zscaler.ziacloud.zia_sandbox_rules_info module – Retrieves the list of all Sandbox policy rules

Note

This module is part of the zscaler.ziacloud collection (version 2.0.3).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install zscaler.ziacloud. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: zscaler.ziacloud.zia_sandbox_rules_info.

New in zscaler.ziacloud 2.0.0

Synopsis

  • Retrieves the list of all Sandbox policy rules configured in the ZIA Admin Portal

Requirements

The below requirements are needed on the host that executes this module.

Parameters

Parameter

Comments

api_key

string

A string that contains the obfuscated API key.

client_id

string

The client ID for OAuth2 authentication.

client_secret

string

The client secret for OAuth2 authentication.

cloud

string

The Zscaler cloud name provisioned for your organization.

Choices:

  • "zscloud"

  • "zscaler"

  • "zscalerone"

  • "zscalertwo"

  • "zscalerthree"

  • "zscalerbeta"

  • "zscalergov"

  • "zscalerten"

  • "beta"

  • "production"

id

integer

Unique identifier for the Sandbox rule

name

string

Name of the Sandboxy rule

password

string

A string that contains the password for the API admin.

private_key

string

The private key for JWT-based OAuth2 authentication.

provider

dictionary

A dict containing authentication credentials.

api_key

string

Obfuscated API key.

client_id

string

OAuth2 client ID.

client_secret

string

OAuth2 client secret.

cloud

string

Zscaler cloud name.

Choices:

  • "zscloud"

  • "zscaler"

  • "zscalerone"

  • "zscalertwo"

  • "zscalerthree"

  • "zscalerbeta"

  • "zscalergov"

  • "zscalerten"

  • "beta"

  • "production"

password

string

Password for the API admin.

private_key

string

Private key for OAuth2 JWT.

sandbox_cloud

string

Sandbox Cloud environment.

sandbox_token

string

Sandbox API Key.

use_legacy_client

boolean

Whether to use the legacy Zscaler API client.

Choices:

  • false ← (default)

  • true

username

string

Email ID of the API admin.

vanity_domain

string

Vanity domain for OAuth2.

sandbox_cloud

string

The Sandbox cloud environment for API access.

sandbox_token

string

A string that contains the Sandbox API Key.

use_legacy_client

boolean

Whether to use the legacy Zscaler API client.

Choices:

  • false ← (default)

  • true

username

string

A string that contains the email ID of the API admin.

vanity_domain

string

The vanity domain provisioned by Zscaler for OAuth2 flows.

Notes

Note

  • Check mode is not supported.

Examples

- name: Gather Information Details of all ZIA Sandbox Rule
  zscaler.ziacloud.zia_sandbox_rules_info:
    provider: '{{ provider }}'

- name: Gather Information Details of a ZIA Sandbox Rule by Name
  zscaler.ziacloud.zia_sandbox_rules_info:
    provider: '{{ provider }}'
    name: "Example"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

rules

list / elements=dictionary

List of Sandbox policy rules retrieved.

Returned: always

ba_policy_categories

list / elements=string

Threat categories associated with the rule.

Returned: success

Sample: ["ADWARE_BLOCK", "BOTMAL_BLOCK"]

ba_rule_action

string

The action configured for the rule when traffic matches.

Returned: success

Sample: "BLOCK"

departments

list / elements=dictionary

List of department IDs the rule applies to.

Returned: success

id

integer

Identifier of the department.

Returned: success

Sample: 99364442

description

string

Additional information about the rule.

Returned: success

Sample: "Default Rule Created during the company creation"

enabled

boolean

Determines whether the Sandbox Rule is enabled or disabled.

Returned: success

Sample: true

file_types

list / elements=string

File types to which the Sandbox rule applies.

Returned: success

Sample: ["FTCATEGORY_WINDOWS_EXECUTABLES", "FTCATEGORY_ZIP"]

first_time_enable

boolean

Indicates whether a first-time action is configured for the rule.

Returned: success

Sample: true

first_time_operation

string

Action that must take place when users download unknown files for the first time.

Returned: success

Sample: "ALLOW_SCAN"

groups

list / elements=dictionary

List of group IDs the rule applies to.

Returned: success

id

integer

Identifier of the group.

Returned: success

Sample: 76662385

id

integer

Unique identifier for the Sandbox Rule.

Returned: success

Sample: 552595

labels

list / elements=dictionary

List of label IDs associated with the rule.

Returned: success

id

integer

Identifier of the label.

Returned: success

Sample: 4204140

location_groups

list / elements=dictionary

List of location group IDs the rule applies to.

Returned: success

id

integer

Identifier of the location group.

Returned: success

Sample: 44772848

locations

list / elements=dictionary

List of location IDs the rule applies to.

Returned: success

id

integer

Identifier of the location.

Returned: success

Sample: 256001376

ml_action_enabled

boolean

Whether AI Instant Verdict (ML) is enabled for the Sandbox rule.

Returned: success

Sample: false

name

string

Name of the Sandbox Rule.

Returned: success

Sample: "Default BA Rule"

order

integer

Rule order number of the Sandbox Rule.

Returned: success

Sample: 127

protocols

list / elements=string

Protocols to which the rule applies.

Returned: success

Sample: ["ANY_RULE"]

rank

integer

Admin rank of the Sandbox Rule.

Returned: success

Sample: 7

url_categories

list / elements=string

URL categories associated with the rule.

Returned: success

Sample: ["NUDITY", "PORNOGRAPHY"]

users

list / elements=dictionary

List of user IDs the rule applies to.

Returned: success

id

integer

Identifier of the user.

Returned: success

Sample: 45513075

zpa_app_segments

list / elements=dictionary

List of ZPA Application Segments associated with the rule.

Returned: success

external_id

string

Indicates the external ID of the ZPA Application Segment.

Returned: success

Sample: "2"

name

string

The name of the ZPA Application Segment.

Returned: success

Sample: "Inspect App Segments"

Authors

  • William Guilherme (@willguibr)