zscaler.ziacloud.zia_dlp_dictionaries module – Adds a new custom DLP dictionary.

Note

This module is part of the zscaler.ziacloud collection (version 2.0.7).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install zscaler.ziacloud. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: zscaler.ziacloud.zia_dlp_dictionaries.

New in zscaler.ziacloud 1.0.0

Synopsis

  • Create a new custom DLP dictionary.

Requirements

The below requirements are needed on the host that executes this module.

Parameters

Parameter

Comments

api_key

string

A string that contains the obfuscated API key.

bin_numbers

list / elements=string

The list of Bank Identification Number (BIN) values that are included or excluded from the Credit Cards dictionary.

BIN values can be specified only for Diners Club, Mastercard, RuPay, and Visa cards.

Up to 512 BIN values can be configured in a dictionary.

client_id

string

The client ID for OAuth2 authentication.

client_secret

string

The client secret for OAuth2 authentication.

cloud

string

The Zscaler cloud name provisioned for your organization.

Choices:

  • "zscloud"

  • "zscaler"

  • "zscalerone"

  • "zscalertwo"

  • "zscalerthree"

  • "zscalerbeta"

  • "zscalergov"

  • "zscalerten"

  • "beta"

  • "production"

confidence_threshold

string

The DLP confidence threshold

Choices:

  • "CONFIDENCE_LEVEL_LOW"

  • "CONFIDENCE_LEVEL_MEDIUM"

  • "CONFIDENCE_LEVEL_HIGH"

custom_phrase_match_type

string

The DLP confidence threshold

Choices:

  • "MATCH_ALL_CUSTOM_PHRASE_PATTERN_DICTIONARY"

  • "MATCH_ANY_CUSTOM_PHRASE_PATTERN_DICTIONARY"

description

string

The description of the DLP dictionary

dict_template_id

integer

ID of the predefined dictionary (original source dictionary) that is used for cloning.

This field is applicable only to cloned dictionaries.

Only a limited set of identification-based predefined dictionaries

(e.g., Credit Cards, Social Security Numbers, National Identification Numbers, etc.) can be cloned.

Up to 4 clones can be created from a predefined dictionary.

dictionary_type

string

The DLP dictionary type.

Choices:

  • "PATTERNS_AND_PHRASES"

  • "EXACT_DATA_MATCH"

  • "INDEXED_DATA_MATCH"

exact_data_match_details

list / elements=dictionary

Exact Data Match (EDM) related information for custom DLP dictionaries.

dictionary_edm_mapping_id

integer

The unique identifier for the EDM mapping.

primary_field

integer

The EDM template’s primary field.

schema_id

integer

The unique identifier for the EDM template (or schema).

secondary_field_match_on

list / elements=string

The EDM secondary field to match on.

Choices:

  • "MATCHON_NONE"

  • "MATCHON_ANY_1"

  • "MATCHON_ANY_2"

  • "MATCHON_ANY_3"

  • "MATCHON_ANY_4"

  • "MATCHON_ANY_5"

  • "MATCHON_ANY_6"

  • "MATCHON_ANY_7"

  • "MATCHON_ANY_8"

  • "MATCHON_ANY_9"

  • "MATCHON_ANY_10"

  • "MATCHON_ANY_11"

  • "MATCHON_ANY_12"

  • "MATCHON_ANY_13"

  • "MATCHON_ANY_14"

  • "MATCHON_ANY_15"

  • "MATCHON_ALL"

secondary_fields

list / elements=integer

The EDM template’s secondary fields.

id

integer

Unique identifier for the DLP dictionary

idm_profile_match_accuracy

list / elements=dictionary

Exact Data Match (EDM) related information for custom DLP dictionaries.

adp_idm_profile

list / elements=integer

The IDM template reference.

id

integer

Identifier that uniquely identifies an entity.

match_accuracy

string

The IDM template match accuracy.

Choices:

  • "LOW"

  • "MEDIUM"

  • "HEAVY"

ignore_exact_match_idm_dict

boolean

Indicates whether to exclude documents that are a 100% match to already-indexed documents from triggering an Indexed Document Match (IDM) Dictionary.

Choices:

  • false

  • true

include_bin_numbers

boolean

A true value denotes that the specified Bank Identification Number (BIN) values are included in the Credit Cards dictionary.

A false value denotes that the specified BIN values are excluded from the Credit Cards dictionary.

Choices:

  • false

  • true

name

string / required

The DLP dictionary’s name

password

string

A string that contains the password for the API admin.

patterns

list / elements=dictionary

List containing the patterns used within a custom DLP dictionary.

action

string / required

The action applied to a DLP dictionary using patterns.

Choices:

  • "PATTERN_COUNT_TYPE_ALL"

  • "PATTERN_COUNT_TYPE_UNIQUE"

pattern

string / required

DLP dictionary pattern.

phrases

list / elements=dictionary

List containing the phrases used within a custom DLP dictionary.

action

string / required

The action applied to a DLP dictionary using phrases.

Choices:

  • "PHRASE_COUNT_TYPE_UNIQUE"

  • "PHRASE_COUNT_TYPE_ALL"

phrase

string / required

DLP dictionary phrase.

predefined_count_action_type

string

This field specifies whether duplicate matches of a phrase from a dictionary must be counted individually

or toward the match count or ignored, thereby maintaining a single count for multiple occurrences.

Choices:

  • "PHRASE_COUNT_TYPE_UNIQUE"

  • "PHRASE_COUNT_TYPE_ALL"

private_key

string

The private key for JWT-based OAuth2 authentication.

provider

dictionary

A dict containing authentication credentials.

api_key

string

Obfuscated API key.

client_id

string

OAuth2 client ID.

client_secret

string

OAuth2 client secret.

cloud

string

Zscaler cloud name.

Choices:

  • "zscloud"

  • "zscaler"

  • "zscalerone"

  • "zscalertwo"

  • "zscalerthree"

  • "zscalerbeta"

  • "zscalergov"

  • "zscalerten"

  • "beta"

  • "production"

password

string

Password for the API admin.

private_key

string

Private key for OAuth2 JWT.

sandbox_cloud

string

Sandbox Cloud environment.

sandbox_token

string

Sandbox API Key.

use_legacy_client

boolean

Whether to use the legacy Zscaler API client.

Choices:

  • false ← (default)

  • true

username

string

Email ID of the API admin.

vanity_domain

string

Vanity domain for OAuth2.

proximity

integer

The DLP dictionary proximity length.

sandbox_cloud

string

The Sandbox cloud environment for API access.

sandbox_token

string

A string that contains the Sandbox API Key.

state

string

Specifies the desired state of the resource.

Choices:

  • "present" ← (default)

  • "absent"

use_legacy_client

boolean

Whether to use the legacy Zscaler API client.

Choices:

  • false ← (default)

  • true

username

string

A string that contains the email ID of the API admin.

vanity_domain

string

The vanity domain provisioned by Zscaler for OAuth2 flows.

Notes

Note

  • Check mode is supported.

Examples

- name: Create/Update/Delete dlp dictionary.
  zscaler.ziacloud.zia_dlp_dictionaries:
    provider: '{{ provider }}'
    name: "Example_Dictionary"
    description: "Example_Dictionary"
    custom_phrase_match_type: "MATCH_ALL_CUSTOM_PHRASE_PATTERN_DICTIONARY"
    dictionary_type: "PATTERNS_AND_PHRASES"
    phrases:
      - action: "PHRASE_COUNT_TYPE_UNIQUE"
        phrase: "YourPhrase"
    patterns:
      - action: "PATTERN_COUNT_TYPE_ALL"
        pattern: "YourPattern"

Authors

  • William Guilherme (@willguibr)