import * as pulumi from "@pulumi/pulumi"; /** * The zia_nat_control_rule resource manages NAT control rules in the Zscaler Internet Access (ZIA) cloud service. NAT control rules allow you to redirect traffic to specific IP addresses or FQDNs and ports based on various criteria such as source, destination, users, and locations. * * For more information, see the [ZIA NAT Control documentation](https://help.zscaler.com/zia/nat-control-policies). * * ## Example Usage * ### Basic NAT Control Rule * * ```typescript * import * as zia from "@bdzscaler/pulumi-zia"; * * const example = new zia.NatControlRule("example", { * name: "Example NAT Control Rule", * description: "Redirect traffic", * order: 1, * state: "ENABLED", * }); * ``` * * ## Import * * An existing NAT Control Rule can be imported using its resource ID, e.g. * * ```sh * $ pulumi import zia:index:NatControlRule example 12345 * ``` */ export declare class NatControlRule extends pulumi.CustomResource { /** * Get an existing NatControlRule resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, opts?: pulumi.CustomResourceOptions): NatControlRule; /** * Returns true if the given object is an instance of NatControlRule. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is NatControlRule; /** * Indicates whether this is the default NAT control rule. */ readonly defaultRule: pulumi.Output; /** * IDs of departments to which the rule must be applied. */ readonly departments: pulumi.Output; /** * Additional information about the NAT control rule. */ readonly description: pulumi.Output; /** * Destination IP addresses, FQDNs, or wildcard FQDNs for the rule. */ readonly destAddresses: pulumi.Output; /** * Destination countries (ISO 3166-1 alpha-2 codes) for the rule. */ readonly destCountries: pulumi.Output; /** * Destination IP address URL categories for the rule. */ readonly destIpCategories: pulumi.Output; /** * IDs of destination IP address groups for the rule. */ readonly destIpGroups: pulumi.Output; /** * IDs of destination IPv6 address groups for the rule. */ readonly destIpv6Groups: pulumi.Output; /** * IDs of device groups for which the rule must be applied. Applicable for devices managed using Zscaler Client Connector. */ readonly deviceGroups: pulumi.Output; /** * IDs of devices for which the rule must be applied. */ readonly devices: pulumi.Output; /** * If set to true, enables full logging for the rule. */ readonly enableFullLogging: pulumi.Output; /** * IDs of groups to which the rule must be applied. */ readonly groups: pulumi.Output; /** * IDs of labels associated with the rule. */ readonly labels: pulumi.Output; /** * IDs of location groups to which the rule must be applied. */ readonly locationGroups: pulumi.Output; /** * IDs of locations to which the rule must be applied. */ readonly locations: pulumi.Output; /** * The name of the NAT control rule. Must be unique. */ readonly name: pulumi.Output; /** * IDs of network service groups to which the rule applies. */ readonly nwServiceGroups: pulumi.Output; /** * IDs of network services to which the rule applies. */ readonly nwServices: pulumi.Output; /** * The order of execution of the rule with respect to other NAT control rules. */ readonly order: pulumi.Output; /** * Indicates whether this is a predefined rule. */ readonly predefined: pulumi.Output; /** * Admin rank of the NAT control policy rule. Valid values: 0-7. Default: 7. */ readonly rank: pulumi.Output; /** * The FQDN to which traffic should be redirected. */ readonly redirectFqdn: pulumi.Output; /** * The IP address to which traffic should be redirected. */ readonly redirectIp: pulumi.Output; /** * The port to which traffic should be redirected. */ readonly redirectPort: pulumi.Output; /** * URL categories that apply to the response for the rule. */ readonly resCategories: pulumi.Output; /** * The system-generated ID of the NAT control rule. */ readonly ruleId: pulumi.Output; /** * IDs of source IP address groups for the rule. */ readonly srcIpGroups: pulumi.Output; /** * Source IP addresses or CIDR ranges for the rule. */ readonly srcIps: pulumi.Output; /** * IDs of source IPv6 address groups for the rule. */ readonly srcIpv6Groups: pulumi.Output; /** * Rule state. Valid values: `ENABLED`, `DISABLED`. */ readonly state: pulumi.Output; /** * IDs of time intervals during which the rule must be enforced. */ readonly timeWindows: pulumi.Output; /** * IDs of users to which the rule must be applied. */ readonly users: pulumi.Output; /** * Create a NatControlRule resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: NatControlRuleArgs, opts?: pulumi.CustomResourceOptions); } /** * The set of arguments for constructing a NatControlRule resource. */ export interface NatControlRuleArgs { /** * Indicates whether this is the default NAT control rule. */ defaultRule?: pulumi.Input; /** * IDs of departments to which the rule must be applied. */ departments?: pulumi.Input[] | undefined>; /** * Additional information about the NAT control rule. */ description?: pulumi.Input; /** * Destination IP addresses, FQDNs, or wildcard FQDNs for the rule. */ destAddresses?: pulumi.Input[] | undefined>; /** * Destination countries (ISO 3166-1 alpha-2 codes) for the rule. */ destCountries?: pulumi.Input[] | undefined>; /** * Destination IP address URL categories for the rule. */ destIpCategories?: pulumi.Input[] | undefined>; /** * IDs of destination IP address groups for the rule. */ destIpGroups?: pulumi.Input[] | undefined>; /** * IDs of destination IPv6 address groups for the rule. */ destIpv6Groups?: pulumi.Input[] | undefined>; /** * IDs of device groups for which the rule must be applied. Applicable for devices managed using Zscaler Client Connector. */ deviceGroups?: pulumi.Input[] | undefined>; /** * IDs of devices for which the rule must be applied. */ devices?: pulumi.Input[] | undefined>; /** * If set to true, enables full logging for the rule. */ enableFullLogging?: pulumi.Input; /** * IDs of groups to which the rule must be applied. */ groups?: pulumi.Input[] | undefined>; /** * IDs of labels associated with the rule. */ labels?: pulumi.Input[] | undefined>; /** * IDs of location groups to which the rule must be applied. */ locationGroups?: pulumi.Input[] | undefined>; /** * IDs of locations to which the rule must be applied. */ locations?: pulumi.Input[] | undefined>; /** * The name of the NAT control rule. Must be unique. */ name: pulumi.Input; /** * IDs of network service groups to which the rule applies. */ nwServiceGroups?: pulumi.Input[] | undefined>; /** * IDs of network services to which the rule applies. */ nwServices?: pulumi.Input[] | undefined>; /** * The order of execution of the rule with respect to other NAT control rules. */ order: pulumi.Input; /** * Indicates whether this is a predefined rule. */ predefined?: pulumi.Input; /** * Admin rank of the NAT control policy rule. Valid values: 0-7. Default: 7. */ rank?: pulumi.Input; /** * The FQDN to which traffic should be redirected. */ redirectFqdn?: pulumi.Input; /** * The IP address to which traffic should be redirected. */ redirectIp?: pulumi.Input; /** * The port to which traffic should be redirected. */ redirectPort?: pulumi.Input; /** * URL categories that apply to the response for the rule. */ resCategories?: pulumi.Input[] | undefined>; /** * IDs of source IP address groups for the rule. */ srcIpGroups?: pulumi.Input[] | undefined>; /** * Source IP addresses or CIDR ranges for the rule. */ srcIps?: pulumi.Input[] | undefined>; /** * IDs of source IPv6 address groups for the rule. */ srcIpv6Groups?: pulumi.Input[] | undefined>; /** * Rule state. Valid values: `ENABLED`, `DISABLED`. */ state?: pulumi.Input; /** * IDs of time intervals during which the rule must be enforced. */ timeWindows?: pulumi.Input[] | undefined>; /** * IDs of users to which the rule must be applied. */ users?: pulumi.Input[] | undefined>; } //# sourceMappingURL=natControlRule.d.ts.map