Docs Home
Zscaler Private Access v0.0.12 published on Tuesday, Jul 30, 2024 by Zscaler
zpa.PolicyAccessForwardingRule
Explore with Pulumi AI
The zpa_policy_forwarding_rule resource creates a policy forwarding access rule in the Zscaler Private Access cloud.
⚠️ WARNING:: The attribute rule_order is now deprecated in favor of the new resource zpa.PolicyAccessReorderRule policy_access_rule_reorder
Example Usage
Coming soon!
Coming soon!
Coming soon!
Coming soon!
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.zpa.ZpaFunctions;
import com.pulumi.zpa.inputs.GetIdPControllerArgs;
import com.pulumi.zpa.inputs.GetSCIMGroupsArgs;
import com.pulumi.zpa.ApplicationSegment;
import com.pulumi.zpa.ApplicationSegmentArgs;
import com.pulumi.zpa.inputs.ApplicationSegmentServerGroupArgs;
import com.pulumi.zpa.PolicyAccessForwardingRule;
import com.pulumi.zpa.PolicyAccessForwardingRuleArgs;
import com.pulumi.zpa.inputs.PolicyAccessForwardingRuleConditionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var idpName = ZpaFunctions.getIdPController(GetIdPControllerArgs.builder()
.name("IdP_Name")
.build());
final var engineering = ZpaFunctions.getSCIMGroups(GetSCIMGroupsArgs.builder()
.name("Engineering")
.idpName("IdP_Name")
.build());
// ZPA Application Segment resource
var thisApplicationSegment = new ApplicationSegment("thisApplicationSegment", ApplicationSegmentArgs.builder()
.description("Example")
.enabled(true)
.healthReporting("ON_ACCESS")
.bypassType("NEVER")
.isCnameEnabled(true)
.tcpPortRanges(
"8080",
"8080")
.domainNames("server.acme.com")
.segmentGroupId(zpa_segment_group.test_segment_group().id())
.serverGroups(ApplicationSegmentServerGroupArgs.builder()
.ids(zpa_server_group.test_server_group().id())
.build())
.build());
//Create Client Forwarding Access Rule
var thisPolicyAccessForwardingRule = new PolicyAccessForwardingRule("thisPolicyAccessForwardingRule", PolicyAccessForwardingRuleArgs.builder()
.description("Example")
.action("BYPASS")
.operator("AND")
.conditions(
PolicyAccessForwardingRuleConditionArgs.builder()
.operator("OR")
.operands(PolicyAccessForwardingRuleConditionOperandArgs.builder()
.objectType("APP")
.lhs("id")
.rhs(thisApplicationSegment.id())
.build())
.build(),
PolicyAccessForwardingRuleConditionArgs.builder()
.operator("OR")
.operands(PolicyAccessForwardingRuleConditionOperandArgs.builder()
.objectType("SCIM_GROUP")
.lhs(idpName.applyValue(getIdPControllerResult -> getIdPControllerResult.id()))
.rhs(engineering.applyValue(getSCIMGroupsResult -> getSCIMGroupsResult.id()))
.build())
.build())
.build());
}
}
resources:
#Create Client Forwarding Access Rule
thisPolicyAccessForwardingRule:
type: zpa:PolicyAccessForwardingRule
properties:
description: Example
action: BYPASS
operator: AND
conditions:
- operator: OR
operands:
- objectType: APP
lhs: id
rhs:
- ${thisApplicationSegment.id}
- operator: OR
operands:
- objectType: SCIM_GROUP
lhs: ${idpName.id}
rhs:
- ${engineering.id}
# ZPA Application Segment resource
thisApplicationSegment:
type: zpa:ApplicationSegment
properties:
description: Example
enabled: true
healthReporting: ON_ACCESS
bypassType: NEVER
isCnameEnabled: true
tcpPortRanges:
- '8080'
- '8080'
domainNames:
- server.acme.com
segmentGroupId: ${zpa_segment_group.test_segment_group.id}
serverGroups:
- ids:
- ${zpa_server_group.test_server_group.id}
variables:
idpName:
fn::invoke:
Function: zpa:getIdPController
Arguments:
name: IdP_Name
engineering:
fn::invoke:
Function: zpa:getSCIMGroups
Arguments:
name: Engineering
idpName: IdP_Name
LHS and RHS Values
LHS and RHS values differ based on object types. Refer to the following table:
| Object Type | LHS | RHS |
|---|---|---|
| APP | "id" | application_segment_id |
| APP_GROUP | "id" | segment_group_id |
| CLIENT_TYPE | "id" | zpn_client_type_exporter, zpn_client_type_browser_isolation, zpn_client_type_ip_anchoring, zpn_client_type_edge_connector, zpn_client_type_branch_connector, zpn_client_type_zapp_partner, zpn_client_type_machine_tunnel, zpn_client_type_zapp |
| EDGE_CONNECTOR_GROUP | "id" | edge_connector_id |
| MACHINE_GRP | "id" | machine_group_id |
| POSTURE | posture_udid | "true" / "false" |
| TRUSTED_NETWORK | network_id | "true" |
| IDP | "id" | identity_provider_id |
| SAML | saml_attribute_id | attribute_value_to_match |
| SCIM | scim_attribute_id | attribute_value_to_match |
| SCIM_GROUP | scim_group_attribute_id | attribute_value_to_match |
Create PolicyAccessForwardingRule Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new PolicyAccessForwardingRule(name: string, args?: PolicyAccessForwardingRuleArgs, opts?: CustomResourceOptions);@overload
def PolicyAccessForwardingRule(resource_name: str,
args: Optional[PolicyAccessForwardingRuleArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def PolicyAccessForwardingRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
action: Optional[str] = None,
action_id: Optional[str] = None,
bypass_default_rule: Optional[bool] = None,
conditions: Optional[Sequence[PolicyAccessForwardingRuleConditionArgs]] = None,
custom_msg: Optional[str] = None,
default_rule: Optional[bool] = None,
description: Optional[str] = None,
lss_default_rule: Optional[bool] = None,
microtenant_id: Optional[str] = None,
name: Optional[str] = None,
operator: Optional[str] = None,
policy_set_id: Optional[str] = None,
policy_type: Optional[str] = None,
priority: Optional[str] = None,
reauth_default_rule: Optional[bool] = None,
reauth_idle_timeout: Optional[str] = None,
reauth_timeout: Optional[str] = None,
rule_order: Optional[str] = None,
zpn_cbi_profile_id: Optional[str] = None,
zpn_inspection_profile_id: Optional[str] = None,
zpn_isolation_profile_id: Optional[str] = None)func NewPolicyAccessForwardingRule(ctx *Context, name string, args *PolicyAccessForwardingRuleArgs, opts ...ResourceOption) (*PolicyAccessForwardingRule, error)public PolicyAccessForwardingRule(string name, PolicyAccessForwardingRuleArgs? args = null, CustomResourceOptions? opts = null)
public PolicyAccessForwardingRule(String name, PolicyAccessForwardingRuleArgs args)
public PolicyAccessForwardingRule(String name, PolicyAccessForwardingRuleArgs args, CustomResourceOptions options)
type: zpa:PolicyAccessForwardingRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args PolicyAccessForwardingRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args PolicyAccessForwardingRuleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args PolicyAccessForwardingRuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args PolicyAccessForwardingRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args PolicyAccessForwardingRuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var policyAccessForwardingRuleResource = new Zpa.PolicyAccessForwardingRule("policyAccessForwardingRuleResource", new()
{
Action = "string",
ActionId = "string",
BypassDefaultRule = false,
Conditions = new[]
{
new Zpa.Inputs.PolicyAccessForwardingRuleConditionArgs
{
Operator = "string",
Id = "string",
MicrotenantId = "string",
Operands = new[]
{
new Zpa.Inputs.PolicyAccessForwardingRuleConditionOperandArgs
{
Lhs = "string",
ObjectType = "string",
Id = "string",
IdpId = "string",
MicrotenantId = "string",
Name = "string",
Rhs = "string",
RhsLists = new[]
{
"string",
},
},
},
},
},
CustomMsg = "string",
DefaultRule = false,
Description = "string",
LssDefaultRule = false,
MicrotenantId = "string",
Name = "string",
Operator = "string",
PolicySetId = "string",
PolicyType = "string",
Priority = "string",
ReauthDefaultRule = false,
ReauthIdleTimeout = "string",
ReauthTimeout = "string",
ZpnCbiProfileId = "string",
ZpnInspectionProfileId = "string",
ZpnIsolationProfileId = "string",
});
example, err := zpa.NewPolicyAccessForwardingRule(ctx, "policyAccessForwardingRuleResource", &zpa.PolicyAccessForwardingRuleArgs{
Action: pulumi.String("string"),
ActionId: pulumi.String("string"),
BypassDefaultRule: pulumi.Bool(false),
Conditions: zpa.PolicyAccessForwardingRuleConditionArray{
&zpa.PolicyAccessForwardingRuleConditionArgs{
Operator: pulumi.String("string"),
Id: pulumi.String("string"),
MicrotenantId: pulumi.String("string"),
Operands: zpa.PolicyAccessForwardingRuleConditionOperandArray{
&zpa.PolicyAccessForwardingRuleConditionOperandArgs{
Lhs: pulumi.String("string"),
ObjectType: pulumi.String("string"),
Id: pulumi.String("string"),
IdpId: pulumi.String("string"),
MicrotenantId: pulumi.String("string"),
Name: pulumi.String("string"),
Rhs: pulumi.String("string"),
RhsLists: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
},
CustomMsg: pulumi.String("string"),
DefaultRule: pulumi.Bool(false),
Description: pulumi.String("string"),
LssDefaultRule: pulumi.Bool(false),
MicrotenantId: pulumi.String("string"),
Name: pulumi.String("string"),
Operator: pulumi.String("string"),
PolicySetId: pulumi.String("string"),
PolicyType: pulumi.String("string"),
Priority: pulumi.String("string"),
ReauthDefaultRule: pulumi.Bool(false),
ReauthIdleTimeout: pulumi.String("string"),
ReauthTimeout: pulumi.String("string"),
ZpnCbiProfileId: pulumi.String("string"),
ZpnInspectionProfileId: pulumi.String("string"),
ZpnIsolationProfileId: pulumi.String("string"),
})
var policyAccessForwardingRuleResource = new PolicyAccessForwardingRule("policyAccessForwardingRuleResource", PolicyAccessForwardingRuleArgs.builder()
.action("string")
.actionId("string")
.bypassDefaultRule(false)
.conditions(PolicyAccessForwardingRuleConditionArgs.builder()
.operator("string")
.id("string")
.microtenantId("string")
.operands(PolicyAccessForwardingRuleConditionOperandArgs.builder()
.lhs("string")
.objectType("string")
.id("string")
.idpId("string")
.microtenantId("string")
.name("string")
.rhs("string")
.rhsLists("string")
.build())
.build())
.customMsg("string")
.defaultRule(false)
.description("string")
.lssDefaultRule(false)
.microtenantId("string")
.name("string")
.operator("string")
.policySetId("string")
.policyType("string")
.priority("string")
.reauthDefaultRule(false)
.reauthIdleTimeout("string")
.reauthTimeout("string")
.zpnCbiProfileId("string")
.zpnInspectionProfileId("string")
.zpnIsolationProfileId("string")
.build());
policy_access_forwarding_rule_resource = zpa.PolicyAccessForwardingRule("policyAccessForwardingRuleResource",
action="string",
action_id="string",
bypass_default_rule=False,
conditions=[{
"operator": "string",
"id": "string",
"microtenant_id": "string",
"operands": [{
"lhs": "string",
"object_type": "string",
"id": "string",
"idp_id": "string",
"microtenant_id": "string",
"name": "string",
"rhs": "string",
"rhs_lists": ["string"],
}],
}],
custom_msg="string",
default_rule=False,
description="string",
lss_default_rule=False,
microtenant_id="string",
name="string",
operator="string",
policy_set_id="string",
policy_type="string",
priority="string",
reauth_default_rule=False,
reauth_idle_timeout="string",
reauth_timeout="string",
zpn_cbi_profile_id="string",
zpn_inspection_profile_id="string",
zpn_isolation_profile_id="string")
const policyAccessForwardingRuleResource = new zpa.PolicyAccessForwardingRule("policyAccessForwardingRuleResource", {
action: "string",
actionId: "string",
bypassDefaultRule: false,
conditions: [{
operator: "string",
id: "string",
microtenantId: "string",
operands: [{
lhs: "string",
objectType: "string",
id: "string",
idpId: "string",
microtenantId: "string",
name: "string",
rhs: "string",
rhsLists: ["string"],
}],
}],
customMsg: "string",
defaultRule: false,
description: "string",
lssDefaultRule: false,
microtenantId: "string",
name: "string",
operator: "string",
policySetId: "string",
policyType: "string",
priority: "string",
reauthDefaultRule: false,
reauthIdleTimeout: "string",
reauthTimeout: "string",
zpnCbiProfileId: "string",
zpnInspectionProfileId: "string",
zpnIsolationProfileId: "string",
});
type: zpa:PolicyAccessForwardingRule
properties:
action: string
actionId: string
bypassDefaultRule: false
conditions:
- id: string
microtenantId: string
operands:
- id: string
idpId: string
lhs: string
microtenantId: string
name: string
objectType: string
rhs: string
rhsLists:
- string
operator: string
customMsg: string
defaultRule: false
description: string
lssDefaultRule: false
microtenantId: string
name: string
operator: string
policySetId: string
policyType: string
priority: string
reauthDefaultRule: false
reauthIdleTimeout: string
reauthTimeout: string
zpnCbiProfileId: string
zpnInspectionProfileId: string
zpnIsolationProfileId: string
PolicyAccessForwardingRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The PolicyAccessForwardingRule resource accepts the following input properties:
- Action string
- This is for providing the rule action.
- Action
Id string - This field defines the description of the server.
- Bypass
Default boolRule - Conditions
List<Zscaler.
Zpa. Inputs. Policy Access Forwarding Rule Condition> - This is for proviidng the set of conditions for the policy.
- Custom
Msg string - This is for providing a customer message for the user.
- Default
Rule bool - This is for providing a customer message for the user.
- Description string
- This is the description of the access policy.
- Lss
Default boolRule - Microtenant
Id string - Name string
- This is the name of the policy.
- Operator string
- Policy
Set stringId - Policy
Type string - Priority string
- Reauth
Default boolRule - Reauth
Idle stringTimeout - Reauth
Timeout string - Rule
Order string - Zpn
Cbi stringProfile Id - Zpn
Inspection stringProfile Id - Zpn
Isolation stringProfile Id
- Action string
- This is for providing the rule action.
- Action
Id string - This field defines the description of the server.
- Bypass
Default boolRule - Conditions
[]Policy
Access Forwarding Rule Condition Args - This is for proviidng the set of conditions for the policy.
- Custom
Msg string - This is for providing a customer message for the user.
- Default
Rule bool - This is for providing a customer message for the user.
- Description string
- This is the description of the access policy.
- Lss
Default boolRule - Microtenant
Id string - Name string
- This is the name of the policy.
- Operator string
- Policy
Set stringId - Policy
Type string - Priority string
- Reauth
Default boolRule - Reauth
Idle stringTimeout - Reauth
Timeout string - Rule
Order string - Zpn
Cbi stringProfile Id - Zpn
Inspection stringProfile Id - Zpn
Isolation stringProfile Id
- action String
- This is for providing the rule action.
- action
Id String - This field defines the description of the server.
- bypass
Default BooleanRule - conditions
List<Policy
Access Forwarding Rule Condition> - This is for proviidng the set of conditions for the policy.
- custom
Msg String - This is for providing a customer message for the user.
- default
Rule Boolean - This is for providing a customer message for the user.
- description String
- This is the description of the access policy.
- lss
Default BooleanRule - microtenant
Id String - name String
- This is the name of the policy.
- operator String
- policy
Set StringId - policy
Type String - priority String
- reauth
Default BooleanRule - reauth
Idle StringTimeout - reauth
Timeout String - rule
Order String - zpn
Cbi StringProfile Id - zpn
Inspection StringProfile Id - zpn
Isolation StringProfile Id
- action string
- This is for providing the rule action.
- action
Id string - This field defines the description of the server.
- bypass
Default booleanRule - conditions
Policy
Access Forwarding Rule Condition[] - This is for proviidng the set of conditions for the policy.
- custom
Msg string - This is for providing a customer message for the user.
- default
Rule boolean - This is for providing a customer message for the user.
- description string
- This is the description of the access policy.
- lss
Default booleanRule - microtenant
Id string - name string
- This is the name of the policy.
- operator string
- policy
Set stringId - policy
Type string - priority string
- reauth
Default booleanRule - reauth
Idle stringTimeout - reauth
Timeout string - rule
Order string - zpn
Cbi stringProfile Id - zpn
Inspection stringProfile Id - zpn
Isolation stringProfile Id
- action str
- This is for providing the rule action.
- action_
id str - This field defines the description of the server.
- bypass_
default_ boolrule - conditions
Sequence[Policy
Access Forwarding Rule Condition Args] - This is for proviidng the set of conditions for the policy.
- custom_
msg str - This is for providing a customer message for the user.
- default_
rule bool - This is for providing a customer message for the user.
- description str
- This is the description of the access policy.
- lss_
default_ boolrule - microtenant_
id str - name str
- This is the name of the policy.
- operator str
- policy_
set_ strid - policy_
type str - priority str
- reauth_
default_ boolrule - reauth_
idle_ strtimeout - reauth_
timeout str - rule_
order str - zpn_
cbi_ strprofile_ id - zpn_
inspection_ strprofile_ id - zpn_
isolation_ strprofile_ id
- action String
- This is for providing the rule action.
- action
Id String - This field defines the description of the server.
- bypass
Default BooleanRule - conditions List<Property Map>
- This is for proviidng the set of conditions for the policy.
- custom
Msg String - This is for providing a customer message for the user.
- default
Rule Boolean - This is for providing a customer message for the user.
- description String
- This is the description of the access policy.
- lss
Default BooleanRule - microtenant
Id String - name String
- This is the name of the policy.
- operator String
- policy
Set StringId - policy
Type String - priority String
- reauth
Default BooleanRule - reauth
Idle StringTimeout - reauth
Timeout String - rule
Order String - zpn
Cbi StringProfile Id - zpn
Inspection StringProfile Id - zpn
Isolation StringProfile Id
Outputs
All input properties are implicitly available as output properties. Additionally, the PolicyAccessForwardingRule resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing PolicyAccessForwardingRule Resource
Get an existing PolicyAccessForwardingRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: PolicyAccessForwardingRuleState, opts?: CustomResourceOptions): PolicyAccessForwardingRule@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
action: Optional[str] = None,
action_id: Optional[str] = None,
bypass_default_rule: Optional[bool] = None,
conditions: Optional[Sequence[PolicyAccessForwardingRuleConditionArgs]] = None,
custom_msg: Optional[str] = None,
default_rule: Optional[bool] = None,
description: Optional[str] = None,
lss_default_rule: Optional[bool] = None,
microtenant_id: Optional[str] = None,
name: Optional[str] = None,
operator: Optional[str] = None,
policy_set_id: Optional[str] = None,
policy_type: Optional[str] = None,
priority: Optional[str] = None,
reauth_default_rule: Optional[bool] = None,
reauth_idle_timeout: Optional[str] = None,
reauth_timeout: Optional[str] = None,
rule_order: Optional[str] = None,
zpn_cbi_profile_id: Optional[str] = None,
zpn_inspection_profile_id: Optional[str] = None,
zpn_isolation_profile_id: Optional[str] = None) -> PolicyAccessForwardingRulefunc GetPolicyAccessForwardingRule(ctx *Context, name string, id IDInput, state *PolicyAccessForwardingRuleState, opts ...ResourceOption) (*PolicyAccessForwardingRule, error)public static PolicyAccessForwardingRule Get(string name, Input<string> id, PolicyAccessForwardingRuleState? state, CustomResourceOptions? opts = null)public static PolicyAccessForwardingRule get(String name, Output<String> id, PolicyAccessForwardingRuleState state, CustomResourceOptions options)resources: _: type: zpa:PolicyAccessForwardingRule get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Action string
- This is for providing the rule action.
- Action
Id string - This field defines the description of the server.
- Bypass
Default boolRule - Conditions
List<Zscaler.
Zpa. Inputs. Policy Access Forwarding Rule Condition> - This is for proviidng the set of conditions for the policy.
- Custom
Msg string - This is for providing a customer message for the user.
- Default
Rule bool - This is for providing a customer message for the user.
- Description string
- This is the description of the access policy.
- Lss
Default boolRule - Microtenant
Id string - Name string
- This is the name of the policy.
- Operator string
- Policy
Set stringId - Policy
Type string - Priority string
- Reauth
Default boolRule - Reauth
Idle stringTimeout - Reauth
Timeout string - Rule
Order string - Zpn
Cbi stringProfile Id - Zpn
Inspection stringProfile Id - Zpn
Isolation stringProfile Id
- Action string
- This is for providing the rule action.
- Action
Id string - This field defines the description of the server.
- Bypass
Default boolRule - Conditions
[]Policy
Access Forwarding Rule Condition Args - This is for proviidng the set of conditions for the policy.
- Custom
Msg string - This is for providing a customer message for the user.
- Default
Rule bool - This is for providing a customer message for the user.
- Description string
- This is the description of the access policy.
- Lss
Default boolRule - Microtenant
Id string - Name string
- This is the name of the policy.
- Operator string
- Policy
Set stringId - Policy
Type string - Priority string
- Reauth
Default boolRule - Reauth
Idle stringTimeout - Reauth
Timeout string - Rule
Order string - Zpn
Cbi stringProfile Id - Zpn
Inspection stringProfile Id - Zpn
Isolation stringProfile Id
- action String
- This is for providing the rule action.
- action
Id String - This field defines the description of the server.
- bypass
Default BooleanRule - conditions
List<Policy
Access Forwarding Rule Condition> - This is for proviidng the set of conditions for the policy.
- custom
Msg String - This is for providing a customer message for the user.
- default
Rule Boolean - This is for providing a customer message for the user.
- description String
- This is the description of the access policy.
- lss
Default BooleanRule - microtenant
Id String - name String
- This is the name of the policy.
- operator String
- policy
Set StringId - policy
Type String - priority String
- reauth
Default BooleanRule - reauth
Idle StringTimeout - reauth
Timeout String - rule
Order String - zpn
Cbi StringProfile Id - zpn
Inspection StringProfile Id - zpn
Isolation StringProfile Id
- action string
- This is for providing the rule action.
- action
Id string - This field defines the description of the server.
- bypass
Default booleanRule - conditions
Policy
Access Forwarding Rule Condition[] - This is for proviidng the set of conditions for the policy.
- custom
Msg string - This is for providing a customer message for the user.
- default
Rule boolean - This is for providing a customer message for the user.
- description string
- This is the description of the access policy.
- lss
Default booleanRule - microtenant
Id string - name string
- This is the name of the policy.
- operator string
- policy
Set stringId - policy
Type string - priority string
- reauth
Default booleanRule - reauth
Idle stringTimeout - reauth
Timeout string - rule
Order string - zpn
Cbi stringProfile Id - zpn
Inspection stringProfile Id - zpn
Isolation stringProfile Id
- action str
- This is for providing the rule action.
- action_
id str - This field defines the description of the server.
- bypass_
default_ boolrule - conditions
Sequence[Policy
Access Forwarding Rule Condition Args] - This is for proviidng the set of conditions for the policy.
- custom_
msg str - This is for providing a customer message for the user.
- default_
rule bool - This is for providing a customer message for the user.
- description str
- This is the description of the access policy.
- lss_
default_ boolrule - microtenant_
id str - name str
- This is the name of the policy.
- operator str
- policy_
set_ strid - policy_
type str - priority str
- reauth_
default_ boolrule - reauth_
idle_ strtimeout - reauth_
timeout str - rule_
order str - zpn_
cbi_ strprofile_ id - zpn_
inspection_ strprofile_ id - zpn_
isolation_ strprofile_ id
- action String
- This is for providing the rule action.
- action
Id String - This field defines the description of the server.
- bypass
Default BooleanRule - conditions List<Property Map>
- This is for proviidng the set of conditions for the policy.
- custom
Msg String - This is for providing a customer message for the user.
- default
Rule Boolean - This is for providing a customer message for the user.
- description String
- This is the description of the access policy.
- lss
Default BooleanRule - microtenant
Id String - name String
- This is the name of the policy.
- operator String
- policy
Set StringId - policy
Type String - priority String
- reauth
Default BooleanRule - reauth
Idle StringTimeout - reauth
Timeout String - rule
Order String - zpn
Cbi StringProfile Id - zpn
Inspection StringProfile Id - zpn
Isolation StringProfile Id
Supporting Types
PolicyAccessForwardingRuleCondition, PolicyAccessForwardingRuleConditionArgs
- Operator string
- Id string
- Microtenant
Id string - Operands
List<Zscaler.
Zpa. Inputs. Policy Access Forwarding Rule Condition Operand> - This signifies the various policy criteria.
- Operator string
- Id string
- Microtenant
Id string - Operands
[]Policy
Access Forwarding Rule Condition Operand - This signifies the various policy criteria.
- operator String
- id String
- microtenant
Id String - operands
List<Policy
Access Forwarding Rule Condition Operand> - This signifies the various policy criteria.
- operator string
- id string
- microtenant
Id string - operands
Policy
Access Forwarding Rule Condition Operand[] - This signifies the various policy criteria.
- operator str
- id str
- microtenant_
id str - operands
Sequence[Policy
Access Forwarding Rule Condition Operand] - This signifies the various policy criteria.
- operator String
- id String
- microtenant
Id String - operands List<Property Map>
- This signifies the various policy criteria.
PolicyAccessForwardingRuleConditionOperand, PolicyAccessForwardingRuleConditionOperandArgs
- Lhs string
- This signifies the key for the object type. String ID example: id
- Object
Type string - This is for specifying the policy critiera.
- Id string
- Idp
Id string - Microtenant
Id string - This denotes the value for the given object type. Its value depends upon the key.
- Name string
- Rhs string
- This denotes the value for the given object type. Its value depends upon the key.
- Rhs
Lists List<string> - This denotes a list of values for the given object type. The value depend upon the key. If rhs is defined this list will be ignored
- Lhs string
- This signifies the key for the object type. String ID example: id
- Object
Type string - This is for specifying the policy critiera.
- Id string
- Idp
Id string - Microtenant
Id string - This denotes the value for the given object type. Its value depends upon the key.
- Name string
- Rhs string
- This denotes the value for the given object type. Its value depends upon the key.
- Rhs
Lists []string - This denotes a list of values for the given object type. The value depend upon the key. If rhs is defined this list will be ignored
- lhs String
- This signifies the key for the object type. String ID example: id
- object
Type String - This is for specifying the policy critiera.
- id String
- idp
Id String - microtenant
Id String - This denotes the value for the given object type. Its value depends upon the key.
- name String
- rhs String
- This denotes the value for the given object type. Its value depends upon the key.
- rhs
Lists List<String> - This denotes a list of values for the given object type. The value depend upon the key. If rhs is defined this list will be ignored
- lhs string
- This signifies the key for the object type. String ID example: id
- object
Type string - This is for specifying the policy critiera.
- id string
- idp
Id string - microtenant
Id string - This denotes the value for the given object type. Its value depends upon the key.
- name string
- rhs string
- This denotes the value for the given object type. Its value depends upon the key.
- rhs
Lists string[] - This denotes a list of values for the given object type. The value depend upon the key. If rhs is defined this list will be ignored
- lhs str
- This signifies the key for the object type. String ID example: id
- object_
type str - This is for specifying the policy critiera.
- id str
- idp_
id str - microtenant_
id str - This denotes the value for the given object type. Its value depends upon the key.
- name str
- rhs str
- This denotes the value for the given object type. Its value depends upon the key.
- rhs_
lists Sequence[str] - This denotes a list of values for the given object type. The value depend upon the key. If rhs is defined this list will be ignored
- lhs String
- This signifies the key for the object type. String ID example: id
- object
Type String - This is for specifying the policy critiera.
- id String
- idp
Id String - microtenant
Id String - This denotes the value for the given object type. Its value depends upon the key.
- name String
- rhs String
- This denotes the value for the given object type. Its value depends upon the key.
- rhs
Lists List<String> - This denotes a list of values for the given object type. The value depend upon the key. If rhs is defined this list will be ignored
Import
Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZPA configurations into Terraform-compliant HashiCorp Configuration Language.
Visit
Policy Access Forwarding Rule can be imported by using <POLICY FORWARDING RULE ID> as the import ID.
For example:
$ pulumi import zpa:index/policyAccessForwardingRule:PolicyAccessForwardingRule example <policy_forwarding_rule_id>
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- zpa zscaler/pulumi-zpa
- License
- MIT
- Notes
- This Pulumi package is based on the
zpaTerraform Provider.