zscaler.ziacloud.zia_cloud_firewall_network_services module – Adds a new network service.

Note

This module is part of the zscaler.ziacloud collection (version 2.0.3).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install zscaler.ziacloud. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: zscaler.ziacloud.zia_cloud_firewall_network_services.

New in zscaler.ziacloud 1.0.0

Synopsis

  • Adds a new network service.

Requirements

The below requirements are needed on the host that executes this module.

Parameters

Parameter

Comments

api_key

string

A string that contains the obfuscated API key.

client_id

string

The client ID for OAuth2 authentication.

client_secret

string

The client secret for OAuth2 authentication.

cloud

string

The Zscaler cloud name provisioned for your organization.

Choices:

  • "zscloud"

  • "zscaler"

  • "zscalerone"

  • "zscalertwo"

  • "zscalerthree"

  • "zscalerbeta"

  • "zscalergov"

  • "zscalerten"

  • "beta"

  • "production"

description

string

The description for the application layer service

The description cannot exceed 10240 characters.

dest_tcp_ports

list / elements=dictionary

The TCP source port number example 50 or port number range if any, that is used by the network service.

end

integer

List of valid destination TCP ports.

start

integer

List of valid destination TCP ports.

dest_udp_ports

list / elements=dictionary

List of udp port range pairs, e.g. [35000, 35000] for port 35000.

The UDP destination port number example 50 or port number range if any, that is used by the network service.

end

integer

List of valid destination UDP ports.

start

integer

List of valid destination UDP ports.

id

integer

The unique identifier for the network service

name

string / required

The name for the application layer service

password

string

A string that contains the password for the API admin.

private_key

string

The private key for JWT-based OAuth2 authentication.

provider

dictionary

A dict containing authentication credentials.

api_key

string

Obfuscated API key.

client_id

string

OAuth2 client ID.

client_secret

string

OAuth2 client secret.

cloud

string

Zscaler cloud name.

Choices:

  • "zscloud"

  • "zscaler"

  • "zscalerone"

  • "zscalertwo"

  • "zscalerthree"

  • "zscalerbeta"

  • "zscalergov"

  • "zscalerten"

  • "beta"

  • "production"

password

string

Password for the API admin.

private_key

string

Private key for OAuth2 JWT.

sandbox_cloud

string

Sandbox Cloud environment.

sandbox_token

string

Sandbox API Key.

use_legacy_client

boolean

Whether to use the legacy Zscaler API client.

Choices:

  • false ← (default)

  • true

username

string

Email ID of the API admin.

vanity_domain

string

Vanity domain for OAuth2.

sandbox_cloud

string

The Sandbox cloud environment for API access.

sandbox_token

string

A string that contains the Sandbox API Key.

src_tcp_ports

list / elements=dictionary

List of tcp port range pairs, e.g. [35000, 35000] for port 35000.

The TCP source port number example 50 or port number range if any, that is used by the network service.

end

integer

List of valid source TCP ports.

start

integer

List of valid source TCP ports.

Start and End cannot be the same value.

src_udp_ports

list / elements=dictionary

List of udp port range pairs, e.g. [35000, 35000] for port 35000.

The list of UDP source port number example 50 or port number range if any, that is used by the network service.

end

integer

List of valid source UDP ports.

start

integer

List of valid source UDP ports.

state

string

Specifies the desired state of the resource.

Choices:

  • "present" ← (default)

  • "absent"

tag

list / elements=string

The network service tag

Choices:

  • "ICMP_ANY"

  • "UDP_ANY"

  • "TCP_ANY"

  • "OTHER_NETWORK_SERVICE"

  • "DNS"

  • "NETBIOS"

  • "FTP"

  • "GNUTELLA"

  • "H_323"

  • "HTTP"

  • "HTTPS"

  • "IKE"

  • "IMAP"

  • "ILS"

  • "IKE_NAT"

  • "IRC"

  • "LDAP"

  • "QUIC"

  • "TDS"

  • "NETMEETING"

  • "NFS"

  • "NTP"

  • "SIP"

  • "SNMP"

  • "SMB"

  • "SMTP"

  • "SSH"

  • "SYSLOG"

  • "TELNET"

  • "TRACEROUTE"

  • "POP3"

  • "PPTP"

  • "RADIUS"

  • "REAL_MEDIA"

  • "RTSP"

  • "VNC"

  • "WHOIS"

  • "KERBEROS_SEC"

  • "TACACS"

  • "SNMPTRAP"

  • "NMAP"

  • "RSYNC"

  • "L2TP"

  • "HTTP_PROXY"

  • "PC_ANYWHERE"

  • "MSN"

  • "ECHO"

  • "AIM"

  • "IDENT"

  • "YMSG"

  • "SCCP"

  • "MGCP_UA"

  • "MGCP_CA"

  • "VDO_LIVE"

  • "OPENVPN"

  • "TFTP"

  • "FTPS_IMPLICIT"

  • "ZSCALER_PROXY_NW_SERVICES"

  • "GRE_PROTOCOL"

  • "ESP_PROTOCOL"

  • "DHCP"

type

string

The service indicates that this is an admin-defined service.

Choices:

  • "CUSTOM" ← (default)

use_legacy_client

boolean

Whether to use the legacy Zscaler API client.

Choices:

  • false ← (default)

  • true

username

string

A string that contains the email ID of the API admin.

vanity_domain

string

The vanity domain provisioned by Zscaler for OAuth2 flows.

Notes

Note

  • Check mode is supported.

Examples

- name: Create/Update/Delete Network Services.
  zscaler.ziacloud.zia_cloud_firewall_network_services:
    provider: '{{ provider }}'
    name: "example"
    description: "example"
    src_tcp_ports:
      - start: 5002
        end: 5005
    dest_tcp_ports:
      - start: 5003
        end: 5005
    type: "CUSTOM"

Authors

  • William Guilherme (@willguibr)