: 0,
        },
        ocrEnabled: false,
        order: 0,
        parentRule: 0,
        protocols: ["string"],
        rank: 0,
        severity: "string",
        state: "string",
        subRules: ["string"],
        timeWindows: {
            ids: [0],
        },
        urlCategories: {
            ids: [0],
        },
        userRiskScoreLevels: ["string"],
        users: {
            ids: [0],
        },
        withoutContentInspection: false,
        workloadGroups: [{
            id: 0,
            name: "string",
        }],
        zccNotificationsEnabled: false,
        zscalerIncidentReceiver: false,
    });
    
    type: zia:DLPWebRules
    properties:
        action: string
        auditor:
            id: 0
        cloudApplications:
            - string
        departments:
            ids:
                - 0
        description: string
        dlpDownloadScanEnabled: false
        dlpEngines:
            ids:
                - 0
        excludedDepartments:
            ids:
                - 0
        excludedGroups:
            ids:
                - 0
        excludedUsers:
            ids:
                - 0
        externalAuditorEmail: string
        fileTypes:
            - string
        groups:
            ids:
                - 0
        icapServer:
            id: 0
        labels:
            id: 0
        locationGroups:
            ids:
                - 0
        locations:
            ids:
                - 0
        matchOnly: false
        minSize: 0
        name: string
        notificationTemplate:
            id: 0
        ocrEnabled: false
        order: 0
        parentRule: 0
        protocols:
            - string
        rank: 0
        severity: string
        state: string
        subRules:
            - string
        timeWindows:
            ids:
                - 0
        urlCategories:
            ids:
                - 0
        userRiskScoreLevels:
            - string
        users:
            ids:
                - 0
        withoutContentInspection: false
        workloadGroups:
            - id: 0
              name: string
        zccNotificationsEnabled: false
        zscalerIncidentReceiver: false
    

    DLPWebRules Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The DLPWebRules resource accepts the following input properties:

    Action string
    The action taken when traffic matches the DLP policy rule criteria. The supported values are:
    Auditor zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesAuditor
    The auditor to which the DLP policy rule must be applied.
    CloudApplications List<string>
    The list of cloud applications to which the DLP policy rule must be applied.
    Departments zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesDepartments
    The name-ID pairs of the departments that are excluded from the DLP policy rule.
    Description string
    The description of the DLP policy rule.
    DlpDownloadScanEnabled bool
    Indicates a DLP policy rule without content inspection, when the value is set to true.
    DlpEngines zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesDlpEngines
    The list of DLP engines to which the DLP policy rule must be applied.
    ExcludedDepartments zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesExcludedDepartments
    The name-ID pairs of the groups that are excluded from the DLP policy rule. Maximum of up to 256 departments.
    ExcludedGroups zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesExcludedGroups
    The name-ID pairs of the groups that are excluded from the DLP policy rule. Maximum of up to 256 groups.
    ExcludedUsers zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesExcludedUsers
    The name-ID pairs of the users that are excluded from the DLP policy rule. Maximum of up to 256 users.
    ExternalAuditorEmail string
    The email address of an external auditor to whom DLP email notifications are sent.
    FileTypes List<string>

    The list of file types to which the DLP policy rule must be applied. For the complete list of supported file types refer to the ZIA API documentation

    • Note: BITMAP, JPEG, PNG, and TIFF file types are exclusively supported when optical character recognition ocr_enabled is set to true for DLP rules with content inspection.

    • Note: ALL_OUTBOUND file type is applicable only when the predefined DLP engine called EXTERNAL is used and when the attribute without_content_inspection is set to false.

    • Note: ALL_OUTBOUND file type cannot be used alongside any any other file type.

    Groups zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesGroups
    The Name-ID pairs of groups to which the DLP policy rule must be applied. Maximum of up to 8 groups. When not used it implies Any to apply the rule to all groups.
    IcapServer zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesIcapServer
    The DLP server, using ICAP, to which the transaction content is forwarded.
    Labels zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesLabels
    The Name-ID pairs of rule labels associated to the DLP policy rule.
    LocationGroups zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesLocationGroups
    The Name-ID pairs of locations groups to which the DLP policy rule must be applied. Maximum of up to 32 location groups. When not used it implies Any to apply the rule to all location groups.
    Locations zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesLocations
    The Name-ID pairs of locations to which the DLP policy rule must be applied. Maximum of up to 8 locations. When not used it implies Any to apply the rule to all locations.
    MatchOnly bool
    The match only criteria for DLP engines.
    MinSize int
    The minimum file size (in KB) used for evaluation of the DLP policy rule.
    Name string
    The name of the workload group
    NotificationTemplate zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesNotificationTemplate
    The template used for DLP notification emails.
    OcrEnabled bool
    Enables or disables image file scanning. When OCR is enabled only the following file_types are supported: WINDOWS_META_FORMAT, BITMAP, JPEG, PNG, TIFF
    Order int
    The rule order of execution for the DLP policy rule with respect to other rules.
    ParentRule int

    The unique identifier of the parent rule under which an exception rule is added.

    Note: Exception rules can be configured only when the inline DLP rule evaluation type is set to evaluate all DLP rules in the DLP Advanced Settings.

    Protocols List<string>
    The protocol criteria specified for the DLP policy rule.
    Rank int
    Admin rank of the admin who creates this rule
    Severity string
    Indicates the severity selected for the DLP rule violation: Returned values are: RULE_SEVERITY_HIGH, RULE_SEVERITY_MEDIUM, RULE_SEVERITY_LOW, RULE_SEVERITY_INFO
    State string
    Enables or disables the DLP policy rule.. The supported values are:
    SubRules List<string>

    The list of exception rules added to a parent rule.

    Note: All attributes within the WebDlpRule model are applicable to the sub-rules. Values for each rule are specified by using the WebDlpRule object Exception rules can be configured only when the inline DLP rule evaluation type is set to evaluate all DLP rules in the DLP Advanced Settings.

    TimeWindows zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesTimeWindows
    The Name-ID pairs of time windows to which the DLP policy rule must be applied. Maximum of up to 2 time intervals. When not used it implies always to apply the rule to all time intervals.
    UrlCategories zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesUrlCategories
    The list of URL categories to which the DLP policy rule must be applied.
    UserRiskScoreLevels List<string>
    Indicates the user risk score level selectedd for the DLP rule violation: Returned values are: LOW, MEDIUM, HIGH, CRITICAL
    Users zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesUsers
    The Name-ID pairs of users to which the DLP policy rule must be applied. Maximum of up to 4 users. When not used it implies Any to apply the rule to all users.
    WithoutContentInspection bool
    must be set to false if file_types is not defined.
    WorkloadGroups List<zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesWorkloadGroup>
    The list of preconfigured workload groups to which the policy must be applied
    ZccNotificationsEnabled bool
    Indicates a DLP policy rule without content inspection, when the value is set to true.
    ZscalerIncidentReceiver bool
    Indicates whether a Zscaler Incident Receiver is associated to the DLP policy rule.
    Action string
    The action taken when traffic matches the DLP policy rule criteria. The supported values are:
    Auditor DLPWebRulesAuditorArgs
    The auditor to which the DLP policy rule must be applied.
    CloudApplications []string
    The list of cloud applications to which the DLP policy rule must be applied.
    Departments DLPWebRulesDepartmentsArgs
    The name-ID pairs of the departments that are excluded from the DLP policy rule.
    Description string
    The description of the DLP policy rule.
    DlpDownloadScanEnabled bool
    Indicates a DLP policy rule without content inspection, when the value is set to true.
    DlpEngines DLPWebRulesDlpEnginesArgs
    The list of DLP engines to which the DLP policy rule must be applied.
    ExcludedDepartments DLPWebRulesExcludedDepartmentsArgs
    The name-ID pairs of the groups that are excluded from the DLP policy rule. Maximum of up to 256 departments.
    ExcludedGroups DLPWebRulesExcludedGroupsArgs
    The name-ID pairs of the groups that are excluded from the DLP policy rule. Maximum of up to 256 groups.
    ExcludedUsers DLPWebRulesExcludedUsersArgs
    The name-ID pairs of the users that are excluded from the DLP policy rule. Maximum of up to 256 users.
    ExternalAuditorEmail string
    The email address of an external auditor to whom DLP email notifications are sent.
    FileTypes []string

    The list of file types to which the DLP policy rule must be applied. For the complete list of supported file types refer to the ZIA API documentation

    • Note: BITMAP, JPEG, PNG, and TIFF file types are exclusively supported when optical character recognition ocr_enabled is set to true for DLP rules with content inspection.

    • Note: ALL_OUTBOUND file type is applicable only when the predefined DLP engine called EXTERNAL is used and when the attribute without_content_inspection is set to false.

    • Note: ALL_OUTBOUND file type cannot be used alongside any any other file type.

    Groups DLPWebRulesGroupsArgs
    The Name-ID pairs of groups to which the DLP policy rule must be applied. Maximum of up to 8 groups. When not used it implies Any to apply the rule to all groups.
    IcapServer DLPWebRulesIcapServerArgs
    The DLP server, using ICAP, to which the transaction content is forwarded.
    Labels DLPWebRulesLabelsArgs
    The Name-ID pairs of rule labels associated to the DLP policy rule.
    LocationGroups DLPWebRulesLocationGroupsArgs
    The Name-ID pairs of locations groups to which the DLP policy rule must be applied. Maximum of up to 32 location groups. When not used it implies Any to apply the rule to all location groups.
    Locations DLPWebRulesLocationsArgs
    The Name-ID pairs of locations to which the DLP policy rule must be applied. Maximum of up to 8 locations. When not used it implies Any to apply the rule to all locations.
    MatchOnly bool
    The match only criteria for DLP engines.
    MinSize int
    The minimum file size (in KB) used for evaluation of the DLP policy rule.
    Name string
    The name of the workload group
    NotificationTemplate DLPWebRulesNotificationTemplateArgs
    The template used for DLP notification emails.
    OcrEnabled bool
    Enables or disables image file scanning. When OCR is enabled only the following file_types are supported: WINDOWS_META_FORMAT, BITMAP, JPEG, PNG, TIFF
    Order int
    The rule order of execution for the DLP policy rule with respect to other rules.
    ParentRule int

    The unique identifier of the parent rule under which an exception rule is added.

    Note: Exception rules can be configured only when the inline DLP rule evaluation type is set to evaluate all DLP rules in the DLP Advanced Settings.

    Protocols []string
    The protocol criteria specified for the DLP policy rule.
    Rank int
    Admin rank of the admin who creates this rule
    Severity string
    Indicates the severity selected for the DLP rule violation: Returned values are: RULE_SEVERITY_HIGH, RULE_SEVERITY_MEDIUM, RULE_SEVERITY_LOW, RULE_SEVERITY_INFO
    State string
    Enables or disables the DLP policy rule.. The supported values are:
    SubRules []string

    The list of exception rules added to a parent rule.

    Note: All attributes within the WebDlpRule model are applicable to the sub-rules. Values for each rule are specified by using the WebDlpRule object Exception rules can be configured only when the inline DLP rule evaluation type is set to evaluate all DLP rules in the DLP Advanced Settings.

    TimeWindows DLPWebRulesTimeWindowsArgs
    The Name-ID pairs of time windows to which the DLP policy rule must be applied. Maximum of up to 2 time intervals. When not used it implies always to apply the rule to all time intervals.
    UrlCategories DLPWebRulesUrlCategoriesArgs
    The list of URL categories to which the DLP policy rule must be applied.
    UserRiskScoreLevels []string
    Indicates the user risk score level selectedd for the DLP rule violation: Returned values are: LOW, MEDIUM, HIGH, CRITICAL
    Users DLPWebRulesUsersArgs
    The Name-ID pairs of users to which the DLP policy rule must be applied. Maximum of up to 4 users. When not used it implies Any to apply the rule to all users.
    WithoutContentInspection bool
    must be set to false if file_types is not defined.
    WorkloadGroups []DLPWebRulesWorkloadGroupArgs
    The list of preconfigured workload groups to which the policy must be applied
    ZccNotificationsEnabled bool
    Indicates a DLP policy rule without content inspection, when the value is set to true.
    ZscalerIncidentReceiver bool
    Indicates whether a Zscaler Incident Receiver is associated to the DLP policy rule.
    action String
    The action taken when traffic matches the DLP policy rule criteria. The supported values are:
    auditor DLPWebRulesAuditor
    The auditor to which the DLP policy rule must be applied.
    cloudApplications List<String>
    The list of cloud applications to which the DLP policy rule must be applied.
    departments DLPWebRulesDepartments
    The name-ID pairs of the departments that are excluded from the DLP policy rule.
    description String
    The description of the DLP policy rule.
    dlpDownloadScanEnabled Boolean
    Indicates a DLP policy rule without content inspection, when the value is set to true.
    dlpEngines DLPWebRulesDlpEngines
    The list of DLP engines to which the DLP policy rule must be applied.
    excludedDepartments DLPWebRulesExcludedDepartments
    The name-ID pairs of the groups that are excluded from the DLP policy rule. Maximum of up to 256 departments.
    excludedGroups DLPWebRulesExcludedGroups
    The name-ID pairs of the groups that are excluded from the DLP policy rule. Maximum of up to 256 groups.
    excludedUsers DLPWebRulesExcludedUsers
    The name-ID pairs of the users that are excluded from the DLP policy rule. Maximum of up to 256 users.
    externalAuditorEmail String
    The email address of an external auditor to whom DLP email notifications are sent.
    fileTypes List<String>

    The list of file types to which the DLP policy rule must be applied. For the complete list of supported file types refer to the ZIA API documentation

    • Note: BITMAP, JPEG, PNG, and TIFF file types are exclusively supported when optical character recognition ocr_enabled is set to true for DLP rules with content inspection.

    • Note: ALL_OUTBOUND file type is applicable only when the predefined DLP engine called EXTERNAL is used and when the attribute without_content_inspection is set to false.

    • Note: ALL_OUTBOUND file type cannot be used alongside any any other file type.

    groups DLPWebRulesGroups
    The Name-ID pairs of groups to which the DLP policy rule must be applied. Maximum of up to 8 groups. When not used it implies Any to apply the rule to all groups.
    icapServer DLPWebRulesIcapServer
    The DLP server, using ICAP, to which the transaction content is forwarded.
    labels DLPWebRulesLabels
    The Name-ID pairs of rule labels associated to the DLP policy rule.
    locationGroups DLPWebRulesLocationGroups
    The Name-ID pairs of locations groups to which the DLP policy rule must be applied. Maximum of up to 32 location groups. When not used it implies Any to apply the rule to all location groups.
    locations DLPWebRulesLocations
    The Name-ID pairs of locations to which the DLP policy rule must be applied. Maximum of up to 8 locations. When not used it implies Any to apply the rule to all locations.
    matchOnly Boolean
    The match only criteria for DLP engines.
    minSize Integer
    The minimum file size (in KB) used for evaluation of the DLP policy rule.
    name String
    The name of the workload group
    notificationTemplate DLPWebRulesNotificationTemplate
    The template used for DLP notification emails.
    ocrEnabled Boolean
    Enables or disables image file scanning. When OCR is enabled only the following file_types are supported: WINDOWS_META_FORMAT, BITMAP, JPEG, PNG, TIFF
    order Integer
    The rule order of execution for the DLP policy rule with respect to other rules.
    parentRule Integer

    The unique identifier of the parent rule under which an exception rule is added.

    Note: Exception rules can be configured only when the inline DLP rule evaluation type is set to evaluate all DLP rules in the DLP Advanced Settings.

    protocols List<String>
    The protocol criteria specified for the DLP policy rule.
    rank Integer
    Admin rank of the admin who creates this rule
    severity String
    Indicates the severity selected for the DLP rule violation: Returned values are: RULE_SEVERITY_HIGH, RULE_SEVERITY_MEDIUM, RULE_SEVERITY_LOW, RULE_SEVERITY_INFO
    state String
    Enables or disables the DLP policy rule.. The supported values are:
    subRules List<String>

    The list of exception rules added to a parent rule.

    Note: All attributes within the WebDlpRule model are applicable to the sub-rules. Values for each rule are specified by using the WebDlpRule object Exception rules can be configured only when the inline DLP rule evaluation type is set to evaluate all DLP rules in the DLP Advanced Settings.

    timeWindows DLPWebRulesTimeWindows
    The Name-ID pairs of time windows to which the DLP policy rule must be applied. Maximum of up to 2 time intervals. When not used it implies always to apply the rule to all time intervals.
    urlCategories DLPWebRulesUrlCategories
    The list of URL categories to which the DLP policy rule must be applied.
    userRiskScoreLevels List<String>
    Indicates the user risk score level selectedd for the DLP rule violation: Returned values are: LOW, MEDIUM, HIGH, CRITICAL
    users DLPWebRulesUsers
    The Name-ID pairs of users to which the DLP policy rule must be applied. Maximum of up to 4 users. When not used it implies Any to apply the rule to all users.
    withoutContentInspection Boolean
    must be set to false if file_types is not defined.
    workloadGroups List<DLPWebRulesWorkloadGroup>
    The list of preconfigured workload groups to which the policy must be applied
    zccNotificationsEnabled Boolean
    Indicates a DLP policy rule without content inspection, when the value is set to true.
    zscalerIncidentReceiver Boolean
    Indicates whether a Zscaler Incident Receiver is associated to the DLP policy rule.
    action string
    The action taken when traffic matches the DLP policy rule criteria. The supported values are:
    auditor DLPWebRulesAuditor
    The auditor to which the DLP policy rule must be applied.
    cloudApplications string[]
    The list of cloud applications to which the DLP policy rule must be applied.
    departments DLPWebRulesDepartments
    The name-ID pairs of the departments that are excluded from the DLP policy rule.
    description string
    The description of the DLP policy rule.
    dlpDownloadScanEnabled boolean
    Indicates a DLP policy rule without content inspection, when the value is set to true.
    dlpEngines DLPWebRulesDlpEngines
    The list of DLP engines to which the DLP policy rule must be applied.
    excludedDepartments DLPWebRulesExcludedDepartments
    The name-ID pairs of the groups that are excluded from the DLP policy rule. Maximum of up to 256 departments.
    excludedGroups DLPWebRulesExcludedGroups
    The name-ID pairs of the groups that are excluded from the DLP policy rule. Maximum of up to 256 groups.
    excludedUsers DLPWebRulesExcludedUsers
    The name-ID pairs of the users that are excluded from the DLP policy rule. Maximum of up to 256 users.
    externalAuditorEmail string
    The email address of an external auditor to whom DLP email notifications are sent.
    fileTypes string[]

    The list of file types to which the DLP policy rule must be applied. For the complete list of supported file types refer to the ZIA API documentation

    • Note: BITMAP, JPEG, PNG, and TIFF file types are exclusively supported when optical character recognition ocr_enabled is set to true for DLP rules with content inspection.

    • Note: ALL_OUTBOUND file type is applicable only when the predefined DLP engine called EXTERNAL is used and when the attribute without_content_inspection is set to false.

    • Note: ALL_OUTBOUND file type cannot be used alongside any any other file type.

    groups DLPWebRulesGroups
    The Name-ID pairs of groups to which the DLP policy rule must be applied. Maximum of up to 8 groups. When not used it implies Any to apply the rule to all groups.
    icapServer DLPWebRulesIcapServer
    The DLP server, using ICAP, to which the transaction content is forwarded.
    labels DLPWebRulesLabels
    The Name-ID pairs of rule labels associated to the DLP policy rule.
    locationGroups DLPWebRulesLocationGroups
    The Name-ID pairs of locations groups to which the DLP policy rule must be applied. Maximum of up to 32 location groups. When not used it implies Any to apply the rule to all location groups.
    locations DLPWebRulesLocations
    The Name-ID pairs of locations to which the DLP policy rule must be applied. Maximum of up to 8 locations. When not used it implies Any to apply the rule to all locations.
    matchOnly boolean
    The match only criteria for DLP engines.
    minSize number
    The minimum file size (in KB) used for evaluation of the DLP policy rule.
    name string
    The name of the workload group
    notificationTemplate DLPWebRulesNotificationTemplate
    The template used for DLP notification emails.
    ocrEnabled boolean
    Enables or disables image file scanning. When OCR is enabled only the following file_types are supported: WINDOWS_META_FORMAT, BITMAP, JPEG, PNG, TIFF
    order number
    The rule order of execution for the DLP policy rule with respect to other rules.
    parentRule number

    The unique identifier of the parent rule under which an exception rule is added.

    Note: Exception rules can be configured only when the inline DLP rule evaluation type is set to evaluate all DLP rules in the DLP Advanced Settings.

    protocols string[]
    The protocol criteria specified for the DLP policy rule.
    rank number
    Admin rank of the admin who creates this rule
    severity string
    Indicates the severity selected for the DLP rule violation: Returned values are: RULE_SEVERITY_HIGH, RULE_SEVERITY_MEDIUM, RULE_SEVERITY_LOW, RULE_SEVERITY_INFO
    state string
    Enables or disables the DLP policy rule.. The supported values are:
    subRules string[]

    The list of exception rules added to a parent rule.

    Note: All attributes within the WebDlpRule model are applicable to the sub-rules. Values for each rule are specified by using the WebDlpRule object Exception rules can be configured only when the inline DLP rule evaluation type is set to evaluate all DLP rules in the DLP Advanced Settings.

    timeWindows DLPWebRulesTimeWindows
    The Name-ID pairs of time windows to which the DLP policy rule must be applied. Maximum of up to 2 time intervals. When not used it implies always to apply the rule to all time intervals.
    urlCategories DLPWebRulesUrlCategories
    The list of URL categories to which the DLP policy rule must be applied.
    userRiskScoreLevels string[]
    Indicates the user risk score level selectedd for the DLP rule violation: Returned values are: LOW, MEDIUM, HIGH, CRITICAL
    users DLPWebRulesUsers
    The Name-ID pairs of users to which the DLP policy rule must be applied. Maximum of up to 4 users. When not used it implies Any to apply the rule to all users.
    withoutContentInspection boolean
    must be set to false if file_types is not defined.
    workloadGroups DLPWebRulesWorkloadGroup[]
    The list of preconfigured workload groups to which the policy must be applied
    zccNotificationsEnabled boolean
    Indicates a DLP policy rule without content inspection, when the value is set to true.
    zscalerIncidentReceiver boolean
    Indicates whether a Zscaler Incident Receiver is associated to the DLP policy rule.
    action str
    The action taken when traffic matches the DLP policy rule criteria. The supported values are:
    auditor DLPWebRulesAuditorArgs
    The auditor to which the DLP policy rule must be applied.
    cloud_applications Sequence[str]
    The list of cloud applications to which the DLP policy rule must be applied.
    departments DLPWebRulesDepartmentsArgs
    The name-ID pairs of the departments that are excluded from the DLP policy rule.
    description str
    The description of the DLP policy rule.
    dlp_download_scan_enabled bool
    Indicates a DLP policy rule without content inspection, when the value is set to true.
    dlp_engines DLPWebRulesDlpEnginesArgs
    The list of DLP engines to which the DLP policy rule must be applied.
    excluded_departments DLPWebRulesExcludedDepartmentsArgs
    The name-ID pairs of the groups that are excluded from the DLP policy rule. Maximum of up to 256 departments.
    excluded_groups DLPWebRulesExcludedGroupsArgs
    The name-ID pairs of the groups that are excluded from the DLP policy rule. Maximum of up to 256 groups.
    excluded_users DLPWebRulesExcludedUsersArgs
    The name-ID pairs of the users that are excluded from the DLP policy rule. Maximum of up to 256 users.
    external_auditor_email str
    The email address of an external auditor to whom DLP email notifications are sent.
    file_types Sequence[str]

    The list of file types to which the DLP policy rule must be applied. For the complete list of supported file types refer to the ZIA API documentation

    • Note: BITMAP, JPEG, PNG, and TIFF file types are exclusively supported when optical character recognition ocr_enabled is set to true for DLP rules with content inspection.

    • Note: ALL_OUTBOUND file type is applicable only when the predefined DLP engine called EXTERNAL is used and when the attribute without_content_inspection is set to false.

    • Note: ALL_OUTBOUND file type cannot be used alongside any any other file type.

    groups DLPWebRulesGroupsArgs
    The Name-ID pairs of groups to which the DLP policy rule must be applied. Maximum of up to 8 groups. When not used it implies Any to apply the rule to all groups.
    icap_server DLPWebRulesIcapServerArgs
    The DLP server, using ICAP, to which the transaction content is forwarded.
    labels DLPWebRulesLabelsArgs
    The Name-ID pairs of rule labels associated to the DLP policy rule.
    location_groups DLPWebRulesLocationGroupsArgs
    The Name-ID pairs of locations groups to which the DLP policy rule must be applied. Maximum of up to 32 location groups. When not used it implies Any to apply the rule to all location groups.
    locations DLPWebRulesLocationsArgs
    The Name-ID pairs of locations to which the DLP policy rule must be applied. Maximum of up to 8 locations. When not used it implies Any to apply the rule to all locations.
    match_only bool
    The match only criteria for DLP engines.
    min_size int
    The minimum file size (in KB) used for evaluation of the DLP policy rule.
    name str
    The name of the workload group
    notification_template DLPWebRulesNotificationTemplateArgs
    The template used for DLP notification emails.
    ocr_enabled bool
    Enables or disables image file scanning. When OCR is enabled only the following file_types are supported: WINDOWS_META_FORMAT, BITMAP, JPEG, PNG, TIFF
    order int
    The rule order of execution for the DLP policy rule with respect to other rules.
    parent_rule int

    The unique identifier of the parent rule under which an exception rule is added.

    Note: Exception rules can be configured only when the inline DLP rule evaluation type is set to evaluate all DLP rules in the DLP Advanced Settings.

    protocols Sequence[str]
    The protocol criteria specified for the DLP policy rule.
    rank int
    Admin rank of the admin who creates this rule
    severity str
    Indicates the severity selected for the DLP rule violation: Returned values are: RULE_SEVERITY_HIGH, RULE_SEVERITY_MEDIUM, RULE_SEVERITY_LOW, RULE_SEVERITY_INFO
    state str
    Enables or disables the DLP policy rule.. The supported values are:
    sub_rules Sequence[str]

    The list of exception rules added to a parent rule.

    Note: All attributes within the WebDlpRule model are applicable to the sub-rules. Values for each rule are specified by using the WebDlpRule object Exception rules can be configured only when the inline DLP rule evaluation type is set to evaluate all DLP rules in the DLP Advanced Settings.

    time_windows DLPWebRulesTimeWindowsArgs
    The Name-ID pairs of time windows to which the DLP policy rule must be applied. Maximum of up to 2 time intervals. When not used it implies always to apply the rule to all time intervals.
    url_categories DLPWebRulesUrlCategoriesArgs
    The list of URL categories to which the DLP policy rule must be applied.
    user_risk_score_levels Sequence[str]
    Indicates the user risk score level selectedd for the DLP rule violation: Returned values are: LOW, MEDIUM, HIGH, CRITICAL
    users DLPWebRulesUsersArgs
    The Name-ID pairs of users to which the DLP policy rule must be applied. Maximum of up to 4 users. When not used it implies Any to apply the rule to all users.
    without_content_inspection bool
    must be set to false if file_types is not defined.
    workload_groups Sequence[DLPWebRulesWorkloadGroupArgs]
    The list of preconfigured workload groups to which the policy must be applied
    zcc_notifications_enabled bool
    Indicates a DLP policy rule without content inspection, when the value is set to true.
    zscaler_incident_receiver bool
    Indicates whether a Zscaler Incident Receiver is associated to the DLP policy rule.
    action String
    The action taken when traffic matches the DLP policy rule criteria. The supported values are:
    auditor Property Map
    The auditor to which the DLP policy rule must be applied.
    cloudApplications List<String>
    The list of cloud applications to which the DLP policy rule must be applied.
    departments Property Map
    The name-ID pairs of the departments that are excluded from the DLP policy rule.
    description String
    The description of the DLP policy rule.
    dlpDownloadScanEnabled Boolean
    Indicates a DLP policy rule without content inspection, when the value is set to true.
    dlpEngines Property Map
    The list of DLP engines to which the DLP policy rule must be applied.
    excludedDepartments Property Map
    The name-ID pairs of the groups that are excluded from the DLP policy rule. Maximum of up to 256 departments.
    excludedGroups Property Map
    The name-ID pairs of the groups that are excluded from the DLP policy rule. Maximum of up to 256 groups.
    excludedUsers Property Map
    The name-ID pairs of the users that are excluded from the DLP policy rule. Maximum of up to 256 users.
    externalAuditorEmail String
    The email address of an external auditor to whom DLP email notifications are sent.
    fileTypes List<String>

    The list of file types to which the DLP policy rule must be applied. For the complete list of supported file types refer to the ZIA API documentation

    • Note: BITMAP, JPEG, PNG, and TIFF file types are exclusively supported when optical character recognition ocr_enabled is set to true for DLP rules with content inspection.

    • Note: ALL_OUTBOUND file type is applicable only when the predefined DLP engine called EXTERNAL is used and when the attribute without_content_inspection is set to false.

    • Note: ALL_OUTBOUND file type cannot be used alongside any any other file type.

    groups Property Map
    The Name-ID pairs of groups to which the DLP policy rule must be applied. Maximum of up to 8 groups. When not used it implies Any to apply the rule to all groups.
    icapServer Property Map
    The DLP server, using ICAP, to which the transaction content is forwarded.
    labels Property Map
    The Name-ID pairs of rule labels associated to the DLP policy rule.
    locationGroups Property Map
    The Name-ID pairs of locations groups to which the DLP policy rule must be applied. Maximum of up to 32 location groups. When not used it implies Any to apply the rule to all location groups.
    locations Property Map
    The Name-ID pairs of locations to which the DLP policy rule must be applied. Maximum of up to 8 locations. When not used it implies Any to apply the rule to all locations.
    matchOnly Boolean
    The match only criteria for DLP engines.
    minSize Number
    The minimum file size (in KB) used for evaluation of the DLP policy rule.
    name String
    The name of the workload group
    notificationTemplate Property Map
    The template used for DLP notification emails.
    ocrEnabled Boolean
    Enables or disables image file scanning. When OCR is enabled only the following file_types are supported: WINDOWS_META_FORMAT, BITMAP, JPEG, PNG, TIFF
    order Number
    The rule order of execution for the DLP policy rule with respect to other rules.
    parentRule Number

    The unique identifier of the parent rule under which an exception rule is added.

    Note: Exception rules can be configured only when the inline DLP rule evaluation type is set to evaluate all DLP rules in the DLP Advanced Settings.

    protocols List<String>
    The protocol criteria specified for the DLP policy rule.
    rank Number
    Admin rank of the admin who creates this rule
    severity String
    Indicates the severity selected for the DLP rule violation: Returned values are: RULE_SEVERITY_HIGH, RULE_SEVERITY_MEDIUM, RULE_SEVERITY_LOW, RULE_SEVERITY_INFO
    state String
    Enables or disables the DLP policy rule.. The supported values are:
    subRules List<String>

    The list of exception rules added to a parent rule.

    Note: All attributes within the WebDlpRule model are applicable to the sub-rules. Values for each rule are specified by using the WebDlpRule object Exception rules can be configured only when the inline DLP rule evaluation type is set to evaluate all DLP rules in the DLP Advanced Settings.

    timeWindows Property Map
    The Name-ID pairs of time windows to which the DLP policy rule must be applied. Maximum of up to 2 time intervals. When not used it implies always to apply the rule to all time intervals.
    urlCategories Property Map
    The list of URL categories to which the DLP policy rule must be applied.
    userRiskScoreLevels List<String>
    Indicates the user risk score level selectedd for the DLP rule violation: Returned values are: LOW, MEDIUM, HIGH, CRITICAL
    users Property Map
    The Name-ID pairs of users to which the DLP policy rule must be applied. Maximum of up to 4 users. When not used it implies Any to apply the rule to all users.
    withoutContentInspection Boolean
    must be set to false if file_types is not defined.
    workloadGroups List<Property Map>
    The list of preconfigured workload groups to which the policy must be applied
    zccNotificationsEnabled Boolean
    Indicates a DLP policy rule without content inspection, when the value is set to true.
    zscalerIncidentReceiver Boolean
    Indicates whether a Zscaler Incident Receiver is associated to the DLP policy rule.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the DLPWebRules resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    RuleId int
    Id string
    The provider-assigned unique ID for this managed resource.
    RuleId int
    id String
    The provider-assigned unique ID for this managed resource.
    ruleId Integer
    id string
    The provider-assigned unique ID for this managed resource.
    ruleId number
    id str
    The provider-assigned unique ID for this managed resource.
    rule_id int
    id String
    The provider-assigned unique ID for this managed resource.
    ruleId Number

    Look up Existing DLPWebRules Resource

    Get an existing DLPWebRules resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: DLPWebRulesState, opts?: CustomResourceOptions): DLPWebRules
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            action: Optional[str] = None,
            auditor: Optional[DLPWebRulesAuditorArgs] = None,
            cloud_applications: Optional[Sequence[str]] = None,
            departments: Optional[DLPWebRulesDepartmentsArgs] = None,
            description: Optional[str] = None,
            dlp_download_scan_enabled: Optional[bool] = None,
            dlp_engines: Optional[DLPWebRulesDlpEnginesArgs] = None,
            excluded_departments: Optional[DLPWebRulesExcludedDepartmentsArgs] = None,
            excluded_groups: Optional[DLPWebRulesExcludedGroupsArgs] = None,
            excluded_users: Optional[DLPWebRulesExcludedUsersArgs] = None,
            external_auditor_email: Optional[str] = None,
            file_types: Optional[Sequence[str]] = None,
            groups: Optional[DLPWebRulesGroupsArgs] = None,
            icap_server: Optional[DLPWebRulesIcapServerArgs] = None,
            labels: Optional[DLPWebRulesLabelsArgs] = None,
            location_groups: Optional[DLPWebRulesLocationGroupsArgs] = None,
            locations: Optional[DLPWebRulesLocationsArgs] = None,
            match_only: Optional[bool] = None,
            min_size: Optional[int] = None,
            name: Optional[str] = None,
            notification_template: Optional[DLPWebRulesNotificationTemplateArgs] = None,
            ocr_enabled: Optional[bool] = None,
            order: Optional[int] = None,
            parent_rule: Optional[int] = None,
            protocols: Optional[Sequence[str]] = None,
            rank: Optional[int] = None,
            rule_id: Optional[int] = None,
            severity: Optional[str] = None,
            state: Optional[str] = None,
            sub_rules: Optional[Sequence[str]] = None,
            time_windows: Optional[DLPWebRulesTimeWindowsArgs] = None,
            url_categories: Optional[DLPWebRulesUrlCategoriesArgs] = None,
            user_risk_score_levels: Optional[Sequence[str]] = None,
            users: Optional[DLPWebRulesUsersArgs] = None,
            without_content_inspection: Optional[bool] = None,
            workload_groups: Optional[Sequence[DLPWebRulesWorkloadGroupArgs]] = None,
            zcc_notifications_enabled: Optional[bool] = None,
            zscaler_incident_receiver: Optional[bool] = None) -> DLPWebRules
    func GetDLPWebRules(ctx *Context, name string, id IDInput, state *DLPWebRulesState, opts ...ResourceOption) (*DLPWebRules, error)
    public static DLPWebRules Get(string name, Input<string> id, DLPWebRulesState? state, CustomResourceOptions? opts = null)
    public static DLPWebRules get(String name, Output<String> id, DLPWebRulesState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Action string
    The action taken when traffic matches the DLP policy rule criteria. The supported values are:
    Auditor zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesAuditor
    The auditor to which the DLP policy rule must be applied.
    CloudApplications List<string>
    The list of cloud applications to which the DLP policy rule must be applied.
    Departments zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesDepartments
    The name-ID pairs of the departments that are excluded from the DLP policy rule.
    Description string
    The description of the DLP policy rule.
    DlpDownloadScanEnabled bool
    Indicates a DLP policy rule without content inspection, when the value is set to true.
    DlpEngines zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesDlpEngines
    The list of DLP engines to which the DLP policy rule must be applied.
    ExcludedDepartments zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesExcludedDepartments
    The name-ID pairs of the groups that are excluded from the DLP policy rule. Maximum of up to 256 departments.
    ExcludedGroups zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesExcludedGroups
    The name-ID pairs of the groups that are excluded from the DLP policy rule. Maximum of up to 256 groups.
    ExcludedUsers zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesExcludedUsers
    The name-ID pairs of the users that are excluded from the DLP policy rule. Maximum of up to 256 users.
    ExternalAuditorEmail string
    The email address of an external auditor to whom DLP email notifications are sent.
    FileTypes List<string>

    The list of file types to which the DLP policy rule must be applied. For the complete list of supported file types refer to the ZIA API documentation

    • Note: BITMAP, JPEG, PNG, and TIFF file types are exclusively supported when optical character recognition ocr_enabled is set to true for DLP rules with content inspection.

    • Note: ALL_OUTBOUND file type is applicable only when the predefined DLP engine called EXTERNAL is used and when the attribute without_content_inspection is set to false.

    • Note: ALL_OUTBOUND file type cannot be used alongside any any other file type.

    Groups zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesGroups
    The Name-ID pairs of groups to which the DLP policy rule must be applied. Maximum of up to 8 groups. When not used it implies Any to apply the rule to all groups.
    IcapServer zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesIcapServer
    The DLP server, using ICAP, to which the transaction content is forwarded.
    Labels zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesLabels
    The Name-ID pairs of rule labels associated to the DLP policy rule.
    LocationGroups zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesLocationGroups
    The Name-ID pairs of locations groups to which the DLP policy rule must be applied. Maximum of up to 32 location groups. When not used it implies Any to apply the rule to all location groups.
    Locations zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesLocations
    The Name-ID pairs of locations to which the DLP policy rule must be applied. Maximum of up to 8 locations. When not used it implies Any to apply the rule to all locations.
    MatchOnly bool
    The match only criteria for DLP engines.
    MinSize int
    The minimum file size (in KB) used for evaluation of the DLP policy rule.
    Name string
    The name of the workload group
    NotificationTemplate zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesNotificationTemplate
    The template used for DLP notification emails.
    OcrEnabled bool
    Enables or disables image file scanning. When OCR is enabled only the following file_types are supported: WINDOWS_META_FORMAT, BITMAP, JPEG, PNG, TIFF
    Order int
    The rule order of execution for the DLP policy rule with respect to other rules.
    ParentRule int

    The unique identifier of the parent rule under which an exception rule is added.

    Note: Exception rules can be configured only when the inline DLP rule evaluation type is set to evaluate all DLP rules in the DLP Advanced Settings.

    Protocols List<string>
    The protocol criteria specified for the DLP policy rule.
    Rank int
    Admin rank of the admin who creates this rule
    RuleId int
    Severity string
    Indicates the severity selected for the DLP rule violation: Returned values are: RULE_SEVERITY_HIGH, RULE_SEVERITY_MEDIUM, RULE_SEVERITY_LOW, RULE_SEVERITY_INFO
    State string
    Enables or disables the DLP policy rule.. The supported values are:
    SubRules List<string>

    The list of exception rules added to a parent rule.

    Note: All attributes within the WebDlpRule model are applicable to the sub-rules. Values for each rule are specified by using the WebDlpRule object Exception rules can be configured only when the inline DLP rule evaluation type is set to evaluate all DLP rules in the DLP Advanced Settings.

    TimeWindows zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesTimeWindows
    The Name-ID pairs of time windows to which the DLP policy rule must be applied. Maximum of up to 2 time intervals. When not used it implies always to apply the rule to all time intervals.
    UrlCategories zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesUrlCategories
    The list of URL categories to which the DLP policy rule must be applied.
    UserRiskScoreLevels List<string>
    Indicates the user risk score level selectedd for the DLP rule violation: Returned values are: LOW, MEDIUM, HIGH, CRITICAL
    Users zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesUsers
    The Name-ID pairs of users to which the DLP policy rule must be applied. Maximum of up to 4 users. When not used it implies Any to apply the rule to all users.
    WithoutContentInspection bool
    must be set to false if file_types is not defined.
    WorkloadGroups List<zscaler.PulumiPackage.Zia.Inputs.DLPWebRulesWorkloadGroup>
    The list of preconfigured workload groups to which the policy must be applied
    ZccNotificationsEnabled bool
    Indicates a DLP policy rule without content inspection, when the value is set to true.
    ZscalerIncidentReceiver bool
    Indicates whether a Zscaler Incident Receiver is associated to the DLP policy rule.
    Action string
    The action taken when traffic matches the DLP policy rule criteria. The supported values are:
    Auditor DLPWebRulesAuditorArgs
    The auditor to which the DLP policy rule must be applied.
    CloudApplications []string
    The list of cloud applications to which the DLP policy rule must be applied.
    Departments DLPWebRulesDepartmentsArgs
    The name-ID pairs of the departments that are excluded from the DLP policy rule.
    Description string
    The description of the DLP policy rule.
    DlpDownloadScanEnabled bool
    Indicates a DLP policy rule without content inspection, when the value is set to true.
    DlpEngines DLPWebRulesDlpEnginesArgs
    The list of DLP engines to which the DLP policy rule must be applied.
    ExcludedDepartments DLPWebRulesExcludedDepartmentsArgs
    The name-ID pairs of the groups that are excluded from the DLP policy rule. Maximum of up to 256 departments.
    ExcludedGroups DLPWebRulesExcludedGroupsArgs
    The name-ID pairs of the groups that are excluded from the DLP policy rule. Maximum of up to 256 groups.
    ExcludedUsers DLPWebRulesExcludedUsersArgs
    The name-ID pairs of the users that are excluded from the DLP policy rule. Maximum of up to 256 users.
    ExternalAuditorEmail string
    The email address of an external auditor to whom DLP email notifications are sent.
    FileTypes []string

    The list of file types to which the DLP policy rule must be applied. For the complete list of supported file types refer to the ZIA API documentation

    • Note: BITMAP, JPEG, PNG, and TIFF file types are exclusively supported when optical character recognition ocr_enabled is set to true for DLP rules with content inspection.

    • Note: ALL_OUTBOUND file type is applicable only when the predefined DLP engine called EXTERNAL is used and when the attribute without_content_inspection is set to false.

    • Note: ALL_OUTBOUND file type cannot be used alongside any any other file type.

    Groups DLPWebRulesGroupsArgs
    The Name-ID pairs of groups to which the DLP policy rule must be applied. Maximum of up to 8 groups. When not used it implies Any to apply the rule to all groups.
    IcapServer DLPWebRulesIcapServerArgs
    The DLP server, using ICAP, to which the transaction content is forwarded.
    Labels DLPWebRulesLabelsArgs
    The Name-ID pairs of rule labels associated to the DLP policy rule.
    LocationGroups DLPWebRulesLocationGroupsArgs
    The Name-ID pairs of locations groups to which the DLP policy rule must be applied. Maximum of up to 32 location groups. When not used it implies Any to apply the rule to all location groups.
    Locations DLPWebRulesLocationsArgs
    The Name-ID pairs of locations to which the DLP policy rule must be applied. Maximum of up to 8 locations. When not used it implies Any to apply the rule to all locations.
    MatchOnly bool
    The match only criteria for DLP engines.
    MinSize int
    The minimum file size (in KB) used for evaluation of the DLP policy rule.
    Name string
    The name of the workload group
    NotificationTemplate DLPWebRulesNotificationTemplateArgs
    The template used for DLP notification emails.
    OcrEnabled bool
    Enables or disables image file scanning. When OCR is enabled only the following file_types are supported: WINDOWS_META_FORMAT, BITMAP, JPEG, PNG, TIFF
    Order int
    The rule order of execution for the DLP policy rule with respect to other rules.
    ParentRule int

    The unique identifier of the parent rule under which an exception rule is added.

    Note: Exception rules can be configured only when the inline DLP rule evaluation type is set to evaluate all DLP rules in the DLP Advanced Settings.

    Protocols []string
    The protocol criteria specified for the DLP policy rule.
    Rank int
    Admin rank of the admin who creates this rule
    RuleId int
    Severity string
    Indicates the severity selected for the DLP rule violation: Returned values are: RULE_SEVERITY_HIGH, RULE_SEVERITY_MEDIUM, RULE_SEVERITY_LOW, RULE_SEVERITY_INFO
    State string
    Enables or disables the DLP policy rule.. The supported values are:
    SubRules []string

    The list of exception rules added to a parent rule.

    Note: All attributes within the WebDlpRule model are applicable to the sub-rules. Values for each rule are specified by using the WebDlpRule object Exception rules can be configured only when the inline DLP rule evaluation type is set to evaluate all DLP rules in the DLP Advanced Settings.

    TimeWindows DLPWebRulesTimeWindowsArgs
    The Name-ID pairs of time windows to which the DLP policy rule must be applied. Maximum of up to 2 time intervals. When not used it implies always to apply the rule to all time intervals.
    UrlCategories DLPWebRulesUrlCategoriesArgs
    The list of URL categories to which the DLP policy rule must be applied.
    UserRiskScoreLevels []string
    Indicates the user risk score level selectedd for the DLP rule violation: Returned values are: LOW, MEDIUM, HIGH, CRITICAL
    Users DLPWebRulesUsersArgs
    The Name-ID pairs of users to which the DLP policy rule must be applied. Maximum of up to 4 users. When not used it implies Any to apply the rule to all users.
    WithoutContentInspection bool
    must be set to false if file_types is not defined.
    WorkloadGroups []DLPWebRulesWorkloadGroupArgs
    The list of preconfigured workload groups to which the policy must be applied
    ZccNotificationsEnabled bool
    Indicates a DLP policy rule without content inspection, when the value is set to true.
    ZscalerIncidentReceiver bool
    Indicates whether a Zscaler Incident Receiver is associated to the DLP policy rule.
    action String
    The action taken when traffic matches the DLP policy rule criteria. The supported values are:
    auditor DLPWebRulesAuditor
    The auditor to which the DLP policy rule must be applied.
    cloudApplications List<String>
    The list of cloud applications to which the DLP policy rule must be applied.
    departments DLPWebRulesDepartments
    The name-ID pairs of the departments that are excluded from the DLP policy rule.
    description String
    The description of the DLP policy rule.
    dlpDownloadScanEnabled Boolean
    Indicates a DLP policy rule without content inspection, when the value is set to true.
    dlpEngines DLPWebRulesDlpEngines
    The list of DLP engines to which the DLP policy rule must be applied.
    excludedDepartments DLPWebRulesExcludedDepartments
    The name-ID pairs of the groups that are excluded from the DLP policy rule. Maximum of up to 256 departments.
    excludedGroups DLPWebRulesExcludedGroups
    The name-ID pairs of the groups that are excluded from the DLP policy rule. Maximum of up to 256 groups.
    excludedUsers DLPWebRulesExcludedUsers
    The name-ID pairs of the users that are excluded from the DLP policy rule. Maximum of up to 256 users.
    externalAuditorEmail String
    The email address of an external auditor to whom DLP email notifications are sent.
    fileTypes List<String>

    The list of file types to which the DLP policy rule must be applied. For the complete list of supported file types refer to the ZIA API documentation

    • Note: BITMAP, JPEG, PNG, and TIFF file types are exclusively supported when optical character recognition ocr_enabled is set to true for DLP rules with content inspection.

    • Note: ALL_OUTBOUND file type is applicable only when the predefined DLP engine called EXTERNAL is used and when the attribute without_content_inspection is set to false.

    • Note: ALL_OUTBOUND file type cannot be used alongside any any other file type.

    groups DLPWebRulesGroups
    The Name-ID pairs of groups to which the DLP policy rule must be applied. Maximum of up to 8 groups. When not used it implies Any to apply the rule to all groups.
    icapServer DLPWebRulesIcapServer
    The DLP server, using ICAP, to which the transaction content is forwarded.
    labels DLPWebRulesLabels
    The Name-ID pairs of rule labels associated to the DLP policy rule.
    locationGroups DLPWebRulesLocationGroups
    The Name-ID pairs of locations groups to which the DLP policy rule must be applied. Maximum of up to 32 location groups. When not used it implies Any to apply the rule to all location groups.
    locations DLPWebRulesLocations
    The Name-ID pairs of locations to which the DLP policy rule must be applied. Maximum of up to 8 locations. When not used it implies Any to apply the rule to all locations.
    matchOnly Boolean
    The match only criteria for DLP engines.
    minSize Integer
    The minimum file size (in KB) used for evaluation of the DLP policy rule.
    name String
    The name of the workload group
    notificationTemplate DLPWebRulesNotificationTemplate
    The template used for DLP notification emails.
    ocrEnabled Boolean
    Enables or disables image file scanning. When OCR is enabled only the following file_types are supported: WINDOWS_META_FORMAT, BITMAP, JPEG, PNG, TIFF
    order Integer
    The rule order of execution for the DLP policy rule with respect to other rules.
    parentRule Integer

    The unique identifier of the parent rule under which an exception rule is added.

    Note: Exception rules can be configured only when the inline DLP rule evaluation type is set to evaluate all DLP rules in the DLP Advanced Settings.

    protocols List<String>
    The protocol criteria specified for the DLP policy rule.
    rank Integer
    Admin rank of the admin who creates this rule
    ruleId Integer
    severity String
    Indicates the severity selected for the DLP rule violation: Returned values are: RULE_SEVERITY_HIGH, RULE_SEVERITY_MEDIUM, RULE_SEVERITY_LOW, RULE_SEVERITY_INFO
    state String
    Enables or disables the DLP policy rule.. The supported values are:
    subRules List<String>

    The list of exception rules added to a parent rule.

    Note: All attributes within the WebDlpRule model are applicable to the sub-rules. Values for each rule are specified by using the WebDlpRule object Exception rules can be configured only when the inline DLP rule evaluation type is set to evaluate all DLP rules in the DLP Advanced Settings.

    timeWindows DLPWebRulesTimeWindows
    The Name-ID pairs of time windows to which the DLP policy rule must be applied. Maximum of up to 2 time intervals. When not used it implies always to apply the rule to all time intervals.
    urlCategories DLPWebRulesUrlCategories
    The list of URL categories to which the DLP policy rule must be applied.
    userRiskScoreLevels List<String>
    Indicates the user risk score level selectedd for the DLP rule violation: Returned values are: LOW, MEDIUM, HIGH, CRITICAL
    users DLPWebRulesUsers
    The Name-ID pairs of users to which the DLP policy rule must be applied. Maximum of up to 4 users. When not used it implies Any to apply the rule to all users.
    withoutContentInspection Boolean
    must be set to false if file_types is not defined.
    workloadGroups List<DLPWebRulesWorkloadGroup>
    The list of preconfigured workload groups to which the policy must be applied
    zccNotificationsEnabled Boolean
    Indicates a DLP policy rule without content inspection, when the value is set to true.
    zscalerIncidentReceiver Boolean
    Indicates whether a Zscaler Incident Receiver is associated to the DLP policy rule.
    action string
    The action taken when traffic matches the DLP policy rule criteria. The supported values are:
    auditor DLPWebRulesAuditor
    The auditor to which the DLP policy rule must be applied.
    cloudApplications string[]
    The list of cloud applications to which the DLP policy rule must be applied.
    departments DLPWebRulesDepartments
    The name-ID pairs of the departments that are excluded from the DLP policy rule.
    description string
    The description of the DLP policy rule.
    dlpDownloadScanEnabled boolean
    Indicates a DLP policy rule without content inspection, when the value is set to true.
    dlpEngines DLPWebRulesDlpEngines
    The list of DLP engines to which the DLP policy rule must be applied.
    excludedDepartments DLPWebRulesExcludedDepartments
    The name-ID pairs of the groups that are excluded from the DLP policy rule. Maximum of up to 256 departments.
    excludedGroups DLPWebRulesExcludedGroups
    The name-ID pairs of the groups that are excluded from the DLP policy rule. Maximum of up to 256 groups.
    excludedUsers DLPWebRulesExcludedUsers
    The name-ID pairs of the users that are excluded from the DLP policy rule. Maximum of up to 256 users.
    externalAuditorEmail string
    The email address of an external auditor to whom DLP email notifications are sent.
    fileTypes string[]

    The list of file types to which the DLP policy rule must be applied. For the complete list of supported file types refer to the ZIA API documentation

    • Note: BITMAP, JPEG, PNG, and TIFF file types are exclusively supported when optical character recognition ocr_enabled is set to true for DLP rules with content inspection.

    • Note: ALL_OUTBOUND file type is applicable only when the predefined DLP engine called EXTERNAL is used and when the attribute without_content_inspection is set to false.

    • Note: ALL_OUTBOUND file type cannot be used alongside any any other file type.

    groups DLPWebRulesGroups
    The Name-ID pairs of groups to which the DLP policy rule must be applied. Maximum of up to 8 groups. When not used it implies Any to apply the rule to all groups.
    icapServer DLPWebRulesIcapServer
    The DLP server, using ICAP, to which the transaction content is forwarded.
    labels DLPWebRulesLabels
    The Name-ID pairs of rule labels associated to the DLP policy rule.
    locationGroups DLPWebRulesLocationGroups
    The Name-ID pairs of locations groups to which the DLP policy rule must be applied. Maximum of up to 32 location groups. When not used it implies Any to apply the rule to all location groups.
    locations DLPWebRulesLocations
    The Name-ID pairs of locations to which the DLP policy rule must be applied. Maximum of up to 8 locations. When not used it implies Any to apply the rule to all locations.
    matchOnly boolean
    The match only criteria for DLP engines.
    minSize number
    The minimum file size (in KB) used for evaluation of the DLP policy rule.
    name string
    The name of the workload group
    notificationTemplate DLPWebRulesNotificationTemplate
    The template used for DLP notification emails.
    ocrEnabled boolean
    Enables or disables image file scanning. When OCR is enabled only the following file_types are supported: WINDOWS_META_FORMAT, BITMAP, JPEG, PNG, TIFF
    order number
    The rule order of execution for the DLP policy rule with respect to other rules.
    parentRule number

    The unique identifier of the parent rule under which an exception rule is added.

    Note: Exception rules can be configured only when the inline DLP rule evaluation type is set to evaluate all DLP rules in the DLP Advanced Settings.

    protocols string[]
    The protocol criteria specified for the DLP policy rule.
    rank number
    Admin rank of the admin who creates this rule
    ruleId number
    severity string
    Indicates the severity selected for the DLP rule violation: Returned values are: RULE_SEVERITY_HIGH, RULE_SEVERITY_MEDIUM, RULE_SEVERITY_LOW, RULE_SEVERITY_INFO
    state string
    Enables or disables the DLP policy rule.. The supported values are:
    subRules string[]

    The list of exception rules added to a parent rule.

    Note: All attributes within the WebDlpRule model are applicable to the sub-rules. Values for each rule are specified by using the WebDlpRule object Exception rules can be configured only when the inline DLP rule evaluation type is set to evaluate all DLP rules in the DLP Advanced Settings.

    timeWindows DLPWebRulesTimeWindows
    The Name-ID pairs of time windows to which the DLP policy rule must be applied. Maximum of up to 2 time intervals. When not used it implies always to apply the rule to all time intervals.
    urlCategories DLPWebRulesUrlCategories
    The list of URL categories to which the DLP policy rule must be applied.
    userRiskScoreLevels string[]
    Indicates the user risk score level selectedd for the DLP rule violation: Returned values are: LOW, MEDIUM, HIGH, CRITICAL
    users DLPWebRulesUsers
    The Name-ID pairs of users to which the DLP policy rule must be applied. Maximum of up to 4 users. When not used it implies Any to apply the rule to all users.
    withoutContentInspection boolean
    must be set to false if file_types is not defined.
    workloadGroups DLPWebRulesWorkloadGroup[]
    The list of preconfigured workload groups to which the policy must be applied
    zccNotificationsEnabled boolean
    Indicates a DLP policy rule without content inspection, when the value is set to true.
    zscalerIncidentReceiver boolean
    Indicates whether a Zscaler Incident Receiver is associated to the DLP policy rule.
    action str
    The action taken when traffic matches the DLP policy rule criteria. The supported values are:
    auditor DLPWebRulesAuditorArgs
    The auditor to which the DLP policy rule must be applied.
    cloud_applications Sequence[str]
    The list of cloud applications to which the DLP policy rule must be applied.
    departments DLPWebRulesDepartmentsArgs
    The name-ID pairs of the departments that are excluded from the DLP policy rule.
    description str
    The description of the DLP policy rule.
    dlp_download_scan_enabled bool
    Indicates a DLP policy rule without content inspection, when the value is set to true.
    dlp_engines DLPWebRulesDlpEnginesArgs
    The list of DLP engines to which the DLP policy rule must be applied.
    excluded_departments DLPWebRulesExcludedDepartmentsArgs
    The name-ID pairs of the groups that are excluded from the DLP policy rule. Maximum of up to 256 departments.
    excluded_groups DLPWebRulesExcludedGroupsArgs
    The name-ID pairs of the groups that are excluded from the DLP policy rule. Maximum of up to 256 groups.
    excluded_users DLPWebRulesExcludedUsersArgs
    The name-ID pairs of the users that are excluded from the DLP policy rule. Maximum of up to 256 users.
    external_auditor_email str
    The email address of an external auditor to whom DLP email notifications are sent.
    file_types Sequence[str]

    The list of file types to which the DLP policy rule must be applied. For the complete list of supported file types refer to the ZIA API documentation

    • Note: BITMAP, JPEG, PNG, and TIFF file types are exclusively supported when optical character recognition ocr_enabled is set to true for DLP rules with content inspection.

    • Note: ALL_OUTBOUND file type is applicable only when the predefined DLP engine called EXTERNAL is used and when the attribute without_content_inspection is set to false.

    • Note: ALL_OUTBOUND file type cannot be used alongside any any other file type.

    groups DLPWebRulesGroupsArgs
    The Name-ID pairs of groups to which the DLP policy rule must be applied. Maximum of up to 8 groups. When not used it implies Any to apply the rule to all groups.
    icap_server DLPWebRulesIcapServerArgs
    The DLP server, using ICAP, to which the transaction content is forwarded.
    labels DLPWebRulesLabelsArgs
    The Name-ID pairs of rule labels associated to the DLP policy rule.
    location_groups DLPWebRulesLocationGroupsArgs
    The Name-ID pairs of locations groups to which the DLP policy rule must be applied. Maximum of up to 32 location groups. When not used it implies Any to apply the rule to all location groups.
    locations DLPWebRulesLocationsArgs
    The Name-ID pairs of locations to which the DLP policy rule must be applied. Maximum of up to 8 locations. When not used it implies Any to apply the rule to all locations.
    match_only bool
    The match only criteria for DLP engines.
    min_size int
    The minimum file size (in KB) used for evaluation of the DLP policy rule.
    name str
    The name of the workload group
    notification_template DLPWebRulesNotificationTemplateArgs
    The template used for DLP notification emails.
    ocr_enabled bool
    Enables or disables image file scanning. When OCR is enabled only the following file_types are supported: WINDOWS_META_FORMAT, BITMAP, JPEG, PNG, TIFF
    order int
    The rule order of execution for the DLP policy rule with respect to other rules.
    parent_rule int

    The unique identifier of the parent rule under which an exception rule is added.

    Note: Exception rules can be configured only when the inline DLP rule evaluation type is set to evaluate all DLP rules in the DLP Advanced Settings.

    protocols Sequence[str]
    The protocol criteria specified for the DLP policy rule.
    rank int
    Admin rank of the admin who creates this rule
    rule_id int
    severity str
    Indicates the severity selected for the DLP rule violation: Returned values are: RULE_SEVERITY_HIGH, RULE_SEVERITY_MEDIUM, RULE_SEVERITY_LOW, RULE_SEVERITY_INFO
    state str
    Enables or disables the DLP policy rule.. The supported values are:
    sub_rules Sequence[str]

    The list of exception rules added to a parent rule.

    Note: All attributes within the WebDlpRule model are applicable to the sub-rules. Values for each rule are specified by using the WebDlpRule object Exception rules can be configured only when the inline DLP rule evaluation type is set to evaluate all DLP rules in the DLP Advanced Settings.

    time_windows DLPWebRulesTimeWindowsArgs
    The Name-ID pairs of time windows to which the DLP policy rule must be applied. Maximum of up to 2 time intervals. When not used it implies always to apply the rule to all time intervals.
    url_categories DLPWebRulesUrlCategoriesArgs
    The list of URL categories to which the DLP policy rule must be applied.
    user_risk_score_levels Sequence[str]
    Indicates the user risk score level selectedd for the DLP rule violation: Returned values are: LOW, MEDIUM, HIGH, CRITICAL
    users DLPWebRulesUsersArgs
    The Name-ID pairs of users to which the DLP policy rule must be applied. Maximum of up to 4 users. When not used it implies Any to apply the rule to all users.
    without_content_inspection bool
    must be set to false if file_types is not defined.
    workload_groups Sequence[DLPWebRulesWorkloadGroupArgs]
    The list of preconfigured workload groups to which the policy must be applied
    zcc_notifications_enabled bool
    Indicates a DLP policy rule without content inspection, when the value is set to true.
    zscaler_incident_receiver bool
    Indicates whether a Zscaler Incident Receiver is associated to the DLP policy rule.
    action String
    The action taken when traffic matches the DLP policy rule criteria. The supported values are:
    auditor Property Map
    The auditor to which the DLP policy rule must be applied.
    cloudApplications List<String>
    The list of cloud applications to which the DLP policy rule must be applied.
    departments Property Map
    The name-ID pairs of the departments that are excluded from the DLP policy rule.
    description String
    The description of the DLP policy rule.
    dlpDownloadScanEnabled Boolean
    Indicates a DLP policy rule without content inspection, when the value is set to true.
    dlpEngines Property Map
    The list of DLP engines to which the DLP policy rule must be applied.
    excludedDepartments Property Map
    The name-ID pairs of the groups that are excluded from the DLP policy rule. Maximum of up to 256 departments.
    excludedGroups Property Map
    The name-ID pairs of the groups that are excluded from the DLP policy rule. Maximum of up to 256 groups.
    excludedUsers Property Map
    The name-ID pairs of the users that are excluded from the DLP policy rule. Maximum of up to 256 users.
    externalAuditorEmail String
    The email address of an external auditor to whom DLP email notifications are sent.
    fileTypes List<String>

    The list of file types to which the DLP policy rule must be applied. For the complete list of supported file types refer to the ZIA API documentation

    • Note: BITMAP, JPEG, PNG, and TIFF file types are exclusively supported when optical character recognition ocr_enabled is set to true for DLP rules with content inspection.

    • Note: ALL_OUTBOUND file type is applicable only when the predefined DLP engine called EXTERNAL is used and when the attribute without_content_inspection is set to false.

    • Note: ALL_OUTBOUND file type cannot be used alongside any any other file type.

    groups Property Map
    The Name-ID pairs of groups to which the DLP policy rule must be applied. Maximum of up to 8 groups. When not used it implies Any to apply the rule to all groups.
    icapServer Property Map
    The DLP server, using ICAP, to which the transaction content is forwarded.
    labels Property Map
    The Name-ID pairs of rule labels associated to the DLP policy rule.
    locationGroups Property Map
    The Name-ID pairs of locations groups to which the DLP policy rule must be applied. Maximum of up to 32 location groups. When not used it implies Any to apply the rule to all location groups.
    locations Property Map
    The Name-ID pairs of locations to which the DLP policy rule must be applied. Maximum of up to 8 locations. When not used it implies Any to apply the rule to all locations.
    matchOnly Boolean
    The match only criteria for DLP engines.
    minSize Number
    The minimum file size (in KB) used for evaluation of the DLP policy rule.
    name String
    The name of the workload group
    notificationTemplate Property Map
    The template used for DLP notification emails.
    ocrEnabled Boolean
    Enables or disables image file scanning. When OCR is enabled only the following file_types are supported: WINDOWS_META_FORMAT, BITMAP, JPEG, PNG, TIFF
    order Number
    The rule order of execution for the DLP policy rule with respect to other rules.
    parentRule Number

    The unique identifier of the parent rule under which an exception rule is added.

    Note: Exception rules can be configured only when the inline DLP rule evaluation type is set to evaluate all DLP rules in the DLP Advanced Settings.

    protocols List<String>
    The protocol criteria specified for the DLP policy rule.
    rank Number
    Admin rank of the admin who creates this rule
    ruleId Number
    severity String
    Indicates the severity selected for the DLP rule violation: Returned values are: RULE_SEVERITY_HIGH, RULE_SEVERITY_MEDIUM, RULE_SEVERITY_LOW, RULE_SEVERITY_INFO
    state String
    Enables or disables the DLP policy rule.. The supported values are:
    subRules List<String>

    The list of exception rules added to a parent rule.

    Note: All attributes within the WebDlpRule model are applicable to the sub-rules. Values for each rule are specified by using the WebDlpRule object Exception rules can be configured only when the inline DLP rule evaluation type is set to evaluate all DLP rules in the DLP Advanced Settings.

    timeWindows Property Map
    The Name-ID pairs of time windows to which the DLP policy rule must be applied. Maximum of up to 2 time intervals. When not used it implies always to apply the rule to all time intervals.
    urlCategories Property Map
    The list of URL categories to which the DLP policy rule must be applied.
    userRiskScoreLevels List<String>
    Indicates the user risk score level selectedd for the DLP rule violation: Returned values are: LOW, MEDIUM, HIGH, CRITICAL
    users Property Map
    The Name-ID pairs of users to which the DLP policy rule must be applied. Maximum of up to 4 users. When not used it implies Any to apply the rule to all users.
    withoutContentInspection Boolean
    must be set to false if file_types is not defined.
    workloadGroups List<Property Map>
    The list of preconfigured workload groups to which the policy must be applied
    zccNotificationsEnabled Boolean
    Indicates a DLP policy rule without content inspection, when the value is set to true.
    zscalerIncidentReceiver Boolean
    Indicates whether a Zscaler Incident Receiver is associated to the DLP policy rule.

    Supporting Types

    DLPWebRulesAuditor, DLPWebRulesAuditorArgs

    Id int
    A unique identifier assigned to the workload group
    Id int
    A unique identifier assigned to the workload group
    id Integer
    A unique identifier assigned to the workload group
    id number
    A unique identifier assigned to the workload group
    id int
    A unique identifier assigned to the workload group
    id Number
    A unique identifier assigned to the workload group

    DLPWebRulesDepartments, DLPWebRulesDepartmentsArgs

    Ids List<int>
    A unique identifier assigned to the workload group
    Ids []int
    A unique identifier assigned to the workload group
    ids List<Integer>
    A unique identifier assigned to the workload group
    ids number[]
    A unique identifier assigned to the workload group
    ids Sequence[int]
    A unique identifier assigned to the workload group
    ids List<Number>
    A unique identifier assigned to the workload group

    DLPWebRulesDlpEngines, DLPWebRulesDlpEnginesArgs

    Ids List<int>
    A unique identifier assigned to the workload group
    Ids []int
    A unique identifier assigned to the workload group
    ids List<Integer>
    A unique identifier assigned to the workload group
    ids number[]
    A unique identifier assigned to the workload group
    ids Sequence[int]
    A unique identifier assigned to the workload group
    ids List<Number>
    A unique identifier assigned to the workload group

    DLPWebRulesExcludedDepartments, DLPWebRulesExcludedDepartmentsArgs

    Ids List<int>
    A unique identifier assigned to the workload group
    Ids []int
    A unique identifier assigned to the workload group
    ids List<Integer>
    A unique identifier assigned to the workload group
    ids number[]
    A unique identifier assigned to the workload group
    ids Sequence[int]
    A unique identifier assigned to the workload group
    ids List<Number>
    A unique identifier assigned to the workload group

    DLPWebRulesExcludedGroups, DLPWebRulesExcludedGroupsArgs

    Ids List<int>
    A unique identifier assigned to the workload group
    Ids []int
    A unique identifier assigned to the workload group
    ids List<Integer>
    A unique identifier assigned to the workload group
    ids number[]
    A unique identifier assigned to the workload group
    ids Sequence[int]
    A unique identifier assigned to the workload group
    ids List<Number>
    A unique identifier assigned to the workload group

    DLPWebRulesExcludedUsers, DLPWebRulesExcludedUsersArgs

    Ids List<int>
    A unique identifier assigned to the workload group
    Ids []int
    A unique identifier assigned to the workload group
    ids List<Integer>
    A unique identifier assigned to the workload group
    ids number[]
    A unique identifier assigned to the workload group
    ids Sequence[int]
    A unique identifier assigned to the workload group
    ids List<Number>
    A unique identifier assigned to the workload group

    DLPWebRulesGroups, DLPWebRulesGroupsArgs

    Ids List<int>
    A unique identifier assigned to the workload group
    Ids []int
    A unique identifier assigned to the workload group
    ids List<Integer>
    A unique identifier assigned to the workload group
    ids number[]
    A unique identifier assigned to the workload group
    ids Sequence[int]
    A unique identifier assigned to the workload group
    ids List<Number>
    A unique identifier assigned to the workload group

    DLPWebRulesIcapServer, DLPWebRulesIcapServerArgs

    Id int
    A unique identifier assigned to the workload group
    Id int
    A unique identifier assigned to the workload group
    id Integer
    A unique identifier assigned to the workload group
    id number
    A unique identifier assigned to the workload group
    id int
    A unique identifier assigned to the workload group
    id Number
    A unique identifier assigned to the workload group

    DLPWebRulesLabels, DLPWebRulesLabelsArgs

    Id int
    A unique identifier assigned to the workload group
    Id int
    A unique identifier assigned to the workload group
    id Integer
    A unique identifier assigned to the workload group
    id number
    A unique identifier assigned to the workload group
    id int
    A unique identifier assigned to the workload group
    id Number
    A unique identifier assigned to the workload group

    DLPWebRulesLocationGroups, DLPWebRulesLocationGroupsArgs

    Ids List<int>
    A unique identifier assigned to the workload group
    Ids []int
    A unique identifier assigned to the workload group
    ids List<Integer>
    A unique identifier assigned to the workload group
    ids number[]
    A unique identifier assigned to the workload group
    ids Sequence[int]
    A unique identifier assigned to the workload group
    ids List<Number>
    A unique identifier assigned to the workload group

    DLPWebRulesLocations, DLPWebRulesLocationsArgs

    Ids List<int>
    A unique identifier assigned to the workload group
    Ids []int
    A unique identifier assigned to the workload group
    ids List<Integer>
    A unique identifier assigned to the workload group
    ids number[]
    A unique identifier assigned to the workload group
    ids Sequence[int]
    A unique identifier assigned to the workload group
    ids List<Number>
    A unique identifier assigned to the workload group

    DLPWebRulesNotificationTemplate, DLPWebRulesNotificationTemplateArgs

    Id int
    A unique identifier assigned to the workload group
    Id int
    A unique identifier assigned to the workload group
    id Integer
    A unique identifier assigned to the workload group
    id number
    A unique identifier assigned to the workload group
    id int
    A unique identifier assigned to the workload group
    id Number
    A unique identifier assigned to the workload group

    DLPWebRulesTimeWindows, DLPWebRulesTimeWindowsArgs

    Ids List<int>
    A unique identifier assigned to the workload group
    Ids []int
    A unique identifier assigned to the workload group
    ids List<Integer>
    A unique identifier assigned to the workload group
    ids number[]
    A unique identifier assigned to the workload group
    ids Sequence[int]
    A unique identifier assigned to the workload group
    ids List<Number>
    A unique identifier assigned to the workload group

    DLPWebRulesUrlCategories, DLPWebRulesUrlCategoriesArgs

    Ids List<int>
    A unique identifier assigned to the workload group
    Ids []int
    A unique identifier assigned to the workload group
    ids List<Integer>
    A unique identifier assigned to the workload group
    ids number[]
    A unique identifier assigned to the workload group
    ids Sequence[int]
    A unique identifier assigned to the workload group
    ids List<Number>
    A unique identifier assigned to the workload group

    DLPWebRulesUsers, DLPWebRulesUsersArgs

    Ids List<int>
    A unique identifier assigned to the workload group
    Ids []int
    A unique identifier assigned to the workload group
    ids List<Integer>
    A unique identifier assigned to the workload group
    ids number[]
    A unique identifier assigned to the workload group
    ids Sequence[int]
    A unique identifier assigned to the workload group
    ids List<Number>
    A unique identifier assigned to the workload group

    DLPWebRulesWorkloadGroup, DLPWebRulesWorkloadGroupArgs

    Id int
    A unique identifier assigned to the workload group
    Name string
    The name of the workload group
    Id int
    A unique identifier assigned to the workload group
    Name string
    The name of the workload group
    id Integer
    A unique identifier assigned to the workload group
    name String
    The name of the workload group
    id number
    A unique identifier assigned to the workload group
    name string
    The name of the workload group
    id int
    A unique identifier assigned to the workload group
    name str
    The name of the workload group
    id Number
    A unique identifier assigned to the workload group
    name String
    The name of the workload group

    Import

    Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language.

    Visit

    zia_dlp_web_rules can be imported by using <RULE ID> or <RULE NAME> as the import ID.

    For example:

    $ pulumi import zia:index/dLPWebRules:DLPWebRules example <rule_id>
    

    or

    $ pulumi import zia:index/dLPWebRules:DLPWebRules example <rule_name>
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    zia zscaler/pulumi-zia
    License
    MIT
    Notes
    This Pulumi package is based on the zia Terraform Provider.
    zia logo
    Zscaler Internet Access v0.0.6 published on Wednesday, Apr 10, 2024 by Zscaler