Docs Home
Zscaler Internet Access v1.0.1 published on Friday, Jun 6, 2025 by Zscaler
zia.getCloudAppControlRule
Explore with Pulumi AI
Use the zia_cloud_app_control_rule data source to get information about a ZIA Cloud Application Control Policy in the Zscaler Internet Access cloud or via the API.
Example Usage
# Retrieve a Cloud App Control Policy by name
data "zia_cloud_app_control_rule" "this"{
name = "Example"
type = "STREAMING_MEDIA"
}
Cloud Application Control - Rule Types vs Actions Matrix
Note: Refer to this matrix when configuring types vs actions for each specific rules
| Types | Actions |
|---|---|
| ————————————– | ————————————————- |
AI_ML | ALLOW_AI_ML_WEB_USE |
AI_ML | CAUTION_AI_ML_WEB_USE |
AI_ML | DENY_AI_ML_WEB_USE |
AI_ML | ISOLATE_AI_ML_WEB_USE |
| ————————————– | ————————————————- |
BUSINESS_PRODUCTIVITY | ALLOW_BUSINESS_PRODUCTIVITY_APPS |
BUSINESS_PRODUCTIVITY | BLOCK_BUSINESS_PRODUCTIVITY_APPS |
BUSINESS_PRODUCTIVITY | CAUTION_BUSINESS_PRODUCTIVITY_APPS |
BUSINESS_PRODUCTIVITY | ISOLATE_BUSINESS_PRODUCTIVITY_APPS |
| ————————————– | ————————————————- |
CONSUMER | ALLOW_CONSUMER_APPS |
CONSUMER | BLOCK_CONSUMER_APPS |
CONSUMER | CAUTION_CONSUMER_APPS |
CONSUMER | ISOLATE_CONSUMER_APPS |
| ————————————– | ————————————————- |
DNS_OVER_HTTPS | ALLOW_DNS_OVER_HTTPS_USE |
DNS_OVER_HTTPS | DENY_DNS_OVER_HTTPS_USE |
| ————————————– | ————————————————- |
ENTERPRISE_COLLABORATION | ALLOW_ENTERPRISE_COLLABORATION_APPS |
ENTERPRISE_COLLABORATION | BLOCK_ENTERPRISE_COLLABORATION_APPS |
ENTERPRISE_COLLABORATION | CAUTION_ENTERPRISE_COLLABORATION_APPS |
ENTERPRISE_COLLABORATION | ISOLATE_ENTERPRISE_COLLABORATION_APPS |
| ————————————– | ————————————————- |
FILE_SHARE | ALLOW_FILE_SHARE_VIEW |
FILE_SHARE | ALLOW_FILE_SHARE_UPLOAD |
FILE_SHARE | CAUTION_FILE_SHARE_VIEW |
FILE_SHARE | DENY_FILE_SHARE_VIEW |
FILE_SHARE | DENY_FILE_SHARE_UPLOAD |
FILE_SHARE | ISOLATE_FILE_SHARE_VIEW |
| ————————————– | ————————————————- |
FINANCE | ALLOW_FINANCE_USE |
FINANCE | CAUTION_FINANCE_USE |
FINANCE | DENY_FINANCE_USE |
FINANCE | ISOLATE_FINANCE_USE |
| ————————————– | ————————————————- |
HEALTH_CARE | ALLOW_HEALTH_CARE_USE |
HEALTH_CARE | CAUTION_HEALTH_CARE_USE |
HEALTH_CARE | DENY_HEALTH_CARE_USE |
HEALTH_CARE | ISOLATE_HEALTH_CARE_USE |
| ————————————– | ————————————————- |
HOSTING_PROVIDER | ALLOW_HOSTING_PROVIDER_USE |
HOSTING_PROVIDER | CAUTION_HOSTING_PROVIDER_USE |
HOSTING_PROVIDER | DENY_HOSTING_PROVIDER_USE |
HOSTING_PROVIDER | ISOLATE_HOSTING_PROVIDER_USE |
| ————————————– | ————————————————- |
HUMAN_RESOURCES | ALLOW_HUMAN_RESOURCES_USE |
HUMAN_RESOURCES | CAUTION_HUMAN_RESOURCES_USE |
HUMAN_RESOURCES | DENY_HUMAN_RESOURCES_USE |
HUMAN_RESOURCES | ISOLATE_HUMAN_RESOURCES_USE |
| ————————————– | ————————————————- |
INSTANT_MESSAGING | ALLOW_CHAT |
INSTANT_MESSAGING | ALLOW_FILE_TRANSFER_IN_CHAT |
INSTANT_MESSAGING | BLOCK_CHAT |
INSTANT_MESSAGING | BLOCK_FILE_TRANSFER_IN_CHAT |
INSTANT_MESSAGING | CAUTION_CHAT |
INSTANT_MESSAGING | ISOLATE_CHAT |
| ————————————– | ————————————————- |
IT_SERVICES | ALLOW_IT_SERVICES_USE |
IT_SERVICES | CAUTION_LEGAL_USE |
IT_SERVICES | DENY_IT_SERVICES_USE |
IT_SERVICES | ISOLATE_IT_SERVICES_USE |
| ————————————– | ————————————————- |
LEGAL | ALLOW_LEGAL_USE |
LEGAL | DENY_DNS_OVER_HTTPS_USE |
LEGAL | DENY_LEGAL_USE |
LEGAL | ISOLATE_LEGAL_USE |
| ————————————– | ————————————————- |
SALES_AND_MARKETING | ALLOW_SALES_MARKETING_APPS |
SALES_AND_MARKETING | BLOCK_SALES_MARKETING_APPS |
SALES_AND_MARKETING | CAUTION_SALES_MARKETING_APPS |
SALES_AND_MARKETING | ISOLATE_SALES_MARKETING_APPS |
| ————————————– | ————————————————- |
STREAMING_MEDIA | ALLOW_STREAMING_VIEW_LISTEN |
STREAMING_MEDIA | ALLOW_STREAMING_UPLOAD |
STREAMING_MEDIA | BLOCK_STREAMING_UPLOAD |
STREAMING_MEDIA | CAUTION_STREAMING_VIEW_LISTEN |
STREAMING_MEDIA | ISOLATE_STREAMING_VIEW_LISTEN |
| ————————————– | ————————————————- |
SOCIAL_NETWORKING | ALLOW_SOCIAL_NETWORKING_VIEW |
SOCIAL_NETWORKING | ALLOW_SOCIAL_NETWORKING_POST |
SOCIAL_NETWORKING | BLOCK_SOCIAL_NETWORKING_VIEW |
SOCIAL_NETWORKING | BLOCK_SOCIAL_NETWORKING_POST |
SOCIAL_NETWORKING | CAUTION_SOCIAL_NETWORKING_VIEW |
| ————————————– | ————————————————- |
SYSTEM_AND_DEVELOPMENT | ALLOW_SYSTEM_DEVELOPMENT_APPS |
SYSTEM_AND_DEVELOPMENT | ALLOW_SYSTEM_DEVELOPMENT_UPLOAD |
SYSTEM_AND_DEVELOPMENT | BLOCK_SYSTEM_DEVELOPMENT_APPS |
SYSTEM_AND_DEVELOPMENT | BLOCK_SYSTEM_DEVELOPMENT_UPLOAD |
SYSTEM_AND_DEVELOPMENT | CAUTION_SYSTEM_DEVELOPMENT_APPS |
SYSTEM_AND_DEVELOPMENT | ISOLATE_SALES_MARKETING_APPS |
| ————————————– | ————————————————- |
WEBMAIL | ALLOW_WEBMAIL_VIEW |
WEBMAIL | ALLOW_WEBMAIL_ATTACHMENT_SEND |
WEBMAIL | ALLOW_WEBMAIL_SEND |
WEBMAIL | CAUTION_WEBMAIL_VIEW |
WEBMAIL | BLOCK_WEBMAIL_VIEW |
WEBMAIL | BLOCK_WEBMAIL_ATTACHMENT_SEND |
WEBMAIL | BLOCK_WEBMAIL_SEND |
WEBMAIL | ISOLATE_WEBMAIL_VIEW |
| ————————————– | ————————————————- |
Cloud Application Control - Rule Types vs Tenant Profile Support
Note: Refer to this matrix when configuring a Cloud App Control rule with Tenant Profile
| Type | Applications | tenancy_profile_ids |
|---|---|---|
| ———————————- | ——————————- | ——————— |
BUSINESS_PRODUCTIVITY | "GOOGLEANALYTICS" | ✅ |
| ———————————- | ——————————- | ——————— |
ENTERPRISE_COLLABORATION | "GOOGLECALENDAR" | ✅ |
ENTERPRISE_COLLABORATION | "GOOGLEKEEP" | ✅ |
ENTERPRISE_COLLABORATION | "GOOGLEMEET" | ✅ |
ENTERPRISE_COLLABORATION | "GOOGLESITES" | ✅ |
ENTERPRISE_COLLABORATION | "WEBEX" | ✅ |
ENTERPRISE_COLLABORATION | "SLACK" | ✅ |
ENTERPRISE_COLLABORATION | "WEBEX_TEAMS" | ✅ |
ENTERPRISE_COLLABORATION | "ZOOM" | ✅ |
| ———————————- | ——————————- | ——————— |
FILE_SHARE | "DROPBOX" | ✅ |
FILE_SHARE | "GDRIVE" | ✅ |
FILE_SHARE | "GPHOTOS" | ✅ |
| ———————————- | ——————————- | ——————— |
HOSTING_PROVIDER | "GCLOUDCOMPUTE" | ✅ |
HOSTING_PROVIDER | "AWS" | ✅ |
HOSTING_PROVIDER | "IBMSMARTCLOUD" | ✅ |
HOSTING_PROVIDER | "GAPPENGINE" | ✅ |
HOSTING_PROVIDER | "GOOGLE_CLOUD_PLATFORM" | ✅ |
| ———————————- | ——————————- | ——————— |
IT_SERVICES | "MSLOGINSERVICES" | ✅ |
IT_SERVICES | "GOOGLOGINSERVICE" | ✅ |
IT_SERVICES | "WEBEX_LOGIN_SERVICES" | ✅ |
IT_SERVICES | "ZOHO_LOGIN_SERVICES" | ✅ |
| ———————————- | ——————————- | ——————— |
SOCIAL_NETWORKING | "GOOGLE_GROUPS" | ✅ |
SOCIAL_NETWORKING | "GOOGLE_PLUS" | ✅ |
| ———————————- | ——————————- | ——————— |
STREAMING_MEDIA | "YOUTUBE" | ✅ |
STREAMING_MEDIA | "GOOGLE_STREAMING" | ✅ |
| ———————————- | ——————————- | ——————— |
SYSTEM_AND_DEVELOPMENT | "GOOGLE_DEVELOPERS" | ✅ |
SYSTEM_AND_DEVELOPMENT | "GOOGLEAPPMAKER" | ✅ |
| ———————————- | ——————————- | ——————— |
WEBMAIL | "GOOGLE_WEBMAIL" | ✅ |
| ———————————- | ——————————- | ——————— |
Using getCloudAppControlRule
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getCloudAppControlRule(args: GetCloudAppControlRuleArgs, opts?: InvokeOptions): Promise<GetCloudAppControlRuleResult>
function getCloudAppControlRuleOutput(args: GetCloudAppControlRuleOutputArgs, opts?: InvokeOptions): Output<GetCloudAppControlRuleResult>def get_cloud_app_control_rule(id: Optional[int] = None,
name: Optional[str] = None,
type: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetCloudAppControlRuleResult
def get_cloud_app_control_rule_output(id: Optional[pulumi.Input[int]] = None,
name: Optional[pulumi.Input[str]] = None,
type: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetCloudAppControlRuleResult]func LookupCloudAppControlRule(ctx *Context, args *LookupCloudAppControlRuleArgs, opts ...InvokeOption) (*LookupCloudAppControlRuleResult, error)
func LookupCloudAppControlRuleOutput(ctx *Context, args *LookupCloudAppControlRuleOutputArgs, opts ...InvokeOption) LookupCloudAppControlRuleResultOutput> Note: This function is named LookupCloudAppControlRule in the Go SDK.
public static class GetCloudAppControlRule
{
public static Task<GetCloudAppControlRuleResult> InvokeAsync(GetCloudAppControlRuleArgs args, InvokeOptions? opts = null)
public static Output<GetCloudAppControlRuleResult> Invoke(GetCloudAppControlRuleInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetCloudAppControlRuleResult> getCloudAppControlRule(GetCloudAppControlRuleArgs args, InvokeOptions options)
public static Output<GetCloudAppControlRuleResult> getCloudAppControlRule(GetCloudAppControlRuleArgs args, InvokeOptions options)
fn::invoke:
function: zia:index/getCloudAppControlRule:getCloudAppControlRule
arguments:
# arguments dictionaryThe following arguments are supported:
getCloudAppControlRule Result
The following output properties are available:
- Access
Control string - Actions List<string>
- Applications List<string>
- Browser
Eun intTemplate Id - Cascading
Enabled bool - Cbi
Profiles List<zscaler.Pulumi Package. Zia. Outputs. Get Cloud App Control Rule Cbi Profile> - Departments
List<zscaler.
Pulumi Package. Zia. Outputs. Get Cloud App Control Rule Department> - Description string
- Device
Groups List<zscaler.Pulumi Package. Zia. Outputs. Get Cloud App Control Rule Device Group> - Device
Trust List<string>Levels - Devices
List<zscaler.
Pulumi Package. Zia. Outputs. Get Cloud App Control Rule Device> - Enforce
Time boolValidity - Eun
Enabled bool - Eun
Template intId - Groups
List<zscaler.
Pulumi Package. Zia. Outputs. Get Cloud App Control Rule Group> - Labels
List<zscaler.
Pulumi Package. Zia. Outputs. Get Cloud App Control Rule Label> - Last
Modified intTime - Location
Groups List<zscaler.Pulumi Package. Zia. Outputs. Get Cloud App Control Rule Location Group> - Locations
List<zscaler.
Pulumi Package. Zia. Outputs. Get Cloud App Control Rule Location> - Number
Of intApplications - Order int
- Predefined bool
- Rank int
- Size
Quota int - State string
- Time
Quota int - User
Agent List<string>Types - Users
List<zscaler.
Pulumi Package. Zia. Outputs. Get Cloud App Control Rule User> - Validity
End intTime - Validity
Start intTime - Validity
Time stringZone Id - Id int
- Name string
- Type string
- Access
Control string - Actions []string
- Applications []string
- Browser
Eun intTemplate Id - Cascading
Enabled bool - Cbi
Profiles []GetCloud App Control Rule Cbi Profile - Departments
[]Get
Cloud App Control Rule Department - Description string
- Device
Groups []GetCloud App Control Rule Device Group - Device
Trust []stringLevels - Devices
[]Get
Cloud App Control Rule Device - Enforce
Time boolValidity - Eun
Enabled bool - Eun
Template intId - Groups
[]Get
Cloud App Control Rule Group - Labels
[]Get
Cloud App Control Rule Label - Last
Modified intTime - Location
Groups []GetCloud App Control Rule Location Group - Locations
[]Get
Cloud App Control Rule Location - Number
Of intApplications - Order int
- Predefined bool
- Rank int
- Size
Quota int - State string
- Time
Quota int - User
Agent []stringTypes - Users
[]Get
Cloud App Control Rule User - Validity
End intTime - Validity
Start intTime - Validity
Time stringZone Id - Id int
- Name string
- Type string
- access
Control String - actions List<String>
- applications List<String>
- browser
Eun IntegerTemplate Id - cascading
Enabled Boolean - cbi
Profiles List<GetCloud App Control Rule Cbi Profile> - departments
List<Get
Cloud App Control Rule Department> - description String
- device
Groups List<GetCloud App Control Rule Device Group> - device
Trust List<String>Levels - devices
List<Get
Cloud App Control Rule Device> - enforce
Time BooleanValidity - eun
Enabled Boolean - eun
Template IntegerId - groups
List<Get
Cloud App Control Rule Group> - labels
List<Get
Cloud App Control Rule Label> - last
Modified IntegerTime - location
Groups List<GetCloud App Control Rule Location Group> - locations
List<Get
Cloud App Control Rule Location> - number
Of IntegerApplications - order Integer
- predefined Boolean
- rank Integer
- size
Quota Integer - state String
- time
Quota Integer - user
Agent List<String>Types - users
List<Get
Cloud App Control Rule User> - validity
End IntegerTime - validity
Start IntegerTime - validity
Time StringZone Id - id Integer
- name String
- type String
- access
Control string - actions string[]
- applications string[]
- browser
Eun numberTemplate Id - cascading
Enabled boolean - cbi
Profiles GetCloud App Control Rule Cbi Profile[] - departments
Get
Cloud App Control Rule Department[] - description string
- device
Groups GetCloud App Control Rule Device Group[] - device
Trust string[]Levels - devices
Get
Cloud App Control Rule Device[] - enforce
Time booleanValidity - eun
Enabled boolean - eun
Template numberId - groups
Get
Cloud App Control Rule Group[] - labels
Get
Cloud App Control Rule Label[] - last
Modified numberTime - location
Groups GetCloud App Control Rule Location Group[] - locations
Get
Cloud App Control Rule Location[] - number
Of numberApplications - order number
- predefined boolean
- rank number
- size
Quota number - state string
- time
Quota number - user
Agent string[]Types - users
Get
Cloud App Control Rule User[] - validity
End numberTime - validity
Start numberTime - validity
Time stringZone Id - id number
- name string
- type string
- access_
control str - actions Sequence[str]
- applications Sequence[str]
- browser_
eun_ inttemplate_ id - cascading_
enabled bool - cbi_
profiles Sequence[GetCloud App Control Rule Cbi Profile] - departments
Sequence[Get
Cloud App Control Rule Department] - description str
- device_
groups Sequence[GetCloud App Control Rule Device Group] - device_
trust_ Sequence[str]levels - devices
Sequence[Get
Cloud App Control Rule Device] - enforce_
time_ boolvalidity - eun_
enabled bool - eun_
template_ intid - groups
Sequence[Get
Cloud App Control Rule Group] - labels
Sequence[Get
Cloud App Control Rule Label] - last_
modified_ inttime - location_
groups Sequence[GetCloud App Control Rule Location Group] - locations
Sequence[Get
Cloud App Control Rule Location] - number_
of_ intapplications - order int
- predefined bool
- rank int
- size_
quota int - state str
- time_
quota int - user_
agent_ Sequence[str]types - users
Sequence[Get
Cloud App Control Rule User] - validity_
end_ inttime - validity_
start_ inttime - validity_
time_ strzone_ id - id int
- name str
- type str
- access
Control String - actions List<String>
- applications List<String>
- browser
Eun NumberTemplate Id - cascading
Enabled Boolean - cbi
Profiles List<Property Map> - departments List<Property Map>
- description String
- device
Groups List<Property Map> - device
Trust List<String>Levels - devices List<Property Map>
- enforce
Time BooleanValidity - eun
Enabled Boolean - eun
Template NumberId - groups List<Property Map>
- labels List<Property Map>
- last
Modified NumberTime - location
Groups List<Property Map> - locations List<Property Map>
- number
Of NumberApplications - order Number
- predefined Boolean
- rank Number
- size
Quota Number - state String
- time
Quota Number - user
Agent List<String>Types - users List<Property Map>
- validity
End NumberTime - validity
Start NumberTime - validity
Time StringZone Id - id Number
- name String
- type String
Supporting Types
GetCloudAppControlRuleCbiProfile
- Default
Profile bool - The browser isolation profile URL
- Id string
- The universally unique identifier (UUID) for the browser isolation profile
- Name string
- Name of the browser isolation profile
- Sandbox
Mode bool - The browser isolation profile URL
- Url string
- The browser isolation profile URL
- Default
Profile bool - The browser isolation profile URL
- Id string
- The universally unique identifier (UUID) for the browser isolation profile
- Name string
- Name of the browser isolation profile
- Sandbox
Mode bool - The browser isolation profile URL
- Url string
- The browser isolation profile URL
- default
Profile Boolean - The browser isolation profile URL
- id String
- The universally unique identifier (UUID) for the browser isolation profile
- name String
- Name of the browser isolation profile
- sandbox
Mode Boolean - The browser isolation profile URL
- url String
- The browser isolation profile URL
- default
Profile boolean - The browser isolation profile URL
- id string
- The universally unique identifier (UUID) for the browser isolation profile
- name string
- Name of the browser isolation profile
- sandbox
Mode boolean - The browser isolation profile URL
- url string
- The browser isolation profile URL
- default_
profile bool - The browser isolation profile URL
- id str
- The universally unique identifier (UUID) for the browser isolation profile
- name str
- Name of the browser isolation profile
- sandbox_
mode bool - The browser isolation profile URL
- url str
- The browser isolation profile URL
- default
Profile Boolean - The browser isolation profile URL
- id String
- The universally unique identifier (UUID) for the browser isolation profile
- name String
- Name of the browser isolation profile
- sandbox
Mode Boolean - The browser isolation profile URL
- url String
- The browser isolation profile URL
GetCloudAppControlRuleDepartment
- Extensions Dictionary<string, string>
- Id int
- Name string
- Extensions map[string]string
- Id int
- Name string
- extensions Map<String,String>
- id Integer
- name String
- extensions {[key: string]: string}
- id number
- name string
- extensions Mapping[str, str]
- id int
- name str
- extensions Map<String>
- id Number
- name String
GetCloudAppControlRuleDevice
- Extensions Dictionary<string, string>
- Id int
- Name string
- Extensions map[string]string
- Id int
- Name string
- extensions Map<String,String>
- id Integer
- name String
- extensions {[key: string]: string}
- id number
- name string
- extensions Mapping[str, str]
- id int
- name str
- extensions Map<String>
- id Number
- name String
GetCloudAppControlRuleDeviceGroup
- Extensions Dictionary<string, string>
- Id int
- Name string
- Extensions map[string]string
- Id int
- Name string
- extensions Map<String,String>
- id Integer
- name String
- extensions {[key: string]: string}
- id number
- name string
- extensions Mapping[str, str]
- id int
- name str
- extensions Map<String>
- id Number
- name String
GetCloudAppControlRuleGroup
- Extensions Dictionary<string, string>
- Id int
- Name string
- Extensions map[string]string
- Id int
- Name string
- extensions Map<String,String>
- id Integer
- name String
- extensions {[key: string]: string}
- id number
- name string
- extensions Mapping[str, str]
- id int
- name str
- extensions Map<String>
- id Number
- name String
GetCloudAppControlRuleLabel
- Extensions Dictionary<string, string>
- Id int
- Name string
- Extensions map[string]string
- Id int
- Name string
- extensions Map<String,String>
- id Integer
- name String
- extensions {[key: string]: string}
- id number
- name string
- extensions Mapping[str, str]
- id int
- name str
- extensions Map<String>
- id Number
- name String
GetCloudAppControlRuleLocation
- Extensions Dictionary<string, string>
- Id int
- Name string
- Extensions map[string]string
- Id int
- Name string
- extensions Map<String,String>
- id Integer
- name String
- extensions {[key: string]: string}
- id number
- name string
- extensions Mapping[str, str]
- id int
- name str
- extensions Map<String>
- id Number
- name String
GetCloudAppControlRuleLocationGroup
- Extensions Dictionary<string, string>
- Id int
- Name string
- Extensions map[string]string
- Id int
- Name string
- extensions Map<String,String>
- id Integer
- name String
- extensions {[key: string]: string}
- id number
- name string
- extensions Mapping[str, str]
- id int
- name str
- extensions Map<String>
- id Number
- name String
GetCloudAppControlRuleUser
- Extensions Dictionary<string, string>
- Id int
- Name string
- Extensions map[string]string
- Id int
- Name string
- extensions Map<String,String>
- id Integer
- name String
- extensions {[key: string]: string}
- id number
- name string
- extensions Mapping[str, str]
- id int
- name str
- extensions Map<String>
- id Number
- name String
Package Details
- Repository
- zia zscaler/pulumi-zia
- License
- MIT
- Notes
- This Pulumi package is based on the
ziaTerraform Provider.