zscaler.zpacloud.zpa_app_connector_groups module – Create an App Connector Group in the ZPA Cloud.

Note

This module is part of the zscaler.zpacloud collection (version 2.2.3).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install zscaler.zpacloud. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: zscaler.zpacloud.zpa_app_connector_groups.

New in zscaler.zpacloud 1.0.0

Synopsis 

This module creates/update/delete an App Connector Group in the ZPA Cloud.

Requirements 

The below requirements are needed on the host that executes this module.

Zscaler SDK Python can be obtained from PyPI https://pypi.org/project/zscaler-sdk-python/

Parameters 

Parameter	Comments
city_country string	City Country of the App Connector Group
client_id string	The client ID for OAuth2 authentication. Required for OneAPI client authentication when use_legacy_client=false.
client_secret string	The client secret for OAuth2 authentication. Used for OneAPI client authentication when use_legacy_client=false and not using private_key.
cloud string	The ZPA cloud provisioned for your organization. Used for OneAPI client authentication when use_legacy_client=false. Choices: `"BETA"` `"GOV"` `"GOVUS"` `"PREVIEW"` `"PRODUCTION"` `"QA"` `"QA2"` `"ZPATWO"` `"beta"` `"production"`
country_code string	Country code of the App Connector Group.
customer_id string	The ZPA tenant ID found in the Administration Company menu in the ZPA console. Used for OneAPI client authentication when use_legacy_client=false.
description string	The description of the App Connector Group
dns_query_type string	Whether to enable IPv4 or IPv6, or both, for DNS resolution of all applications in the App Connector Group. Choices: `"IPV4_IPV6"` ← (default) `"IPV4"` `"IPV6"`
enabled boolean	Whether this App Connector Group is enabled or not. Choices: `false` `true` ← (default)
enrollment_cert_id string	ID of the enrollment certificate used for OAuth onboarding. If omitted, the module automatically resolves the certificate named `Connector`.
id string	The unique identifier of the App Connector Group.
latitude string	Latitude of the App Connector Group. Integer or decimal. With values in the range of -90 to 90.
location string	Location of the App Connector Group.
longitude string	Longitude of the App Connector Group. Integer or decimal. With values in the range of -180 to 180.
lss_app_connector_group string	LSS app connector group
microtenant_id string	The unique identifier of the Microtenant for the ZPA tenant
name string / required	Name of the App Connector Group.
override_version_profile boolean	App Connectors in this group will attempt to update to a newer version of the software during this specified time. Integer in seconds (i.e., -66600). The integer should be greater than or equal to 0 and less than 86400, in 15 minute intervals. Choices: `false` `true`
pra_enabled boolean	Whether or not privileged remote access is enabled for the App Connector Group. Choices: `false` ← (default) `true`
private_key string	The private key for JWT-based OAuth2 authentication. Used for OneAPI client authentication when use_legacy_client=false and not using client_secret.
provider dictionary	A dict containing authentication credentials.
client_id string	The client ID for OAuth2 authentication. Required for OneAPI client authentication when use_legacy_client=false.
client_secret string	The client secret for OAuth2 authentication. Used for OneAPI client authentication when use_legacy_client=false and not using private_key.
cloud string	The ZPA cloud provisioned for your organization. Used for OneAPI client authentication when use_legacy_client=false. Choices: `"BETA"` `"GOV"` `"GOVUS"` `"PREVIEW"` `"PRODUCTION"` `"QA"` `"QA2"` `"ZPATWO"` `"beta"` `"production"`
customer_id string	The ZPA tenant ID found in the Administration Company menu in the ZPA console. Used for OneAPI client authentication when use_legacy_client=false.
microtenant_id string	The ZPA Microtenant ID found in the Administration Company menu in the ZPA console. Used for OneAPI client authentication when use_legacy_client=false.
private_key string	The private key for JWT-based OAuth2 authentication. Used for OneAPI client authentication when use_legacy_client=false and not using client_secret.
use_legacy_client boolean	Whether to use the legacy Zscaler API client. When true, uses zpa_client_id/zpa_client_secret/zpa_customer_id/zpa_cloud for authentication. When false (default), uses client_id/client_secret/private_key with vanity_domain for OAuth2 authentication. Choices: `false` ← (default) `true`
vanity_domain string	The vanity domain provisioned by Zscaler for OAuth2 flows. Required for OneAPI client authentication when use_legacy_client=false.
zpa_client_id string	The ZPA API client ID generated from the ZPA console. Required for legacy client authentication when use_legacy_client=true.
zpa_client_secret string	The ZPA API client secret generated from the ZPA console. Required for legacy client authentication when use_legacy_client=true.
zpa_cloud string	The ZPA cloud provisioned for your organization. Required for legacy client authentication when use_legacy_client=true. Choices: `"BETA"` `"GOV"` `"GOVUS"` `"PREVIEW"` `"PRODUCTION"` `"QA"` `"QA2"` `"ZPATWO"` `"beta"` `"production"`
zpa_customer_id string	The ZPA tenant ID found in the Administration Company menu in the ZPA console. Required for legacy client authentication when use_legacy_client=true.
zpa_microtenant_id string	The ZPA Microtenant ID found in the Administration Company menu in the ZPA console. Used for legacy client authentication when use_legacy_client=true.
state string	Specifies the desired state of the resource. Choices: `"present"` ← (default) `"absent"`
tcp_quick_ack_app boolean	Whether TCP Quick Acknowledgement is enabled or disabled for the application. The tcpQuickAckApp, tcpQuickAckAssistant, and tcpQuickAckReadAssistant fields must all share the same values. Choices: `false` ← (default) `true`
tcp_quick_ack_assistant boolean	Whether TCP Quick Acknowledgement is enabled or disabled for the application. The tcpQuickAckApp, tcpQuickAckAssistant, and tcpQuickAckReadAssistant fields must all share the same values. Choices: `false` ← (default) `true`
tcp_quick_ack_read_assistant boolean	Whether TCP Quick Acknowledgement is enabled or disabled for the application. The tcpQuickAckApp, tcpQuickAckAssistant, and tcpQuickAckReadAssistant fields must all share the same values. Choices: `false` ← (default) `true`
upgrade_day string	App Connectors in this group will attempt to update to a newer version of the software during this specified day. List of valid days (i.e., Sunday, Monday). Choices: `"MONDAY"` `"TUESDAY"` `"WEDNESDAY"` `"THURSDAY"` `"FRIDAY"` `"SATURDAY"` `"SUNDAY"` ← (default)
upgrade_time_in_secs string	App Connectors in this group will attempt to update to a newer version of the software during this specified time. Integer in seconds (i.e., -66600). The integer should be greater than or equal to 0 and less than 86400, in 15 minute intervals. Default: `"66600"`
use_in_dr_mode boolean	Whether or not the App Connector Group is designated for disaster recovery. Choices: `false` ← (default) `true`
use_legacy_client boolean	Whether to use the legacy Zscaler API client. When true, uses zpa_client_id/zpa_client_secret/zpa_customer_id/zpa_cloud for authentication. When false (default), uses client_id/client_secret/private_key with vanity_domain for OAuth2 authentication. Choices: `false` ← (default) `true`
user_codes list / elements=string	OAuth user codes generated from deployed App Connector VMs. When provided, the module invokes OAuth user code verification after create/update.
vanity_domain string	The vanity domain provisioned by Zscaler for OAuth2 flows. Required for OneAPI client authentication when use_legacy_client=false.
version_profile_id string	ID of the version profile. To learn more, see Version Profile Use Cases. This value is required, if the value for overrideVersionProfile is set to true. Choices: `"0"` ← (default) `"1"` `"2"`
waf_disabled boolean	Whether or not AppProtection is disabled for the App Connector Group. Choices: `false` ← (default) `true`
zpa_client_id string	The ZPA API client ID generated from the ZPA console. Required for legacy client authentication when use_legacy_client=true.
zpa_client_secret string	The ZPA API client secret generated from the ZPA console. Required for legacy client authentication when use_legacy_client=true.
zpa_cloud string	The ZPA cloud provisioned for your organization. Required for legacy client authentication when use_legacy_client=true. Choices: `"BETA"` `"GOV"` `"GOVUS"` `"PREVIEW"` `"PRODUCTION"` `"QA"` `"QA2"` `"ZPATWO"` `"beta"` `"production"`
zpa_customer_id string	The ZPA tenant ID found in the Administration Company menu in the ZPA console. Required for legacy client authentication when use_legacy_client=true.
zpa_microtenant_id string	The ZPA Microtenant ID found in the Administration Company menu in the ZPA console. Used for legacy client authentication when use_legacy_client=true.

Notes 

Note

Check mode is supported.

Examples 

- name: Create/Update/Delete an App Connector Group
  zscaler.zpacloud.zpa_app_connector_groups:
    provider: "{{ zpa_cloud }}"
    name: "Example"
    description: "Example"
    enabled: true
    city_country: "California, US"
    country_code: "US"
    latitude: "37.3382082"
    longitude: "-121.8863286"
    location: "San Jose, CA, USA"
    upgrade_day: "SUNDAY"
    upgrade_time_in_secs: "66600"
    override_version_profile: true
    version_profile_id: "0"
    dns_query_type: "IPV4"
    user_codes:
      - "ABCD-1234"
      - "EFGH-5678"

Authors

William Guilherme (@willguibr)

zscaler.zpacloud.zpa_app_connector_groups module – Create an App Connector Group in the ZPA Cloud.

Synopsis

Requirements

Parameters

Notes

Examples