Zscaler Private Access v1.0.3 published on Wednesday, Jan 21, 2026 by Zscaler
Zscaler Private Access v1.0.3 published on Wednesday, Jan 21, 2026 by Zscaler
The zpa_inspection_profile resource creates an inspection profile in the Zscaler Private Access cloud. This resource can then be referenced in an inspection custom control resource.
NOTE There are several ways to set up the Inspection Profile due to its complex data structure
Example Usage
Using Dynamic Blocks
import * as pulumi from "@pulumi/pulumi";
import * as zpa from "@bdzscaler/pulumi-zpa";
const _this = zpa.getInspectionAllPredefinedControls({
version: "OWASP_CRS/3.3.0",
groupName: "Preprocessors",
});
const thisGetInspectionPredefinedControls = zpa.getInspectionPredefinedControls({
name: "Failed to parse request body",
version: "OWASP_CRS/3.3.0",
});
const thisInspectionProfile = new zpa.InspectionProfile("this", {
predefinedControls: [{
id: thisGetInspectionPredefinedControls.then(thisGetInspectionPredefinedControls => thisGetInspectionPredefinedControls.id),
action: "BLOCK",
}],
name: "Example",
description: "Example",
paranoiaLevel: "1",
predefinedControlsVersion: "OWASP_CRS/3.3.0",
incarnationNumber: "6",
controlsInfos: [{
controlType: "PREDEFINED",
}],
globalControlActions: [
"PREDEFINED:PASS",
"CUSTOM:NONE",
"OVERRIDE_ACTION:COMMON",
],
commonGlobalOverrideActionsConfig: {
PREDEF_CNTRL_GLOBAL_ACTION: "PASS",
IS_OVERRIDE_ACTION_COMMON: "TRUE",
},
});
import pulumi
import pulumi_zpa as zpa
import zscaler_pulumi_zpa as zpa
this = zpa.get_inspection_all_predefined_controls(version="OWASP_CRS/3.3.0",
group_name="Preprocessors")
this_get_inspection_predefined_controls = zpa.get_inspection_predefined_controls(name="Failed to parse request body",
version="OWASP_CRS/3.3.0")
this_inspection_profile = zpa.InspectionProfile("this",
predefined_controls=[{
"id": this_get_inspection_predefined_controls.id,
"action": "BLOCK",
}],
name="Example",
description="Example",
paranoia_level="1",
predefined_controls_version="OWASP_CRS/3.3.0",
incarnation_number="6",
controls_infos=[{
"control_type": "PREDEFINED",
}],
global_control_actions=[
"PREDEFINED:PASS",
"CUSTOM:NONE",
"OVERRIDE_ACTION:COMMON",
],
common_global_override_actions_config={
"PREDEF_CNTRL_GLOBAL_ACTION": "PASS",
"IS_OVERRIDE_ACTION_COMMON": "TRUE",
})
package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/zscaler/pulumi-zpa/sdk/go/zpa"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := zpa.GetInspectionAllPredefinedControls(ctx, &zpa.GetInspectionAllPredefinedControlsArgs{
Version: pulumi.StringRef("OWASP_CRS/3.3.0"),
GroupName: pulumi.StringRef("Preprocessors"),
}, nil)
if err != nil {
return err
}
thisGetInspectionPredefinedControls, err := zpa.GetInspectionPredefinedControls(ctx, &zpa.GetInspectionPredefinedControlsArgs{
Name: pulumi.StringRef("Failed to parse request body"),
Version: pulumi.StringRef("OWASP_CRS/3.3.0"),
}, nil)
if err != nil {
return err
}
_, err = zpa.NewInspectionProfile(ctx, "this", &zpa.InspectionProfileArgs{
PredefinedControls: zpa.InspectionProfilePredefinedControlArray{
&zpa.InspectionProfilePredefinedControlArgs{
Id: pulumi.String(thisGetInspectionPredefinedControls.Id),
Action: pulumi.String("BLOCK"),
},
},
Name: pulumi.String("Example"),
Description: pulumi.String("Example"),
ParanoiaLevel: pulumi.String("1"),
PredefinedControlsVersion: pulumi.String("OWASP_CRS/3.3.0"),
IncarnationNumber: "6",
ControlsInfos: zpa.InspectionProfileControlsInfoArray{
&zpa.InspectionProfileControlsInfoArgs{
ControlType: pulumi.String("PREDEFINED"),
},
},
GlobalControlActions: pulumi.StringArray{
pulumi.String("PREDEFINED:PASS"),
pulumi.String("CUSTOM:NONE"),
pulumi.String("OVERRIDE_ACTION:COMMON"),
},
CommonGlobalOverrideActionsConfig: pulumi.StringMap{
"PREDEF_CNTRL_GLOBAL_ACTION": pulumi.String("PASS"),
"IS_OVERRIDE_ACTION_COMMON": pulumi.String("TRUE"),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Zpa = Pulumi.Zpa;
using Zpa = zscaler.PulumiPackage.Zpa;
return await Deployment.RunAsync(() =>
{
var @this = Zpa.GetInspectionAllPredefinedControls.Invoke(new()
{
Version = "OWASP_CRS/3.3.0",
GroupName = "Preprocessors",
});
var thisGetInspectionPredefinedControls = Zpa.GetInspectionPredefinedControls.Invoke(new()
{
Name = "Failed to parse request body",
Version = "OWASP_CRS/3.3.0",
});
var thisInspectionProfile = new Zpa.InspectionProfile("this", new()
{
PredefinedControls = new[]
{
new Zpa.Inputs.InspectionProfilePredefinedControlArgs
{
Id = thisGetInspectionPredefinedControls.Apply(getInspectionPredefinedControlsResult => getInspectionPredefinedControlsResult.Id),
Action = "BLOCK",
},
},
Name = "Example",
Description = "Example",
ParanoiaLevel = "1",
PredefinedControlsVersion = "OWASP_CRS/3.3.0",
IncarnationNumber = "6",
ControlsInfos = new[]
{
new Zpa.Inputs.InspectionProfileControlsInfoArgs
{
ControlType = "PREDEFINED",
},
},
GlobalControlActions = new[]
{
"PREDEFINED:PASS",
"CUSTOM:NONE",
"OVERRIDE_ACTION:COMMON",
},
CommonGlobalOverrideActionsConfig =
{
{ "PREDEF_CNTRL_GLOBAL_ACTION", "PASS" },
{ "IS_OVERRIDE_ACTION_COMMON", "TRUE" },
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.zpa.ZpaFunctions;
import com.pulumi.zpa.inputs.GetInspectionAllPredefinedControlsArgs;
import com.pulumi.zpa.inputs.GetInspectionPredefinedControlsArgs;
import com.pulumi.zpa.InspectionProfile;
import com.pulumi.zpa.InspectionProfileArgs;
import com.pulumi.zpa.inputs.InspectionProfilePredefinedControlArgs;
import com.pulumi.zpa.inputs.InspectionProfileControlsInfoArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var this = ZpaFunctions.getInspectionAllPredefinedControls(GetInspectionAllPredefinedControlsArgs.builder()
.version("OWASP_CRS/3.3.0")
.groupName("Preprocessors")
.build());
final var thisGetInspectionPredefinedControls = ZpaFunctions.getInspectionPredefinedControls(GetInspectionPredefinedControlsArgs.builder()
.name("Failed to parse request body")
.version("OWASP_CRS/3.3.0")
.build());
var thisInspectionProfile = new InspectionProfile("thisInspectionProfile", InspectionProfileArgs.builder()
.predefinedControls(InspectionProfilePredefinedControlArgs.builder()
.id(thisGetInspectionPredefinedControls.id())
.action("BLOCK")
.build())
.name("Example")
.description("Example")
.paranoiaLevel("1")
.predefinedControlsVersion("OWASP_CRS/3.3.0")
.incarnationNumber("6")
.controlsInfos(InspectionProfileControlsInfoArgs.builder()
.controlType("PREDEFINED")
.build())
.globalControlActions(
"PREDEFINED:PASS",
"CUSTOM:NONE",
"OVERRIDE_ACTION:COMMON")
.commonGlobalOverrideActionsConfig(Map.ofEntries(
Map.entry("PREDEF_CNTRL_GLOBAL_ACTION", "PASS"),
Map.entry("IS_OVERRIDE_ACTION_COMMON", "TRUE")
))
.build());
}
}
resources:
thisInspectionProfile:
type: zpa:InspectionProfile
name: this
properties:
predefinedControls:
- id: ${thisGetInspectionPredefinedControls.id}
action: BLOCK
name: Example
description: Example
paranoiaLevel: '1'
predefinedControlsVersion: OWASP_CRS/3.3.0
incarnationNumber: '6'
controlsInfos:
- controlType: PREDEFINED
globalControlActions:
- PREDEFINED:PASS
- CUSTOM:NONE
- OVERRIDE_ACTION:COMMON
commonGlobalOverrideActionsConfig:
PREDEF_CNTRL_GLOBAL_ACTION: PASS
IS_OVERRIDE_ACTION_COMMON: TRUE
variables:
this:
fn::invoke:
function: zpa:getInspectionAllPredefinedControls
arguments:
version: OWASP_CRS/3.3.0
groupName: Preprocessors
thisGetInspectionPredefinedControls:
fn::invoke:
function: zpa:getInspectionPredefinedControls
arguments:
name: Failed to parse request body
version: OWASP_CRS/3.3.0
Using Locals And Dynamic Blocks
import * as pulumi from "@pulumi/pulumi";
import * as std from "@pulumi/std";
import * as zpa from "@bdzscaler/pulumi-zpa";
const groupNames = {
defaultPredefinedControls: "preprocessors",
group1: "Protocol Issues",
group2: "Environment and port scanners",
group3: "Remote Code Execution",
group4: "Remote file inclusion",
group5: "Local File Inclusion",
group6: "Request smuggling or Response split or Header injection",
group7: "PHP Injection",
group8: "XSS",
group9: "SQL Injection",
group10: "Session Fixation",
group11: "Deserialization Issues",
group12: "Anomalies",
group13: "Request smuggling or Response split or Header injection",
};
// Dynamically create data sources using for_each
const all = Object.entries(groupNames).reduce((__obj, [__key, __value]) => ({ ...__obj, [__key]: zpa.getInspectionAllPredefinedControls({
groupName: __value,
}) }));
const combinedPredefinedControls = _arg0_.result;
const example = new zpa.InspectionProfile("example", {
predefinedControls: combinedPredefinedControls.map((v, k) => ({key: k, value: v})).apply(entries => entries.map(entry => ({
id: entry.value.id,
action: entry.value.action == "" ? entry.value.defaultAction : entry.value.action,
}))),
name: "Example",
description: "Example",
paranoiaLevel: "2",
incarnationNumber: "6",
controlsInfos: [{
controlType: "PREDEFINED",
}],
globalControlActions: [
"PREDEFINED:PASS",
"CUSTOM:NONE",
"OVERRIDE_ACTION:COMMON",
],
});
import pulumi
import pulumi_std as std
import pulumi_zpa as zpa
import zscaler_pulumi_zpa as zpa
group_names = {
"defaultPredefinedControls": "preprocessors",
"group1": "Protocol Issues",
"group2": "Environment and port scanners",
"group3": "Remote Code Execution",
"group4": "Remote file inclusion",
"group5": "Local File Inclusion",
"group6": "Request smuggling or Response split or Header injection",
"group7": "PHP Injection",
"group8": "XSS",
"group9": "SQL Injection",
"group10": "Session Fixation",
"group11": "Deserialization Issues",
"group12": "Anomalies",
"group13": "Request smuggling or Response split or Header injection",
}
# Dynamically create data sources using for_each
all = {__key: zpa.get_inspection_all_predefined_controls(group_name=__value) for __key, __value in group_names}
combined_predefined_controls = std.flatten(input=[ds.list for ds in all]).result
example = zpa.InspectionProfile("example",
predefined_controls=[{"key": k, "value": v} for k, v in combined_predefined_controls].apply(lambda entries: [{
"id": entry["value"]["id"],
"action": entry["value"]["defaultAction"] if entry["value"]["action"] == "" else entry["value"]["action"],
} for entry in entries]),
name="Example",
description="Example",
paranoia_level="2",
incarnation_number="6",
controls_infos=[{
"control_type": "PREDEFINED",
}],
global_control_actions=[
"PREDEFINED:PASS",
"CUSTOM:NONE",
"OVERRIDE_ACTION:COMMON",
])
Example coming soon!
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Std = Pulumi.Std;
using Zpa = Pulumi.Zpa;
using Zpa = zscaler.PulumiPackage.Zpa;
return await Deployment.RunAsync(() =>
{
var groupNames =
{
{ "defaultPredefinedControls", "preprocessors" },
{ "group1", "Protocol Issues" },
{ "group2", "Environment and port scanners" },
{ "group3", "Remote Code Execution" },
{ "group4", "Remote file inclusion" },
{ "group5", "Local File Inclusion" },
{ "group6", "Request smuggling or Response split or Header injection" },
{ "group7", "PHP Injection" },
{ "group8", "XSS" },
{ "group9", "SQL Injection" },
{ "group10", "Session Fixation" },
{ "group11", "Deserialization Issues" },
{ "group12", "Anomalies" },
{ "group13", "Request smuggling or Response split or Header injection" },
};
// Dynamically create data sources using for_each
var all = .ToDictionary(item => {
var __key = item.Key;
return __key;
}, item => {
var __value = item.Value;
return Zpa.GetInspectionAllPredefinedControls.Invoke(new()
{
GroupName = __value,
});
});
var combinedPredefinedControls = _arg0_.Result;
var example = new Zpa.InspectionProfile("example", new()
{
PredefinedControls = .Apply(entries => entries.Select(entry =>
{
return
{
{ "id", entry.Value.Id },
{ "action", entry.Value.Action == "" ? entry.Value.DefaultAction : entry.Value.Action },
};
}).ToList()),
Name = "Example",
Description = "Example",
ParanoiaLevel = "2",
IncarnationNumber = "6",
ControlsInfos = new[]
{
new Zpa.Inputs.InspectionProfileControlsInfoArgs
{
ControlType = "PREDEFINED",
},
},
GlobalControlActions = new[]
{
"PREDEFINED:PASS",
"CUSTOM:NONE",
"OVERRIDE_ACTION:COMMON",
},
});
});
Example coming soon!
Example coming soon!
Using With ThreatLabz And Dynamic Blocks
import * as pulumi from "@pulumi/pulumi";
import * as std from "@pulumi/std";
import * as zpa from "@bdzscaler/pulumi-zpa";
const groupNames = {
defaultPredefinedControls: "preprocessors",
};
// Retrieve all IDs and Actions for the preprocessors Control
const all = Object.entries(groupNames).reduce((__obj, [__key, __value]) => ({ ...__obj, [__key]: zpa.getInspectionAllPredefinedControls({
groupName: __value,
}) }));
const combinedPredefinedControls = _arg0_.result;
const threatLabzControls = [
{
id: "1",
action: "PASS",
},
{
id: "2",
action: "PASS",
},
{
id: "3",
action: "PASS",
},
];
const example = new zpa.InspectionProfile("example", {
predefinedControls: combinedPredefinedControls.map((v, k) => ({key: k, value: v})).apply(entries => entries.map(entry => ({
id: entry.value.id,
action: entry.value.action == "" ? entry.value.defaultAction : entry.value.action,
}))),
threatLabzControls: threatLabzControls.map((v, k) => ({key: k, value: v})).map(entry2 => ({
id: entry2.value.id,
action: entry2.value.action,
})),
name: "ThreatLabz_Inspection_Profile",
description: "ThreatLabz Inspection Profile",
paranoiaLevel: "2",
incarnationNumber: "6",
zsDefinedControlChoice: "ALL",
});
import pulumi
import pulumi_std as std
import pulumi_zpa as zpa
import zscaler_pulumi_zpa as zpa
group_names = {
"defaultPredefinedControls": "preprocessors",
}
# Retrieve all IDs and Actions for the preprocessors Control
all = {__key: zpa.get_inspection_all_predefined_controls(group_name=__value) for __key, __value in group_names}
combined_predefined_controls = std.flatten(input=[ds.list for ds in all]).result
threat_labz_controls = [
{
"id": "1",
"action": "PASS",
},
{
"id": "2",
"action": "PASS",
},
{
"id": "3",
"action": "PASS",
},
]
example = zpa.InspectionProfile("example",
predefined_controls=[{"key": k, "value": v} for k, v in combined_predefined_controls].apply(lambda entries: [{
"id": entry["value"]["id"],
"action": entry["value"]["defaultAction"] if entry["value"]["action"] == "" else entry["value"]["action"],
} for entry in entries]),
threat_labz_controls=[{
"id": entry2["value"]["id"],
"action": entry2["value"]["action"],
} for entry2 in [{"key": k, "value": v} for k, v in threat_labz_controls]],
name="ThreatLabz_Inspection_Profile",
description="ThreatLabz Inspection Profile",
paranoia_level="2",
incarnation_number="6",
zs_defined_control_choice="ALL")
Example coming soon!
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Std = Pulumi.Std;
using Zpa = Pulumi.Zpa;
using Zpa = zscaler.PulumiPackage.Zpa;
return await Deployment.RunAsync(() =>
{
var groupNames =
{
{ "defaultPredefinedControls", "preprocessors" },
};
// Retrieve all IDs and Actions for the preprocessors Control
var all = .ToDictionary(item => {
var __key = item.Key;
return __key;
}, item => {
var __value = item.Value;
return Zpa.GetInspectionAllPredefinedControls.Invoke(new()
{
GroupName = __value,
});
});
var combinedPredefinedControls = _arg0_.Result;
var threatLabzControls = new[]
{
{
{ "id", "1" },
{ "action", "PASS" },
},
{
{ "id", "2" },
{ "action", "PASS" },
},
{
{ "id", "3" },
{ "action", "PASS" },
},
};
var example = new Zpa.InspectionProfile("example", new()
{
PredefinedControls = .Apply(entries => entries.Select(entry =>
{
return
{
{ "id", entry.Value.Id },
{ "action", entry.Value.Action == "" ? entry.Value.DefaultAction : entry.Value.Action },
};
}).ToList()),
ThreatLabzControls = threatLabzControls.Select((v, k) => new { Key = k, Value = v }).Select(entry2 =>
{
return new Zpa.Inputs.InspectionProfileThreatLabzControlArgs
{
Id = entry2.Value.Id,
Action = entry2.Value.Action,
};
}).ToList(),
Name = "ThreatLabz_Inspection_Profile",
Description = "ThreatLabz Inspection Profile",
ParanoiaLevel = "2",
IncarnationNumber = "6",
ZsDefinedControlChoice = "ALL",
});
});
Example coming soon!
Example coming soon!
Create InspectionProfile Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new InspectionProfile(name: string, args?: InspectionProfileArgs, opts?: CustomResourceOptions);@overload
def InspectionProfile(resource_name: str,
args: Optional[InspectionProfileArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def InspectionProfile(resource_name: str,
opts: Optional[ResourceOptions] = None,
api_profile: Optional[bool] = None,
associate_all_controls: Optional[bool] = None,
common_global_override_actions_config: Optional[Mapping[str, str]] = None,
controls_infos: Optional[Sequence[InspectionProfileControlsInfoArgs]] = None,
custom_controls: Optional[Sequence[InspectionProfileCustomControlArgs]] = None,
description: Optional[str] = None,
global_control_actions: Optional[Sequence[str]] = None,
name: Optional[str] = None,
override_action: Optional[str] = None,
paranoia_level: Optional[str] = None,
predefined_api_controls: Optional[Sequence[InspectionProfilePredefinedApiControlArgs]] = None,
predefined_controls: Optional[Sequence[InspectionProfilePredefinedControlArgs]] = None,
predefined_controls_version: Optional[str] = None,
threat_labz_controls: Optional[Sequence[InspectionProfileThreatLabzControlArgs]] = None,
websocket_controls: Optional[Sequence[InspectionProfileWebsocketControlArgs]] = None,
zs_defined_control_choice: Optional[str] = None)func NewInspectionProfile(ctx *Context, name string, args *InspectionProfileArgs, opts ...ResourceOption) (*InspectionProfile, error)public InspectionProfile(string name, InspectionProfileArgs? args = null, CustomResourceOptions? opts = null)
public InspectionProfile(String name, InspectionProfileArgs args)
public InspectionProfile(String name, InspectionProfileArgs args, CustomResourceOptions options)
type: zpa:InspectionProfile
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args InspectionProfileArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args InspectionProfileArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args InspectionProfileArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args InspectionProfileArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args InspectionProfileArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var inspectionProfileResource = new Zpa.InspectionProfile("inspectionProfileResource", new()
{
ApiProfile = false,
AssociateAllControls = false,
CommonGlobalOverrideActionsConfig =
{
{ "string", "string" },
},
ControlsInfos = new[]
{
new Zpa.Inputs.InspectionProfileControlsInfoArgs
{
ControlType = "string",
},
},
CustomControls = new[]
{
new Zpa.Inputs.InspectionProfileCustomControlArgs
{
Id = "string",
Action = "string",
ActionValue = "string",
},
},
Description = "string",
GlobalControlActions = new[]
{
"string",
},
Name = "string",
OverrideAction = "string",
ParanoiaLevel = "string",
PredefinedApiControls = new[]
{
new Zpa.Inputs.InspectionProfilePredefinedApiControlArgs
{
Action = "string",
ActionValue = "string",
Id = "string",
},
},
PredefinedControls = new[]
{
new Zpa.Inputs.InspectionProfilePredefinedControlArgs
{
Action = "string",
ActionValue = "string",
Id = "string",
},
},
PredefinedControlsVersion = "string",
ThreatLabzControls = new[]
{
new Zpa.Inputs.InspectionProfileThreatLabzControlArgs
{
Action = "string",
ActionValue = "string",
Id = "string",
},
},
WebsocketControls = new[]
{
new Zpa.Inputs.InspectionProfileWebsocketControlArgs
{
Action = "string",
ActionValue = "string",
Id = "string",
},
},
ZsDefinedControlChoice = "string",
});
example, err := zpa.NewInspectionProfile(ctx, "inspectionProfileResource", &zpa.InspectionProfileArgs{
ApiProfile: pulumi.Bool(false),
AssociateAllControls: pulumi.Bool(false),
CommonGlobalOverrideActionsConfig: pulumi.StringMap{
"string": pulumi.String("string"),
},
ControlsInfos: zpa.InspectionProfileControlsInfoArray{
&zpa.InspectionProfileControlsInfoArgs{
ControlType: pulumi.String("string"),
},
},
CustomControls: zpa.InspectionProfileCustomControlArray{
&zpa.InspectionProfileCustomControlArgs{
Id: pulumi.String("string"),
Action: pulumi.String("string"),
ActionValue: pulumi.String("string"),
},
},
Description: pulumi.String("string"),
GlobalControlActions: pulumi.StringArray{
pulumi.String("string"),
},
Name: pulumi.String("string"),
OverrideAction: pulumi.String("string"),
ParanoiaLevel: pulumi.String("string"),
PredefinedApiControls: zpa.InspectionProfilePredefinedApiControlArray{
&zpa.InspectionProfilePredefinedApiControlArgs{
Action: pulumi.String("string"),
ActionValue: pulumi.String("string"),
Id: pulumi.String("string"),
},
},
PredefinedControls: zpa.InspectionProfilePredefinedControlArray{
&zpa.InspectionProfilePredefinedControlArgs{
Action: pulumi.String("string"),
ActionValue: pulumi.String("string"),
Id: pulumi.String("string"),
},
},
PredefinedControlsVersion: pulumi.String("string"),
ThreatLabzControls: zpa.InspectionProfileThreatLabzControlArray{
&zpa.InspectionProfileThreatLabzControlArgs{
Action: pulumi.String("string"),
ActionValue: pulumi.String("string"),
Id: pulumi.String("string"),
},
},
WebsocketControls: zpa.InspectionProfileWebsocketControlArray{
&zpa.InspectionProfileWebsocketControlArgs{
Action: pulumi.String("string"),
ActionValue: pulumi.String("string"),
Id: pulumi.String("string"),
},
},
ZsDefinedControlChoice: pulumi.String("string"),
})
var inspectionProfileResource = new InspectionProfile("inspectionProfileResource", InspectionProfileArgs.builder()
.apiProfile(false)
.associateAllControls(false)
.commonGlobalOverrideActionsConfig(Map.of("string", "string"))
.controlsInfos(InspectionProfileControlsInfoArgs.builder()
.controlType("string")
.build())
.customControls(InspectionProfileCustomControlArgs.builder()
.id("string")
.action("string")
.actionValue("string")
.build())
.description("string")
.globalControlActions("string")
.name("string")
.overrideAction("string")
.paranoiaLevel("string")
.predefinedApiControls(InspectionProfilePredefinedApiControlArgs.builder()
.action("string")
.actionValue("string")
.id("string")
.build())
.predefinedControls(InspectionProfilePredefinedControlArgs.builder()
.action("string")
.actionValue("string")
.id("string")
.build())
.predefinedControlsVersion("string")
.threatLabzControls(InspectionProfileThreatLabzControlArgs.builder()
.action("string")
.actionValue("string")
.id("string")
.build())
.websocketControls(InspectionProfileWebsocketControlArgs.builder()
.action("string")
.actionValue("string")
.id("string")
.build())
.zsDefinedControlChoice("string")
.build());
inspection_profile_resource = zpa.InspectionProfile("inspectionProfileResource",
api_profile=False,
associate_all_controls=False,
common_global_override_actions_config={
"string": "string",
},
controls_infos=[{
"control_type": "string",
}],
custom_controls=[{
"id": "string",
"action": "string",
"action_value": "string",
}],
description="string",
global_control_actions=["string"],
name="string",
override_action="string",
paranoia_level="string",
predefined_api_controls=[{
"action": "string",
"action_value": "string",
"id": "string",
}],
predefined_controls=[{
"action": "string",
"action_value": "string",
"id": "string",
}],
predefined_controls_version="string",
threat_labz_controls=[{
"action": "string",
"action_value": "string",
"id": "string",
}],
websocket_controls=[{
"action": "string",
"action_value": "string",
"id": "string",
}],
zs_defined_control_choice="string")
const inspectionProfileResource = new zpa.InspectionProfile("inspectionProfileResource", {
apiProfile: false,
associateAllControls: false,
commonGlobalOverrideActionsConfig: {
string: "string",
},
controlsInfos: [{
controlType: "string",
}],
customControls: [{
id: "string",
action: "string",
actionValue: "string",
}],
description: "string",
globalControlActions: ["string"],
name: "string",
overrideAction: "string",
paranoiaLevel: "string",
predefinedApiControls: [{
action: "string",
actionValue: "string",
id: "string",
}],
predefinedControls: [{
action: "string",
actionValue: "string",
id: "string",
}],
predefinedControlsVersion: "string",
threatLabzControls: [{
action: "string",
actionValue: "string",
id: "string",
}],
websocketControls: [{
action: "string",
actionValue: "string",
id: "string",
}],
zsDefinedControlChoice: "string",
});
type: zpa:InspectionProfile
properties:
apiProfile: false
associateAllControls: false
commonGlobalOverrideActionsConfig:
string: string
controlsInfos:
- controlType: string
customControls:
- action: string
actionValue: string
id: string
description: string
globalControlActions:
- string
name: string
overrideAction: string
paranoiaLevel: string
predefinedApiControls:
- action: string
actionValue: string
id: string
predefinedControls:
- action: string
actionValue: string
id: string
predefinedControlsVersion: string
threatLabzControls:
- action: string
actionValue: string
id: string
websocketControls:
- action: string
actionValue: string
id: string
zsDefinedControlChoice: string
InspectionProfile Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The InspectionProfile resource accepts the following input properties:
- Api
Profile bool - Associate
All boolControls - Common
Global Dictionary<string, string>Override Actions Config - Controls
Infos List<zscaler.Pulumi Package. Zpa. Inputs. Inspection Profile Controls Info> - Custom
Controls List<zscaler.Pulumi Package. Zpa. Inputs. Inspection Profile Custom Control> - The set of AppProtection controls used to define how inspections are managed
- Description string
- The description of the AppProtection profile
- Global
Control List<string>Actions - The actions of the predefined, custom, or override controls
- Name string
- Override
Action string - Paranoia
Level string - The OWASP Predefined Paranoia Level
- Predefined
Api List<zscaler.Controls Pulumi Package. Zpa. Inputs. Inspection Profile Predefined Api Control> - The predefined controls
- Predefined
Controls List<zscaler.Pulumi Package. Zpa. Inputs. Inspection Profile Predefined Control> - The predefined controls
- Predefined
Controls stringVersion - The protocol for the AppProtection application
- Threat
Labz List<zscaler.Controls Pulumi Package. Zpa. Inputs. Inspection Profile Threat Labz Control> - The ThreatLabZ predefined controls
- Websocket
Controls List<zscaler.Pulumi Package. Zpa. Inputs. Inspection Profile Websocket Control> - The WebSocket predefined controls
- Zs
Defined stringControl Choice - Indicates the user's choice for the ThreatLabZ Controls. Supported values: ALL and SPECIFIC
- Api
Profile bool - Associate
All boolControls - Common
Global map[string]stringOverride Actions Config - Controls
Infos []InspectionProfile Controls Info Args - Custom
Controls []InspectionProfile Custom Control Args - The set of AppProtection controls used to define how inspections are managed
- Description string
- The description of the AppProtection profile
- Global
Control []stringActions - The actions of the predefined, custom, or override controls
- Name string
- Override
Action string - Paranoia
Level string - The OWASP Predefined Paranoia Level
- Predefined
Api []InspectionControls Profile Predefined Api Control Args - The predefined controls
- Predefined
Controls []InspectionProfile Predefined Control Args - The predefined controls
- Predefined
Controls stringVersion - The protocol for the AppProtection application
- Threat
Labz []InspectionControls Profile Threat Labz Control Args - The ThreatLabZ predefined controls
- Websocket
Controls []InspectionProfile Websocket Control Args - The WebSocket predefined controls
- Zs
Defined stringControl Choice - Indicates the user's choice for the ThreatLabZ Controls. Supported values: ALL and SPECIFIC
- api
Profile Boolean - associate
All BooleanControls - common
Global Map<String,String>Override Actions Config - controls
Infos List<InspectionProfile Controls Info> - custom
Controls List<InspectionProfile Custom Control> - The set of AppProtection controls used to define how inspections are managed
- description String
- The description of the AppProtection profile
- global
Control List<String>Actions - The actions of the predefined, custom, or override controls
- name String
- override
Action String - paranoia
Level String - The OWASP Predefined Paranoia Level
- predefined
Api List<InspectionControls Profile Predefined Api Control> - The predefined controls
- predefined
Controls List<InspectionProfile Predefined Control> - The predefined controls
- predefined
Controls StringVersion - The protocol for the AppProtection application
- threat
Labz List<InspectionControls Profile Threat Labz Control> - The ThreatLabZ predefined controls
- websocket
Controls List<InspectionProfile Websocket Control> - The WebSocket predefined controls
- zs
Defined StringControl Choice - Indicates the user's choice for the ThreatLabZ Controls. Supported values: ALL and SPECIFIC
- api
Profile boolean - associate
All booleanControls - common
Global {[key: string]: string}Override Actions Config - controls
Infos InspectionProfile Controls Info[] - custom
Controls InspectionProfile Custom Control[] - The set of AppProtection controls used to define how inspections are managed
- description string
- The description of the AppProtection profile
- global
Control string[]Actions - The actions of the predefined, custom, or override controls
- name string
- override
Action string - paranoia
Level string - The OWASP Predefined Paranoia Level
- predefined
Api InspectionControls Profile Predefined Api Control[] - The predefined controls
- predefined
Controls InspectionProfile Predefined Control[] - The predefined controls
- predefined
Controls stringVersion - The protocol for the AppProtection application
- threat
Labz InspectionControls Profile Threat Labz Control[] - The ThreatLabZ predefined controls
- websocket
Controls InspectionProfile Websocket Control[] - The WebSocket predefined controls
- zs
Defined stringControl Choice - Indicates the user's choice for the ThreatLabZ Controls. Supported values: ALL and SPECIFIC
- api_
profile bool - associate_
all_ boolcontrols - common_
global_ Mapping[str, str]override_ actions_ config - controls_
infos Sequence[InspectionProfile Controls Info Args] - custom_
controls Sequence[InspectionProfile Custom Control Args] - The set of AppProtection controls used to define how inspections are managed
- description str
- The description of the AppProtection profile
- global_
control_ Sequence[str]actions - The actions of the predefined, custom, or override controls
- name str
- override_
action str - paranoia_
level str - The OWASP Predefined Paranoia Level
- predefined_
api_ Sequence[Inspectioncontrols Profile Predefined Api Control Args] - The predefined controls
- predefined_
controls Sequence[InspectionProfile Predefined Control Args] - The predefined controls
- predefined_
controls_ strversion - The protocol for the AppProtection application
- threat_
labz_ Sequence[Inspectioncontrols Profile Threat Labz Control Args] - The ThreatLabZ predefined controls
- websocket_
controls Sequence[InspectionProfile Websocket Control Args] - The WebSocket predefined controls
- zs_
defined_ strcontrol_ choice - Indicates the user's choice for the ThreatLabZ Controls. Supported values: ALL and SPECIFIC
- api
Profile Boolean - associate
All BooleanControls - common
Global Map<String>Override Actions Config - controls
Infos List<Property Map> - custom
Controls List<Property Map> - The set of AppProtection controls used to define how inspections are managed
- description String
- The description of the AppProtection profile
- global
Control List<String>Actions - The actions of the predefined, custom, or override controls
- name String
- override
Action String - paranoia
Level String - The OWASP Predefined Paranoia Level
- predefined
Api List<Property Map>Controls - The predefined controls
- predefined
Controls List<Property Map> - The predefined controls
- predefined
Controls StringVersion - The protocol for the AppProtection application
- threat
Labz List<Property Map>Controls - The ThreatLabZ predefined controls
- websocket
Controls List<Property Map> - The WebSocket predefined controls
- zs
Defined StringControl Choice - Indicates the user's choice for the ThreatLabZ Controls. Supported values: ALL and SPECIFIC
Outputs
All input properties are implicitly available as output properties. Additionally, the InspectionProfile resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing InspectionProfile Resource
Get an existing InspectionProfile resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: InspectionProfileState, opts?: CustomResourceOptions): InspectionProfile@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
api_profile: Optional[bool] = None,
associate_all_controls: Optional[bool] = None,
common_global_override_actions_config: Optional[Mapping[str, str]] = None,
controls_infos: Optional[Sequence[InspectionProfileControlsInfoArgs]] = None,
custom_controls: Optional[Sequence[InspectionProfileCustomControlArgs]] = None,
description: Optional[str] = None,
global_control_actions: Optional[Sequence[str]] = None,
name: Optional[str] = None,
override_action: Optional[str] = None,
paranoia_level: Optional[str] = None,
predefined_api_controls: Optional[Sequence[InspectionProfilePredefinedApiControlArgs]] = None,
predefined_controls: Optional[Sequence[InspectionProfilePredefinedControlArgs]] = None,
predefined_controls_version: Optional[str] = None,
threat_labz_controls: Optional[Sequence[InspectionProfileThreatLabzControlArgs]] = None,
websocket_controls: Optional[Sequence[InspectionProfileWebsocketControlArgs]] = None,
zs_defined_control_choice: Optional[str] = None) -> InspectionProfilefunc GetInspectionProfile(ctx *Context, name string, id IDInput, state *InspectionProfileState, opts ...ResourceOption) (*InspectionProfile, error)public static InspectionProfile Get(string name, Input<string> id, InspectionProfileState? state, CustomResourceOptions? opts = null)public static InspectionProfile get(String name, Output<String> id, InspectionProfileState state, CustomResourceOptions options)resources: _: type: zpa:InspectionProfile get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Api
Profile bool - Associate
All boolControls - Common
Global Dictionary<string, string>Override Actions Config - Controls
Infos List<zscaler.Pulumi Package. Zpa. Inputs. Inspection Profile Controls Info> - Custom
Controls List<zscaler.Pulumi Package. Zpa. Inputs. Inspection Profile Custom Control> - The set of AppProtection controls used to define how inspections are managed
- Description string
- The description of the AppProtection profile
- Global
Control List<string>Actions - The actions of the predefined, custom, or override controls
- Name string
- Override
Action string - Paranoia
Level string - The OWASP Predefined Paranoia Level
- Predefined
Api List<zscaler.Controls Pulumi Package. Zpa. Inputs. Inspection Profile Predefined Api Control> - The predefined controls
- Predefined
Controls List<zscaler.Pulumi Package. Zpa. Inputs. Inspection Profile Predefined Control> - The predefined controls
- Predefined
Controls stringVersion - The protocol for the AppProtection application
- Threat
Labz List<zscaler.Controls Pulumi Package. Zpa. Inputs. Inspection Profile Threat Labz Control> - The ThreatLabZ predefined controls
- Websocket
Controls List<zscaler.Pulumi Package. Zpa. Inputs. Inspection Profile Websocket Control> - The WebSocket predefined controls
- Zs
Defined stringControl Choice - Indicates the user's choice for the ThreatLabZ Controls. Supported values: ALL and SPECIFIC
- Api
Profile bool - Associate
All boolControls - Common
Global map[string]stringOverride Actions Config - Controls
Infos []InspectionProfile Controls Info Args - Custom
Controls []InspectionProfile Custom Control Args - The set of AppProtection controls used to define how inspections are managed
- Description string
- The description of the AppProtection profile
- Global
Control []stringActions - The actions of the predefined, custom, or override controls
- Name string
- Override
Action string - Paranoia
Level string - The OWASP Predefined Paranoia Level
- Predefined
Api []InspectionControls Profile Predefined Api Control Args - The predefined controls
- Predefined
Controls []InspectionProfile Predefined Control Args - The predefined controls
- Predefined
Controls stringVersion - The protocol for the AppProtection application
- Threat
Labz []InspectionControls Profile Threat Labz Control Args - The ThreatLabZ predefined controls
- Websocket
Controls []InspectionProfile Websocket Control Args - The WebSocket predefined controls
- Zs
Defined stringControl Choice - Indicates the user's choice for the ThreatLabZ Controls. Supported values: ALL and SPECIFIC
- api
Profile Boolean - associate
All BooleanControls - common
Global Map<String,String>Override Actions Config - controls
Infos List<InspectionProfile Controls Info> - custom
Controls List<InspectionProfile Custom Control> - The set of AppProtection controls used to define how inspections are managed
- description String
- The description of the AppProtection profile
- global
Control List<String>Actions - The actions of the predefined, custom, or override controls
- name String
- override
Action String - paranoia
Level String - The OWASP Predefined Paranoia Level
- predefined
Api List<InspectionControls Profile Predefined Api Control> - The predefined controls
- predefined
Controls List<InspectionProfile Predefined Control> - The predefined controls
- predefined
Controls StringVersion - The protocol for the AppProtection application
- threat
Labz List<InspectionControls Profile Threat Labz Control> - The ThreatLabZ predefined controls
- websocket
Controls List<InspectionProfile Websocket Control> - The WebSocket predefined controls
- zs
Defined StringControl Choice - Indicates the user's choice for the ThreatLabZ Controls. Supported values: ALL and SPECIFIC
- api
Profile boolean - associate
All booleanControls - common
Global {[key: string]: string}Override Actions Config - controls
Infos InspectionProfile Controls Info[] - custom
Controls InspectionProfile Custom Control[] - The set of AppProtection controls used to define how inspections are managed
- description string
- The description of the AppProtection profile
- global
Control string[]Actions - The actions of the predefined, custom, or override controls
- name string
- override
Action string - paranoia
Level string - The OWASP Predefined Paranoia Level
- predefined
Api InspectionControls Profile Predefined Api Control[] - The predefined controls
- predefined
Controls InspectionProfile Predefined Control[] - The predefined controls
- predefined
Controls stringVersion - The protocol for the AppProtection application
- threat
Labz InspectionControls Profile Threat Labz Control[] - The ThreatLabZ predefined controls
- websocket
Controls InspectionProfile Websocket Control[] - The WebSocket predefined controls
- zs
Defined stringControl Choice - Indicates the user's choice for the ThreatLabZ Controls. Supported values: ALL and SPECIFIC
- api_
profile bool - associate_
all_ boolcontrols - common_
global_ Mapping[str, str]override_ actions_ config - controls_
infos Sequence[InspectionProfile Controls Info Args] - custom_
controls Sequence[InspectionProfile Custom Control Args] - The set of AppProtection controls used to define how inspections are managed
- description str
- The description of the AppProtection profile
- global_
control_ Sequence[str]actions - The actions of the predefined, custom, or override controls
- name str
- override_
action str - paranoia_
level str - The OWASP Predefined Paranoia Level
- predefined_
api_ Sequence[Inspectioncontrols Profile Predefined Api Control Args] - The predefined controls
- predefined_
controls Sequence[InspectionProfile Predefined Control Args] - The predefined controls
- predefined_
controls_ strversion - The protocol for the AppProtection application
- threat_
labz_ Sequence[Inspectioncontrols Profile Threat Labz Control Args] - The ThreatLabZ predefined controls
- websocket_
controls Sequence[InspectionProfile Websocket Control Args] - The WebSocket predefined controls
- zs_
defined_ strcontrol_ choice - Indicates the user's choice for the ThreatLabZ Controls. Supported values: ALL and SPECIFIC
- api
Profile Boolean - associate
All BooleanControls - common
Global Map<String>Override Actions Config - controls
Infos List<Property Map> - custom
Controls List<Property Map> - The set of AppProtection controls used to define how inspections are managed
- description String
- The description of the AppProtection profile
- global
Control List<String>Actions - The actions of the predefined, custom, or override controls
- name String
- override
Action String - paranoia
Level String - The OWASP Predefined Paranoia Level
- predefined
Api List<Property Map>Controls - The predefined controls
- predefined
Controls List<Property Map> - The predefined controls
- predefined
Controls StringVersion - The protocol for the AppProtection application
- threat
Labz List<Property Map>Controls - The ThreatLabZ predefined controls
- websocket
Controls List<Property Map> - The WebSocket predefined controls
- zs
Defined StringControl Choice - Indicates the user's choice for the ThreatLabZ Controls. Supported values: ALL and SPECIFIC
Supporting Types
InspectionProfileControlsInfo, InspectionProfileControlsInfoArgs
- Control
Type string
- Control
Type string
- control
Type String
- control
Type string
- control_
type str
- control
Type String
InspectionProfileCustomControl, InspectionProfileCustomControlArgs
- Id string
- The unique identifier of the custom control
- Action string
- The action of the custom control
- Action
Value string - Denotes the action. Supports any string
- Id string
- The unique identifier of the custom control
- Action string
- The action of the custom control
- Action
Value string - Denotes the action. Supports any string
- id String
- The unique identifier of the custom control
- action String
- The action of the custom control
- action
Value String - Denotes the action. Supports any string
- id string
- The unique identifier of the custom control
- action string
- The action of the custom control
- action
Value string - Denotes the action. Supports any string
- id str
- The unique identifier of the custom control
- action str
- The action of the custom control
- action_
value str - Denotes the action. Supports any string
- id String
- The unique identifier of the custom control
- action String
- The action of the custom control
- action
Value String - Denotes the action. Supports any string
InspectionProfilePredefinedApiControl, InspectionProfilePredefinedApiControlArgs
- Action string
- Action
Value string - Id string
- Action string
- Action
Value string - Id string
- action String
- action
Value String - id String
- action string
- action
Value string - id string
- action str
- action_
value str - id str
- action String
- action
Value String - id String
InspectionProfilePredefinedControl, InspectionProfilePredefinedControlArgs
- Action string
- Action
Value string - Id string
- Action string
- Action
Value string - Id string
- action String
- action
Value String - id String
- action string
- action
Value string - id string
- action str
- action_
value str - id str
- action String
- action
Value String - id String
InspectionProfileThreatLabzControl, InspectionProfileThreatLabzControlArgs
- Action string
- Action
Value string - Id string
- Action string
- Action
Value string - Id string
- action String
- action
Value String - id String
- action string
- action
Value string - id string
- action str
- action_
value str - id str
- action String
- action
Value String - id String
InspectionProfileWebsocketControl, InspectionProfileWebsocketControlArgs
- Action string
- Action
Value string - Id string
- Action string
- Action
Value string - Id string
- action String
- action
Value String - id String
- action string
- action
Value string - id string
- action str
- action_
value str - id str
- action String
- action
Value String - id String
Import
Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZPA configurations into Terraform-compliant HashiCorp Configuration Language.
Visit
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- zpa zscaler/pulumi-zpa
- License
- MIT
- Notes
- This Pulumi package is based on the
zpaTerraform Provider.
Zscaler Private Access v1.0.3 published on Wednesday, Jan 21, 2026 by Zscaler
