import * as pulumi from "@pulumi/pulumi"; import * as inputs from "./types/input"; import * as outputs from "./types/output"; /** * The zia_cloud_app_control_rules resource manages cloud application control rules in the Zscaler Internet Access (ZIA) cloud service. Cloud app control rules define policies that govern user access to cloud applications, allowing administrators to allow, block, or isolate specific application activities. * * For more information, see the [ZIA Cloud App Control documentation](https://help.zscaler.com/zia/cloud-app-control). * * ## Example Usage * ### Basic Cloud App Control Rule * * ```typescript * import * as zia from "@bdzscaler/pulumi-zia"; * * const example = new zia.CloudAppControlRule("example", { * name: "Example Cloud App Control Rule", * description: "Block file sharing uploads", * type: "STREAMING_MEDIA", * order: 1, * state: "ENABLED", * actions: ["BLOCK"], * applications: ["YOUTUBE"], * }); * ``` * * ## Import * * An existing Cloud App Control Rule can be imported using its resource ID, e.g. * * ```sh * $ pulumi import zia:index:CloudAppControlRule example 12345 * ``` */ export declare class CloudAppControlRule extends pulumi.CustomResource { /** * Get an existing CloudAppControlRule resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, opts?: pulumi.CustomResourceOptions): CloudAppControlRule; /** * Returns true if the given object is an instance of CloudAppControlRule. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is CloudAppControlRule; /** * Actions taken when traffic matches rule criteria. Valid values: `ALLOW`, `BLOCK`, `CAUTION`, `ISOLATE`. */ readonly actions: pulumi.Output; /** * List of cloud application names to which the rule applies. */ readonly applications: pulumi.Output; /** * The ID of the Browser End User Notification template. */ readonly browserEunTemplateId: pulumi.Output; /** * If true, cascading to other rules is enabled when this rule matches. */ readonly cascadingEnabled: pulumi.Output; /** * The Cloud Browser Isolation (CBI) profile. Required when action is 'ISOLATE'. */ readonly cbiProfile: pulumi.Output; /** * The ID of the cloud application risk profile associated with this rule. */ readonly cloudAppRiskProfileId: pulumi.Output; /** * IDs of departments for which the rule must be applied. */ readonly departments: pulumi.Output; /** * Additional information about the cloud app control rule. */ readonly description: pulumi.Output; /** * IDs of device groups for which the rule must be applied. */ readonly deviceGroups: pulumi.Output; /** * IDs of devices for which the rule must be applied. */ readonly devices: pulumi.Output; /** * Enforce a set validity time period for the rule. */ readonly enforceTimeValidity: pulumi.Output; /** * If true, End User Notification is enabled for this rule. */ readonly eunEnabled: pulumi.Output; /** * The ID of the End User Notification template. */ readonly eunTemplateId: pulumi.Output; /** * IDs of groups for which the rule must be applied. */ readonly groups: pulumi.Output; /** * IDs of labels associated with the cloud app control rule. */ readonly labels: pulumi.Output; /** * IDs of location groups for which the rule must be applied. */ readonly locationGroups: pulumi.Output; /** * IDs of locations for which the rule must be applied. */ readonly locations: pulumi.Output; /** * The name of the cloud app control rule. Must be unique. */ readonly name: pulumi.Output; /** * The order of execution of the rule with respect to other cloud app control rules. */ readonly order: pulumi.Output; /** * Admin rank of the cloud app control rule. Valid values: 0-7. Default: 7. */ readonly rank: pulumi.Output; /** * The system-generated ID of the cloud app control rule. */ readonly ruleId: pulumi.Output; /** * Size quota in MB beyond which the rule is applied. Not applicable when action is 'BLOCK'. */ readonly sizeQuota: pulumi.Output; /** * Rule state. Valid values: `ENABLED`, `DISABLED`. */ readonly state: pulumi.Output; /** * IDs of tenancy profiles for which the rule must be applied. */ readonly tenancyProfileIds: pulumi.Output; /** * Time quota in minutes, after which the rule is applied. Not applicable when action is 'BLOCK'. */ readonly timeQuota: pulumi.Output; /** * IDs of time intervals during which the rule must be enforced. */ readonly timeWindows: pulumi.Output; /** * The rule type, corresponding to the cloud application category. Valid values: `STREAMING_MEDIA`, `SOCIAL_NETWORKING`, `WEBMAIL`, `INSTANT_MESSAGING`, `FILE_SHARE`, `BUSINESS_PRODUCTIVITY`, `SYSTEM_AND_DEVELOPMENT`, `CONSUMER`, `HOSTING_PROVIDER`, `DNS_OVER_HTTPS`, `ENTERPRISE_COLLABORATION`, `GENERATIVE_AI`, `SALES_AND_MARKETING`, `HEALTH_CARE`, `LEGAL`, `HUMAN_RESOURCES`, `FINANCE`. */ readonly type: pulumi.Output; /** * IDs of users for which the rule must be applied. */ readonly users: pulumi.Output; /** * Create a CloudAppControlRule resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: CloudAppControlRuleArgs, opts?: pulumi.CustomResourceOptions); } /** * The set of arguments for constructing a CloudAppControlRule resource. */ export interface CloudAppControlRuleArgs { /** * Actions taken when traffic matches rule criteria. Valid values: `ALLOW`, `BLOCK`, `CAUTION`, `ISOLATE`. */ actions?: pulumi.Input[] | undefined>; /** * List of cloud application names to which the rule applies. */ applications?: pulumi.Input[] | undefined>; /** * The ID of the Browser End User Notification template. */ browserEunTemplateId?: pulumi.Input; /** * If true, cascading to other rules is enabled when this rule matches. */ cascadingEnabled?: pulumi.Input; /** * The Cloud Browser Isolation (CBI) profile. Required when action is 'ISOLATE'. */ cbiProfile?: pulumi.Input; /** * The ID of the cloud application risk profile associated with this rule. */ cloudAppRiskProfileId?: pulumi.Input; /** * IDs of departments for which the rule must be applied. */ departments?: pulumi.Input[] | undefined>; /** * Additional information about the cloud app control rule. */ description?: pulumi.Input; /** * IDs of device groups for which the rule must be applied. */ deviceGroups?: pulumi.Input[] | undefined>; /** * IDs of devices for which the rule must be applied. */ devices?: pulumi.Input[] | undefined>; /** * Enforce a set validity time period for the rule. */ enforceTimeValidity?: pulumi.Input; /** * If true, End User Notification is enabled for this rule. */ eunEnabled?: pulumi.Input; /** * The ID of the End User Notification template. */ eunTemplateId?: pulumi.Input; /** * IDs of groups for which the rule must be applied. */ groups?: pulumi.Input[] | undefined>; /** * IDs of labels associated with the cloud app control rule. */ labels?: pulumi.Input[] | undefined>; /** * IDs of location groups for which the rule must be applied. */ locationGroups?: pulumi.Input[] | undefined>; /** * IDs of locations for which the rule must be applied. */ locations?: pulumi.Input[] | undefined>; /** * The name of the cloud app control rule. Must be unique. */ name: pulumi.Input; /** * The order of execution of the rule with respect to other cloud app control rules. */ order: pulumi.Input; /** * Admin rank of the cloud app control rule. Valid values: 0-7. Default: 7. */ rank?: pulumi.Input; /** * Size quota in MB beyond which the rule is applied. Not applicable when action is 'BLOCK'. */ sizeQuota?: pulumi.Input; /** * Rule state. Valid values: `ENABLED`, `DISABLED`. */ state?: pulumi.Input; /** * IDs of tenancy profiles for which the rule must be applied. */ tenancyProfileIds?: pulumi.Input[] | undefined>; /** * Time quota in minutes, after which the rule is applied. Not applicable when action is 'BLOCK'. */ timeQuota?: pulumi.Input; /** * IDs of time intervals during which the rule must be enforced. */ timeWindows?: pulumi.Input[] | undefined>; /** * The rule type, corresponding to the cloud application category. Valid values: `STREAMING_MEDIA`, `SOCIAL_NETWORKING`, `WEBMAIL`, `INSTANT_MESSAGING`, `FILE_SHARE`, `BUSINESS_PRODUCTIVITY`, `SYSTEM_AND_DEVELOPMENT`, `CONSUMER`, `HOSTING_PROVIDER`, `DNS_OVER_HTTPS`, `ENTERPRISE_COLLABORATION`, `GENERATIVE_AI`, `SALES_AND_MARKETING`, `HEALTH_CARE`, `LEGAL`, `HUMAN_RESOURCES`, `FINANCE`. */ type: pulumi.Input; /** * IDs of users for which the rule must be applied. */ users?: pulumi.Input[] | undefined>; } //# sourceMappingURL=cloudAppControlRule.d.ts.map