zscaler.ziacloud.zia_risk_profiles_info module – Retrieves the cloud application risk profile

Note

This module is part of the zscaler.ziacloud collection (version 2.0.3).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install zscaler.ziacloud. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: zscaler.ziacloud.zia_risk_profiles_info.

New in zscaler.ziacloud 2.0.0

Synopsis

  • Retrieves the cloud application risk profile

Requirements

The below requirements are needed on the host that executes this module.

Parameters

Parameter

Comments

api_key

string

A string that contains the obfuscated API key.

client_id

string

The client ID for OAuth2 authentication.

client_secret

string

The client secret for OAuth2 authentication.

cloud

string

The Zscaler cloud name provisioned for your organization.

Choices:

  • "zscloud"

  • "zscaler"

  • "zscalerone"

  • "zscalertwo"

  • "zscalerthree"

  • "zscalerbeta"

  • "zscalergov"

  • "zscalerten"

  • "beta"

  • "production"

id

integer

The unique identifier for the risk profile.

password

string

A string that contains the password for the API admin.

private_key

string

The private key for JWT-based OAuth2 authentication.

profile_name

string

Cloud application risk profile name

provider

dictionary

A dict containing authentication credentials.

api_key

string

Obfuscated API key.

client_id

string

OAuth2 client ID.

client_secret

string

OAuth2 client secret.

cloud

string

Zscaler cloud name.

Choices:

  • "zscloud"

  • "zscaler"

  • "zscalerone"

  • "zscalertwo"

  • "zscalerthree"

  • "zscalerbeta"

  • "zscalergov"

  • "zscalerten"

  • "beta"

  • "production"

password

string

Password for the API admin.

private_key

string

Private key for OAuth2 JWT.

sandbox_cloud

string

Sandbox Cloud environment.

sandbox_token

string

Sandbox API Key.

use_legacy_client

boolean

Whether to use the legacy Zscaler API client.

Choices:

  • false ← (default)

  • true

username

string

Email ID of the API admin.

vanity_domain

string

Vanity domain for OAuth2.

sandbox_cloud

string

The Sandbox cloud environment for API access.

sandbox_token

string

A string that contains the Sandbox API Key.

use_legacy_client

boolean

Whether to use the legacy Zscaler API client.

Choices:

  • false ← (default)

  • true

username

string

A string that contains the email ID of the API admin.

vanity_domain

string

The vanity domain provisioned by Zscaler for OAuth2 flows.

Notes

Note

  • Check mode is not supported.

Examples

- name: Gets all list of risk profile
  zscaler.ziacloud.zia_risk_profiles_info:
    provider: '{{ provider }}'

- name: Gets a list of risk profile by name
  zscaler.ziacloud.zia_risk_profiles_info:
    provider: '{{ provider }}'
    profile_name: "example"

- name: Gets a list of risk profile by ID
  zscaler.ziacloud.zia_risk_profiles_info:
    provider: '{{ provider }}'
    id: 73478

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

profiles

list / elements=dictionary

A list of risk profiles fetched based on the given criteria.

Returned: always

admin_audit_logs

string

Indicates support for admin activity audit logs.

Returned: always

Sample: "YES"

certifications

list / elements=string

List of certifications associated with the profile.

Returned: always

Sample: ["ISO_27001", "CCPA", "CISP", "AICPA"]

create_time

integer

Timestamp when the profile was created (epoch seconds).

Returned: always

Sample: 1746251637

custom_tags

list / elements=dictionary

List of user-defined custom tags for filtering.

Returned: always

Sample: []

data_breach

string

Indicates history of reported data breaches.

Returned: always

Sample: "YES"

data_encryption_in_transit

list / elements=string

List of encryption methods used for data in transit.

Returned: always

Sample: ["TLSV1_0", "TLSV1_1", "SSLV3"]

dns_caa_policy

string

Indicates DNS Certification Authority Authorization policy.

Returned: always

Sample: "YES"

domain_based_message_auth

string

Indicates support for DMARC.

Returned: always

Sample: "YES"

domain_keys_identified_mail

string

Indicates support for DKIM.

Returned: always

Sample: "YES"

evasive

string

Indicates support for evasive access techniques.

Returned: always

Sample: "YES"

exclude_certificates

integer

Whether to include (0) or exclude (1) certificates.

Returned: always

Sample: 0

file_sharing

string

Indicates support for file sharing features.

Returned: always

Sample: "YES"

http_security_headers

string

Indicates use of standard security headers.

Returned: always

Sample: "YES"

id

integer

Unique identifier of the risk profile.

Returned: always

Sample: 73478

last_mod_time

integer

Timestamp of the last profile modification (epoch seconds).

Returned: always

Sample: 1746253320

malware_scanning_for_content

string

Indicates support for malware scanning on content.

Returned: always

Sample: "YES"

mfa_support

string

Indicates support for multi-factor authentication.

Returned: always

Sample: "YES"

modified_by

dictionary

User or system who last modified the profile.

Returned: always

extensions

dictionary

Additional metadata fields.

Returned: always

external_id

boolean

Indicates if the ID is external.

Returned: success

Sample: false

id

integer

ID of the modifier.

Returned: success

Sample: 19475409

name

string

Name of the modifier.

Returned: success

Sample: "GO_SDK_API"

password_strength

string

Password strength rating under hosting info.

Returned: always

Sample: "GOOD"

poor_items_of_service

string

Filters applications with questionable terms and conditions.

Returned: always

Sample: "YES"

profile_name

string

Cloud application risk profile name.

Returned: always

Sample: "RiskProfile_12345"

profile_type

string

Risk profile type. Supported value CLOUD_APPLICATIONS

Returned: always

Sample: "CLOUD_APPLICATIONS"

remote_screen_sharing

string

Indicates support for remote screen sharing.

Returned: always

Sample: "YES"

risk_index

list / elements=string

Risk index scores assigned to cloud applications.

Returned: always

Sample: ["1", "2", "3", "4", "5"]

sender_policy_framework

string

Indicates support for SPF.

Returned: always

Sample: "YES"

source_ip_restrictions

string

Ability to restrict access by source IP.

Returned: always

Sample: "YES"

ssl_cert_key_size

string

Key size of SSL certificates.

Returned: always

Sample: "BITS_2048"

ssl_cert_validity

string

Validity period enforcement for SSL certificates.

Returned: always

Sample: "YES"

ssl_pinned

string

Indicates use of pinned SSL certificates for validation.

Returned: always

Sample: "YES"

status

string

Application status (e.g., SANCTIONED, UN_SANCTIONED).

Returned: always

Sample: "SANCTIONED"

support_for_waf

string

Indicates support for Web Application Firewalls.

Returned: always

Sample: "YES"

vulnerability

string

Indicates mitigation for known CVEs.

Returned: always

Sample: "YES"

vulnerability_disclosure

string

Indicates policy for disclosing vulnerabilities.

Returned: always

Sample: "YES"

vulnerable_to_heart_bleed

string

Indicates vulnerability to Heartbleed.

Returned: always

Sample: "YES"

vulnerable_to_log_jam

string

Indicates vulnerability to Logjam.

Returned: always

Sample: "YES"

vulnerable_to_poodle

string

Indicates vulnerability to POODLE.

Returned: always

Sample: "YES"

weak_cipher_support

string

Indicates use of weak or small key ciphers.

Returned: always

Sample: "YES"

Authors

  • William Guilherme (@willguibr)