import * as pulumi from "@pulumi/pulumi"; /** * The zia_admin_roles resource manages administrator roles in the Zscaler Internet Access (ZIA) cloud service. Admin roles define the permissions and access levels for administrator users. * * For more information, see the [ZIA Admin Role Management documentation](https://help.zscaler.com/zia/admin-role-management). * * ## Example Usage * ### Basic Admin Role * * ```typescript * import * as zia from "@bdzscaler/pulumi-zia"; * * const example = new zia.AdminRoles("example", { * name: "Example Role", * rank: 7, * policyAccess: "READ_WRITE", * dashboardAccess: "READ_ONLY", * reportAccess: "READ_ONLY", * alertingAccess: "READ_ONLY", * usernameAccess: "READ_ONLY", * }); * ``` * * ## Import * * An existing admin role can be imported using its resource ID, e.g. * * ```sh * $ pulumi import zia:index:AdminRoles example 12345 * ``` */ export declare class AdminRoles extends pulumi.CustomResource { /** * Get an existing AdminRoles resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, opts?: pulumi.CustomResourceOptions): AdminRoles; /** * Returns true if the given object is an instance of AdminRoles. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is AdminRoles; /** * Admin and role management access permission. Valid values: `NONE`, `READ_ONLY`, `READ_WRITE`. */ readonly adminAcctAccess: pulumi.Output; /** * Alerting access permission. Valid values: `NONE`, `READ_ONLY`, `READ_WRITE`. */ readonly alertingAccess: pulumi.Output; /** * Insights logs access permission. Valid values: `NONE`, `READ_ONLY`, `READ_WRITE`. */ readonly analysisAccess: pulumi.Output; /** * Dashboard access permission. Valid values: `NONE`, `READ_ONLY`. */ readonly dashboardAccess: pulumi.Output; /** * Device info access permission. Valid values: `NONE`, `READ_ONLY`. */ readonly deviceInfoAccess: pulumi.Output; /** * Map of extended feature permissions to their access levels. */ readonly extFeaturePermissions: pulumi.Output<{ [key: string]: string; } | undefined>; /** * Map of feature permissions to their access levels. */ readonly featurePermissions: pulumi.Output<{ [key: string]: string; } | undefined>; /** * Indicates whether this is an auditor role. */ readonly isAuditor: pulumi.Output; /** * Indicates whether the role is non-editable (built-in system role). */ readonly isNonEditable: pulumi.Output; /** * Log range limit. Valid values: `UNRESTRICTED`, `LAST_1_HR`, `LAST_2_HRS`, `LAST_6_HRS`, `LAST_24_HRS`, `LAST_1_MONTH`. */ readonly logsLimit: pulumi.Output; /** * The name of the admin role. */ readonly name: pulumi.Output; /** * List of functional areas to which this role has access (e.g., `POLICY`, `DASHBOARD`). */ readonly permissions: pulumi.Output; /** * Policy access permission. Valid values: `NONE`, `READ_ONLY`, `READ_WRITE`. */ readonly policyAccess: pulumi.Output; /** * Admin rank of the role. Default: 7. Valid values: 0-7. */ readonly rank: pulumi.Output; /** * Report access permission. Valid values: `NONE`, `READ_ONLY`. */ readonly reportAccess: pulumi.Output; /** * Report time duration in days. */ readonly reportTimeDuration: pulumi.Output; /** * The system-generated ID of the admin role. */ readonly roleId: pulumi.Output; /** * The admin role type. Valid values: `EXEC_INSIGHT_AND_ORG_ADMIN`, `ORG_ADMIN`. */ readonly roleType: pulumi.Output; /** * Username access permission. Valid values: `NONE`, `READ_ONLY`. */ readonly usernameAccess: pulumi.Output; /** * Create a AdminRoles resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args?: AdminRolesArgs, opts?: pulumi.CustomResourceOptions); } /** * The set of arguments for constructing a AdminRoles resource. */ export interface AdminRolesArgs { /** * Admin and role management access permission. Valid values: `NONE`, `READ_ONLY`, `READ_WRITE`. */ adminAcctAccess?: pulumi.Input; /** * Alerting access permission. Valid values: `NONE`, `READ_ONLY`, `READ_WRITE`. */ alertingAccess?: pulumi.Input; /** * Insights logs access permission. Valid values: `NONE`, `READ_ONLY`, `READ_WRITE`. */ analysisAccess?: pulumi.Input; /** * Dashboard access permission. Valid values: `NONE`, `READ_ONLY`. */ dashboardAccess?: pulumi.Input; /** * Device info access permission. Valid values: `NONE`, `READ_ONLY`. */ deviceInfoAccess?: pulumi.Input; /** * Map of extended feature permissions to their access levels. */ extFeaturePermissions?: pulumi.Input<{ [key: string]: pulumi.Input; } | undefined>; /** * Map of feature permissions to their access levels. */ featurePermissions?: pulumi.Input<{ [key: string]: pulumi.Input; } | undefined>; /** * Indicates whether this is an auditor role. */ isAuditor?: pulumi.Input; /** * Indicates whether the role is non-editable (built-in system role). */ isNonEditable?: pulumi.Input; /** * Log range limit. Valid values: `UNRESTRICTED`, `LAST_1_HR`, `LAST_2_HRS`, `LAST_6_HRS`, `LAST_24_HRS`, `LAST_1_MONTH`. */ logsLimit?: pulumi.Input; /** * The name of the admin role. */ name?: pulumi.Input; /** * List of functional areas to which this role has access (e.g., `POLICY`, `DASHBOARD`). */ permissions?: pulumi.Input[] | undefined>; /** * Policy access permission. Valid values: `NONE`, `READ_ONLY`, `READ_WRITE`. */ policyAccess?: pulumi.Input; /** * Admin rank of the role. Default: 7. Valid values: 0-7. */ rank?: pulumi.Input; /** * Report access permission. Valid values: `NONE`, `READ_ONLY`. */ reportAccess?: pulumi.Input; /** * Report time duration in days. */ reportTimeDuration?: pulumi.Input; /** * The admin role type. Valid values: `EXEC_INSIGHT_AND_ORG_ADMIN`, `ORG_ADMIN`. */ roleType?: pulumi.Input; /** * Username access permission. Valid values: `NONE`, `READ_ONLY`. */ usernameAccess?: pulumi.Input; } //# sourceMappingURL=adminRoles.d.ts.map