1. Packages
  2. Zscaler Private Access (ZPA)
  3. API Docs
  4. ApplicationSegmentInspection
Zscaler Private Access v0.0.12 published on Tuesday, Jul 30, 2024 by Zscaler

zpa.ApplicationSegmentInspection

Explore with Pulumi AI

zpa logo
Zscaler Private Access v0.0.12 published on Tuesday, Jul 30, 2024 by Zscaler

    The zpa_application_segment_inspection resource creates an inspection application segment in the Zscaler Private Access cloud. This resource can then be referenced in an access policy inspection rule. This resource supports Inspection for both HTTP and HTTPS.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as zpa from "@bdzscaler/pulumi-zpa";
    import * as zpa from "@pulumi/zpa";
    
    const jenkins = zpa.getBaCertificate({
        name: "jenkins.example.com",
    });
    const _this = new zpa.ApplicationSegmentInspection("this", {
        description: "ZPA_Inspection_Example",
        enabled: true,
        healthReporting: "ON_ACCESS",
        bypassType: "NEVER",
        isCnameEnabled: true,
        tcpPortRanges: [
            "443",
            "443",
        ],
        domainNames: ["jenkins.example.com"],
        segmentGroupId: zpa_segment_group["this"].id,
        serverGroups: [{
            ids: [zpa_server_group["this"].id],
        }],
        commonAppsDto: {
            appsConfigs: [{
                name: "jenkins.example.com",
                domain: "jenkins.example.com",
                applicationProtocol: "HTTPS",
                applicationPort: "443",
                certificateId: jenkins.then(jenkins => jenkins.id),
                enabled: true,
                appTypes: ["INSPECT"],
            }],
        },
    });
    
    import pulumi
    import pulumi_zpa as zpa
    import zscaler_pulumi_zpa as zpa
    
    jenkins = zpa.get_ba_certificate(name="jenkins.example.com")
    this = zpa.ApplicationSegmentInspection("this",
        description="ZPA_Inspection_Example",
        enabled=True,
        health_reporting="ON_ACCESS",
        bypass_type="NEVER",
        is_cname_enabled=True,
        tcp_port_ranges=[
            "443",
            "443",
        ],
        domain_names=["jenkins.example.com"],
        segment_group_id=zpa_segment_group["this"]["id"],
        server_groups=[zpa.ApplicationSegmentInspectionServerGroupArgs(
            ids=[zpa_server_group["this"]["id"]],
        )],
        common_apps_dto=zpa.ApplicationSegmentInspectionCommonAppsDtoArgs(
            apps_configs=[zpa.ApplicationSegmentInspectionCommonAppsDtoAppsConfigArgs(
                name="jenkins.example.com",
                domain="jenkins.example.com",
                application_protocol="HTTPS",
                application_port="443",
                certificate_id=jenkins.id,
                enabled=True,
                app_types=["INSPECT"],
            )],
        ))
    
    package main
    
    import (
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    	"github.com/zscaler/pulumi-zpa/sdk/go/zpa"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		jenkins, err := zpa.GetBaCertificate(ctx, &zpa.GetBaCertificateArgs{
    			Name: pulumi.StringRef("jenkins.example.com"),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		_, err = zpa.NewApplicationSegmentInspection(ctx, "this", &zpa.ApplicationSegmentInspectionArgs{
    			Description:     pulumi.String("ZPA_Inspection_Example"),
    			Enabled:         pulumi.Bool(true),
    			HealthReporting: pulumi.String("ON_ACCESS"),
    			BypassType:      pulumi.String("NEVER"),
    			IsCnameEnabled:  pulumi.Bool(true),
    			TcpPortRanges: pulumi.StringArray{
    				pulumi.String("443"),
    				pulumi.String("443"),
    			},
    			DomainNames: pulumi.StringArray{
    				pulumi.String("jenkins.example.com"),
    			},
    			SegmentGroupId: pulumi.Any(zpa_segment_group.This.Id),
    			ServerGroups: zpa.ApplicationSegmentInspectionServerGroupArray{
    				&zpa.ApplicationSegmentInspectionServerGroupArgs{
    					Ids: pulumi.StringArray{
    						zpa_server_group.This.Id,
    					},
    				},
    			},
    			CommonAppsDto: &zpa.ApplicationSegmentInspectionCommonAppsDtoArgs{
    				AppsConfigs: zpa.ApplicationSegmentInspectionCommonAppsDtoAppsConfigArray{
    					&zpa.ApplicationSegmentInspectionCommonAppsDtoAppsConfigArgs{
    						Name:                pulumi.String("jenkins.example.com"),
    						Domain:              pulumi.String("jenkins.example.com"),
    						ApplicationProtocol: pulumi.String("HTTPS"),
    						ApplicationPort:     pulumi.String("443"),
    						CertificateId:       pulumi.String(jenkins.Id),
    						Enabled:             pulumi.Bool(true),
    						AppTypes: pulumi.StringArray{
    							pulumi.String("INSPECT"),
    						},
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Zpa = Pulumi.Zpa;
    using Zpa = Zscaler.Zpa;
    
    return await Deployment.RunAsync(() => 
    {
        var jenkins = Zpa.GetBaCertificate.Invoke(new()
        {
            Name = "jenkins.example.com",
        });
    
        var @this = new Zpa.ApplicationSegmentInspection("this", new()
        {
            Description = "ZPA_Inspection_Example",
            Enabled = true,
            HealthReporting = "ON_ACCESS",
            BypassType = "NEVER",
            IsCnameEnabled = true,
            TcpPortRanges = new[]
            {
                "443",
                "443",
            },
            DomainNames = new[]
            {
                "jenkins.example.com",
            },
            SegmentGroupId = zpa_segment_group.This.Id,
            ServerGroups = new[]
            {
                new Zpa.Inputs.ApplicationSegmentInspectionServerGroupArgs
                {
                    Ids = new[]
                    {
                        zpa_server_group.This.Id,
                    },
                },
            },
            CommonAppsDto = new Zpa.Inputs.ApplicationSegmentInspectionCommonAppsDtoArgs
            {
                AppsConfigs = new[]
                {
                    new Zpa.Inputs.ApplicationSegmentInspectionCommonAppsDtoAppsConfigArgs
                    {
                        Name = "jenkins.example.com",
                        Domain = "jenkins.example.com",
                        ApplicationProtocol = "HTTPS",
                        ApplicationPort = "443",
                        CertificateId = jenkins.Apply(getBaCertificateResult => getBaCertificateResult.Id),
                        Enabled = true,
                        AppTypes = new[]
                        {
                            "INSPECT",
                        },
                    },
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.zpa.ZpaFunctions;
    import com.pulumi.zpa.inputs.GetBaCertificateArgs;
    import com.pulumi.zpa.ApplicationSegmentInspection;
    import com.pulumi.zpa.ApplicationSegmentInspectionArgs;
    import com.pulumi.zpa.inputs.ApplicationSegmentInspectionServerGroupArgs;
    import com.pulumi.zpa.inputs.ApplicationSegmentInspectionCommonAppsDtoArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var jenkins = ZpaFunctions.getBaCertificate(GetBaCertificateArgs.builder()
                .name("jenkins.example.com")
                .build());
    
            var this_ = new ApplicationSegmentInspection("this", ApplicationSegmentInspectionArgs.builder()
                .description("ZPA_Inspection_Example")
                .enabled(true)
                .healthReporting("ON_ACCESS")
                .bypassType("NEVER")
                .isCnameEnabled(true)
                .tcpPortRanges(            
                    "443",
                    "443")
                .domainNames("jenkins.example.com")
                .segmentGroupId(zpa_segment_group.this().id())
                .serverGroups(ApplicationSegmentInspectionServerGroupArgs.builder()
                    .ids(zpa_server_group.this().id())
                    .build())
                .commonAppsDto(ApplicationSegmentInspectionCommonAppsDtoArgs.builder()
                    .appsConfigs(ApplicationSegmentInspectionCommonAppsDtoAppsConfigArgs.builder()
                        .name("jenkins.example.com")
                        .domain("jenkins.example.com")
                        .applicationProtocol("HTTPS")
                        .applicationPort("443")
                        .certificateId(jenkins.applyValue(getBaCertificateResult -> getBaCertificateResult.id()))
                        .enabled(true)
                        .appTypes("INSPECT")
                        .build())
                    .build())
                .build());
    
        }
    }
    
    resources:
      this:
        type: zpa:ApplicationSegmentInspection
        properties:
          description: ZPA_Inspection_Example
          enabled: true
          healthReporting: ON_ACCESS
          bypassType: NEVER
          isCnameEnabled: true
          tcpPortRanges:
            - '443'
            - '443'
          domainNames:
            - jenkins.example.com
          segmentGroupId: ${zpa_segment_group.this.id}
          serverGroups:
            - ids:
                - ${zpa_server_group.this.id}
          commonAppsDto:
            appsConfigs:
              - name: jenkins.example.com
                domain: jenkins.example.com
                applicationProtocol: HTTPS
                applicationPort: '443'
                certificateId: ${jenkins.id}
                enabled: true
                appTypes:
                  - INSPECT
    variables:
      jenkins:
        fn::invoke:
          Function: zpa:getBaCertificate
          Arguments:
            name: jenkins.example.com
    

    Create ApplicationSegmentInspection Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new ApplicationSegmentInspection(name: string, args: ApplicationSegmentInspectionArgs, opts?: CustomResourceOptions);
    @overload
    def ApplicationSegmentInspection(resource_name: str,
                                     args: ApplicationSegmentInspectionArgs,
                                     opts: Optional[ResourceOptions] = None)
    
    @overload
    def ApplicationSegmentInspection(resource_name: str,
                                     opts: Optional[ResourceOptions] = None,
                                     segment_group_id: Optional[str] = None,
                                     is_incomplete_dr_config: Optional[bool] = None,
                                     udp_port_range: Optional[Sequence[ApplicationSegmentInspectionUdpPortRangeArgs]] = None,
                                     description: Optional[str] = None,
                                     domain_names: Optional[Sequence[str]] = None,
                                     double_encrypt: Optional[bool] = None,
                                     enabled: Optional[bool] = None,
                                     health_check_type: Optional[str] = None,
                                     health_reporting: Optional[str] = None,
                                     icmp_access_type: Optional[str] = None,
                                     ip_anchored: Optional[bool] = None,
                                     use_in_dr_mode: Optional[bool] = None,
                                     config_space: Optional[str] = None,
                                     passive_health_enabled: Optional[bool] = None,
                                     name: Optional[str] = None,
                                     match_style: Optional[str] = None,
                                     common_apps_dto: Optional[ApplicationSegmentInspectionCommonAppsDtoArgs] = None,
                                     select_connector_close_to_app: Optional[bool] = None,
                                     server_groups: Optional[Sequence[ApplicationSegmentInspectionServerGroupArgs]] = None,
                                     tcp_keep_alive: Optional[str] = None,
                                     tcp_port_range: Optional[Sequence[ApplicationSegmentInspectionTcpPortRangeArgs]] = None,
                                     tcp_port_ranges: Optional[Sequence[str]] = None,
                                     bypass_type: Optional[str] = None,
                                     udp_port_ranges: Optional[Sequence[str]] = None,
                                     is_cname_enabled: Optional[bool] = None)
    func NewApplicationSegmentInspection(ctx *Context, name string, args ApplicationSegmentInspectionArgs, opts ...ResourceOption) (*ApplicationSegmentInspection, error)
    public ApplicationSegmentInspection(string name, ApplicationSegmentInspectionArgs args, CustomResourceOptions? opts = null)
    public ApplicationSegmentInspection(String name, ApplicationSegmentInspectionArgs args)
    public ApplicationSegmentInspection(String name, ApplicationSegmentInspectionArgs args, CustomResourceOptions options)
    
    type: zpa:ApplicationSegmentInspection
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args ApplicationSegmentInspectionArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args ApplicationSegmentInspectionArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args ApplicationSegmentInspectionArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args ApplicationSegmentInspectionArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args ApplicationSegmentInspectionArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var applicationSegmentInspectionResource = new Zpa.ApplicationSegmentInspection("applicationSegmentInspectionResource", new()
    {
        SegmentGroupId = "string",
        IsIncompleteDrConfig = false,
        UdpPortRange = new[]
        {
            new Zpa.Inputs.ApplicationSegmentInspectionUdpPortRangeArgs
            {
                From = "string",
                To = "string",
            },
        },
        Description = "string",
        DomainNames = new[]
        {
            "string",
        },
        DoubleEncrypt = false,
        Enabled = false,
        HealthCheckType = "string",
        HealthReporting = "string",
        IcmpAccessType = "string",
        IpAnchored = false,
        UseInDrMode = false,
        ConfigSpace = "string",
        PassiveHealthEnabled = false,
        Name = "string",
        MatchStyle = "string",
        CommonAppsDto = new Zpa.Inputs.ApplicationSegmentInspectionCommonAppsDtoArgs
        {
            AppsConfigs = new[]
            {
                new Zpa.Inputs.ApplicationSegmentInspectionCommonAppsDtoAppsConfigArgs
                {
                    AppTypes = new[]
                    {
                        "string",
                    },
                    ApplicationPort = "string",
                    ApplicationProtocol = "string",
                    CertificateId = "string",
                    Domain = "string",
                    Enabled = false,
                    Id = "string",
                    Name = "string",
                    TrustUntrustedCert = false,
                },
            },
        },
        SelectConnectorCloseToApp = false,
        ServerGroups = new[]
        {
            new Zpa.Inputs.ApplicationSegmentInspectionServerGroupArgs
            {
                Ids = new[]
                {
                    "string",
                },
            },
        },
        TcpKeepAlive = "string",
        TcpPortRange = new[]
        {
            new Zpa.Inputs.ApplicationSegmentInspectionTcpPortRangeArgs
            {
                From = "string",
                To = "string",
            },
        },
        TcpPortRanges = new[]
        {
            "string",
        },
        BypassType = "string",
        UdpPortRanges = new[]
        {
            "string",
        },
        IsCnameEnabled = false,
    });
    
    example, err := zpa.NewApplicationSegmentInspection(ctx, "applicationSegmentInspectionResource", &zpa.ApplicationSegmentInspectionArgs{
    	SegmentGroupId:       pulumi.String("string"),
    	IsIncompleteDrConfig: pulumi.Bool(false),
    	UdpPortRange: zpa.ApplicationSegmentInspectionUdpPortRangeArray{
    		&zpa.ApplicationSegmentInspectionUdpPortRangeArgs{
    			From: pulumi.String("string"),
    			To:   pulumi.String("string"),
    		},
    	},
    	Description: pulumi.String("string"),
    	DomainNames: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	DoubleEncrypt:        pulumi.Bool(false),
    	Enabled:              pulumi.Bool(false),
    	HealthCheckType:      pulumi.String("string"),
    	HealthReporting:      pulumi.String("string"),
    	IcmpAccessType:       pulumi.String("string"),
    	IpAnchored:           pulumi.Bool(false),
    	UseInDrMode:          pulumi.Bool(false),
    	ConfigSpace:          pulumi.String("string"),
    	PassiveHealthEnabled: pulumi.Bool(false),
    	Name:                 pulumi.String("string"),
    	MatchStyle:           pulumi.String("string"),
    	CommonAppsDto: &zpa.ApplicationSegmentInspectionCommonAppsDtoArgs{
    		AppsConfigs: zpa.ApplicationSegmentInspectionCommonAppsDtoAppsConfigArray{
    			&zpa.ApplicationSegmentInspectionCommonAppsDtoAppsConfigArgs{
    				AppTypes: pulumi.StringArray{
    					pulumi.String("string"),
    				},
    				ApplicationPort:     pulumi.String("string"),
    				ApplicationProtocol: pulumi.String("string"),
    				CertificateId:       pulumi.String("string"),
    				Domain:              pulumi.String("string"),
    				Enabled:             pulumi.Bool(false),
    				Id:                  pulumi.String("string"),
    				Name:                pulumi.String("string"),
    				TrustUntrustedCert:  pulumi.Bool(false),
    			},
    		},
    	},
    	SelectConnectorCloseToApp: pulumi.Bool(false),
    	ServerGroups: zpa.ApplicationSegmentInspectionServerGroupArray{
    		&zpa.ApplicationSegmentInspectionServerGroupArgs{
    			Ids: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    		},
    	},
    	TcpKeepAlive: pulumi.String("string"),
    	TcpPortRange: zpa.ApplicationSegmentInspectionTcpPortRangeArray{
    		&zpa.ApplicationSegmentInspectionTcpPortRangeArgs{
    			From: pulumi.String("string"),
    			To:   pulumi.String("string"),
    		},
    	},
    	TcpPortRanges: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	BypassType: pulumi.String("string"),
    	UdpPortRanges: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	IsCnameEnabled: pulumi.Bool(false),
    })
    
    var applicationSegmentInspectionResource = new ApplicationSegmentInspection("applicationSegmentInspectionResource", ApplicationSegmentInspectionArgs.builder()
        .segmentGroupId("string")
        .isIncompleteDrConfig(false)
        .udpPortRange(ApplicationSegmentInspectionUdpPortRangeArgs.builder()
            .from("string")
            .to("string")
            .build())
        .description("string")
        .domainNames("string")
        .doubleEncrypt(false)
        .enabled(false)
        .healthCheckType("string")
        .healthReporting("string")
        .icmpAccessType("string")
        .ipAnchored(false)
        .useInDrMode(false)
        .configSpace("string")
        .passiveHealthEnabled(false)
        .name("string")
        .matchStyle("string")
        .commonAppsDto(ApplicationSegmentInspectionCommonAppsDtoArgs.builder()
            .appsConfigs(ApplicationSegmentInspectionCommonAppsDtoAppsConfigArgs.builder()
                .appTypes("string")
                .applicationPort("string")
                .applicationProtocol("string")
                .certificateId("string")
                .domain("string")
                .enabled(false)
                .id("string")
                .name("string")
                .trustUntrustedCert(false)
                .build())
            .build())
        .selectConnectorCloseToApp(false)
        .serverGroups(ApplicationSegmentInspectionServerGroupArgs.builder()
            .ids("string")
            .build())
        .tcpKeepAlive("string")
        .tcpPortRange(ApplicationSegmentInspectionTcpPortRangeArgs.builder()
            .from("string")
            .to("string")
            .build())
        .tcpPortRanges("string")
        .bypassType("string")
        .udpPortRanges("string")
        .isCnameEnabled(false)
        .build());
    
    application_segment_inspection_resource = zpa.ApplicationSegmentInspection("applicationSegmentInspectionResource",
        segment_group_id="string",
        is_incomplete_dr_config=False,
        udp_port_range=[{
            "from_": "string",
            "to": "string",
        }],
        description="string",
        domain_names=["string"],
        double_encrypt=False,
        enabled=False,
        health_check_type="string",
        health_reporting="string",
        icmp_access_type="string",
        ip_anchored=False,
        use_in_dr_mode=False,
        config_space="string",
        passive_health_enabled=False,
        name="string",
        match_style="string",
        common_apps_dto={
            "apps_configs": [{
                "app_types": ["string"],
                "application_port": "string",
                "application_protocol": "string",
                "certificate_id": "string",
                "domain": "string",
                "enabled": False,
                "id": "string",
                "name": "string",
                "trust_untrusted_cert": False,
            }],
        },
        select_connector_close_to_app=False,
        server_groups=[{
            "ids": ["string"],
        }],
        tcp_keep_alive="string",
        tcp_port_range=[{
            "from_": "string",
            "to": "string",
        }],
        tcp_port_ranges=["string"],
        bypass_type="string",
        udp_port_ranges=["string"],
        is_cname_enabled=False)
    
    const applicationSegmentInspectionResource = new zpa.ApplicationSegmentInspection("applicationSegmentInspectionResource", {
        segmentGroupId: "string",
        isIncompleteDrConfig: false,
        udpPortRange: [{
            from: "string",
            to: "string",
        }],
        description: "string",
        domainNames: ["string"],
        doubleEncrypt: false,
        enabled: false,
        healthCheckType: "string",
        healthReporting: "string",
        icmpAccessType: "string",
        ipAnchored: false,
        useInDrMode: false,
        configSpace: "string",
        passiveHealthEnabled: false,
        name: "string",
        matchStyle: "string",
        commonAppsDto: {
            appsConfigs: [{
                appTypes: ["string"],
                applicationPort: "string",
                applicationProtocol: "string",
                certificateId: "string",
                domain: "string",
                enabled: false,
                id: "string",
                name: "string",
                trustUntrustedCert: false,
            }],
        },
        selectConnectorCloseToApp: false,
        serverGroups: [{
            ids: ["string"],
        }],
        tcpKeepAlive: "string",
        tcpPortRange: [{
            from: "string",
            to: "string",
        }],
        tcpPortRanges: ["string"],
        bypassType: "string",
        udpPortRanges: ["string"],
        isCnameEnabled: false,
    });
    
    type: zpa:ApplicationSegmentInspection
    properties:
        bypassType: string
        commonAppsDto:
            appsConfigs:
                - appTypes:
                    - string
                  applicationPort: string
                  applicationProtocol: string
                  certificateId: string
                  domain: string
                  enabled: false
                  id: string
                  name: string
                  trustUntrustedCert: false
        configSpace: string
        description: string
        domainNames:
            - string
        doubleEncrypt: false
        enabled: false
        healthCheckType: string
        healthReporting: string
        icmpAccessType: string
        ipAnchored: false
        isCnameEnabled: false
        isIncompleteDrConfig: false
        matchStyle: string
        name: string
        passiveHealthEnabled: false
        segmentGroupId: string
        selectConnectorCloseToApp: false
        serverGroups:
            - ids:
                - string
        tcpKeepAlive: string
        tcpPortRange:
            - from: string
              to: string
        tcpPortRanges:
            - string
        udpPortRange:
            - from: string
              to: string
        udpPortRanges:
            - string
        useInDrMode: false
    

    ApplicationSegmentInspection Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The ApplicationSegmentInspection resource accepts the following input properties:

    SegmentGroupId string
    BypassType string
    Indicates whether users can bypass ZPA to access applications. Default: NEVER. Supported values: ALWAYS, NEVER, ON_NET. The value NEVER indicates the use of the client forwarding policy.
    CommonAppsDto Zscaler.Zpa.Inputs.ApplicationSegmentInspectionCommonAppsDto
    ConfigSpace string
    Description string
    Description of the application.
    DomainNames List<string>
    List of domains and IPs.
    DoubleEncrypt bool
    Whether Double Encryption is enabled or disabled for the app.
    Enabled bool
    HealthCheckType string
    HealthReporting string
    Whether health reporting for the app is Continuous or On Access. Supported values: NONE, ON_ACCESS, CONTINUOUS.
    IcmpAccessType string
    IpAnchored bool
    IsCnameEnabled bool
    Indicates if the Zscaler Client Connector (formerly Zscaler App or Z App) receives CNAME DNS records from the connectors.
    IsIncompleteDrConfig bool
    MatchStyle string
    Name string
    Name of the application.
    PassiveHealthEnabled bool
    SelectConnectorCloseToApp bool
    ServerGroups List<Zscaler.Zpa.Inputs.ApplicationSegmentInspectionServerGroup>
    List of the server group IDs.
    TcpKeepAlive string
    TcpPortRange List<Zscaler.Zpa.Inputs.ApplicationSegmentInspectionTcpPortRange>
    tcp port range
    TcpPortRanges List<string>
    TCP port ranges used to access the app.
    UdpPortRange List<Zscaler.Zpa.Inputs.ApplicationSegmentInspectionUdpPortRange>
    udp port range
    UdpPortRanges List<string>
    UDP port ranges used to access the app.
    UseInDrMode bool
    SegmentGroupId string
    BypassType string
    Indicates whether users can bypass ZPA to access applications. Default: NEVER. Supported values: ALWAYS, NEVER, ON_NET. The value NEVER indicates the use of the client forwarding policy.
    CommonAppsDto ApplicationSegmentInspectionCommonAppsDtoArgs
    ConfigSpace string
    Description string
    Description of the application.
    DomainNames []string
    List of domains and IPs.
    DoubleEncrypt bool
    Whether Double Encryption is enabled or disabled for the app.
    Enabled bool
    HealthCheckType string
    HealthReporting string
    Whether health reporting for the app is Continuous or On Access. Supported values: NONE, ON_ACCESS, CONTINUOUS.
    IcmpAccessType string
    IpAnchored bool
    IsCnameEnabled bool
    Indicates if the Zscaler Client Connector (formerly Zscaler App or Z App) receives CNAME DNS records from the connectors.
    IsIncompleteDrConfig bool
    MatchStyle string
    Name string
    Name of the application.
    PassiveHealthEnabled bool
    SelectConnectorCloseToApp bool
    ServerGroups []ApplicationSegmentInspectionServerGroupArgs
    List of the server group IDs.
    TcpKeepAlive string
    TcpPortRange []ApplicationSegmentInspectionTcpPortRangeArgs
    tcp port range
    TcpPortRanges []string
    TCP port ranges used to access the app.
    UdpPortRange []ApplicationSegmentInspectionUdpPortRangeArgs
    udp port range
    UdpPortRanges []string
    UDP port ranges used to access the app.
    UseInDrMode bool
    segmentGroupId String
    bypassType String
    Indicates whether users can bypass ZPA to access applications. Default: NEVER. Supported values: ALWAYS, NEVER, ON_NET. The value NEVER indicates the use of the client forwarding policy.
    commonAppsDto ApplicationSegmentInspectionCommonAppsDto
    configSpace String
    description String
    Description of the application.
    domainNames List<String>
    List of domains and IPs.
    doubleEncrypt Boolean
    Whether Double Encryption is enabled or disabled for the app.
    enabled Boolean
    healthCheckType String
    healthReporting String
    Whether health reporting for the app is Continuous or On Access. Supported values: NONE, ON_ACCESS, CONTINUOUS.
    icmpAccessType String
    ipAnchored Boolean
    isCnameEnabled Boolean
    Indicates if the Zscaler Client Connector (formerly Zscaler App or Z App) receives CNAME DNS records from the connectors.
    isIncompleteDrConfig Boolean
    matchStyle String
    name String
    Name of the application.
    passiveHealthEnabled Boolean
    selectConnectorCloseToApp Boolean
    serverGroups List<ApplicationSegmentInspectionServerGroup>
    List of the server group IDs.
    tcpKeepAlive String
    tcpPortRange List<ApplicationSegmentInspectionTcpPortRange>
    tcp port range
    tcpPortRanges List<String>
    TCP port ranges used to access the app.
    udpPortRange List<ApplicationSegmentInspectionUdpPortRange>
    udp port range
    udpPortRanges List<String>
    UDP port ranges used to access the app.
    useInDrMode Boolean
    segmentGroupId string
    bypassType string
    Indicates whether users can bypass ZPA to access applications. Default: NEVER. Supported values: ALWAYS, NEVER, ON_NET. The value NEVER indicates the use of the client forwarding policy.
    commonAppsDto ApplicationSegmentInspectionCommonAppsDto
    configSpace string
    description string
    Description of the application.
    domainNames string[]
    List of domains and IPs.
    doubleEncrypt boolean
    Whether Double Encryption is enabled or disabled for the app.
    enabled boolean
    healthCheckType string
    healthReporting string
    Whether health reporting for the app is Continuous or On Access. Supported values: NONE, ON_ACCESS, CONTINUOUS.
    icmpAccessType string
    ipAnchored boolean
    isCnameEnabled boolean
    Indicates if the Zscaler Client Connector (formerly Zscaler App or Z App) receives CNAME DNS records from the connectors.
    isIncompleteDrConfig boolean
    matchStyle string
    name string
    Name of the application.
    passiveHealthEnabled boolean
    selectConnectorCloseToApp boolean
    serverGroups ApplicationSegmentInspectionServerGroup[]
    List of the server group IDs.
    tcpKeepAlive string
    tcpPortRange ApplicationSegmentInspectionTcpPortRange[]
    tcp port range
    tcpPortRanges string[]
    TCP port ranges used to access the app.
    udpPortRange ApplicationSegmentInspectionUdpPortRange[]
    udp port range
    udpPortRanges string[]
    UDP port ranges used to access the app.
    useInDrMode boolean
    segment_group_id str
    bypass_type str
    Indicates whether users can bypass ZPA to access applications. Default: NEVER. Supported values: ALWAYS, NEVER, ON_NET. The value NEVER indicates the use of the client forwarding policy.
    common_apps_dto ApplicationSegmentInspectionCommonAppsDtoArgs
    config_space str
    description str
    Description of the application.
    domain_names Sequence[str]
    List of domains and IPs.
    double_encrypt bool
    Whether Double Encryption is enabled or disabled for the app.
    enabled bool
    health_check_type str
    health_reporting str
    Whether health reporting for the app is Continuous or On Access. Supported values: NONE, ON_ACCESS, CONTINUOUS.
    icmp_access_type str
    ip_anchored bool
    is_cname_enabled bool
    Indicates if the Zscaler Client Connector (formerly Zscaler App or Z App) receives CNAME DNS records from the connectors.
    is_incomplete_dr_config bool
    match_style str
    name str
    Name of the application.
    passive_health_enabled bool
    select_connector_close_to_app bool
    server_groups Sequence[ApplicationSegmentInspectionServerGroupArgs]
    List of the server group IDs.
    tcp_keep_alive str
    tcp_port_range Sequence[ApplicationSegmentInspectionTcpPortRangeArgs]
    tcp port range
    tcp_port_ranges Sequence[str]
    TCP port ranges used to access the app.
    udp_port_range Sequence[ApplicationSegmentInspectionUdpPortRangeArgs]
    udp port range
    udp_port_ranges Sequence[str]
    UDP port ranges used to access the app.
    use_in_dr_mode bool
    segmentGroupId String
    bypassType String
    Indicates whether users can bypass ZPA to access applications. Default: NEVER. Supported values: ALWAYS, NEVER, ON_NET. The value NEVER indicates the use of the client forwarding policy.
    commonAppsDto Property Map
    configSpace String
    description String
    Description of the application.
    domainNames List<String>
    List of domains and IPs.
    doubleEncrypt Boolean
    Whether Double Encryption is enabled or disabled for the app.
    enabled Boolean
    healthCheckType String
    healthReporting String
    Whether health reporting for the app is Continuous or On Access. Supported values: NONE, ON_ACCESS, CONTINUOUS.
    icmpAccessType String
    ipAnchored Boolean
    isCnameEnabled Boolean
    Indicates if the Zscaler Client Connector (formerly Zscaler App or Z App) receives CNAME DNS records from the connectors.
    isIncompleteDrConfig Boolean
    matchStyle String
    name String
    Name of the application.
    passiveHealthEnabled Boolean
    selectConnectorCloseToApp Boolean
    serverGroups List<Property Map>
    List of the server group IDs.
    tcpKeepAlive String
    tcpPortRange List<Property Map>
    tcp port range
    tcpPortRanges List<String>
    TCP port ranges used to access the app.
    udpPortRange List<Property Map>
    udp port range
    udpPortRanges List<String>
    UDP port ranges used to access the app.
    useInDrMode Boolean

    Outputs

    All input properties are implicitly available as output properties. Additionally, the ApplicationSegmentInspection resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing ApplicationSegmentInspection Resource

    Get an existing ApplicationSegmentInspection resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: ApplicationSegmentInspectionState, opts?: CustomResourceOptions): ApplicationSegmentInspection
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            bypass_type: Optional[str] = None,
            common_apps_dto: Optional[ApplicationSegmentInspectionCommonAppsDtoArgs] = None,
            config_space: Optional[str] = None,
            description: Optional[str] = None,
            domain_names: Optional[Sequence[str]] = None,
            double_encrypt: Optional[bool] = None,
            enabled: Optional[bool] = None,
            health_check_type: Optional[str] = None,
            health_reporting: Optional[str] = None,
            icmp_access_type: Optional[str] = None,
            ip_anchored: Optional[bool] = None,
            is_cname_enabled: Optional[bool] = None,
            is_incomplete_dr_config: Optional[bool] = None,
            match_style: Optional[str] = None,
            name: Optional[str] = None,
            passive_health_enabled: Optional[bool] = None,
            segment_group_id: Optional[str] = None,
            select_connector_close_to_app: Optional[bool] = None,
            server_groups: Optional[Sequence[ApplicationSegmentInspectionServerGroupArgs]] = None,
            tcp_keep_alive: Optional[str] = None,
            tcp_port_range: Optional[Sequence[ApplicationSegmentInspectionTcpPortRangeArgs]] = None,
            tcp_port_ranges: Optional[Sequence[str]] = None,
            udp_port_range: Optional[Sequence[ApplicationSegmentInspectionUdpPortRangeArgs]] = None,
            udp_port_ranges: Optional[Sequence[str]] = None,
            use_in_dr_mode: Optional[bool] = None) -> ApplicationSegmentInspection
    func GetApplicationSegmentInspection(ctx *Context, name string, id IDInput, state *ApplicationSegmentInspectionState, opts ...ResourceOption) (*ApplicationSegmentInspection, error)
    public static ApplicationSegmentInspection Get(string name, Input<string> id, ApplicationSegmentInspectionState? state, CustomResourceOptions? opts = null)
    public static ApplicationSegmentInspection get(String name, Output<String> id, ApplicationSegmentInspectionState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    BypassType string
    Indicates whether users can bypass ZPA to access applications. Default: NEVER. Supported values: ALWAYS, NEVER, ON_NET. The value NEVER indicates the use of the client forwarding policy.
    CommonAppsDto Zscaler.Zpa.Inputs.ApplicationSegmentInspectionCommonAppsDto
    ConfigSpace string
    Description string
    Description of the application.
    DomainNames List<string>
    List of domains and IPs.
    DoubleEncrypt bool
    Whether Double Encryption is enabled or disabled for the app.
    Enabled bool
    HealthCheckType string
    HealthReporting string
    Whether health reporting for the app is Continuous or On Access. Supported values: NONE, ON_ACCESS, CONTINUOUS.
    IcmpAccessType string
    IpAnchored bool
    IsCnameEnabled bool
    Indicates if the Zscaler Client Connector (formerly Zscaler App or Z App) receives CNAME DNS records from the connectors.
    IsIncompleteDrConfig bool
    MatchStyle string
    Name string
    Name of the application.
    PassiveHealthEnabled bool
    SegmentGroupId string
    SelectConnectorCloseToApp bool
    ServerGroups List<Zscaler.Zpa.Inputs.ApplicationSegmentInspectionServerGroup>
    List of the server group IDs.
    TcpKeepAlive string
    TcpPortRange List<Zscaler.Zpa.Inputs.ApplicationSegmentInspectionTcpPortRange>
    tcp port range
    TcpPortRanges List<string>
    TCP port ranges used to access the app.
    UdpPortRange List<Zscaler.Zpa.Inputs.ApplicationSegmentInspectionUdpPortRange>
    udp port range
    UdpPortRanges List<string>
    UDP port ranges used to access the app.
    UseInDrMode bool
    BypassType string
    Indicates whether users can bypass ZPA to access applications. Default: NEVER. Supported values: ALWAYS, NEVER, ON_NET. The value NEVER indicates the use of the client forwarding policy.
    CommonAppsDto ApplicationSegmentInspectionCommonAppsDtoArgs
    ConfigSpace string
    Description string
    Description of the application.
    DomainNames []string
    List of domains and IPs.
    DoubleEncrypt bool
    Whether Double Encryption is enabled or disabled for the app.
    Enabled bool
    HealthCheckType string
    HealthReporting string
    Whether health reporting for the app is Continuous or On Access. Supported values: NONE, ON_ACCESS, CONTINUOUS.
    IcmpAccessType string
    IpAnchored bool
    IsCnameEnabled bool
    Indicates if the Zscaler Client Connector (formerly Zscaler App or Z App) receives CNAME DNS records from the connectors.
    IsIncompleteDrConfig bool
    MatchStyle string
    Name string
    Name of the application.
    PassiveHealthEnabled bool
    SegmentGroupId string
    SelectConnectorCloseToApp bool
    ServerGroups []ApplicationSegmentInspectionServerGroupArgs
    List of the server group IDs.
    TcpKeepAlive string
    TcpPortRange []ApplicationSegmentInspectionTcpPortRangeArgs
    tcp port range
    TcpPortRanges []string
    TCP port ranges used to access the app.
    UdpPortRange []ApplicationSegmentInspectionUdpPortRangeArgs
    udp port range
    UdpPortRanges []string
    UDP port ranges used to access the app.
    UseInDrMode bool
    bypassType String
    Indicates whether users can bypass ZPA to access applications. Default: NEVER. Supported values: ALWAYS, NEVER, ON_NET. The value NEVER indicates the use of the client forwarding policy.
    commonAppsDto ApplicationSegmentInspectionCommonAppsDto
    configSpace String
    description String
    Description of the application.
    domainNames List<String>
    List of domains and IPs.
    doubleEncrypt Boolean
    Whether Double Encryption is enabled or disabled for the app.
    enabled Boolean
    healthCheckType String
    healthReporting String
    Whether health reporting for the app is Continuous or On Access. Supported values: NONE, ON_ACCESS, CONTINUOUS.
    icmpAccessType String
    ipAnchored Boolean
    isCnameEnabled Boolean
    Indicates if the Zscaler Client Connector (formerly Zscaler App or Z App) receives CNAME DNS records from the connectors.
    isIncompleteDrConfig Boolean
    matchStyle String
    name String
    Name of the application.
    passiveHealthEnabled Boolean
    segmentGroupId String
    selectConnectorCloseToApp Boolean
    serverGroups List<ApplicationSegmentInspectionServerGroup>
    List of the server group IDs.
    tcpKeepAlive String
    tcpPortRange List<ApplicationSegmentInspectionTcpPortRange>
    tcp port range
    tcpPortRanges List<String>
    TCP port ranges used to access the app.
    udpPortRange List<ApplicationSegmentInspectionUdpPortRange>
    udp port range
    udpPortRanges List<String>
    UDP port ranges used to access the app.
    useInDrMode Boolean
    bypassType string
    Indicates whether users can bypass ZPA to access applications. Default: NEVER. Supported values: ALWAYS, NEVER, ON_NET. The value NEVER indicates the use of the client forwarding policy.
    commonAppsDto ApplicationSegmentInspectionCommonAppsDto
    configSpace string
    description string
    Description of the application.
    domainNames string[]
    List of domains and IPs.
    doubleEncrypt boolean
    Whether Double Encryption is enabled or disabled for the app.
    enabled boolean
    healthCheckType string
    healthReporting string
    Whether health reporting for the app is Continuous or On Access. Supported values: NONE, ON_ACCESS, CONTINUOUS.
    icmpAccessType string
    ipAnchored boolean
    isCnameEnabled boolean
    Indicates if the Zscaler Client Connector (formerly Zscaler App or Z App) receives CNAME DNS records from the connectors.
    isIncompleteDrConfig boolean
    matchStyle string
    name string
    Name of the application.
    passiveHealthEnabled boolean
    segmentGroupId string
    selectConnectorCloseToApp boolean
    serverGroups ApplicationSegmentInspectionServerGroup[]
    List of the server group IDs.
    tcpKeepAlive string
    tcpPortRange ApplicationSegmentInspectionTcpPortRange[]
    tcp port range
    tcpPortRanges string[]
    TCP port ranges used to access the app.
    udpPortRange ApplicationSegmentInspectionUdpPortRange[]
    udp port range
    udpPortRanges string[]
    UDP port ranges used to access the app.
    useInDrMode boolean
    bypass_type str
    Indicates whether users can bypass ZPA to access applications. Default: NEVER. Supported values: ALWAYS, NEVER, ON_NET. The value NEVER indicates the use of the client forwarding policy.
    common_apps_dto ApplicationSegmentInspectionCommonAppsDtoArgs
    config_space str
    description str
    Description of the application.
    domain_names Sequence[str]
    List of domains and IPs.
    double_encrypt bool
    Whether Double Encryption is enabled or disabled for the app.
    enabled bool
    health_check_type str
    health_reporting str
    Whether health reporting for the app is Continuous or On Access. Supported values: NONE, ON_ACCESS, CONTINUOUS.
    icmp_access_type str
    ip_anchored bool
    is_cname_enabled bool
    Indicates if the Zscaler Client Connector (formerly Zscaler App or Z App) receives CNAME DNS records from the connectors.
    is_incomplete_dr_config bool
    match_style str
    name str
    Name of the application.
    passive_health_enabled bool
    segment_group_id str
    select_connector_close_to_app bool
    server_groups Sequence[ApplicationSegmentInspectionServerGroupArgs]
    List of the server group IDs.
    tcp_keep_alive str
    tcp_port_range Sequence[ApplicationSegmentInspectionTcpPortRangeArgs]
    tcp port range
    tcp_port_ranges Sequence[str]
    TCP port ranges used to access the app.
    udp_port_range Sequence[ApplicationSegmentInspectionUdpPortRangeArgs]
    udp port range
    udp_port_ranges Sequence[str]
    UDP port ranges used to access the app.
    use_in_dr_mode bool
    bypassType String
    Indicates whether users can bypass ZPA to access applications. Default: NEVER. Supported values: ALWAYS, NEVER, ON_NET. The value NEVER indicates the use of the client forwarding policy.
    commonAppsDto Property Map
    configSpace String
    description String
    Description of the application.
    domainNames List<String>
    List of domains and IPs.
    doubleEncrypt Boolean
    Whether Double Encryption is enabled or disabled for the app.
    enabled Boolean
    healthCheckType String
    healthReporting String
    Whether health reporting for the app is Continuous or On Access. Supported values: NONE, ON_ACCESS, CONTINUOUS.
    icmpAccessType String
    ipAnchored Boolean
    isCnameEnabled Boolean
    Indicates if the Zscaler Client Connector (formerly Zscaler App or Z App) receives CNAME DNS records from the connectors.
    isIncompleteDrConfig Boolean
    matchStyle String
    name String
    Name of the application.
    passiveHealthEnabled Boolean
    segmentGroupId String
    selectConnectorCloseToApp Boolean
    serverGroups List<Property Map>
    List of the server group IDs.
    tcpKeepAlive String
    tcpPortRange List<Property Map>
    tcp port range
    tcpPortRanges List<String>
    TCP port ranges used to access the app.
    udpPortRange List<Property Map>
    udp port range
    udpPortRanges List<String>
    UDP port ranges used to access the app.
    useInDrMode Boolean

    Supporting Types

    ApplicationSegmentInspectionCommonAppsDto, ApplicationSegmentInspectionCommonAppsDtoArgs

    ApplicationSegmentInspectionCommonAppsDtoAppsConfig, ApplicationSegmentInspectionCommonAppsDtoAppsConfigArgs

    AppTypes List<string>
    ApplicationPort string
    ApplicationProtocol string
    CertificateId string
    Domain string
    Enabled bool
    Id string
    Name string
    TrustUntrustedCert bool
    appTypes List<String>
    applicationPort String
    applicationProtocol String
    certificateId String
    domain String
    enabled Boolean
    id String
    name String
    trustUntrustedCert Boolean
    appTypes string[]
    applicationPort string
    applicationProtocol string
    certificateId string
    domain string
    enabled boolean
    id string
    name string
    trustUntrustedCert boolean
    appTypes List<String>
    applicationPort String
    applicationProtocol String
    certificateId String
    domain String
    enabled Boolean
    id String
    name String
    trustUntrustedCert Boolean

    ApplicationSegmentInspectionServerGroup, ApplicationSegmentInspectionServerGroupArgs

    Ids List<string>
    Ids []string
    ids List<String>
    ids string[]
    ids Sequence[str]
    ids List<String>

    ApplicationSegmentInspectionTcpPortRange, ApplicationSegmentInspectionTcpPortRangeArgs

    From string
    To string
    From string
    To string
    from String
    to String
    from string
    to string
    from_ str
    to str
    from String
    to String

    ApplicationSegmentInspectionUdpPortRange, ApplicationSegmentInspectionUdpPortRangeArgs

    From string
    To string
    From string
    To string
    from String
    to String
    from string
    to string
    from_ str
    to str
    from String
    to String

    Import

    Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZPA configurations into Terraform-compliant HashiCorp Configuration Language.

    Visit

    Inspection Application Segment can be imported by using <APPLICATION SEGMENT ID> or <APPLICATION SEGMENT NAME> as the import ID.

    $ pulumi import zpa:index/applicationSegmentInspection:ApplicationSegmentInspection example <application_segment_id>
    

    or

    $ pulumi import zpa:index/applicationSegmentInspection:ApplicationSegmentInspection example <application_segment_name>
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    zpa zscaler/pulumi-zpa
    License
    MIT
    Notes
    This Pulumi package is based on the zpa Terraform Provider.
    zpa logo
    Zscaler Private Access v0.0.12 published on Tuesday, Jul 30, 2024 by Zscaler