zscaler.ziacloud.zia_cloud_firewall_ip_destination_groups module – Create IP destination groups.
Note
This module is part of the zscaler.ziacloud collection (version 1.3.0).
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install zscaler.ziacloud.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: zscaler.ziacloud.zia_cloud_firewall_ip_destination_groups.
New in zscaler.ziacloud 1.0.0
Synopsis
This module allows you to create IP destination groups within the Zscaler Internet Access (ZIA) Cloud firewall.
Requirements
The below requirements are needed on the host that executes this module.
Zscaler SDK Python can be obtained from PyPI https://pypi.org/project/zscaler-sdk-python/
Parameters
Parameter |
Comments |
|---|---|
Destination IP addresses, FQDNs, or wildcard FQDNs added to the group. |
|
A string that contains the obfuscated API key. |
|
The Zscaler cloud name was provisioned for your organization. Choices:
|
|
This option is available only when the attribute type is set to DSTN_OTHER Destination IP address countries. You can identify destinations based on the location of a server. Supports 2-letter ISO3166 Alpha2 Country i.e BR, CA, US. Please visit the following site for reference https://en.wikipedia.org/wiki/List_of_ISO_3166_country_codes |
|
Additional information about the destination IP group. |
|
Unique identifier for the destination IP group. |
|
Destination IP address URL categories. You can identify destinations based on the URL category of the domain. There are hundreds of categories available such as ANY, NONE, SOCIAL_ADULT, OTHER_BUSINESS_AND_ECONOMY, etc. Visit for choices https://help.zscaler.com/zia/firewall-policies#/ipDestinationGroups-get. |
|
Destination IP group name. |
|
A string that contains the password for the API admin. |
|
A dict object containing connection details. This is optional; credentials can also be provided directly at the top level. |
|
A string that contains the obfuscated API key. |
|
The Zscaler cloud name was provisioned for your organization. Choices:
|
|
A string that contains the password for the API admin. |
|
A string that contains the Sandbox API Key. |
|
A string that contains the email ID of the API admin. |
|
A string that contains the Sandbox API Key. |
|
Specifies the desired state of the resource. Choices:
|
|
Destination IP group type (i.e., the group can contain destination IP addresses or FQDNs). Choices:
|
|
This option is available only when the attribute type is set to DSTN_OTHER To identify destinations based on the URL category of a domain, select the required URL categories. If no category is selected, the field remains set to Any, and the criteria will be ignored during policy evaluation. Only custom URL categories are supported |
|
A string that contains the email ID of the API admin. |
Notes
Note
Check mode is supported.
Examples
- name: Create/Update/Delete ip destination group - DSTN_FQDN.
zscaler.ziacloud.zia_cloud_firewall_ip_destination_groups:
provider: '{{ provider }}'
name: "Example"
description: "Example"
type: "DSTN_FQDN"
addresses: ["test1.acme.com", "test2.acme.com", "test3.acme.com"]
- name: Create/Update/Delete ip destination group - DSTN_IP by Country.
zscaler.ziacloud.zia_cloud_firewall_ip_destination_groups:
provider: '{{ provider }}'
name: "example"
description: "example"
type: "DSTN_IP"
addresses: ["1.2.3.4", "1.2.3.5", "1.2.3.6"]
countries: ["COUNTRY_CA"]
- name: Create/Update/Delete ip destination group - DSTN_IP.
zscaler.ziacloud.zia_cloud_firewall_ip_destination_groups:
provider: '{{ provider }}'
name: "Example - IP Ranges"
description: "Example - IP Ranges"
type: "DSTN_IP"
addresses:
- "3.217.228.0-3.217.231.255"
- "3.235.112.0-3.235.119.255"
- "52.23.61.0-52.23.62.25"
- "35.80.88.0-35.80.95.255"