Docs
PackagesZscaler Private Access v0.0.10 published on Tuesday, Apr 9, 2024 by Zscaler
zpa.PolicyAccessInspectionRule
Explore with Pulumi AI
The zpa_policy_inspection_rule resource creates a policy inspection access rule in the Zscaler Private Access cloud.
⚠️ WARNING:: The attribute rule_order is now deprecated in favor of the new resource zpa.PolicyAccessReorderRule policy_access_rule_reorder
Example Usage
1
import * as pulumi from "@pulumi/pulumi";
import * as zpa from "@bdzscaler/pulumi-zpa";
//Create Inspection Access Rule
const _this = new zpa.PolicyAccessInspectionRule("this", {
description: "Example",
action: "INSPECT",
operator: "AND",
policySetId: data.zpa_policy_type.inspection_policy.id,
zpnInspectionProfileId: zpa_inspection_profile["this"].id,
conditions: [{
operator: "OR",
operands: [{
objectType: "APP",
lhs: "id",
rhs: zpa_application_segment_inspection["this"].id,
}],
}],
});
import pulumi
import zscaler_pulumi_zpa as zpa
#Create Inspection Access Rule
this = zpa.PolicyAccessInspectionRule("this",
description="Example",
action="INSPECT",
operator="AND",
policy_set_id=data["zpa_policy_type"]["inspection_policy"]["id"],
zpn_inspection_profile_id=zpa_inspection_profile["this"]["id"],
conditions=[zpa.PolicyAccessInspectionRuleConditionArgs(
operator="OR",
operands=[zpa.PolicyAccessInspectionRuleConditionOperandArgs(
object_type="APP",
lhs="id",
rhs=zpa_application_segment_inspection["this"]["id"],
)],
)])
package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/zscaler/pulumi-zpa/sdk/go/zpa"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// Create Inspection Access Rule
_, err := zpa.NewPolicyAccessInspectionRule(ctx, "this", &zpa.PolicyAccessInspectionRuleArgs{
Description: pulumi.String("Example"),
Action: pulumi.String("INSPECT"),
Operator: pulumi.String("AND"),
PolicySetId: pulumi.Any(data.Zpa_policy_type.Inspection_policy.Id),
ZpnInspectionProfileId: pulumi.Any(zpa_inspection_profile.This.Id),
Conditions: zpa.PolicyAccessInspectionRuleConditionArray{
&zpa.PolicyAccessInspectionRuleConditionArgs{
Operator: pulumi.String("OR"),
Operands: zpa.PolicyAccessInspectionRuleConditionOperandArray{
&zpa.PolicyAccessInspectionRuleConditionOperandArgs{
ObjectType: pulumi.String("APP"),
Lhs: pulumi.String("id"),
Rhs: pulumi.Any(zpa_application_segment_inspection.This.Id),
},
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Zpa = Zscaler.Zpa;
return await Deployment.RunAsync(() =>
{
//Create Inspection Access Rule
var @this = new Zpa.PolicyAccessInspectionRule("this", new()
{
Description = "Example",
Action = "INSPECT",
Operator = "AND",
PolicySetId = data.Zpa_policy_type.Inspection_policy.Id,
ZpnInspectionProfileId = zpa_inspection_profile.This.Id,
Conditions = new[]
{
new Zpa.Inputs.PolicyAccessInspectionRuleConditionArgs
{
Operator = "OR",
Operands = new[]
{
new Zpa.Inputs.PolicyAccessInspectionRuleConditionOperandArgs
{
ObjectType = "APP",
Lhs = "id",
Rhs = zpa_application_segment_inspection.This.Id,
},
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.zpa.PolicyAccessInspectionRule;
import com.pulumi.zpa.PolicyAccessInspectionRuleArgs;
import com.pulumi.zpa.inputs.PolicyAccessInspectionRuleConditionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
//Create Inspection Access Rule
var this_ = new PolicyAccessInspectionRule("this", PolicyAccessInspectionRuleArgs.builder()
.description("Example")
.action("INSPECT")
.operator("AND")
.policySetId(data.zpa_policy_type().inspection_policy().id())
.zpnInspectionProfileId(zpa_inspection_profile.this().id())
.conditions(PolicyAccessInspectionRuleConditionArgs.builder()
.operator("OR")
.operands(PolicyAccessInspectionRuleConditionOperandArgs.builder()
.objectType("APP")
.lhs("id")
.rhs(zpa_application_segment_inspection.this().id())
.build())
.build())
.build());
}
}
resources:
#Create Inspection Access Rule
this:
type: zpa:PolicyAccessInspectionRule
properties:
description: Example
action: INSPECT
operator: AND
policySetId: ${data.zpa_policy_type.inspection_policy.id}
zpnInspectionProfileId: ${zpa_inspection_profile.this.id}
conditions:
- operator: OR
operands:
- objectType: APP
lhs: id
rhs: ${zpa_application_segment_inspection.this.id}
2
import * as pulumi from "@pulumi/pulumi";
import * as zpa from "@bdzscaler/pulumi-zpa";
import * as zpa from "@pulumi/zpa";
const inspectionPolicy = zpa.getPolicyType({
policyType: "INSPECTION_POLICY",
});
//Create Inspection Access Rule
const _this = new zpa.PolicyAccessInspectionRule("this", {
description: "Example",
action: "BYPASS_INSPECT",
ruleOrder: "1",
operator: "AND",
policySetId: inspectionPolicy.then(inspectionPolicy => inspectionPolicy.id),
conditions: [{
operator: "OR",
operands: [{
objectType: "APP",
lhs: "id",
rhs: zpa_application_segment_inspection["this"].id,
}],
}],
});
import pulumi
import pulumi_zpa as zpa
import zscaler_pulumi_zpa as zpa
inspection_policy = zpa.get_policy_type(policy_type="INSPECTION_POLICY")
#Create Inspection Access Rule
this = zpa.PolicyAccessInspectionRule("this",
description="Example",
action="BYPASS_INSPECT",
rule_order="1",
operator="AND",
policy_set_id=inspection_policy.id,
conditions=[zpa.PolicyAccessInspectionRuleConditionArgs(
operator="OR",
operands=[zpa.PolicyAccessInspectionRuleConditionOperandArgs(
object_type="APP",
lhs="id",
rhs=zpa_application_segment_inspection["this"]["id"],
)],
)])
package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/zscaler/pulumi-zpa/sdk/go/zpa"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
inspectionPolicy, err := zpa.GetPolicyType(ctx, &zpa.GetPolicyTypeArgs{
PolicyType: pulumi.StringRef("INSPECTION_POLICY"),
}, nil)
if err != nil {
return err
}
// Create Inspection Access Rule
_, err = zpa.NewPolicyAccessInspectionRule(ctx, "this", &zpa.PolicyAccessInspectionRuleArgs{
Description: pulumi.String("Example"),
Action: pulumi.String("BYPASS_INSPECT"),
RuleOrder: pulumi.String("1"),
Operator: pulumi.String("AND"),
PolicySetId: pulumi.String(inspectionPolicy.Id),
Conditions: zpa.PolicyAccessInspectionRuleConditionArray{
&zpa.PolicyAccessInspectionRuleConditionArgs{
Operator: pulumi.String("OR"),
Operands: zpa.PolicyAccessInspectionRuleConditionOperandArray{
&zpa.PolicyAccessInspectionRuleConditionOperandArgs{
ObjectType: pulumi.String("APP"),
Lhs: pulumi.String("id"),
Rhs: pulumi.Any(zpa_application_segment_inspection.This.Id),
},
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Zpa = Pulumi.Zpa;
using Zpa = Zscaler.Zpa;
return await Deployment.RunAsync(() =>
{
var inspectionPolicy = Zpa.GetPolicyType.Invoke(new()
{
PolicyType = "INSPECTION_POLICY",
});
//Create Inspection Access Rule
var @this = new Zpa.PolicyAccessInspectionRule("this", new()
{
Description = "Example",
Action = "BYPASS_INSPECT",
RuleOrder = "1",
Operator = "AND",
PolicySetId = inspectionPolicy.Apply(getPolicyTypeResult => getPolicyTypeResult.Id),
Conditions = new[]
{
new Zpa.Inputs.PolicyAccessInspectionRuleConditionArgs
{
Operator = "OR",
Operands = new[]
{
new Zpa.Inputs.PolicyAccessInspectionRuleConditionOperandArgs
{
ObjectType = "APP",
Lhs = "id",
Rhs = zpa_application_segment_inspection.This.Id,
},
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.zpa.ZpaFunctions;
import com.pulumi.zpa.inputs.GetPolicyTypeArgs;
import com.pulumi.zpa.PolicyAccessInspectionRule;
import com.pulumi.zpa.PolicyAccessInspectionRuleArgs;
import com.pulumi.zpa.inputs.PolicyAccessInspectionRuleConditionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var inspectionPolicy = ZpaFunctions.getPolicyType(GetPolicyTypeArgs.builder()
.policyType("INSPECTION_POLICY")
.build());
//Create Inspection Access Rule
var this_ = new PolicyAccessInspectionRule("this", PolicyAccessInspectionRuleArgs.builder()
.description("Example")
.action("BYPASS_INSPECT")
.ruleOrder(1)
.operator("AND")
.policySetId(inspectionPolicy.applyValue(getPolicyTypeResult -> getPolicyTypeResult.id()))
.conditions(PolicyAccessInspectionRuleConditionArgs.builder()
.operator("OR")
.operands(PolicyAccessInspectionRuleConditionOperandArgs.builder()
.objectType("APP")
.lhs("id")
.rhs(zpa_application_segment_inspection.this().id())
.build())
.build())
.build());
}
}
resources:
#Create Inspection Access Rule
this:
type: zpa:PolicyAccessInspectionRule
properties:
description: Example
action: BYPASS_INSPECT
ruleOrder: 1
operator: AND
policySetId: ${inspectionPolicy.id}
conditions:
- operator: OR
operands:
- objectType: APP
lhs: id
rhs: ${zpa_application_segment_inspection.this.id}
variables:
inspectionPolicy:
fn::invoke:
Function: zpa:getPolicyType
Arguments:
policyType: INSPECTION_POLICY
LHS and RHS Values
| Object Type | LHS | RHS |
|---|---|---|
| APP | "id" | application_segment_id |
| APP_GROUP | "id" | segment_group_id |
| CLIENT_TYPE | "id" | zpn_client_type_zappl, zpn_client_type_exporter, zpn_client_type_browser_isolation, zpn_client_type_ip_anchoring, zpn_client_type_edge_connector, zpn_client_type_branch_connector, zpn_client_type_zapp_partner, zpn_client_type_zapp |
| EDGE_CONNECTOR_GROUP | "id" | edge_connector_id |
| IDP | "id" | identity_provider_id |
| SAML | saml_attribute_id | attribute_value_to_match |
| SCIM | scim_attribute_id | attribute_value_to_match |
| SCIM_GROUP | scim_group_attribute_id | attribute_value_to_match |
| PLATFORM | mac, ios, windows, android, linux | "true" / "false" |
| MACHINE_GRP | "id" | machine_group_id |
| POSTURE | posture_udid | "true" / "false" |
| TRUSTED_NETWORK | network_id | "true" |
Create PolicyAccessInspectionRule Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new PolicyAccessInspectionRule(name: string, args?: PolicyAccessInspectionRuleArgs, opts?: CustomResourceOptions);@overload
def PolicyAccessInspectionRule(resource_name: str,
args: Optional[PolicyAccessInspectionRuleArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def PolicyAccessInspectionRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
action: Optional[str] = None,
action_id: Optional[str] = None,
bypass_default_rule: Optional[bool] = None,
conditions: Optional[Sequence[PolicyAccessInspectionRuleConditionArgs]] = None,
custom_msg: Optional[str] = None,
default_rule: Optional[bool] = None,
description: Optional[str] = None,
lss_default_rule: Optional[bool] = None,
microtenant_id: Optional[str] = None,
name: Optional[str] = None,
operator: Optional[str] = None,
policy_set_id: Optional[str] = None,
policy_type: Optional[str] = None,
priority: Optional[str] = None,
reauth_default_rule: Optional[bool] = None,
reauth_idle_timeout: Optional[str] = None,
reauth_timeout: Optional[str] = None,
rule_order: Optional[str] = None,
zpn_cbi_profile_id: Optional[str] = None,
zpn_inspection_profile_id: Optional[str] = None,
zpn_isolation_profile_id: Optional[str] = None)func NewPolicyAccessInspectionRule(ctx *Context, name string, args *PolicyAccessInspectionRuleArgs, opts ...ResourceOption) (*PolicyAccessInspectionRule, error)public PolicyAccessInspectionRule(string name, PolicyAccessInspectionRuleArgs? args = null, CustomResourceOptions? opts = null)
public PolicyAccessInspectionRule(String name, PolicyAccessInspectionRuleArgs args)
public PolicyAccessInspectionRule(String name, PolicyAccessInspectionRuleArgs args, CustomResourceOptions options)
type: zpa:PolicyAccessInspectionRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args PolicyAccessInspectionRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args PolicyAccessInspectionRuleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args PolicyAccessInspectionRuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args PolicyAccessInspectionRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args PolicyAccessInspectionRuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Example
The following reference example uses placeholder values for all input properties.
var policyAccessInspectionRuleResource = new Zpa.PolicyAccessInspectionRule("policyAccessInspectionRuleResource", new()
{
Action = "string",
ActionId = "string",
BypassDefaultRule = false,
Conditions = new[]
{
new Zpa.Inputs.PolicyAccessInspectionRuleConditionArgs
{
Operator = "string",
Id = "string",
MicrotenantId = "string",
Operands = new[]
{
new Zpa.Inputs.PolicyAccessInspectionRuleConditionOperandArgs
{
Lhs = "string",
ObjectType = "string",
Id = "string",
IdpId = "string",
MicrotenantId = "string",
Name = "string",
Rhs = "string",
RhsLists = new[]
{
"string",
},
},
},
},
},
CustomMsg = "string",
DefaultRule = false,
Description = "string",
LssDefaultRule = false,
MicrotenantId = "string",
Name = "string",
Operator = "string",
PolicySetId = "string",
PolicyType = "string",
Priority = "string",
ReauthDefaultRule = false,
ReauthIdleTimeout = "string",
ReauthTimeout = "string",
ZpnCbiProfileId = "string",
ZpnInspectionProfileId = "string",
ZpnIsolationProfileId = "string",
});
example, err := zpa.NewPolicyAccessInspectionRule(ctx, "policyAccessInspectionRuleResource", &zpa.PolicyAccessInspectionRuleArgs{
Action: pulumi.String("string"),
ActionId: pulumi.String("string"),
BypassDefaultRule: pulumi.Bool(false),
Conditions: zpa.PolicyAccessInspectionRuleConditionArray{
&zpa.PolicyAccessInspectionRuleConditionArgs{
Operator: pulumi.String("string"),
Id: pulumi.String("string"),
MicrotenantId: pulumi.String("string"),
Operands: zpa.PolicyAccessInspectionRuleConditionOperandArray{
&zpa.PolicyAccessInspectionRuleConditionOperandArgs{
Lhs: pulumi.String("string"),
ObjectType: pulumi.String("string"),
Id: pulumi.String("string"),
IdpId: pulumi.String("string"),
MicrotenantId: pulumi.String("string"),
Name: pulumi.String("string"),
Rhs: pulumi.String("string"),
RhsLists: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
},
CustomMsg: pulumi.String("string"),
DefaultRule: pulumi.Bool(false),
Description: pulumi.String("string"),
LssDefaultRule: pulumi.Bool(false),
MicrotenantId: pulumi.String("string"),
Name: pulumi.String("string"),
Operator: pulumi.String("string"),
PolicySetId: pulumi.String("string"),
PolicyType: pulumi.String("string"),
Priority: pulumi.String("string"),
ReauthDefaultRule: pulumi.Bool(false),
ReauthIdleTimeout: pulumi.String("string"),
ReauthTimeout: pulumi.String("string"),
ZpnCbiProfileId: pulumi.String("string"),
ZpnInspectionProfileId: pulumi.String("string"),
ZpnIsolationProfileId: pulumi.String("string"),
})
var policyAccessInspectionRuleResource = new PolicyAccessInspectionRule("policyAccessInspectionRuleResource", PolicyAccessInspectionRuleArgs.builder()
.action("string")
.actionId("string")
.bypassDefaultRule(false)
.conditions(PolicyAccessInspectionRuleConditionArgs.builder()
.operator("string")
.id("string")
.microtenantId("string")
.operands(PolicyAccessInspectionRuleConditionOperandArgs.builder()
.lhs("string")
.objectType("string")
.id("string")
.idpId("string")
.microtenantId("string")
.name("string")
.rhs("string")
.rhsLists("string")
.build())
.build())
.customMsg("string")
.defaultRule(false)
.description("string")
.lssDefaultRule(false)
.microtenantId("string")
.name("string")
.operator("string")
.policySetId("string")
.policyType("string")
.priority("string")
.reauthDefaultRule(false)
.reauthIdleTimeout("string")
.reauthTimeout("string")
.zpnCbiProfileId("string")
.zpnInspectionProfileId("string")
.zpnIsolationProfileId("string")
.build());
policy_access_inspection_rule_resource = zpa.PolicyAccessInspectionRule("policyAccessInspectionRuleResource",
action="string",
action_id="string",
bypass_default_rule=False,
conditions=[zpa.PolicyAccessInspectionRuleConditionArgs(
operator="string",
id="string",
microtenant_id="string",
operands=[zpa.PolicyAccessInspectionRuleConditionOperandArgs(
lhs="string",
object_type="string",
id="string",
idp_id="string",
microtenant_id="string",
name="string",
rhs="string",
rhs_lists=["string"],
)],
)],
custom_msg="string",
default_rule=False,
description="string",
lss_default_rule=False,
microtenant_id="string",
name="string",
operator="string",
policy_set_id="string",
policy_type="string",
priority="string",
reauth_default_rule=False,
reauth_idle_timeout="string",
reauth_timeout="string",
zpn_cbi_profile_id="string",
zpn_inspection_profile_id="string",
zpn_isolation_profile_id="string")
const policyAccessInspectionRuleResource = new zpa.PolicyAccessInspectionRule("policyAccessInspectionRuleResource", {
action: "string",
actionId: "string",
bypassDefaultRule: false,
conditions: [{
operator: "string",
id: "string",
microtenantId: "string",
operands: [{
lhs: "string",
objectType: "string",
id: "string",
idpId: "string",
microtenantId: "string",
name: "string",
rhs: "string",
rhsLists: ["string"],
}],
}],
customMsg: "string",
defaultRule: false,
description: "string",
lssDefaultRule: false,
microtenantId: "string",
name: "string",
operator: "string",
policySetId: "string",
policyType: "string",
priority: "string",
reauthDefaultRule: false,
reauthIdleTimeout: "string",
reauthTimeout: "string",
zpnCbiProfileId: "string",
zpnInspectionProfileId: "string",
zpnIsolationProfileId: "string",
});
type: zpa:PolicyAccessInspectionRule
properties:
action: string
actionId: string
bypassDefaultRule: false
conditions:
- id: string
microtenantId: string
operands:
- id: string
idpId: string
lhs: string
microtenantId: string
name: string
objectType: string
rhs: string
rhsLists:
- string
operator: string
customMsg: string
defaultRule: false
description: string
lssDefaultRule: false
microtenantId: string
name: string
operator: string
policySetId: string
policyType: string
priority: string
reauthDefaultRule: false
reauthIdleTimeout: string
reauthTimeout: string
zpnCbiProfileId: string
zpnInspectionProfileId: string
zpnIsolationProfileId: string
PolicyAccessInspectionRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The PolicyAccessInspectionRule resource accepts the following input properties:
- Action string
- This is for providing the rule action.
- Action
Id string - This field defines the description of the server.
- Bypass
Default boolRule - Conditions
List<Zscaler.
Zpa. Inputs. Policy Access Inspection Rule Condition> - This is for proviidng the set of conditions for the policy.
- Custom
Msg string - This is for providing a customer message for the user.
- Default
Rule bool - This is for providing a customer message for the user.
- Description string
- This is the description of the access policy.
- Lss
Default boolRule - Microtenant
Id string - Name string
- This is the name of the policy.
- Operator string
- Policy
Set stringId - Policy
Type string - Priority string
- Reauth
Default boolRule - Reauth
Idle stringTimeout - Reauth
Timeout string - Rule
Order string - Zpn
Cbi stringProfile Id - Zpn
Inspection stringProfile Id - Zpn
Isolation stringProfile Id
- Action string
- This is for providing the rule action.
- Action
Id string - This field defines the description of the server.
- Bypass
Default boolRule - Conditions
[]Policy
Access Inspection Rule Condition Args - This is for proviidng the set of conditions for the policy.
- Custom
Msg string - This is for providing a customer message for the user.
- Default
Rule bool - This is for providing a customer message for the user.
- Description string
- This is the description of the access policy.
- Lss
Default boolRule - Microtenant
Id string - Name string
- This is the name of the policy.
- Operator string
- Policy
Set stringId - Policy
Type string - Priority string
- Reauth
Default boolRule - Reauth
Idle stringTimeout - Reauth
Timeout string - Rule
Order string - Zpn
Cbi stringProfile Id - Zpn
Inspection stringProfile Id - Zpn
Isolation stringProfile Id
- action String
- This is for providing the rule action.
- action
Id String - This field defines the description of the server.
- bypass
Default BooleanRule - conditions
List<Policy
Access Inspection Rule Condition> - This is for proviidng the set of conditions for the policy.
- custom
Msg String - This is for providing a customer message for the user.
- default
Rule Boolean - This is for providing a customer message for the user.
- description String
- This is the description of the access policy.
- lss
Default BooleanRule - microtenant
Id String - name String
- This is the name of the policy.
- operator String
- policy
Set StringId - policy
Type String - priority String
- reauth
Default BooleanRule - reauth
Idle StringTimeout - reauth
Timeout String - rule
Order String - zpn
Cbi StringProfile Id - zpn
Inspection StringProfile Id - zpn
Isolation StringProfile Id
- action string
- This is for providing the rule action.
- action
Id string - This field defines the description of the server.
- bypass
Default booleanRule - conditions
Policy
Access Inspection Rule Condition[] - This is for proviidng the set of conditions for the policy.
- custom
Msg string - This is for providing a customer message for the user.
- default
Rule boolean - This is for providing a customer message for the user.
- description string
- This is the description of the access policy.
- lss
Default booleanRule - microtenant
Id string - name string
- This is the name of the policy.
- operator string
- policy
Set stringId - policy
Type string - priority string
- reauth
Default booleanRule - reauth
Idle stringTimeout - reauth
Timeout string - rule
Order string - zpn
Cbi stringProfile Id - zpn
Inspection stringProfile Id - zpn
Isolation stringProfile Id
- action str
- This is for providing the rule action.
- action_
id str - This field defines the description of the server.
- bypass_
default_ boolrule - conditions
Sequence[Policy
Access Inspection Rule Condition Args] - This is for proviidng the set of conditions for the policy.
- custom_
msg str - This is for providing a customer message for the user.
- default_
rule bool - This is for providing a customer message for the user.
- description str
- This is the description of the access policy.
- lss_
default_ boolrule - microtenant_
id str - name str
- This is the name of the policy.
- operator str
- policy_
set_ strid - policy_
type str - priority str
- reauth_
default_ boolrule - reauth_
idle_ strtimeout - reauth_
timeout str - rule_
order str - zpn_
cbi_ strprofile_ id - zpn_
inspection_ strprofile_ id - zpn_
isolation_ strprofile_ id
- action String
- This is for providing the rule action.
- action
Id String - This field defines the description of the server.
- bypass
Default BooleanRule - conditions List<Property Map>
- This is for proviidng the set of conditions for the policy.
- custom
Msg String - This is for providing a customer message for the user.
- default
Rule Boolean - This is for providing a customer message for the user.
- description String
- This is the description of the access policy.
- lss
Default BooleanRule - microtenant
Id String - name String
- This is the name of the policy.
- operator String
- policy
Set StringId - policy
Type String - priority String
- reauth
Default BooleanRule - reauth
Idle StringTimeout - reauth
Timeout String - rule
Order String - zpn
Cbi StringProfile Id - zpn
Inspection StringProfile Id - zpn
Isolation StringProfile Id
Outputs
All input properties are implicitly available as output properties. Additionally, the PolicyAccessInspectionRule resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing PolicyAccessInspectionRule Resource
Get an existing PolicyAccessInspectionRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: PolicyAccessInspectionRuleState, opts?: CustomResourceOptions): PolicyAccessInspectionRule@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
action: Optional[str] = None,
action_id: Optional[str] = None,
bypass_default_rule: Optional[bool] = None,
conditions: Optional[Sequence[PolicyAccessInspectionRuleConditionArgs]] = None,
custom_msg: Optional[str] = None,
default_rule: Optional[bool] = None,
description: Optional[str] = None,
lss_default_rule: Optional[bool] = None,
microtenant_id: Optional[str] = None,
name: Optional[str] = None,
operator: Optional[str] = None,
policy_set_id: Optional[str] = None,
policy_type: Optional[str] = None,
priority: Optional[str] = None,
reauth_default_rule: Optional[bool] = None,
reauth_idle_timeout: Optional[str] = None,
reauth_timeout: Optional[str] = None,
rule_order: Optional[str] = None,
zpn_cbi_profile_id: Optional[str] = None,
zpn_inspection_profile_id: Optional[str] = None,
zpn_isolation_profile_id: Optional[str] = None) -> PolicyAccessInspectionRulefunc GetPolicyAccessInspectionRule(ctx *Context, name string, id IDInput, state *PolicyAccessInspectionRuleState, opts ...ResourceOption) (*PolicyAccessInspectionRule, error)public static PolicyAccessInspectionRule Get(string name, Input<string> id, PolicyAccessInspectionRuleState? state, CustomResourceOptions? opts = null)public static PolicyAccessInspectionRule get(String name, Output<String> id, PolicyAccessInspectionRuleState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Action string
- This is for providing the rule action.
- Action
Id string - This field defines the description of the server.
- Bypass
Default boolRule - Conditions
List<Zscaler.
Zpa. Inputs. Policy Access Inspection Rule Condition> - This is for proviidng the set of conditions for the policy.
- Custom
Msg string - This is for providing a customer message for the user.
- Default
Rule bool - This is for providing a customer message for the user.
- Description string
- This is the description of the access policy.
- Lss
Default boolRule - Microtenant
Id string - Name string
- This is the name of the policy.
- Operator string
- Policy
Set stringId - Policy
Type string - Priority string
- Reauth
Default boolRule - Reauth
Idle stringTimeout - Reauth
Timeout string - Rule
Order string - Zpn
Cbi stringProfile Id - Zpn
Inspection stringProfile Id - Zpn
Isolation stringProfile Id
- Action string
- This is for providing the rule action.
- Action
Id string - This field defines the description of the server.
- Bypass
Default boolRule - Conditions
[]Policy
Access Inspection Rule Condition Args - This is for proviidng the set of conditions for the policy.
- Custom
Msg string - This is for providing a customer message for the user.
- Default
Rule bool - This is for providing a customer message for the user.
- Description string
- This is the description of the access policy.
- Lss
Default boolRule - Microtenant
Id string - Name string
- This is the name of the policy.
- Operator string
- Policy
Set stringId - Policy
Type string - Priority string
- Reauth
Default boolRule - Reauth
Idle stringTimeout - Reauth
Timeout string - Rule
Order string - Zpn
Cbi stringProfile Id - Zpn
Inspection stringProfile Id - Zpn
Isolation stringProfile Id
- action String
- This is for providing the rule action.
- action
Id String - This field defines the description of the server.
- bypass
Default BooleanRule - conditions
List<Policy
Access Inspection Rule Condition> - This is for proviidng the set of conditions for the policy.
- custom
Msg String - This is for providing a customer message for the user.
- default
Rule Boolean - This is for providing a customer message for the user.
- description String
- This is the description of the access policy.
- lss
Default BooleanRule - microtenant
Id String - name String
- This is the name of the policy.
- operator String
- policy
Set StringId - policy
Type String - priority String
- reauth
Default BooleanRule - reauth
Idle StringTimeout - reauth
Timeout String - rule
Order String - zpn
Cbi StringProfile Id - zpn
Inspection StringProfile Id - zpn
Isolation StringProfile Id
- action string
- This is for providing the rule action.
- action
Id string - This field defines the description of the server.
- bypass
Default booleanRule - conditions
Policy
Access Inspection Rule Condition[] - This is for proviidng the set of conditions for the policy.
- custom
Msg string - This is for providing a customer message for the user.
- default
Rule boolean - This is for providing a customer message for the user.
- description string
- This is the description of the access policy.
- lss
Default booleanRule - microtenant
Id string - name string
- This is the name of the policy.
- operator string
- policy
Set stringId - policy
Type string - priority string
- reauth
Default booleanRule - reauth
Idle stringTimeout - reauth
Timeout string - rule
Order string - zpn
Cbi stringProfile Id - zpn
Inspection stringProfile Id - zpn
Isolation stringProfile Id
- action str
- This is for providing the rule action.
- action_
id str - This field defines the description of the server.
- bypass_
default_ boolrule - conditions
Sequence[Policy
Access Inspection Rule Condition Args] - This is for proviidng the set of conditions for the policy.
- custom_
msg str - This is for providing a customer message for the user.
- default_
rule bool - This is for providing a customer message for the user.
- description str
- This is the description of the access policy.
- lss_
default_ boolrule - microtenant_
id str - name str
- This is the name of the policy.
- operator str
- policy_
set_ strid - policy_
type str - priority str
- reauth_
default_ boolrule - reauth_
idle_ strtimeout - reauth_
timeout str - rule_
order str - zpn_
cbi_ strprofile_ id - zpn_
inspection_ strprofile_ id - zpn_
isolation_ strprofile_ id
- action String
- This is for providing the rule action.
- action
Id String - This field defines the description of the server.
- bypass
Default BooleanRule - conditions List<Property Map>
- This is for proviidng the set of conditions for the policy.
- custom
Msg String - This is for providing a customer message for the user.
- default
Rule Boolean - This is for providing a customer message for the user.
- description String
- This is the description of the access policy.
- lss
Default BooleanRule - microtenant
Id String - name String
- This is the name of the policy.
- operator String
- policy
Set StringId - policy
Type String - priority String
- reauth
Default BooleanRule - reauth
Idle StringTimeout - reauth
Timeout String - rule
Order String - zpn
Cbi StringProfile Id - zpn
Inspection StringProfile Id - zpn
Isolation StringProfile Id
Supporting Types
PolicyAccessInspectionRuleCondition, PolicyAccessInspectionRuleConditionArgs
- Operator string
- Id string
- Microtenant
Id string - Operands
List<Zscaler.
Zpa. Inputs. Policy Access Inspection Rule Condition Operand> - This signifies the various policy criteria.
- Operator string
- Id string
- Microtenant
Id string - Operands
[]Policy
Access Inspection Rule Condition Operand - This signifies the various policy criteria.
- operator String
- id String
- microtenant
Id String - operands
List<Policy
Access Inspection Rule Condition Operand> - This signifies the various policy criteria.
- operator string
- id string
- microtenant
Id string - operands
Policy
Access Inspection Rule Condition Operand[] - This signifies the various policy criteria.
- operator str
- id str
- microtenant_
id str - operands
Sequence[Policy
Access Inspection Rule Condition Operand] - This signifies the various policy criteria.
- operator String
- id String
- microtenant
Id String - operands List<Property Map>
- This signifies the various policy criteria.
PolicyAccessInspectionRuleConditionOperand, PolicyAccessInspectionRuleConditionOperandArgs
- Lhs string
- This signifies the key for the object type. String ID example: id
- Object
Type string - This is for specifying the policy critiera.
- Id string
- Idp
Id string - Microtenant
Id string - This denotes the value for the given object type. Its value depends upon the key.
- Name string
- Rhs string
- This denotes the value for the given object type. Its value depends upon the key.
- Rhs
Lists List<string> - This denotes a list of values for the given object type. The value depend upon the key. If rhs is defined this list will be ignored
- Lhs string
- This signifies the key for the object type. String ID example: id
- Object
Type string - This is for specifying the policy critiera.
- Id string
- Idp
Id string - Microtenant
Id string - This denotes the value for the given object type. Its value depends upon the key.
- Name string
- Rhs string
- This denotes the value for the given object type. Its value depends upon the key.
- Rhs
Lists []string - This denotes a list of values for the given object type. The value depend upon the key. If rhs is defined this list will be ignored
- lhs String
- This signifies the key for the object type. String ID example: id
- object
Type String - This is for specifying the policy critiera.
- id String
- idp
Id String - microtenant
Id String - This denotes the value for the given object type. Its value depends upon the key.
- name String
- rhs String
- This denotes the value for the given object type. Its value depends upon the key.
- rhs
Lists List<String> - This denotes a list of values for the given object type. The value depend upon the key. If rhs is defined this list will be ignored
- lhs string
- This signifies the key for the object type. String ID example: id
- object
Type string - This is for specifying the policy critiera.
- id string
- idp
Id string - microtenant
Id string - This denotes the value for the given object type. Its value depends upon the key.
- name string
- rhs string
- This denotes the value for the given object type. Its value depends upon the key.
- rhs
Lists string[] - This denotes a list of values for the given object type. The value depend upon the key. If rhs is defined this list will be ignored
- lhs str
- This signifies the key for the object type. String ID example: id
- object_
type str - This is for specifying the policy critiera.
- id str
- idp_
id str - microtenant_
id str - This denotes the value for the given object type. Its value depends upon the key.
- name str
- rhs str
- This denotes the value for the given object type. Its value depends upon the key.
- rhs_
lists Sequence[str] - This denotes a list of values for the given object type. The value depend upon the key. If rhs is defined this list will be ignored
- lhs String
- This signifies the key for the object type. String ID example: id
- object
Type String - This is for specifying the policy critiera.
- id String
- idp
Id String - microtenant
Id String - This denotes the value for the given object type. Its value depends upon the key.
- name String
- rhs String
- This denotes the value for the given object type. Its value depends upon the key.
- rhs
Lists List<String> - This denotes a list of values for the given object type. The value depend upon the key. If rhs is defined this list will be ignored
Import
Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZPA configurations into Terraform-compliant HashiCorp Configuration Language.
Visit
Policy Access Inspection Rule can be imported by using <POLICY INSPECTION RULE ID> as the import ID.
For example:
$ pulumi import zpa:index/policyAccessInspectionRule:PolicyAccessInspectionRule example <policy_inspection_rule_id>
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- zpa zscaler/pulumi-zpa
- License
- MIT
- Notes
- This Pulumi package is based on the
zpaTerraform Provider.