Zscaler Internet Access v1.0.1, Jun 6 25

Zscaler Internet Access v1.0.1 published on Friday, Jun 6, 2025 by Zscaler

zia.SSLInspectionRules

Explore with Pulumi AI

Zscaler Internet Access v1.0.1 published on Friday, Jun 6, 2025 by Zscaler

zscaler/pulumi-zia

Example Usage

Action - DECRYPT


data "zia_group_management" "this" {
    name = "A000"
}

resource "zia_ssl_inspection_rules" "this" {
  name                         = "SSL_Inspection_Rule_Decrypt"
  description                  = "SSL_Inspection_Rule_Decrypt"
  state                        = "ENABLED"
  order                        = 1
  rank                         = 7
  road_warrior_for_kerberos    = true
  cloud_applications           = ["CHATGPT_AI", "ANDI"]
  platforms                    = ["SCAN_IOS", "SCAN_ANDROID", "SCAN_MACOS", "SCAN_WINDOWS", "NO_CLIENT_CONNECTOR", "SCAN_LINUX"]

  action {
    type                         = "DECRYPT"
    # show_eun                   = false
    # show_eunatp                = false
    override_default_certificate = false

    ssl_interception_cert {
      id                  = 1
      name                = "Zscaler Intermediate CA Certificate"
      default_certificate = true
    }

    decrypt_sub_actions {
      server_certificates                   = "ALLOW"
      ocsp_check                            = true
      block_ssl_traffic_with_no_sni_enabled = true
      min_client_tls_version                = "CLIENT_TLS_1_0"
      min_server_tls_version                = "SERVER_TLS_1_0"
      block_undecrypt                       = true
      http2_enabled                         = false
    }
  }
  groups {
        id = [ data.zia_group_management.this.id ]
    }
}

Action - DO_NOT_DECRYPT - Bypass Rule (False)


data "zia_group_management" "this" {
    name = "A000"
}

resource "zia_ssl_inspection_rules" "this" {
  name                         = "SSL_Rule_Do_Not_Decrypt"
  description                  = "SSL_Rule_Do_Not_Decrypt"
  state                        = "ENABLED"
  order                        = 1
  rank                         = 7
  road_warrior_for_kerberos    = true
  cloud_applications           = ["CHATGPT_AI", "ANDI"]
  platforms                    = ["SCAN_IOS", "SCAN_ANDROID", "SCAN_MACOS", "SCAN_WINDOWS", "NO_CLIENT_CONNECTOR", "SCAN_LINUX"]

  action {
    type                                    = "DO_NOT_DECRYPT"
    do_not_decrypt_sub_actions {
      bypass_other_policies                 = false
      server_certificates                   = "ALLOW"
      ocsp_check                            = true
      block_ssl_traffic_with_no_sni_enabled = true
      min_tls_version                       = "SERVER_TLS_1_0"
    }
  }
  groups {
        id = [ data.zia_group_management.this.id ]
    }
}

Action - DO_NOT_DECRYPT - Bypass Rule (True)


data "zia_group_management" "this" {
    name = "A000"
}

resource "zia_ssl_inspection_rules" "this" {
  name                         = "SSL_Rule_Bypass_Rule"
  description                  = "SSL_Rule_Bypass_Rule"
  state                        = "ENABLED"
  order                        = 1
  rank                         = 7
  road_warrior_for_kerberos    = true
  cloud_applications           = ["CHATGPT_AI", "ANDI"]
  platforms                    = ["SCAN_IOS", "SCAN_ANDROID", "SCAN_MACOS", "SCAN_WINDOWS", "NO_CLIENT_CONNECTOR", "SCAN_LINUX"]

  action {
    type                                    = "DO_NOT_DECRYPT"
    do_not_decrypt_sub_actions {
      bypass_other_policies                 = true
      block_ssl_traffic_with_no_sni_enabled = true
    }
  }
  groups {
        id = [ data.zia_group_management.this.id ]
    }
}

Action - BLOCK


data "zia_group_management" "this" {
    name = "A000"
}

resource "zia_ssl_inspection_rules" "this" {
  name                         = "SSL_Rule_BLOCK"
  description                  = "SSL_Rule_BLOCK"
  state                        = "ENABLED"
  order                        = 1
  rank                         = 7
  road_warrior_for_kerberos    = true
  cloud_applications           = ["CHATGPT_AI", "ANDI"]
  platforms                    = ["SCAN_IOS", "SCAN_ANDROID", "SCAN_MACOS", "SCAN_WINDOWS", "NO_CLIENT_CONNECTOR", "SCAN_LINUX"]

  action {
    type                                    = "BLOCK"
    ssl_interception_cert {
      id                                    = 1
    }
  }
  groups {
        id = [ data.zia_group_management.this.id ]
    }
}

Create SSLInspectionRules Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new SSLInspectionRules(name: string, args: SSLInspectionRulesArgs, opts?: CustomResourceOptions);

@overload
def SSLInspectionRules(resource_name: str,
                       args: SSLInspectionRulesArgs,
                       opts: Optional[ResourceOptions] = None)

@overload
def SSLInspectionRules(resource_name: str,
                       opts: Optional[ResourceOptions] = None,
                       order: Optional[int] = None,
                       name: Optional[str] = None,
                       user_agent_types: Optional[Sequence[str]] = None,
                       description: Optional[str] = None,
                       dest_ip_groups: Optional[SSLInspectionRulesDestIpGroupsArgs] = None,
                       device_groups: Optional[SSLInspectionRulesDeviceGroupsArgs] = None,
                       device_trust_levels: Optional[Sequence[str]] = None,
                       devices: Optional[SSLInspectionRulesDevicesArgs] = None,
                       groups: Optional[SSLInspectionRulesGroupsArgs] = None,
                       labels: Optional[SSLInspectionRulesLabelsArgs] = None,
                       location_groups: Optional[SSLInspectionRulesLocationGroupsArgs] = None,
                       locations: Optional[SSLInspectionRulesLocationsArgs] = None,
                       actions: Optional[Sequence[SSLInspectionRulesActionArgs]] = None,
                       departments: Optional[SSLInspectionRulesDepartmentsArgs] = None,
                       proxy_gateways: Optional[SSLInspectionRulesProxyGatewaysArgs] = None,
                       cloud_applications: Optional[Sequence[str]] = None,
                       rank: Optional[int] = None,
                       road_warrior_for_kerberos: Optional[bool] = None,
                       source_ip_groups: Optional[SSLInspectionRulesSourceIpGroupsArgs] = None,
                       state: Optional[str] = None,
                       time_windows: Optional[SSLInspectionRulesTimeWindowsArgs] = None,
                       url_categories: Optional[Sequence[str]] = None,
                       platforms: Optional[Sequence[str]] = None,
                       users: Optional[SSLInspectionRulesUsersArgs] = None,
                       workload_groups: Optional[Sequence[SSLInspectionRulesWorkloadGroupArgs]] = None,
                       zpa_app_segments: Optional[Sequence[SSLInspectionRulesZpaAppSegmentArgs]] = None)

func NewSSLInspectionRules(ctx *Context, name string, args SSLInspectionRulesArgs, opts ...ResourceOption) (*SSLInspectionRules, error)

public SSLInspectionRules(string name, SSLInspectionRulesArgs args, CustomResourceOptions? opts = null)

public SSLInspectionRules(String name, SSLInspectionRulesArgs args)
public SSLInspectionRules(String name, SSLInspectionRulesArgs args, CustomResourceOptions options)

type: zia:SSLInspectionRules
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args SSLInspectionRulesArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args SSLInspectionRulesArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args SSLInspectionRulesArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args SSLInspectionRulesArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args SSLInspectionRulesArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var sslinspectionRulesResource = new Zia.SSLInspectionRules("sslinspectionRulesResource", new()
{
    Order = 0,
    Name = "string",
    UserAgentTypes = new[]
    {
        "string",
    },
    Description = "string",
    DestIpGroups = new Zia.Inputs.SSLInspectionRulesDestIpGroupsArgs
    {
        Ids = new[]
        {
            0,
        },
    },
    DeviceGroups = new Zia.Inputs.SSLInspectionRulesDeviceGroupsArgs
    {
        Ids = new[]
        {
            0,
        },
    },
    DeviceTrustLevels = new[]
    {
        "string",
    },
    Devices = new Zia.Inputs.SSLInspectionRulesDevicesArgs
    {
        Ids = new[]
        {
            0,
        },
    },
    Groups = new Zia.Inputs.SSLInspectionRulesGroupsArgs
    {
        Ids = new[]
        {
            0,
        },
    },
    Labels = new Zia.Inputs.SSLInspectionRulesLabelsArgs
    {
        Id = 0,
    },
    LocationGroups = new Zia.Inputs.SSLInspectionRulesLocationGroupsArgs
    {
        Ids = new[]
        {
            0,
        },
    },
    Locations = new Zia.Inputs.SSLInspectionRulesLocationsArgs
    {
        Ids = new[]
        {
            0,
        },
    },
    Actions = new[]
    {
        new Zia.Inputs.SSLInspectionRulesActionArgs
        {
            DecryptSubActions = new[]
            {
                new Zia.Inputs.SSLInspectionRulesActionDecryptSubActionArgs
                {
                    BlockSslTrafficWithNoSniEnabled = false,
                    BlockUndecrypt = false,
                    Http2Enabled = false,
                    MinClientTlsVersion = "string",
                    MinServerTlsVersion = "string",
                    OcspCheck = false,
                    ServerCertificates = "string",
                },
            },
            DoNotDecryptSubActions = new[]
            {
                new Zia.Inputs.SSLInspectionRulesActionDoNotDecryptSubActionArgs
                {
                    BlockSslTrafficWithNoSniEnabled = false,
                    BypassOtherPolicies = false,
                    MinTlsVersion = "string",
                    OcspCheck = false,
                    ServerCertificates = "string",
                },
            },
            OverrideDefaultCertificate = false,
            ShowEun = false,
            ShowEunatp = false,
            SslInterceptionCerts = new[]
            {
                new Zia.Inputs.SSLInspectionRulesActionSslInterceptionCertArgs
                {
                    Id = 0,
                },
            },
            Type = "string",
        },
    },
    Departments = new Zia.Inputs.SSLInspectionRulesDepartmentsArgs
    {
        Ids = new[]
        {
            0,
        },
    },
    ProxyGateways = new Zia.Inputs.SSLInspectionRulesProxyGatewaysArgs
    {
        Ids = new[]
        {
            0,
        },
    },
    CloudApplications = new[]
    {
        "string",
    },
    Rank = 0,
    RoadWarriorForKerberos = false,
    SourceIpGroups = new Zia.Inputs.SSLInspectionRulesSourceIpGroupsArgs
    {
        Ids = new[]
        {
            0,
        },
    },
    State = "string",
    TimeWindows = new Zia.Inputs.SSLInspectionRulesTimeWindowsArgs
    {
        Ids = new[]
        {
            0,
        },
    },
    UrlCategories = new[]
    {
        "string",
    },
    Platforms = new[]
    {
        "string",
    },
    Users = new Zia.Inputs.SSLInspectionRulesUsersArgs
    {
        Ids = new[]
        {
            0,
        },
    },
    WorkloadGroups = new[]
    {
        new Zia.Inputs.SSLInspectionRulesWorkloadGroupArgs
        {
            Id = 0,
            Name = "string",
        },
    },
    ZpaAppSegments = new[]
    {
        new Zia.Inputs.SSLInspectionRulesZpaAppSegmentArgs
        {
            ExternalId = "string",
            Name = "string",
        },
    },
});

example, err := zia.NewSSLInspectionRules(ctx, "sslinspectionRulesResource", &zia.SSLInspectionRulesArgs{
	Order: pulumi.Int(0),
	Name:  pulumi.String("string"),
	UserAgentTypes: pulumi.StringArray{
		pulumi.String("string"),
	},
	Description: pulumi.String("string"),
	DestIpGroups: &zia.SSLInspectionRulesDestIpGroupsArgs{
		Ids: pulumi.IntArray{
			pulumi.Int(0),
		},
	},
	DeviceGroups: &zia.SSLInspectionRulesDeviceGroupsArgs{
		Ids: pulumi.IntArray{
			pulumi.Int(0),
		},
	},
	DeviceTrustLevels: pulumi.StringArray{
		pulumi.String("string"),
	},
	Devices: &zia.SSLInspectionRulesDevicesArgs{
		Ids: pulumi.IntArray{
			pulumi.Int(0),
		},
	},
	Groups: &zia.SSLInspectionRulesGroupsArgs{
		Ids: pulumi.IntArray{
			pulumi.Int(0),
		},
	},
	Labels: &zia.SSLInspectionRulesLabelsArgs{
		Id: pulumi.Int(0),
	},
	LocationGroups: &zia.SSLInspectionRulesLocationGroupsArgs{
		Ids: pulumi.IntArray{
			pulumi.Int(0),
		},
	},
	Locations: &zia.SSLInspectionRulesLocationsArgs{
		Ids: pulumi.IntArray{
			pulumi.Int(0),
		},
	},
	Actions: zia.SSLInspectionRulesActionArray{
		&zia.SSLInspectionRulesActionArgs{
			DecryptSubActions: zia.SSLInspectionRulesActionDecryptSubActionArray{
				&zia.SSLInspectionRulesActionDecryptSubActionArgs{
					BlockSslTrafficWithNoSniEnabled: pulumi.Bool(false),
					BlockUndecrypt:                  pulumi.Bool(false),
					Http2Enabled:                    pulumi.Bool(false),
					MinClientTlsVersion:             pulumi.String("string"),
					MinServerTlsVersion:             pulumi.String("string"),
					OcspCheck:                       pulumi.Bool(false),
					ServerCertificates:              pulumi.String("string"),
				},
			},
			DoNotDecryptSubActions: zia.SSLInspectionRulesActionDoNotDecryptSubActionArray{
				&zia.SSLInspectionRulesActionDoNotDecryptSubActionArgs{
					BlockSslTrafficWithNoSniEnabled: pulumi.Bool(false),
					BypassOtherPolicies:             pulumi.Bool(false),
					MinTlsVersion:                   pulumi.String("string"),
					OcspCheck:                       pulumi.Bool(false),
					ServerCertificates:              pulumi.String("string"),
				},
			},
			OverrideDefaultCertificate: pulumi.Bool(false),
			ShowEun:                    pulumi.Bool(false),
			ShowEunatp:                 pulumi.Bool(false),
			SslInterceptionCerts: zia.SSLInspectionRulesActionSslInterceptionCertArray{
				&zia.SSLInspectionRulesActionSslInterceptionCertArgs{
					Id: pulumi.Int(0),
				},
			},
			Type: pulumi.String("string"),
		},
	},
	Departments: &zia.SSLInspectionRulesDepartmentsArgs{
		Ids: pulumi.IntArray{
			pulumi.Int(0),
		},
	},
	ProxyGateways: &zia.SSLInspectionRulesProxyGatewaysArgs{
		Ids: pulumi.IntArray{
			pulumi.Int(0),
		},
	},
	CloudApplications: pulumi.StringArray{
		pulumi.String("string"),
	},
	Rank:                   pulumi.Int(0),
	RoadWarriorForKerberos: pulumi.Bool(false),
	SourceIpGroups: &zia.SSLInspectionRulesSourceIpGroupsArgs{
		Ids: pulumi.IntArray{
			pulumi.Int(0),
		},
	},
	State: pulumi.String("string"),
	TimeWindows: &zia.SSLInspectionRulesTimeWindowsArgs{
		Ids: pulumi.IntArray{
			pulumi.Int(0),
		},
	},
	UrlCategories: pulumi.StringArray{
		pulumi.String("string"),
	},
	Platforms: pulumi.StringArray{
		pulumi.String("string"),
	},
	Users: &zia.SSLInspectionRulesUsersArgs{
		Ids: pulumi.IntArray{
			pulumi.Int(0),
		},
	},
	WorkloadGroups: zia.SSLInspectionRulesWorkloadGroupArray{
		&zia.SSLInspectionRulesWorkloadGroupArgs{
			Id:   pulumi.Int(0),
			Name: pulumi.String("string"),
		},
	},
	ZpaAppSegments: zia.SSLInspectionRulesZpaAppSegmentArray{
		&zia.SSLInspectionRulesZpaAppSegmentArgs{
			ExternalId: pulumi.String("string"),
			Name:       pulumi.String("string"),
		},
	},
})

var sslinspectionRulesResource = new SSLInspectionRules("sslinspectionRulesResource", SSLInspectionRulesArgs.builder()
    .order(0)
    .name("string")
    .userAgentTypes("string")
    .description("string")
    .destIpGroups(SSLInspectionRulesDestIpGroupsArgs.builder()
        .ids(0)
        .build())
    .deviceGroups(SSLInspectionRulesDeviceGroupsArgs.builder()
        .ids(0)
        .build())
    .deviceTrustLevels("string")
    .devices(SSLInspectionRulesDevicesArgs.builder()
        .ids(0)
        .build())
    .groups(SSLInspectionRulesGroupsArgs.builder()
        .ids(0)
        .build())
    .labels(SSLInspectionRulesLabelsArgs.builder()
        .id(0)
        .build())
    .locationGroups(SSLInspectionRulesLocationGroupsArgs.builder()
        .ids(0)
        .build())
    .locations(SSLInspectionRulesLocationsArgs.builder()
        .ids(0)
        .build())
    .actions(SSLInspectionRulesActionArgs.builder()
        .decryptSubActions(SSLInspectionRulesActionDecryptSubActionArgs.builder()
            .blockSslTrafficWithNoSniEnabled(false)
            .blockUndecrypt(false)
            .http2Enabled(false)
            .minClientTlsVersion("string")
            .minServerTlsVersion("string")
            .ocspCheck(false)
            .serverCertificates("string")
            .build())
        .doNotDecryptSubActions(SSLInspectionRulesActionDoNotDecryptSubActionArgs.builder()
            .blockSslTrafficWithNoSniEnabled(false)
            .bypassOtherPolicies(false)
            .minTlsVersion("string")
            .ocspCheck(false)
            .serverCertificates("string")
            .build())
        .overrideDefaultCertificate(false)
        .showEun(false)
        .showEunatp(false)
        .sslInterceptionCerts(SSLInspectionRulesActionSslInterceptionCertArgs.builder()
            .id(0)
            .build())
        .type("string")
        .build())
    .departments(SSLInspectionRulesDepartmentsArgs.builder()
        .ids(0)
        .build())
    .proxyGateways(SSLInspectionRulesProxyGatewaysArgs.builder()
        .ids(0)
        .build())
    .cloudApplications("string")
    .rank(0)
    .roadWarriorForKerberos(false)
    .sourceIpGroups(SSLInspectionRulesSourceIpGroupsArgs.builder()
        .ids(0)
        .build())
    .state("string")
    .timeWindows(SSLInspectionRulesTimeWindowsArgs.builder()
        .ids(0)
        .build())
    .urlCategories("string")
    .platforms("string")
    .users(SSLInspectionRulesUsersArgs.builder()
        .ids(0)
        .build())
    .workloadGroups(SSLInspectionRulesWorkloadGroupArgs.builder()
        .id(0)
        .name("string")
        .build())
    .zpaAppSegments(SSLInspectionRulesZpaAppSegmentArgs.builder()
        .externalId("string")
        .name("string")
        .build())
    .build());

sslinspection_rules_resource = zia.SSLInspectionRules("sslinspectionRulesResource",
    order=0,
    name="string",
    user_agent_types=["string"],
    description="string",
    dest_ip_groups={
        "ids": [0],
    },
    device_groups={
        "ids": [0],
    },
    device_trust_levels=["string"],
    devices={
        "ids": [0],
    },
    groups={
        "ids": [0],
    },
    labels={
        "id": 0,
    },
    location_groups={
        "ids": [0],
    },
    locations={
        "ids": [0],
    },
    actions=[{
        "decrypt_sub_actions": [{
            "block_ssl_traffic_with_no_sni_enabled": False,
            "block_undecrypt": False,
            "http2_enabled": False,
            "min_client_tls_version": "string",
            "min_server_tls_version": "string",
            "ocsp_check": False,
            "server_certificates": "string",
        }],
        "do_not_decrypt_sub_actions": [{
            "block_ssl_traffic_with_no_sni_enabled": False,
            "bypass_other_policies": False,
            "min_tls_version": "string",
            "ocsp_check": False,
            "server_certificates": "string",
        }],
        "override_default_certificate": False,
        "show_eun": False,
        "show_eunatp": False,
        "ssl_interception_certs": [{
            "id": 0,
        }],
        "type": "string",
    }],
    departments={
        "ids": [0],
    },
    proxy_gateways={
        "ids": [0],
    },
    cloud_applications=["string"],
    rank=0,
    road_warrior_for_kerberos=False,
    source_ip_groups={
        "ids": [0],
    },
    state="string",
    time_windows={
        "ids": [0],
    },
    url_categories=["string"],
    platforms=["string"],
    users={
        "ids": [0],
    },
    workload_groups=[{
        "id": 0,
        "name": "string",
    }],
    zpa_app_segments=[{
        "external_id": "string",
        "name": "string",
    }])

const sslinspectionRulesResource = new zia.SSLInspectionRules("sslinspectionRulesResource", {
    order: 0,
    name: "string",
    userAgentTypes: ["string"],
    description: "string",
    destIpGroups: {
        ids: [0],
    },
    deviceGroups: {
        ids: [0],
    },
    deviceTrustLevels: ["string"],
    devices: {
        ids: [0],
    },
    groups: {
        ids: [0],
    },
    labels: {
        id: 0,
    },
    locationGroups: {
        ids: [0],
    },
    locations: {
        ids: [0],
    },
    actions: [{
        decryptSubActions: [{
            blockSslTrafficWithNoSniEnabled: false,
            blockUndecrypt: false,
            http2Enabled: false,
            minClientTlsVersion: "string",
            minServerTlsVersion: "string",
            ocspCheck: false,
            serverCertificates: "string",
        }],
        doNotDecryptSubActions: [{
            blockSslTrafficWithNoSniEnabled: false,
            bypassOtherPolicies: false,
            minTlsVersion: "string",
            ocspCheck: false,
            serverCertificates: "string",
        }],
        overrideDefaultCertificate: false,
        showEun: false,
        showEunatp: false,
        sslInterceptionCerts: [{
            id: 0,
        }],
        type: "string",
    }],
    departments: {
        ids: [0],
    },
    proxyGateways: {
        ids: [0],
    },
    cloudApplications: ["string"],
    rank: 0,
    roadWarriorForKerberos: false,
    sourceIpGroups: {
        ids: [0],
    },
    state: "string",
    timeWindows: {
        ids: [0],
    },
    urlCategories: ["string"],
    platforms: ["string"],
    users: {
        ids: [0],
    },
    workloadGroups: [{
        id: 0,
        name: "string",
    }],
    zpaAppSegments: [{
        externalId: "string",
        name: "string",
    }],
});

type: zia:SSLInspectionRules
properties:
    actions:
        - decryptSubActions:
            - blockSslTrafficWithNoSniEnabled: false
              blockUndecrypt: false
              http2Enabled: false
              minClientTlsVersion: string
              minServerTlsVersion: string
              ocspCheck: false
              serverCertificates: string
          doNotDecryptSubActions:
            - blockSslTrafficWithNoSniEnabled: false
              bypassOtherPolicies: false
              minTlsVersion: string
              ocspCheck: false
              serverCertificates: string
          overrideDefaultCertificate: false
          showEun: false
          showEunatp: false
          sslInterceptionCerts:
            - id: 0
          type: string
    cloudApplications:
        - string
    departments:
        ids:
            - 0
    description: string
    destIpGroups:
        ids:
            - 0
    deviceGroups:
        ids:
            - 0
    deviceTrustLevels:
        - string
    devices:
        ids:
            - 0
    groups:
        ids:
            - 0
    labels:
        id: 0
    locationGroups:
        ids:
            - 0
    locations:
        ids:
            - 0
    name: string
    order: 0
    platforms:
        - string
    proxyGateways:
        ids:
            - 0
    rank: 0
    roadWarriorForKerberos: false
    sourceIpGroups:
        ids:
            - 0
    state: string
    timeWindows:
        ids:
            - 0
    urlCategories:
        - string
    userAgentTypes:
        - string
    users:
        ids:
            - 0
    workloadGroups:
        - id: 0
          name: string
    zpaAppSegments:
        - externalId: string
          name: string

SSLInspectionRules Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The SSLInspectionRules resource accepts the following input properties:

Order int: (String) - Policy rules are evaluated in ascending numerical order (Rule 1 before Rule 2, and so on), and the Rule Order reflects this rule's place in the order.
Actions List<zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesAction>: (Block List) - Action taken when the traffic matches policy
CloudApplications List<string>: (Set of String) - The list of URL categories to which the DLP policy rule must be applied. For the complete list of supported file types refer to the ZIA API documentation
Departments zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesDepartments: (Block List) - ID pairs of departments for which the rule is applied.
Description string: (String) - Enter additional notes or information. The description cannot exceed 10,240 characters.
DestIpGroups zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesDestIpGroups: (Block List) - ID pairs of destination IP address groups for which the rule is applied.
DeviceGroups zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesDeviceGroups: (Block List) - ID pairs of device groups for which the rule is applied.
DeviceTrustLevels List<string>: (Set of String) - List of device trust levels for which the rule must be applied. This field is applicable for devices that are managed using Zscaler Client Connector. The trust levels are assigned to the devices based on your posture configurations in the Zscaler Client Connector Portal. If no value is set, this field is ignored during the policy evaluation. Supported values: ANY, UNKNOWN_DEVICETRUSTLEVEL, LOW_TRUST, MEDIUM_TRUST, HIGH_TRUST
Devices zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesDevices: (Block List) - ID pairs of devices for which the rule is applied
Groups zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesGroups: (Block List) - ID pairs of groups for which the rule is applied. If not set, rule is applied for all groups.
Labels zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesLabels: (Block List) - ID pairs of labels associated with the rule.
LocationGroups zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesLocationGroups: (Block List) - ID pairs of location groups to which the rule is applied. When empty, it implies applying to all location groups.
Locations zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesLocations: (Block List) - ID pairs of locations to which the rule is applied. When empty, it implies applying to all locations.
Name string: The name of the SSL Inspection rule
Platforms List<string>: (Set of String) - Zscaler Client Connector device platforms for which this rule is applied. Supported Values: SCAN_IOS, SCAN_ANDROID, SCAN_MACOS, SCAN_WINDOWS, NO_CLIENT_CONNECTOR, SCAN_LINUX
ProxyGateways zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesProxyGateways: (Block List) - When using ZPA Gateway forwarding, name-ID pairs of ZPA Application Segments for which the rule is applicable.
Rank int: (Integer) - The admin rank specified for the rule based on your assigned admin rank. Admin rank determines the rule order that can be specified for the rule. Admin rank can be configured if it is enabled in the Advanced Settings.
RoadWarriorForKerberos bool: (Boolean) - Indicates whether this rule is applied to remote users that use PAC with Kerberos authentication.
SourceIpGroups zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesSourceIpGroups: (Block List) - ID pairs of source IP address groups for which the rule is applied.
State string: (String) - The state of the rule indicating whether it is enabled or disabled. Supported values: ENABLED or DISABLED
TimeWindows zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesTimeWindows: (Block List) - The time intervals during which the rule applies
UrlCategories List<string>: (Set of String) - The list of URL categories to which the DLP policy rule must be applied.
UserAgentTypes List<string>: (Set of String) - A list of user agent types the rule applies to.
Users zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesUsers: (Block List) - The list of preconfigured workload groups to which the policy must be applied.
WorkloadGroups List<zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesWorkloadGroup>: (Block List) - The list of preconfigured workload groups to which the policy must be applied.
ZpaAppSegments List<zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesZpaAppSegment>: (Block List) - The list of ZPA Application Segments for which this rule is applicable (applicable only for ZPA Gateway forwarding).

Order int: (String) - Policy rules are evaluated in ascending numerical order (Rule 1 before Rule 2, and so on), and the Rule Order reflects this rule's place in the order.
Actions []SSLInspectionRulesActionArgs: (Block List) - Action taken when the traffic matches policy
CloudApplications []string: (Set of String) - The list of URL categories to which the DLP policy rule must be applied. For the complete list of supported file types refer to the ZIA API documentation
Departments SSLInspectionRulesDepartmentsArgs: (Block List) - ID pairs of departments for which the rule is applied.
Description string: (String) - Enter additional notes or information. The description cannot exceed 10,240 characters.
DestIpGroups SSLInspectionRulesDestIpGroupsArgs: (Block List) - ID pairs of destination IP address groups for which the rule is applied.
DeviceGroups SSLInspectionRulesDeviceGroupsArgs: (Block List) - ID pairs of device groups for which the rule is applied.
DeviceTrustLevels []string: (Set of String) - List of device trust levels for which the rule must be applied. This field is applicable for devices that are managed using Zscaler Client Connector. The trust levels are assigned to the devices based on your posture configurations in the Zscaler Client Connector Portal. If no value is set, this field is ignored during the policy evaluation. Supported values: ANY, UNKNOWN_DEVICETRUSTLEVEL, LOW_TRUST, MEDIUM_TRUST, HIGH_TRUST
Devices SSLInspectionRulesDevicesArgs: (Block List) - ID pairs of devices for which the rule is applied
Groups SSLInspectionRulesGroupsArgs: (Block List) - ID pairs of groups for which the rule is applied. If not set, rule is applied for all groups.
Labels SSLInspectionRulesLabelsArgs: (Block List) - ID pairs of labels associated with the rule.
LocationGroups SSLInspectionRulesLocationGroupsArgs: (Block List) - ID pairs of location groups to which the rule is applied. When empty, it implies applying to all location groups.
Locations SSLInspectionRulesLocationsArgs: (Block List) - ID pairs of locations to which the rule is applied. When empty, it implies applying to all locations.
Name string: The name of the SSL Inspection rule
Platforms []string: (Set of String) - Zscaler Client Connector device platforms for which this rule is applied. Supported Values: SCAN_IOS, SCAN_ANDROID, SCAN_MACOS, SCAN_WINDOWS, NO_CLIENT_CONNECTOR, SCAN_LINUX
ProxyGateways SSLInspectionRulesProxyGatewaysArgs: (Block List) - When using ZPA Gateway forwarding, name-ID pairs of ZPA Application Segments for which the rule is applicable.
Rank int: (Integer) - The admin rank specified for the rule based on your assigned admin rank. Admin rank determines the rule order that can be specified for the rule. Admin rank can be configured if it is enabled in the Advanced Settings.
RoadWarriorForKerberos bool: (Boolean) - Indicates whether this rule is applied to remote users that use PAC with Kerberos authentication.
SourceIpGroups SSLInspectionRulesSourceIpGroupsArgs: (Block List) - ID pairs of source IP address groups for which the rule is applied.
State string: (String) - The state of the rule indicating whether it is enabled or disabled. Supported values: ENABLED or DISABLED
TimeWindows SSLInspectionRulesTimeWindowsArgs: (Block List) - The time intervals during which the rule applies
UrlCategories []string: (Set of String) - The list of URL categories to which the DLP policy rule must be applied.
UserAgentTypes []string: (Set of String) - A list of user agent types the rule applies to.
Users SSLInspectionRulesUsersArgs: (Block List) - The list of preconfigured workload groups to which the policy must be applied.
WorkloadGroups []SSLInspectionRulesWorkloadGroupArgs: (Block List) - The list of preconfigured workload groups to which the policy must be applied.
ZpaAppSegments []SSLInspectionRulesZpaAppSegmentArgs: (Block List) - The list of ZPA Application Segments for which this rule is applicable (applicable only for ZPA Gateway forwarding).

order Integer: (String) - Policy rules are evaluated in ascending numerical order (Rule 1 before Rule 2, and so on), and the Rule Order reflects this rule's place in the order.
actions List<SSLInspectionRulesAction>: (Block List) - Action taken when the traffic matches policy
cloudApplications List<String>: (Set of String) - The list of URL categories to which the DLP policy rule must be applied. For the complete list of supported file types refer to the ZIA API documentation
departments SSLInspectionRulesDepartments: (Block List) - ID pairs of departments for which the rule is applied.
description String: (String) - Enter additional notes or information. The description cannot exceed 10,240 characters.
destIpGroups SSLInspectionRulesDestIpGroups: (Block List) - ID pairs of destination IP address groups for which the rule is applied.
deviceGroups SSLInspectionRulesDeviceGroups: (Block List) - ID pairs of device groups for which the rule is applied.
deviceTrustLevels List<String>: (Set of String) - List of device trust levels for which the rule must be applied. This field is applicable for devices that are managed using Zscaler Client Connector. The trust levels are assigned to the devices based on your posture configurations in the Zscaler Client Connector Portal. If no value is set, this field is ignored during the policy evaluation. Supported values: ANY, UNKNOWN_DEVICETRUSTLEVEL, LOW_TRUST, MEDIUM_TRUST, HIGH_TRUST
devices SSLInspectionRulesDevices: (Block List) - ID pairs of devices for which the rule is applied
groups SSLInspectionRulesGroups: (Block List) - ID pairs of groups for which the rule is applied. If not set, rule is applied for all groups.
labels SSLInspectionRulesLabels: (Block List) - ID pairs of labels associated with the rule.
locationGroups SSLInspectionRulesLocationGroups: (Block List) - ID pairs of location groups to which the rule is applied. When empty, it implies applying to all location groups.
locations SSLInspectionRulesLocations: (Block List) - ID pairs of locations to which the rule is applied. When empty, it implies applying to all locations.
name String: The name of the SSL Inspection rule
platforms List<String>: (Set of String) - Zscaler Client Connector device platforms for which this rule is applied. Supported Values: SCAN_IOS, SCAN_ANDROID, SCAN_MACOS, SCAN_WINDOWS, NO_CLIENT_CONNECTOR, SCAN_LINUX
proxyGateways SSLInspectionRulesProxyGateways: (Block List) - When using ZPA Gateway forwarding, name-ID pairs of ZPA Application Segments for which the rule is applicable.
rank Integer: (Integer) - The admin rank specified for the rule based on your assigned admin rank. Admin rank determines the rule order that can be specified for the rule. Admin rank can be configured if it is enabled in the Advanced Settings.
roadWarriorForKerberos Boolean: (Boolean) - Indicates whether this rule is applied to remote users that use PAC with Kerberos authentication.
sourceIpGroups SSLInspectionRulesSourceIpGroups: (Block List) - ID pairs of source IP address groups for which the rule is applied.
state String: (String) - The state of the rule indicating whether it is enabled or disabled. Supported values: ENABLED or DISABLED
timeWindows SSLInspectionRulesTimeWindows: (Block List) - The time intervals during which the rule applies
urlCategories List<String>: (Set of String) - The list of URL categories to which the DLP policy rule must be applied.
userAgentTypes List<String>: (Set of String) - A list of user agent types the rule applies to.
users SSLInspectionRulesUsers: (Block List) - The list of preconfigured workload groups to which the policy must be applied.
workloadGroups List<SSLInspectionRulesWorkloadGroup>: (Block List) - The list of preconfigured workload groups to which the policy must be applied.
zpaAppSegments List<SSLInspectionRulesZpaAppSegment>: (Block List) - The list of ZPA Application Segments for which this rule is applicable (applicable only for ZPA Gateway forwarding).

order number: (String) - Policy rules are evaluated in ascending numerical order (Rule 1 before Rule 2, and so on), and the Rule Order reflects this rule's place in the order.
actions SSLInspectionRulesAction[]: (Block List) - Action taken when the traffic matches policy
cloudApplications string[]: (Set of String) - The list of URL categories to which the DLP policy rule must be applied. For the complete list of supported file types refer to the ZIA API documentation
departments SSLInspectionRulesDepartments: (Block List) - ID pairs of departments for which the rule is applied.
description string: (String) - Enter additional notes or information. The description cannot exceed 10,240 characters.
destIpGroups SSLInspectionRulesDestIpGroups: (Block List) - ID pairs of destination IP address groups for which the rule is applied.
deviceGroups SSLInspectionRulesDeviceGroups: (Block List) - ID pairs of device groups for which the rule is applied.
deviceTrustLevels string[]: (Set of String) - List of device trust levels for which the rule must be applied. This field is applicable for devices that are managed using Zscaler Client Connector. The trust levels are assigned to the devices based on your posture configurations in the Zscaler Client Connector Portal. If no value is set, this field is ignored during the policy evaluation. Supported values: ANY, UNKNOWN_DEVICETRUSTLEVEL, LOW_TRUST, MEDIUM_TRUST, HIGH_TRUST
devices SSLInspectionRulesDevices: (Block List) - ID pairs of devices for which the rule is applied
groups SSLInspectionRulesGroups: (Block List) - ID pairs of groups for which the rule is applied. If not set, rule is applied for all groups.
labels SSLInspectionRulesLabels: (Block List) - ID pairs of labels associated with the rule.
locationGroups SSLInspectionRulesLocationGroups: (Block List) - ID pairs of location groups to which the rule is applied. When empty, it implies applying to all location groups.
locations SSLInspectionRulesLocations: (Block List) - ID pairs of locations to which the rule is applied. When empty, it implies applying to all locations.
name string: The name of the SSL Inspection rule
platforms string[]: (Set of String) - Zscaler Client Connector device platforms for which this rule is applied. Supported Values: SCAN_IOS, SCAN_ANDROID, SCAN_MACOS, SCAN_WINDOWS, NO_CLIENT_CONNECTOR, SCAN_LINUX
proxyGateways SSLInspectionRulesProxyGateways: (Block List) - When using ZPA Gateway forwarding, name-ID pairs of ZPA Application Segments for which the rule is applicable.
rank number: (Integer) - The admin rank specified for the rule based on your assigned admin rank. Admin rank determines the rule order that can be specified for the rule. Admin rank can be configured if it is enabled in the Advanced Settings.
roadWarriorForKerberos boolean: (Boolean) - Indicates whether this rule is applied to remote users that use PAC with Kerberos authentication.
sourceIpGroups SSLInspectionRulesSourceIpGroups: (Block List) - ID pairs of source IP address groups for which the rule is applied.
state string: (String) - The state of the rule indicating whether it is enabled or disabled. Supported values: ENABLED or DISABLED
timeWindows SSLInspectionRulesTimeWindows: (Block List) - The time intervals during which the rule applies
urlCategories string[]: (Set of String) - The list of URL categories to which the DLP policy rule must be applied.
userAgentTypes string[]: (Set of String) - A list of user agent types the rule applies to.
users SSLInspectionRulesUsers: (Block List) - The list of preconfigured workload groups to which the policy must be applied.
workloadGroups SSLInspectionRulesWorkloadGroup[]: (Block List) - The list of preconfigured workload groups to which the policy must be applied.
zpaAppSegments SSLInspectionRulesZpaAppSegment[]: (Block List) - The list of ZPA Application Segments for which this rule is applicable (applicable only for ZPA Gateway forwarding).

order int: (String) - Policy rules are evaluated in ascending numerical order (Rule 1 before Rule 2, and so on), and the Rule Order reflects this rule's place in the order.
actions Sequence[SSLInspectionRulesActionArgs]: (Block List) - Action taken when the traffic matches policy
cloud_applications Sequence[str]: (Set of String) - The list of URL categories to which the DLP policy rule must be applied. For the complete list of supported file types refer to the ZIA API documentation
departments SSLInspectionRulesDepartmentsArgs: (Block List) - ID pairs of departments for which the rule is applied.
description str: (String) - Enter additional notes or information. The description cannot exceed 10,240 characters.
dest_ip_groups SSLInspectionRulesDestIpGroupsArgs: (Block List) - ID pairs of destination IP address groups for which the rule is applied.
device_groups SSLInspectionRulesDeviceGroupsArgs: (Block List) - ID pairs of device groups for which the rule is applied.
device_trust_levels Sequence[str]: (Set of String) - List of device trust levels for which the rule must be applied. This field is applicable for devices that are managed using Zscaler Client Connector. The trust levels are assigned to the devices based on your posture configurations in the Zscaler Client Connector Portal. If no value is set, this field is ignored during the policy evaluation. Supported values: ANY, UNKNOWN_DEVICETRUSTLEVEL, LOW_TRUST, MEDIUM_TRUST, HIGH_TRUST
devices SSLInspectionRulesDevicesArgs: (Block List) - ID pairs of devices for which the rule is applied
groups SSLInspectionRulesGroupsArgs: (Block List) - ID pairs of groups for which the rule is applied. If not set, rule is applied for all groups.
labels SSLInspectionRulesLabelsArgs: (Block List) - ID pairs of labels associated with the rule.
location_groups SSLInspectionRulesLocationGroupsArgs: (Block List) - ID pairs of location groups to which the rule is applied. When empty, it implies applying to all location groups.
locations SSLInspectionRulesLocationsArgs: (Block List) - ID pairs of locations to which the rule is applied. When empty, it implies applying to all locations.
name str: The name of the SSL Inspection rule
platforms Sequence[str]: (Set of String) - Zscaler Client Connector device platforms for which this rule is applied. Supported Values: SCAN_IOS, SCAN_ANDROID, SCAN_MACOS, SCAN_WINDOWS, NO_CLIENT_CONNECTOR, SCAN_LINUX
proxy_gateways SSLInspectionRulesProxyGatewaysArgs: (Block List) - When using ZPA Gateway forwarding, name-ID pairs of ZPA Application Segments for which the rule is applicable.
rank int: (Integer) - The admin rank specified for the rule based on your assigned admin rank. Admin rank determines the rule order that can be specified for the rule. Admin rank can be configured if it is enabled in the Advanced Settings.
road_warrior_for_kerberos bool: (Boolean) - Indicates whether this rule is applied to remote users that use PAC with Kerberos authentication.
source_ip_groups SSLInspectionRulesSourceIpGroupsArgs: (Block List) - ID pairs of source IP address groups for which the rule is applied.
state str: (String) - The state of the rule indicating whether it is enabled or disabled. Supported values: ENABLED or DISABLED
time_windows SSLInspectionRulesTimeWindowsArgs: (Block List) - The time intervals during which the rule applies
url_categories Sequence[str]: (Set of String) - The list of URL categories to which the DLP policy rule must be applied.
user_agent_types Sequence[str]: (Set of String) - A list of user agent types the rule applies to.
users SSLInspectionRulesUsersArgs: (Block List) - The list of preconfigured workload groups to which the policy must be applied.
workload_groups Sequence[SSLInspectionRulesWorkloadGroupArgs]: (Block List) - The list of preconfigured workload groups to which the policy must be applied.
zpa_app_segments Sequence[SSLInspectionRulesZpaAppSegmentArgs]: (Block List) - The list of ZPA Application Segments for which this rule is applicable (applicable only for ZPA Gateway forwarding).

order Number: (String) - Policy rules are evaluated in ascending numerical order (Rule 1 before Rule 2, and so on), and the Rule Order reflects this rule's place in the order.
actions List<Property Map>: (Block List) - Action taken when the traffic matches policy
cloudApplications List<String>: (Set of String) - The list of URL categories to which the DLP policy rule must be applied. For the complete list of supported file types refer to the ZIA API documentation
departments Property Map: (Block List) - ID pairs of departments for which the rule is applied.
description String: (String) - Enter additional notes or information. The description cannot exceed 10,240 characters.
destIpGroups Property Map: (Block List) - ID pairs of destination IP address groups for which the rule is applied.
deviceGroups Property Map: (Block List) - ID pairs of device groups for which the rule is applied.
deviceTrustLevels List<String>: (Set of String) - List of device trust levels for which the rule must be applied. This field is applicable for devices that are managed using Zscaler Client Connector. The trust levels are assigned to the devices based on your posture configurations in the Zscaler Client Connector Portal. If no value is set, this field is ignored during the policy evaluation. Supported values: ANY, UNKNOWN_DEVICETRUSTLEVEL, LOW_TRUST, MEDIUM_TRUST, HIGH_TRUST
devices Property Map: (Block List) - ID pairs of devices for which the rule is applied
groups Property Map: (Block List) - ID pairs of groups for which the rule is applied. If not set, rule is applied for all groups.
labels Property Map: (Block List) - ID pairs of labels associated with the rule.
locationGroups Property Map: (Block List) - ID pairs of location groups to which the rule is applied. When empty, it implies applying to all location groups.
locations Property Map: (Block List) - ID pairs of locations to which the rule is applied. When empty, it implies applying to all locations.
name String: The name of the SSL Inspection rule
platforms List<String>: (Set of String) - Zscaler Client Connector device platforms for which this rule is applied. Supported Values: SCAN_IOS, SCAN_ANDROID, SCAN_MACOS, SCAN_WINDOWS, NO_CLIENT_CONNECTOR, SCAN_LINUX
proxyGateways Property Map: (Block List) - When using ZPA Gateway forwarding, name-ID pairs of ZPA Application Segments for which the rule is applicable.
rank Number: (Integer) - The admin rank specified for the rule based on your assigned admin rank. Admin rank determines the rule order that can be specified for the rule. Admin rank can be configured if it is enabled in the Advanced Settings.
roadWarriorForKerberos Boolean: (Boolean) - Indicates whether this rule is applied to remote users that use PAC with Kerberos authentication.
sourceIpGroups Property Map: (Block List) - ID pairs of source IP address groups for which the rule is applied.
state String: (String) - The state of the rule indicating whether it is enabled or disabled. Supported values: ENABLED or DISABLED
timeWindows Property Map: (Block List) - The time intervals during which the rule applies
urlCategories List<String>: (Set of String) - The list of URL categories to which the DLP policy rule must be applied.
userAgentTypes List<String>: (Set of String) - A list of user agent types the rule applies to.
users Property Map: (Block List) - The list of preconfigured workload groups to which the policy must be applied.
workloadGroups List<Property Map>: (Block List) - The list of preconfigured workload groups to which the policy must be applied.
zpaAppSegments List<Property Map>: (Block List) - The list of ZPA Application Segments for which this rule is applicable (applicable only for ZPA Gateway forwarding).

Outputs

All input properties are implicitly available as output properties. Additionally, the SSLInspectionRules resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.
RuleId int

Id string: The provider-assigned unique ID for this managed resource.
RuleId int

id String: The provider-assigned unique ID for this managed resource.
ruleId Integer

id string: The provider-assigned unique ID for this managed resource.
ruleId number

id str: The provider-assigned unique ID for this managed resource.
rule_id int

id String: The provider-assigned unique ID for this managed resource.
ruleId Number

Look up Existing SSLInspectionRules Resource

Get an existing SSLInspectionRules resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: SSLInspectionRulesState, opts?: CustomResourceOptions): SSLInspectionRules

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        actions: Optional[Sequence[SSLInspectionRulesActionArgs]] = None,
        cloud_applications: Optional[Sequence[str]] = None,
        departments: Optional[SSLInspectionRulesDepartmentsArgs] = None,
        description: Optional[str] = None,
        dest_ip_groups: Optional[SSLInspectionRulesDestIpGroupsArgs] = None,
        device_groups: Optional[SSLInspectionRulesDeviceGroupsArgs] = None,
        device_trust_levels: Optional[Sequence[str]] = None,
        devices: Optional[SSLInspectionRulesDevicesArgs] = None,
        groups: Optional[SSLInspectionRulesGroupsArgs] = None,
        labels: Optional[SSLInspectionRulesLabelsArgs] = None,
        location_groups: Optional[SSLInspectionRulesLocationGroupsArgs] = None,
        locations: Optional[SSLInspectionRulesLocationsArgs] = None,
        name: Optional[str] = None,
        order: Optional[int] = None,
        platforms: Optional[Sequence[str]] = None,
        proxy_gateways: Optional[SSLInspectionRulesProxyGatewaysArgs] = None,
        rank: Optional[int] = None,
        road_warrior_for_kerberos: Optional[bool] = None,
        rule_id: Optional[int] = None,
        source_ip_groups: Optional[SSLInspectionRulesSourceIpGroupsArgs] = None,
        state: Optional[str] = None,
        time_windows: Optional[SSLInspectionRulesTimeWindowsArgs] = None,
        url_categories: Optional[Sequence[str]] = None,
        user_agent_types: Optional[Sequence[str]] = None,
        users: Optional[SSLInspectionRulesUsersArgs] = None,
        workload_groups: Optional[Sequence[SSLInspectionRulesWorkloadGroupArgs]] = None,
        zpa_app_segments: Optional[Sequence[SSLInspectionRulesZpaAppSegmentArgs]] = None) -> SSLInspectionRules

func GetSSLInspectionRules(ctx *Context, name string, id IDInput, state *SSLInspectionRulesState, opts ...ResourceOption) (*SSLInspectionRules, error)

public static SSLInspectionRules Get(string name, Input<string> id, SSLInspectionRulesState? state, CustomResourceOptions? opts = null)

public static SSLInspectionRules get(String name, Output<String> id, SSLInspectionRulesState state, CustomResourceOptions options)

resources:  _:    type: zia:SSLInspectionRules    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Actions List<zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesAction>: (Block List) - Action taken when the traffic matches policy
CloudApplications List<string>: (Set of String) - The list of URL categories to which the DLP policy rule must be applied. For the complete list of supported file types refer to the ZIA API documentation
Departments zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesDepartments: (Block List) - ID pairs of departments for which the rule is applied.
Description string: (String) - Enter additional notes or information. The description cannot exceed 10,240 characters.
DestIpGroups zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesDestIpGroups: (Block List) - ID pairs of destination IP address groups for which the rule is applied.
DeviceGroups zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesDeviceGroups: (Block List) - ID pairs of device groups for which the rule is applied.
DeviceTrustLevels List<string>: (Set of String) - List of device trust levels for which the rule must be applied. This field is applicable for devices that are managed using Zscaler Client Connector. The trust levels are assigned to the devices based on your posture configurations in the Zscaler Client Connector Portal. If no value is set, this field is ignored during the policy evaluation. Supported values: ANY, UNKNOWN_DEVICETRUSTLEVEL, LOW_TRUST, MEDIUM_TRUST, HIGH_TRUST
Devices zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesDevices: (Block List) - ID pairs of devices for which the rule is applied
Groups zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesGroups: (Block List) - ID pairs of groups for which the rule is applied. If not set, rule is applied for all groups.
Labels zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesLabels: (Block List) - ID pairs of labels associated with the rule.
LocationGroups zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesLocationGroups: (Block List) - ID pairs of location groups to which the rule is applied. When empty, it implies applying to all location groups.
Locations zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesLocations: (Block List) - ID pairs of locations to which the rule is applied. When empty, it implies applying to all locations.
Name string: The name of the SSL Inspection rule
Order int: (String) - Policy rules are evaluated in ascending numerical order (Rule 1 before Rule 2, and so on), and the Rule Order reflects this rule's place in the order.
Platforms List<string>: (Set of String) - Zscaler Client Connector device platforms for which this rule is applied. Supported Values: SCAN_IOS, SCAN_ANDROID, SCAN_MACOS, SCAN_WINDOWS, NO_CLIENT_CONNECTOR, SCAN_LINUX
ProxyGateways zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesProxyGateways: (Block List) - When using ZPA Gateway forwarding, name-ID pairs of ZPA Application Segments for which the rule is applicable.
Rank int: (Integer) - The admin rank specified for the rule based on your assigned admin rank. Admin rank determines the rule order that can be specified for the rule. Admin rank can be configured if it is enabled in the Advanced Settings.
RoadWarriorForKerberos bool: (Boolean) - Indicates whether this rule is applied to remote users that use PAC with Kerberos authentication.
RuleId int
SourceIpGroups zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesSourceIpGroups: (Block List) - ID pairs of source IP address groups for which the rule is applied.
State string: (String) - The state of the rule indicating whether it is enabled or disabled. Supported values: ENABLED or DISABLED
TimeWindows zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesTimeWindows: (Block List) - The time intervals during which the rule applies
UrlCategories List<string>: (Set of String) - The list of URL categories to which the DLP policy rule must be applied.
UserAgentTypes List<string>: (Set of String) - A list of user agent types the rule applies to.
Users zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesUsers: (Block List) - The list of preconfigured workload groups to which the policy must be applied.
WorkloadGroups List<zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesWorkloadGroup>: (Block List) - The list of preconfigured workload groups to which the policy must be applied.
ZpaAppSegments List<zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesZpaAppSegment>: (Block List) - The list of ZPA Application Segments for which this rule is applicable (applicable only for ZPA Gateway forwarding).

Actions []SSLInspectionRulesActionArgs: (Block List) - Action taken when the traffic matches policy
CloudApplications []string: (Set of String) - The list of URL categories to which the DLP policy rule must be applied. For the complete list of supported file types refer to the ZIA API documentation
Departments SSLInspectionRulesDepartmentsArgs: (Block List) - ID pairs of departments for which the rule is applied.
Description string: (String) - Enter additional notes or information. The description cannot exceed 10,240 characters.
DestIpGroups SSLInspectionRulesDestIpGroupsArgs: (Block List) - ID pairs of destination IP address groups for which the rule is applied.
DeviceGroups SSLInspectionRulesDeviceGroupsArgs: (Block List) - ID pairs of device groups for which the rule is applied.
DeviceTrustLevels []string: (Set of String) - List of device trust levels for which the rule must be applied. This field is applicable for devices that are managed using Zscaler Client Connector. The trust levels are assigned to the devices based on your posture configurations in the Zscaler Client Connector Portal. If no value is set, this field is ignored during the policy evaluation. Supported values: ANY, UNKNOWN_DEVICETRUSTLEVEL, LOW_TRUST, MEDIUM_TRUST, HIGH_TRUST
Devices SSLInspectionRulesDevicesArgs: (Block List) - ID pairs of devices for which the rule is applied
Groups SSLInspectionRulesGroupsArgs: (Block List) - ID pairs of groups for which the rule is applied. If not set, rule is applied for all groups.
Labels SSLInspectionRulesLabelsArgs: (Block List) - ID pairs of labels associated with the rule.
LocationGroups SSLInspectionRulesLocationGroupsArgs: (Block List) - ID pairs of location groups to which the rule is applied. When empty, it implies applying to all location groups.
Locations SSLInspectionRulesLocationsArgs: (Block List) - ID pairs of locations to which the rule is applied. When empty, it implies applying to all locations.
Name string: The name of the SSL Inspection rule
Order int: (String) - Policy rules are evaluated in ascending numerical order (Rule 1 before Rule 2, and so on), and the Rule Order reflects this rule's place in the order.
Platforms []string: (Set of String) - Zscaler Client Connector device platforms for which this rule is applied. Supported Values: SCAN_IOS, SCAN_ANDROID, SCAN_MACOS, SCAN_WINDOWS, NO_CLIENT_CONNECTOR, SCAN_LINUX
ProxyGateways SSLInspectionRulesProxyGatewaysArgs: (Block List) - When using ZPA Gateway forwarding, name-ID pairs of ZPA Application Segments for which the rule is applicable.
Rank int: (Integer) - The admin rank specified for the rule based on your assigned admin rank. Admin rank determines the rule order that can be specified for the rule. Admin rank can be configured if it is enabled in the Advanced Settings.
RoadWarriorForKerberos bool: (Boolean) - Indicates whether this rule is applied to remote users that use PAC with Kerberos authentication.
RuleId int
SourceIpGroups SSLInspectionRulesSourceIpGroupsArgs: (Block List) - ID pairs of source IP address groups for which the rule is applied.
State string: (String) - The state of the rule indicating whether it is enabled or disabled. Supported values: ENABLED or DISABLED
TimeWindows SSLInspectionRulesTimeWindowsArgs: (Block List) - The time intervals during which the rule applies
UrlCategories []string: (Set of String) - The list of URL categories to which the DLP policy rule must be applied.
UserAgentTypes []string: (Set of String) - A list of user agent types the rule applies to.
Users SSLInspectionRulesUsersArgs: (Block List) - The list of preconfigured workload groups to which the policy must be applied.
WorkloadGroups []SSLInspectionRulesWorkloadGroupArgs: (Block List) - The list of preconfigured workload groups to which the policy must be applied.
ZpaAppSegments []SSLInspectionRulesZpaAppSegmentArgs: (Block List) - The list of ZPA Application Segments for which this rule is applicable (applicable only for ZPA Gateway forwarding).

actions List<SSLInspectionRulesAction>: (Block List) - Action taken when the traffic matches policy
cloudApplications List<String>: (Set of String) - The list of URL categories to which the DLP policy rule must be applied. For the complete list of supported file types refer to the ZIA API documentation
departments SSLInspectionRulesDepartments: (Block List) - ID pairs of departments for which the rule is applied.
description String: (String) - Enter additional notes or information. The description cannot exceed 10,240 characters.
destIpGroups SSLInspectionRulesDestIpGroups: (Block List) - ID pairs of destination IP address groups for which the rule is applied.
deviceGroups SSLInspectionRulesDeviceGroups: (Block List) - ID pairs of device groups for which the rule is applied.
deviceTrustLevels List<String>: (Set of String) - List of device trust levels for which the rule must be applied. This field is applicable for devices that are managed using Zscaler Client Connector. The trust levels are assigned to the devices based on your posture configurations in the Zscaler Client Connector Portal. If no value is set, this field is ignored during the policy evaluation. Supported values: ANY, UNKNOWN_DEVICETRUSTLEVEL, LOW_TRUST, MEDIUM_TRUST, HIGH_TRUST
devices SSLInspectionRulesDevices: (Block List) - ID pairs of devices for which the rule is applied
groups SSLInspectionRulesGroups: (Block List) - ID pairs of groups for which the rule is applied. If not set, rule is applied for all groups.
labels SSLInspectionRulesLabels: (Block List) - ID pairs of labels associated with the rule.
locationGroups SSLInspectionRulesLocationGroups: (Block List) - ID pairs of location groups to which the rule is applied. When empty, it implies applying to all location groups.
locations SSLInspectionRulesLocations: (Block List) - ID pairs of locations to which the rule is applied. When empty, it implies applying to all locations.
name String: The name of the SSL Inspection rule
order Integer: (String) - Policy rules are evaluated in ascending numerical order (Rule 1 before Rule 2, and so on), and the Rule Order reflects this rule's place in the order.
platforms List<String>: (Set of String) - Zscaler Client Connector device platforms for which this rule is applied. Supported Values: SCAN_IOS, SCAN_ANDROID, SCAN_MACOS, SCAN_WINDOWS, NO_CLIENT_CONNECTOR, SCAN_LINUX
proxyGateways SSLInspectionRulesProxyGateways: (Block List) - When using ZPA Gateway forwarding, name-ID pairs of ZPA Application Segments for which the rule is applicable.
rank Integer: (Integer) - The admin rank specified for the rule based on your assigned admin rank. Admin rank determines the rule order that can be specified for the rule. Admin rank can be configured if it is enabled in the Advanced Settings.
roadWarriorForKerberos Boolean: (Boolean) - Indicates whether this rule is applied to remote users that use PAC with Kerberos authentication.
ruleId Integer
sourceIpGroups SSLInspectionRulesSourceIpGroups: (Block List) - ID pairs of source IP address groups for which the rule is applied.
state String: (String) - The state of the rule indicating whether it is enabled or disabled. Supported values: ENABLED or DISABLED
timeWindows SSLInspectionRulesTimeWindows: (Block List) - The time intervals during which the rule applies
urlCategories List<String>: (Set of String) - The list of URL categories to which the DLP policy rule must be applied.
userAgentTypes List<String>: (Set of String) - A list of user agent types the rule applies to.
users SSLInspectionRulesUsers: (Block List) - The list of preconfigured workload groups to which the policy must be applied.
workloadGroups List<SSLInspectionRulesWorkloadGroup>: (Block List) - The list of preconfigured workload groups to which the policy must be applied.
zpaAppSegments List<SSLInspectionRulesZpaAppSegment>: (Block List) - The list of ZPA Application Segments for which this rule is applicable (applicable only for ZPA Gateway forwarding).

actions SSLInspectionRulesAction[]: (Block List) - Action taken when the traffic matches policy
cloudApplications string[]: (Set of String) - The list of URL categories to which the DLP policy rule must be applied. For the complete list of supported file types refer to the ZIA API documentation
departments SSLInspectionRulesDepartments: (Block List) - ID pairs of departments for which the rule is applied.
description string: (String) - Enter additional notes or information. The description cannot exceed 10,240 characters.
destIpGroups SSLInspectionRulesDestIpGroups: (Block List) - ID pairs of destination IP address groups for which the rule is applied.
deviceGroups SSLInspectionRulesDeviceGroups: (Block List) - ID pairs of device groups for which the rule is applied.
deviceTrustLevels string[]: (Set of String) - List of device trust levels for which the rule must be applied. This field is applicable for devices that are managed using Zscaler Client Connector. The trust levels are assigned to the devices based on your posture configurations in the Zscaler Client Connector Portal. If no value is set, this field is ignored during the policy evaluation. Supported values: ANY, UNKNOWN_DEVICETRUSTLEVEL, LOW_TRUST, MEDIUM_TRUST, HIGH_TRUST
devices SSLInspectionRulesDevices: (Block List) - ID pairs of devices for which the rule is applied
groups SSLInspectionRulesGroups: (Block List) - ID pairs of groups for which the rule is applied. If not set, rule is applied for all groups.
labels SSLInspectionRulesLabels: (Block List) - ID pairs of labels associated with the rule.
locationGroups SSLInspectionRulesLocationGroups: (Block List) - ID pairs of location groups to which the rule is applied. When empty, it implies applying to all location groups.
locations SSLInspectionRulesLocations: (Block List) - ID pairs of locations to which the rule is applied. When empty, it implies applying to all locations.
name string: The name of the SSL Inspection rule
order number: (String) - Policy rules are evaluated in ascending numerical order (Rule 1 before Rule 2, and so on), and the Rule Order reflects this rule's place in the order.
platforms string[]: (Set of String) - Zscaler Client Connector device platforms for which this rule is applied. Supported Values: SCAN_IOS, SCAN_ANDROID, SCAN_MACOS, SCAN_WINDOWS, NO_CLIENT_CONNECTOR, SCAN_LINUX
proxyGateways SSLInspectionRulesProxyGateways: (Block List) - When using ZPA Gateway forwarding, name-ID pairs of ZPA Application Segments for which the rule is applicable.
rank number: (Integer) - The admin rank specified for the rule based on your assigned admin rank. Admin rank determines the rule order that can be specified for the rule. Admin rank can be configured if it is enabled in the Advanced Settings.
roadWarriorForKerberos boolean: (Boolean) - Indicates whether this rule is applied to remote users that use PAC with Kerberos authentication.
ruleId number
sourceIpGroups SSLInspectionRulesSourceIpGroups: (Block List) - ID pairs of source IP address groups for which the rule is applied.
state string: (String) - The state of the rule indicating whether it is enabled or disabled. Supported values: ENABLED or DISABLED
timeWindows SSLInspectionRulesTimeWindows: (Block List) - The time intervals during which the rule applies
urlCategories string[]: (Set of String) - The list of URL categories to which the DLP policy rule must be applied.
userAgentTypes string[]: (Set of String) - A list of user agent types the rule applies to.
users SSLInspectionRulesUsers: (Block List) - The list of preconfigured workload groups to which the policy must be applied.
workloadGroups SSLInspectionRulesWorkloadGroup[]: (Block List) - The list of preconfigured workload groups to which the policy must be applied.
zpaAppSegments SSLInspectionRulesZpaAppSegment[]: (Block List) - The list of ZPA Application Segments for which this rule is applicable (applicable only for ZPA Gateway forwarding).

actions Sequence[SSLInspectionRulesActionArgs]: (Block List) - Action taken when the traffic matches policy
cloud_applications Sequence[str]: (Set of String) - The list of URL categories to which the DLP policy rule must be applied. For the complete list of supported file types refer to the ZIA API documentation
departments SSLInspectionRulesDepartmentsArgs: (Block List) - ID pairs of departments for which the rule is applied.
description str: (String) - Enter additional notes or information. The description cannot exceed 10,240 characters.
dest_ip_groups SSLInspectionRulesDestIpGroupsArgs: (Block List) - ID pairs of destination IP address groups for which the rule is applied.
device_groups SSLInspectionRulesDeviceGroupsArgs: (Block List) - ID pairs of device groups for which the rule is applied.
device_trust_levels Sequence[str]: (Set of String) - List of device trust levels for which the rule must be applied. This field is applicable for devices that are managed using Zscaler Client Connector. The trust levels are assigned to the devices based on your posture configurations in the Zscaler Client Connector Portal. If no value is set, this field is ignored during the policy evaluation. Supported values: ANY, UNKNOWN_DEVICETRUSTLEVEL, LOW_TRUST, MEDIUM_TRUST, HIGH_TRUST
devices SSLInspectionRulesDevicesArgs: (Block List) - ID pairs of devices for which the rule is applied
groups SSLInspectionRulesGroupsArgs: (Block List) - ID pairs of groups for which the rule is applied. If not set, rule is applied for all groups.
labels SSLInspectionRulesLabelsArgs: (Block List) - ID pairs of labels associated with the rule.
location_groups SSLInspectionRulesLocationGroupsArgs: (Block List) - ID pairs of location groups to which the rule is applied. When empty, it implies applying to all location groups.
locations SSLInspectionRulesLocationsArgs: (Block List) - ID pairs of locations to which the rule is applied. When empty, it implies applying to all locations.
name str: The name of the SSL Inspection rule
order int: (String) - Policy rules are evaluated in ascending numerical order (Rule 1 before Rule 2, and so on), and the Rule Order reflects this rule's place in the order.
platforms Sequence[str]: (Set of String) - Zscaler Client Connector device platforms for which this rule is applied. Supported Values: SCAN_IOS, SCAN_ANDROID, SCAN_MACOS, SCAN_WINDOWS, NO_CLIENT_CONNECTOR, SCAN_LINUX
proxy_gateways SSLInspectionRulesProxyGatewaysArgs: (Block List) - When using ZPA Gateway forwarding, name-ID pairs of ZPA Application Segments for which the rule is applicable.
rank int: (Integer) - The admin rank specified for the rule based on your assigned admin rank. Admin rank determines the rule order that can be specified for the rule. Admin rank can be configured if it is enabled in the Advanced Settings.
road_warrior_for_kerberos bool: (Boolean) - Indicates whether this rule is applied to remote users that use PAC with Kerberos authentication.
rule_id int
source_ip_groups SSLInspectionRulesSourceIpGroupsArgs: (Block List) - ID pairs of source IP address groups for which the rule is applied.
state str: (String) - The state of the rule indicating whether it is enabled or disabled. Supported values: ENABLED or DISABLED
time_windows SSLInspectionRulesTimeWindowsArgs: (Block List) - The time intervals during which the rule applies
url_categories Sequence[str]: (Set of String) - The list of URL categories to which the DLP policy rule must be applied.
user_agent_types Sequence[str]: (Set of String) - A list of user agent types the rule applies to.
users SSLInspectionRulesUsersArgs: (Block List) - The list of preconfigured workload groups to which the policy must be applied.
workload_groups Sequence[SSLInspectionRulesWorkloadGroupArgs]: (Block List) - The list of preconfigured workload groups to which the policy must be applied.
zpa_app_segments Sequence[SSLInspectionRulesZpaAppSegmentArgs]: (Block List) - The list of ZPA Application Segments for which this rule is applicable (applicable only for ZPA Gateway forwarding).

actions List<Property Map>: (Block List) - Action taken when the traffic matches policy
cloudApplications List<String>: (Set of String) - The list of URL categories to which the DLP policy rule must be applied. For the complete list of supported file types refer to the ZIA API documentation
departments Property Map: (Block List) - ID pairs of departments for which the rule is applied.
description String: (String) - Enter additional notes or information. The description cannot exceed 10,240 characters.
destIpGroups Property Map: (Block List) - ID pairs of destination IP address groups for which the rule is applied.
deviceGroups Property Map: (Block List) - ID pairs of device groups for which the rule is applied.
deviceTrustLevels List<String>: (Set of String) - List of device trust levels for which the rule must be applied. This field is applicable for devices that are managed using Zscaler Client Connector. The trust levels are assigned to the devices based on your posture configurations in the Zscaler Client Connector Portal. If no value is set, this field is ignored during the policy evaluation. Supported values: ANY, UNKNOWN_DEVICETRUSTLEVEL, LOW_TRUST, MEDIUM_TRUST, HIGH_TRUST
devices Property Map: (Block List) - ID pairs of devices for which the rule is applied
groups Property Map: (Block List) - ID pairs of groups for which the rule is applied. If not set, rule is applied for all groups.
labels Property Map: (Block List) - ID pairs of labels associated with the rule.
locationGroups Property Map: (Block List) - ID pairs of location groups to which the rule is applied. When empty, it implies applying to all location groups.
locations Property Map: (Block List) - ID pairs of locations to which the rule is applied. When empty, it implies applying to all locations.
name String: The name of the SSL Inspection rule
order Number: (String) - Policy rules are evaluated in ascending numerical order (Rule 1 before Rule 2, and so on), and the Rule Order reflects this rule's place in the order.
platforms List<String>: (Set of String) - Zscaler Client Connector device platforms for which this rule is applied. Supported Values: SCAN_IOS, SCAN_ANDROID, SCAN_MACOS, SCAN_WINDOWS, NO_CLIENT_CONNECTOR, SCAN_LINUX
proxyGateways Property Map: (Block List) - When using ZPA Gateway forwarding, name-ID pairs of ZPA Application Segments for which the rule is applicable.
rank Number: (Integer) - The admin rank specified for the rule based on your assigned admin rank. Admin rank determines the rule order that can be specified for the rule. Admin rank can be configured if it is enabled in the Advanced Settings.
roadWarriorForKerberos Boolean: (Boolean) - Indicates whether this rule is applied to remote users that use PAC with Kerberos authentication.
ruleId Number
sourceIpGroups Property Map: (Block List) - ID pairs of source IP address groups for which the rule is applied.
state String: (String) - The state of the rule indicating whether it is enabled or disabled. Supported values: ENABLED or DISABLED
timeWindows Property Map: (Block List) - The time intervals during which the rule applies
urlCategories List<String>: (Set of String) - The list of URL categories to which the DLP policy rule must be applied.
userAgentTypes List<String>: (Set of String) - A list of user agent types the rule applies to.
users Property Map: (Block List) - The list of preconfigured workload groups to which the policy must be applied.
workloadGroups List<Property Map>: (Block List) - The list of preconfigured workload groups to which the policy must be applied.
zpaAppSegments List<Property Map>: (Block List) - The list of ZPA Application Segments for which this rule is applicable (applicable only for ZPA Gateway forwarding).

Supporting Types

SSLInspectionRulesAction, SSLInspectionRulesActionArgs

DecryptSubActions List<zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesActionDecryptSubAction>: (Block List) - Action taken when enabling SSL intercept
DoNotDecryptSubActions List<zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesActionDoNotDecryptSubAction>: (Block List) - Action taken when bypassing SSL intercept
OverrideDefaultCertificate bool: (Boolean) - Whether to override the default SSL interception certificate.
ShowEun bool: (Boolean) - Enable this setting to display end user notifications.
ShowEunatp bool: (Boolean) - Whether to display the EUN ATP page.
SslInterceptionCerts List<zscaler.PulumiPackage.Zia.Inputs.SSLInspectionRulesActionSslInterceptionCert>: has the following attributes: NOTE This block can only be set when override_default_certificate is true
Type string: (String) - The action type for this rule. Possible values: BLOCK.

DecryptSubActions []SSLInspectionRulesActionDecryptSubAction: (Block List) - Action taken when enabling SSL intercept
DoNotDecryptSubActions []SSLInspectionRulesActionDoNotDecryptSubAction: (Block List) - Action taken when bypassing SSL intercept
OverrideDefaultCertificate bool: (Boolean) - Whether to override the default SSL interception certificate.
ShowEun bool: (Boolean) - Enable this setting to display end user notifications.
ShowEunatp bool: (Boolean) - Whether to display the EUN ATP page.
SslInterceptionCerts []SSLInspectionRulesActionSslInterceptionCert: has the following attributes: NOTE This block can only be set when override_default_certificate is true
Type string: (String) - The action type for this rule. Possible values: BLOCK.

decryptSubActions List<SSLInspectionRulesActionDecryptSubAction>: (Block List) - Action taken when enabling SSL intercept
doNotDecryptSubActions List<SSLInspectionRulesActionDoNotDecryptSubAction>: (Block List) - Action taken when bypassing SSL intercept
overrideDefaultCertificate Boolean: (Boolean) - Whether to override the default SSL interception certificate.
showEun Boolean: (Boolean) - Enable this setting to display end user notifications.
showEunatp Boolean: (Boolean) - Whether to display the EUN ATP page.
sslInterceptionCerts List<SSLInspectionRulesActionSslInterceptionCert>: has the following attributes: NOTE This block can only be set when override_default_certificate is true
type String: (String) - The action type for this rule. Possible values: BLOCK.

decryptSubActions SSLInspectionRulesActionDecryptSubAction[]: (Block List) - Action taken when enabling SSL intercept
doNotDecryptSubActions SSLInspectionRulesActionDoNotDecryptSubAction[]: (Block List) - Action taken when bypassing SSL intercept
overrideDefaultCertificate boolean: (Boolean) - Whether to override the default SSL interception certificate.
showEun boolean: (Boolean) - Enable this setting to display end user notifications.
showEunatp boolean: (Boolean) - Whether to display the EUN ATP page.
sslInterceptionCerts SSLInspectionRulesActionSslInterceptionCert[]: has the following attributes: NOTE This block can only be set when override_default_certificate is true
type string: (String) - The action type for this rule. Possible values: BLOCK.

decrypt_sub_actions Sequence[SSLInspectionRulesActionDecryptSubAction]: (Block List) - Action taken when enabling SSL intercept
do_not_decrypt_sub_actions Sequence[SSLInspectionRulesActionDoNotDecryptSubAction]: (Block List) - Action taken when bypassing SSL intercept
override_default_certificate bool: (Boolean) - Whether to override the default SSL interception certificate.
show_eun bool: (Boolean) - Enable this setting to display end user notifications.
show_eunatp bool: (Boolean) - Whether to display the EUN ATP page.
ssl_interception_certs Sequence[SSLInspectionRulesActionSslInterceptionCert]: has the following attributes: NOTE This block can only be set when override_default_certificate is true
type str: (String) - The action type for this rule. Possible values: BLOCK.

decryptSubActions List<Property Map>: (Block List) - Action taken when enabling SSL intercept
doNotDecryptSubActions List<Property Map>: (Block List) - Action taken when bypassing SSL intercept
overrideDefaultCertificate Boolean: (Boolean) - Whether to override the default SSL interception certificate.
showEun Boolean: (Boolean) - Enable this setting to display end user notifications.
showEunatp Boolean: (Boolean) - Whether to display the EUN ATP page.
sslInterceptionCerts List<Property Map>: has the following attributes: NOTE This block can only be set when override_default_certificate is true
type String: (String) - The action type for this rule. Possible values: BLOCK.

SSLInspectionRulesActionDecryptSubAction, SSLInspectionRulesActionDecryptSubActionArgs

BlockSslTrafficWithNoSniEnabled bool: (Boolean) - Whether to block SSL traffic when SNI is not present.
BlockUndecrypt bool: (Boolean) - Enable to block traffic from servers that use non-standard encryption methods or require mutual TLS authentication.
Http2Enabled bool: (Boolean)
MinClientTlsVersion string: (String) - The minimum TLS version allowed on the client side: Supported Values are: CLIENT_TLS_1_0, CLIENT_TLS_1_1, CLIENT_TLS_1_2, CLIENT_TLS_1_3.
MinServerTlsVersion string: (String) - The minimum TLS version allowed on the server side: Supported Values are: SERVER_TLS_1_0, SERVER_TLS_1_1, SERVER_TLS_1_2, SERVER_TLS_1_3.
OcspCheck bool: (Boolean) - Whether to enable OCSP check.
ServerCertificates string: (String) - Action to take on server certificates. Valid values might include ALLOW, BLOCK, or PASS_THRU.

BlockSslTrafficWithNoSniEnabled bool: (Boolean) - Whether to block SSL traffic when SNI is not present.
BlockUndecrypt bool: (Boolean) - Enable to block traffic from servers that use non-standard encryption methods or require mutual TLS authentication.
Http2Enabled bool: (Boolean)
MinClientTlsVersion string: (String) - The minimum TLS version allowed on the client side: Supported Values are: CLIENT_TLS_1_0, CLIENT_TLS_1_1, CLIENT_TLS_1_2, CLIENT_TLS_1_3.
MinServerTlsVersion string: (String) - The minimum TLS version allowed on the server side: Supported Values are: SERVER_TLS_1_0, SERVER_TLS_1_1, SERVER_TLS_1_2, SERVER_TLS_1_3.
OcspCheck bool: (Boolean) - Whether to enable OCSP check.
ServerCertificates string: (String) - Action to take on server certificates. Valid values might include ALLOW, BLOCK, or PASS_THRU.

blockSslTrafficWithNoSniEnabled Boolean: (Boolean) - Whether to block SSL traffic when SNI is not present.
blockUndecrypt Boolean: (Boolean) - Enable to block traffic from servers that use non-standard encryption methods or require mutual TLS authentication.
http2Enabled Boolean: (Boolean)
minClientTlsVersion String: (String) - The minimum TLS version allowed on the client side: Supported Values are: CLIENT_TLS_1_0, CLIENT_TLS_1_1, CLIENT_TLS_1_2, CLIENT_TLS_1_3.
minServerTlsVersion String: (String) - The minimum TLS version allowed on the server side: Supported Values are: SERVER_TLS_1_0, SERVER_TLS_1_1, SERVER_TLS_1_2, SERVER_TLS_1_3.
ocspCheck Boolean: (Boolean) - Whether to enable OCSP check.
serverCertificates String: (String) - Action to take on server certificates. Valid values might include ALLOW, BLOCK, or PASS_THRU.

blockSslTrafficWithNoSniEnabled boolean: (Boolean) - Whether to block SSL traffic when SNI is not present.
blockUndecrypt boolean: (Boolean) - Enable to block traffic from servers that use non-standard encryption methods or require mutual TLS authentication.
http2Enabled boolean: (Boolean)
minClientTlsVersion string: (String) - The minimum TLS version allowed on the client side: Supported Values are: CLIENT_TLS_1_0, CLIENT_TLS_1_1, CLIENT_TLS_1_2, CLIENT_TLS_1_3.
minServerTlsVersion string: (String) - The minimum TLS version allowed on the server side: Supported Values are: SERVER_TLS_1_0, SERVER_TLS_1_1, SERVER_TLS_1_2, SERVER_TLS_1_3.
ocspCheck boolean: (Boolean) - Whether to enable OCSP check.
serverCertificates string: (String) - Action to take on server certificates. Valid values might include ALLOW, BLOCK, or PASS_THRU.

block_ssl_traffic_with_no_sni_enabled bool: (Boolean) - Whether to block SSL traffic when SNI is not present.
block_undecrypt bool: (Boolean) - Enable to block traffic from servers that use non-standard encryption methods or require mutual TLS authentication.
http2_enabled bool: (Boolean)
min_client_tls_version str: (String) - The minimum TLS version allowed on the client side: Supported Values are: CLIENT_TLS_1_0, CLIENT_TLS_1_1, CLIENT_TLS_1_2, CLIENT_TLS_1_3.
min_server_tls_version str: (String) - The minimum TLS version allowed on the server side: Supported Values are: SERVER_TLS_1_0, SERVER_TLS_1_1, SERVER_TLS_1_2, SERVER_TLS_1_3.
ocsp_check bool: (Boolean) - Whether to enable OCSP check.
server_certificates str: (String) - Action to take on server certificates. Valid values might include ALLOW, BLOCK, or PASS_THRU.

blockSslTrafficWithNoSniEnabled Boolean: (Boolean) - Whether to block SSL traffic when SNI is not present.
blockUndecrypt Boolean: (Boolean) - Enable to block traffic from servers that use non-standard encryption methods or require mutual TLS authentication.
http2Enabled Boolean: (Boolean)
minClientTlsVersion String: (String) - The minimum TLS version allowed on the client side: Supported Values are: CLIENT_TLS_1_0, CLIENT_TLS_1_1, CLIENT_TLS_1_2, CLIENT_TLS_1_3.
minServerTlsVersion String: (String) - The minimum TLS version allowed on the server side: Supported Values are: SERVER_TLS_1_0, SERVER_TLS_1_1, SERVER_TLS_1_2, SERVER_TLS_1_3.
ocspCheck Boolean: (Boolean) - Whether to enable OCSP check.
serverCertificates String: (String) - Action to take on server certificates. Valid values might include ALLOW, BLOCK, or PASS_THRU.

SSLInspectionRulesActionDoNotDecryptSubAction, SSLInspectionRulesActionDoNotDecryptSubActionArgs

BlockSslTrafficWithNoSniEnabled bool: (Boolean) - Whether to block SSL traffic when SNI is not present.
BypassOtherPolicies bool: (Boolean) - Whether to bypass other policies when action is set to DO_NOT_DECRYPT.
MinTlsVersion string: (String) - The minimum TLS version allowed on the server side: Supported Values are: SERVER_TLS_1_0, SERVER_TLS_1_1, SERVER_TLS_1_2, SERVER_TLS_1_3. NOTE min_tls_version and server_certificates CANNOT be set if bypass_other_policies is true
OcspCheck bool: (Boolean) - Whether to enable OCSP check.
ServerCertificates string: (String) - Action to take on server certificates. Valid values might include ALLOW, BLOCK, or PASS_THRU.

BlockSslTrafficWithNoSniEnabled bool: (Boolean) - Whether to block SSL traffic when SNI is not present.
BypassOtherPolicies bool: (Boolean) - Whether to bypass other policies when action is set to DO_NOT_DECRYPT.
MinTlsVersion string: (String) - The minimum TLS version allowed on the server side: Supported Values are: SERVER_TLS_1_0, SERVER_TLS_1_1, SERVER_TLS_1_2, SERVER_TLS_1_3. NOTE min_tls_version and server_certificates CANNOT be set if bypass_other_policies is true
OcspCheck bool: (Boolean) - Whether to enable OCSP check.
ServerCertificates string: (String) - Action to take on server certificates. Valid values might include ALLOW, BLOCK, or PASS_THRU.

blockSslTrafficWithNoSniEnabled Boolean: (Boolean) - Whether to block SSL traffic when SNI is not present.
bypassOtherPolicies Boolean: (Boolean) - Whether to bypass other policies when action is set to DO_NOT_DECRYPT.
minTlsVersion String: (String) - The minimum TLS version allowed on the server side: Supported Values are: SERVER_TLS_1_0, SERVER_TLS_1_1, SERVER_TLS_1_2, SERVER_TLS_1_3. NOTE min_tls_version and server_certificates CANNOT be set if bypass_other_policies is true
ocspCheck Boolean: (Boolean) - Whether to enable OCSP check.
serverCertificates String: (String) - Action to take on server certificates. Valid values might include ALLOW, BLOCK, or PASS_THRU.

blockSslTrafficWithNoSniEnabled boolean: (Boolean) - Whether to block SSL traffic when SNI is not present.
bypassOtherPolicies boolean: (Boolean) - Whether to bypass other policies when action is set to DO_NOT_DECRYPT.
minTlsVersion string: (String) - The minimum TLS version allowed on the server side: Supported Values are: SERVER_TLS_1_0, SERVER_TLS_1_1, SERVER_TLS_1_2, SERVER_TLS_1_3. NOTE min_tls_version and server_certificates CANNOT be set if bypass_other_policies is true
ocspCheck boolean: (Boolean) - Whether to enable OCSP check.
serverCertificates string: (String) - Action to take on server certificates. Valid values might include ALLOW, BLOCK, or PASS_THRU.

block_ssl_traffic_with_no_sni_enabled bool: (Boolean) - Whether to block SSL traffic when SNI is not present.
bypass_other_policies bool: (Boolean) - Whether to bypass other policies when action is set to DO_NOT_DECRYPT.
min_tls_version str: (String) - The minimum TLS version allowed on the server side: Supported Values are: SERVER_TLS_1_0, SERVER_TLS_1_1, SERVER_TLS_1_2, SERVER_TLS_1_3. NOTE min_tls_version and server_certificates CANNOT be set if bypass_other_policies is true
ocsp_check bool: (Boolean) - Whether to enable OCSP check.
server_certificates str: (String) - Action to take on server certificates. Valid values might include ALLOW, BLOCK, or PASS_THRU.

blockSslTrafficWithNoSniEnabled Boolean: (Boolean) - Whether to block SSL traffic when SNI is not present.
bypassOtherPolicies Boolean: (Boolean) - Whether to bypass other policies when action is set to DO_NOT_DECRYPT.
minTlsVersion String: (String) - The minimum TLS version allowed on the server side: Supported Values are: SERVER_TLS_1_0, SERVER_TLS_1_1, SERVER_TLS_1_2, SERVER_TLS_1_3. NOTE min_tls_version and server_certificates CANNOT be set if bypass_other_policies is true
ocspCheck Boolean: (Boolean) - Whether to enable OCSP check.
serverCertificates String: (String) - Action to take on server certificates. Valid values might include ALLOW, BLOCK, or PASS_THRU.

SSLInspectionRulesActionSslInterceptionCert, SSLInspectionRulesActionSslInterceptionCertArgs

Id int: (Integer) - A unique identifier assigned to the workload group

Id int: (Integer) - A unique identifier assigned to the workload group

id Integer: (Integer) - A unique identifier assigned to the workload group

id number: (Integer) - A unique identifier assigned to the workload group

id int: (Integer) - A unique identifier assigned to the workload group

id Number: (Integer) - A unique identifier assigned to the workload group

SSLInspectionRulesDepartments, SSLInspectionRulesDepartmentsArgs

Ids List<int>: (Integer) - A unique identifier assigned to the workload group

Ids []int: (Integer) - A unique identifier assigned to the workload group

ids List<Integer>: (Integer) - A unique identifier assigned to the workload group

ids number[]: (Integer) - A unique identifier assigned to the workload group

ids Sequence[int]: (Integer) - A unique identifier assigned to the workload group

ids List<Number>: (Integer) - A unique identifier assigned to the workload group

SSLInspectionRulesDestIpGroups, SSLInspectionRulesDestIpGroupsArgs

Ids List<int>: (Integer) - A unique identifier assigned to the workload group

Ids []int: (Integer) - A unique identifier assigned to the workload group

ids List<Integer>: (Integer) - A unique identifier assigned to the workload group

ids number[]: (Integer) - A unique identifier assigned to the workload group

ids Sequence[int]: (Integer) - A unique identifier assigned to the workload group

ids List<Number>: (Integer) - A unique identifier assigned to the workload group

SSLInspectionRulesDeviceGroups, SSLInspectionRulesDeviceGroupsArgs

Ids List<int>: (Integer) - A unique identifier assigned to the workload group

Ids []int: (Integer) - A unique identifier assigned to the workload group

ids List<Integer>: (Integer) - A unique identifier assigned to the workload group

ids number[]: (Integer) - A unique identifier assigned to the workload group

ids Sequence[int]: (Integer) - A unique identifier assigned to the workload group

ids List<Number>: (Integer) - A unique identifier assigned to the workload group

SSLInspectionRulesDevices, SSLInspectionRulesDevicesArgs

Ids List<int>: (Integer) - A unique identifier assigned to the workload group

Ids []int: (Integer) - A unique identifier assigned to the workload group

ids List<Integer>: (Integer) - A unique identifier assigned to the workload group

ids number[]: (Integer) - A unique identifier assigned to the workload group

ids Sequence[int]: (Integer) - A unique identifier assigned to the workload group

ids List<Number>: (Integer) - A unique identifier assigned to the workload group

SSLInspectionRulesGroups, SSLInspectionRulesGroupsArgs

Ids List<int>: (Integer) - A unique identifier assigned to the workload group

Ids []int: (Integer) - A unique identifier assigned to the workload group

ids List<Integer>: (Integer) - A unique identifier assigned to the workload group

ids number[]: (Integer) - A unique identifier assigned to the workload group

ids Sequence[int]: (Integer) - A unique identifier assigned to the workload group

ids List<Number>: (Integer) - A unique identifier assigned to the workload group

SSLInspectionRulesLabels, SSLInspectionRulesLabelsArgs

Id int: (Integer) - A unique identifier assigned to the workload group

Id int: (Integer) - A unique identifier assigned to the workload group

id Integer: (Integer) - A unique identifier assigned to the workload group

id number: (Integer) - A unique identifier assigned to the workload group

id int: (Integer) - A unique identifier assigned to the workload group

id Number: (Integer) - A unique identifier assigned to the workload group

SSLInspectionRulesLocationGroups, SSLInspectionRulesLocationGroupsArgs

Ids List<int>: (Integer) - A unique identifier assigned to the workload group

Ids []int: (Integer) - A unique identifier assigned to the workload group

ids List<Integer>: (Integer) - A unique identifier assigned to the workload group

ids number[]: (Integer) - A unique identifier assigned to the workload group

ids Sequence[int]: (Integer) - A unique identifier assigned to the workload group

ids List<Number>: (Integer) - A unique identifier assigned to the workload group

SSLInspectionRulesLocations, SSLInspectionRulesLocationsArgs

Ids List<int>: (Integer) - A unique identifier assigned to the workload group

Ids []int: (Integer) - A unique identifier assigned to the workload group

ids List<Integer>: (Integer) - A unique identifier assigned to the workload group

ids number[]: (Integer) - A unique identifier assigned to the workload group

ids Sequence[int]: (Integer) - A unique identifier assigned to the workload group

ids List<Number>: (Integer) - A unique identifier assigned to the workload group

SSLInspectionRulesProxyGateways, SSLInspectionRulesProxyGatewaysArgs

Ids List<int>: (Integer) - A unique identifier assigned to the workload group

Ids []int: (Integer) - A unique identifier assigned to the workload group

ids List<Integer>: (Integer) - A unique identifier assigned to the workload group

ids number[]: (Integer) - A unique identifier assigned to the workload group

ids Sequence[int]: (Integer) - A unique identifier assigned to the workload group

ids List<Number>: (Integer) - A unique identifier assigned to the workload group

SSLInspectionRulesSourceIpGroups, SSLInspectionRulesSourceIpGroupsArgs

Ids List<int>: (Integer) - A unique identifier assigned to the workload group

Ids []int: (Integer) - A unique identifier assigned to the workload group

ids List<Integer>: (Integer) - A unique identifier assigned to the workload group

ids number[]: (Integer) - A unique identifier assigned to the workload group

ids Sequence[int]: (Integer) - A unique identifier assigned to the workload group

ids List<Number>: (Integer) - A unique identifier assigned to the workload group

SSLInspectionRulesTimeWindows, SSLInspectionRulesTimeWindowsArgs

Ids List<int>: (Integer) - A unique identifier assigned to the workload group

Ids []int: (Integer) - A unique identifier assigned to the workload group

ids List<Integer>: (Integer) - A unique identifier assigned to the workload group

ids number[]: (Integer) - A unique identifier assigned to the workload group

ids Sequence[int]: (Integer) - A unique identifier assigned to the workload group

ids List<Number>: (Integer) - A unique identifier assigned to the workload group

SSLInspectionRulesUsers, SSLInspectionRulesUsersArgs

Ids List<int>: (Integer) - A unique identifier assigned to the workload group

Ids []int: (Integer) - A unique identifier assigned to the workload group

ids List<Integer>: (Integer) - A unique identifier assigned to the workload group

ids number[]: (Integer) - A unique identifier assigned to the workload group

ids Sequence[int]: (Integer) - A unique identifier assigned to the workload group

ids List<Number>: (Integer) - A unique identifier assigned to the workload group

SSLInspectionRulesWorkloadGroup, SSLInspectionRulesWorkloadGroupArgs

Id int: (Integer) - A unique identifier assigned to the workload group
Name string: The name of the resource.

Id int: (Integer) - A unique identifier assigned to the workload group
Name string: The name of the resource.

id Integer: (Integer) - A unique identifier assigned to the workload group
name String: The name of the resource.

id number: (Integer) - A unique identifier assigned to the workload group
name string: The name of the resource.

id int: (Integer) - A unique identifier assigned to the workload group
name str: The name of the resource.

id Number: (Integer) - A unique identifier assigned to the workload group
name String: The name of the resource.

SSLInspectionRulesZpaAppSegment, SSLInspectionRulesZpaAppSegmentArgs

ExternalId string: External ID of the application segment.
Name string: Name of the application segment.

ExternalId string: External ID of the application segment.
Name string: Name of the application segment.

externalId String: External ID of the application segment.
name String: Name of the application segment.

externalId string: External ID of the application segment.
name string: Name of the application segment.

external_id str: External ID of the application segment.
name str: Name of the application segment.

externalId String: External ID of the application segment.
name String: Name of the application segment.

Package Details

Repository: zia zscaler/pulumi-zia
License: MIT
Notes: This Pulumi package is based on the zia Terraform Provider.

Zscaler Internet Access v1.0.1 published on Friday, Jun 6, 2025 by Zscaler

zscaler/pulumi-zia

zia.SSLInspectionRules

On this page

On this page

Example Usage

Action - DECRYPT

Action - DO_NOT_DECRYPT - Bypass Rule (False)

Action - DO_NOT_DECRYPT - Bypass Rule (True)

Action - BLOCK

Create SSLInspectionRules Resource

Constructor syntax

Parameters

Constructor example

SSLInspectionRules Resource Properties

Inputs

Outputs

Look up Existing SSLInspectionRules Resource

Supporting Types

SSLInspectionRulesAction, SSLInspectionRulesActionArgs

SSLInspectionRulesActionDecryptSubAction, SSLInspectionRulesActionDecryptSubActionArgs

SSLInspectionRulesActionDoNotDecryptSubAction, SSLInspectionRulesActionDoNotDecryptSubActionArgs

SSLInspectionRulesActionSslInterceptionCert, SSLInspectionRulesActionSslInterceptionCertArgs

SSLInspectionRulesDepartments, SSLInspectionRulesDepartmentsArgs

SSLInspectionRulesDestIpGroups, SSLInspectionRulesDestIpGroupsArgs

SSLInspectionRulesDeviceGroups, SSLInspectionRulesDeviceGroupsArgs

SSLInspectionRulesDevices, SSLInspectionRulesDevicesArgs

SSLInspectionRulesGroups, SSLInspectionRulesGroupsArgs

SSLInspectionRulesLabels, SSLInspectionRulesLabelsArgs

SSLInspectionRulesLocationGroups, SSLInspectionRulesLocationGroupsArgs

SSLInspectionRulesLocations, SSLInspectionRulesLocationsArgs

SSLInspectionRulesProxyGateways, SSLInspectionRulesProxyGatewaysArgs

SSLInspectionRulesSourceIpGroups, SSLInspectionRulesSourceIpGroupsArgs

SSLInspectionRulesTimeWindows, SSLInspectionRulesTimeWindowsArgs

SSLInspectionRulesUsers, SSLInspectionRulesUsersArgs

SSLInspectionRulesWorkloadGroup, SSLInspectionRulesWorkloadGroupArgs

SSLInspectionRulesZpaAppSegment, SSLInspectionRulesZpaAppSegmentArgs

Package Details

On this page

On this page