import * as pulumi from "@pulumi/pulumi"; import * as inputs from "./types/input"; import * as outputs from "./types/output"; /** * The zia_sandbox_rules resource manages sandbox policy rules in the Zscaler Internet Access (ZIA) cloud service. Sandbox rules define actions for file analysis based on criteria such as locations, departments, groups, users, and file types. * * For more information, see the [ZIA Cloud Sandbox documentation](https://help.zscaler.com/zia/about-cloud-sandbox-policies). * * ## Example Usage * ### Basic Sandbox Rule * * ```typescript * import * as zia from "@bdzscaler/pulumi-zia"; * * const example = new zia.SandboxRule("example", { * name: "Example Sandbox Rule", * description: "Block suspicious file types", * order: 1, * state: "ENABLED", * baRuleAction: "ALLOW", * fileTypes: ["ALL_OUTBOUND"], * protocols: ["FTP_RULE", "SSL_RULE", "FOHTTP_RULE", "HTTP_PROXY"], * }); * ``` * * ## Import * * An existing Sandbox Rule can be imported using its resource ID, e.g. * * ```sh * $ pulumi import zia:index:SandboxRule example 12345 * ``` */ export declare class SandboxRule extends pulumi.CustomResource { /** * Get an existing SandboxRule resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, opts?: pulumi.CustomResourceOptions): SandboxRule; /** * Returns true if the given object is an instance of SandboxRule. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is SandboxRule; /** * List of behavioral analysis policy categories. */ readonly baPolicyCategories: pulumi.Output; /** * The action applied when the rule is matched. Valid values: `ALLOW`, `BLOCK`, `QUARANTINE`. */ readonly baRuleAction: pulumi.Output; /** * Threat score threshold for the rule. Files with a score above this value trigger the action. */ readonly byThreatScore: pulumi.Output; /** * IDs of departments to which the rule applies. */ readonly departments: pulumi.Output; /** * Additional information about the sandbox rule. */ readonly description: pulumi.Output; /** * List of file types for which the rule applies (e.g., `ALL_OUTBOUND`, `EXE`, `DLL`). */ readonly fileTypes: pulumi.Output; /** * If set to true, a first-time action is enabled. */ readonly firstTimeEnable: pulumi.Output; /** * The action for first-time file downloads. Valid values: `ALLOW_SCAN`, `QUARANTINE`. */ readonly firstTimeOperation: pulumi.Output; /** * IDs of groups to which the rule applies. */ readonly groups: pulumi.Output; /** * IDs of labels associated with the rule. */ readonly labels: pulumi.Output; /** * IDs of location groups to which the rule applies. */ readonly locationGroups: pulumi.Output; /** * IDs of locations to which the rule applies. */ readonly locations: pulumi.Output; /** * If set to true, machine learning-based analysis action is enabled. */ readonly mlActionEnabled: pulumi.Output; /** * The name of the sandbox rule. Must be unique. */ readonly name: pulumi.Output; /** * The order of execution of the rule with respect to other sandbox rules. */ readonly order: pulumi.Output; /** * Protocols to which the rule applies. Valid values: `FTP_RULE`, `SSL_RULE`, `FOHTTP_RULE`, `HTTP_PROXY`. */ readonly protocols: pulumi.Output; /** * Admin rank of the sandbox policy rule. Valid values: 0-7. Default: 7. */ readonly rank: pulumi.Output; /** * The system-generated ID of the sandbox rule. */ readonly ruleId: pulumi.Output; /** * Rule state. Valid values: `ENABLED`, `DISABLED`. */ readonly state: pulumi.Output; /** * List of URL categories to which the rule applies. */ readonly urlCategories: pulumi.Output; /** * IDs of users to which the rule applies. */ readonly users: pulumi.Output; /** * List of ZPA application segments to which the rule applies. */ readonly zpaAppSegments: pulumi.Output; /** * Create a SandboxRule resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: SandboxRuleArgs, opts?: pulumi.CustomResourceOptions); } /** * The set of arguments for constructing a SandboxRule resource. */ export interface SandboxRuleArgs { /** * List of behavioral analysis policy categories. */ baPolicyCategories?: pulumi.Input[] | undefined>; /** * The action applied when the rule is matched. Valid values: `ALLOW`, `BLOCK`, `QUARANTINE`. */ baRuleAction?: pulumi.Input; /** * Threat score threshold for the rule. Files with a score above this value trigger the action. */ byThreatScore?: pulumi.Input; /** * IDs of departments to which the rule applies. */ departments?: pulumi.Input[] | undefined>; /** * Additional information about the sandbox rule. */ description?: pulumi.Input; /** * List of file types for which the rule applies (e.g., `ALL_OUTBOUND`, `EXE`, `DLL`). */ fileTypes?: pulumi.Input[] | undefined>; /** * If set to true, a first-time action is enabled. */ firstTimeEnable?: pulumi.Input; /** * The action for first-time file downloads. Valid values: `ALLOW_SCAN`, `QUARANTINE`. */ firstTimeOperation?: pulumi.Input; /** * IDs of groups to which the rule applies. */ groups?: pulumi.Input[] | undefined>; /** * IDs of labels associated with the rule. */ labels?: pulumi.Input[] | undefined>; /** * IDs of location groups to which the rule applies. */ locationGroups?: pulumi.Input[] | undefined>; /** * IDs of locations to which the rule applies. */ locations?: pulumi.Input[] | undefined>; /** * If set to true, machine learning-based analysis action is enabled. */ mlActionEnabled?: pulumi.Input; /** * The name of the sandbox rule. Must be unique. */ name: pulumi.Input; /** * The order of execution of the rule with respect to other sandbox rules. */ order: pulumi.Input; /** * Protocols to which the rule applies. Valid values: `FTP_RULE`, `SSL_RULE`, `FOHTTP_RULE`, `HTTP_PROXY`. */ protocols?: pulumi.Input[] | undefined>; /** * Admin rank of the sandbox policy rule. Valid values: 0-7. Default: 7. */ rank?: pulumi.Input; /** * Rule state. Valid values: `ENABLED`, `DISABLED`. */ state?: pulumi.Input; /** * List of URL categories to which the rule applies. */ urlCategories?: pulumi.Input[] | undefined>; /** * IDs of users to which the rule applies. */ users?: pulumi.Input[] | undefined>; /** * List of ZPA application segments to which the rule applies. */ zpaAppSegments?: pulumi.Input[] | undefined>; } //# sourceMappingURL=sandboxRule.d.ts.map