zscaler.ziacloud.zia_dlp_dictionaries module – Adds a new custom DLP dictionary.

Note

This module is part of the zscaler.ziacloud collection (version 1.3.1).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install zscaler.ziacloud. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: zscaler.ziacloud.zia_dlp_dictionaries.

New in zscaler.ziacloud 1.0.0

Synopsis

  • Create a new custom DLP dictionary.

Requirements

The below requirements are needed on the host that executes this module.

Parameters

Parameter

Comments

api_key

string

A string that contains the obfuscated API key.

bin_numbers

list / elements=string

The list of Bank Identification Number (BIN) values that are included or excluded from the Credit Cards dictionary.

BIN values can be specified only for Diners Club, Mastercard, RuPay, and Visa cards.

Up to 512 BIN values can be configured in a dictionary.

cloud

string

The Zscaler cloud name was provisioned for your organization.

Choices:

  • "zscloud"

  • "zscaler"

  • "zscalerone"

  • "zscalertwo"

  • "zscalerthree"

  • "zscalerbeta"

  • "zscalergov"

  • "zscalerten"

confidence_threshold

string

The DLP confidence threshold

Choices:

  • "CONFIDENCE_LEVEL_LOW"

  • "CONFIDENCE_LEVEL_MEDIUM"

  • "CONFIDENCE_LEVEL_HIGH"

custom_phrase_match_type

string

The DLP confidence threshold

Choices:

  • "MATCH_ALL_CUSTOM_PHRASE_PATTERN_DICTIONARY"

  • "MATCH_ANY_CUSTOM_PHRASE_PATTERN_DICTIONARY"

description

string

The description of the DLP dictionary

dict_template_id

integer

ID of the predefined dictionary (original source dictionary) that is used for cloning.

This field is applicable only to cloned dictionaries.

Only a limited set of identification-based predefined dictionaries

(e.g., Credit Cards, Social Security Numbers, National Identification Numbers, etc.) can be cloned.

Up to 4 clones can be created from a predefined dictionary.

dictionary_type

string

The DLP dictionary type.

Choices:

  • "PATTERNS_AND_PHRASES"

  • "EXACT_DATA_MATCH"

  • "INDEXED_DATA_MATCH"

exact_data_match_details

list / elements=dictionary

Exact Data Match (EDM) related information for custom DLP dictionaries.

dictionary_edm_mapping_id

integer

The unique identifier for the EDM mapping.

primary_field

integer

The EDM template’s primary field.

schema_id

integer

The unique identifier for the EDM template (or schema).

secondary_field_match_on

list / elements=string

The EDM secondary field to match on.

Choices:

  • "MATCHON_NONE"

  • "MATCHON_ANY_1"

  • "MATCHON_ANY_2"

  • "MATCHON_ANY_3"

  • "MATCHON_ANY_4"

  • "MATCHON_ANY_5"

  • "MATCHON_ANY_6"

  • "MATCHON_ANY_7"

  • "MATCHON_ANY_8"

  • "MATCHON_ANY_9"

  • "MATCHON_ANY_10"

  • "MATCHON_ANY_11"

  • "MATCHON_ANY_12"

  • "MATCHON_ANY_13"

  • "MATCHON_ANY_14"

  • "MATCHON_ANY_15"

  • "MATCHON_ALL"

secondary_fields

list / elements=integer

The EDM template’s secondary fields.

id

integer

Unique identifier for the DLP dictionary

idm_profile_match_accuracy

list / elements=dictionary

Exact Data Match (EDM) related information for custom DLP dictionaries.

adp_idm_profile

list / elements=integer

The IDM template reference.

id

integer

Identifier that uniquely identifies an entity.

match_accuracy

string

The IDM template match accuracy.

Choices:

  • "LOW"

  • "MEDIUM"

  • "HEAVY"

ignore_exact_match_idm_dict

boolean

Indicates whether to exclude documents that are a 100% match to already-indexed documents from triggering an Indexed Document Match (IDM) Dictionary.

Choices:

  • false

  • true

include_bin_numbers

boolean

A true value denotes that the specified Bank Identification Number (BIN) values are included in the Credit Cards dictionary.

A false value denotes that the specified BIN values are excluded from the Credit Cards dictionary.

Choices:

  • false

  • true

name

string / required

The DLP dictionary’s name

password

string

A string that contains the password for the API admin.

patterns

list / elements=dictionary

List containing the patterns used within a custom DLP dictionary. This attribute is not applicable to predefined DLP dictionaries

action

string

The action applied to a DLP dictionary using patterns.

Choices:

  • "PATTERN_COUNT_TYPE_ALL"

  • "PATTERN_COUNT_TYPE_UNIQUE"

pattern

string

DLP dictionary pattern.

phrases

list / elements=dictionary

List containing the phrases used within a custom DLP dictionary. This attribute is not applicable to predefined DLP dictionaries.

action

string

The action applied to a DLP dictionary using phrases.

Choices:

  • "PHRASE_COUNT_TYPE_UNIQUE"

  • "PHRASE_COUNT_TYPE_ALL"

phrase

string

DLP dictionary phrase.

predefined_count_action_type

string

This field specifies whether duplicate matches of a phrase from a dictionary must be counted individually

or toward the match count or ignored, thereby maintaining a single count for multiple occurrences.

Choices:

  • "PHRASE_COUNT_TYPE_UNIQUE"

  • "PHRASE_COUNT_TYPE_ALL"

provider

dictionary

A dict object containing connection details. This is optional; credentials can also be provided directly at the top level.

api_key

string

A string that contains the obfuscated API key.

cloud

string

The Zscaler cloud name was provisioned for your organization.

Choices:

  • "zscloud"

  • "zscaler"

  • "zscalerone"

  • "zscalertwo"

  • "zscalerthree"

  • "zscalerbeta"

  • "zscalergov"

  • "zscalerten"

password

string

A string that contains the password for the API admin.

sandbox_token

string

A string that contains the Sandbox API Key.

username

string

A string that contains the email ID of the API admin.

proximity

integer

The DLP dictionary proximity length.

sandbox_token

string

A string that contains the Sandbox API Key.

state

string

Specifies the desired state of the resource.

Choices:

  • "present" ← (default)

  • "absent"

username

string

A string that contains the email ID of the API admin.

Notes

Note

  • Check mode is supported.

Examples

- name: Create/Update/Delete dlp dictionary.
  zscaler.ziacloud.zia_dlp_dictionaries:
    provider: '{{ provider }}'
    name: "Example_Dictionary"
    description: "Example_Dictionary"
    custom_phrase_match_type: "MATCH_ALL_CUSTOM_PHRASE_PATTERN_DICTIONARY"
    dictionary_type: "PATTERNS_AND_PHRASES"
    phrases:
      - action: "PHRASE_COUNT_TYPE_UNIQUE"
        phrase: "YourPhrase"
    patterns:
      - action: "PATTERN_COUNT_TYPE_ALL"
        pattern: "YourPattern"

Authors

  • William Guilherme (@willguibr)