zscaler.zpacloud.zpa_application_segment_browser_access module – Create a Browser Access Application Segment.

Note

This module is part of the zscaler.zpacloud collection (version 1.4.2).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install zscaler.zpacloud. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: zscaler.zpacloud.zpa_application_segment_browser_access.

New in zscaler.zpacloud 1.0.0

Synopsis 

This module create/update/delete a Browser Access Application Segment in the ZPA Cloud.

Requirements 

The below requirements are needed on the host that executes this module.

Zscaler SDK Python can be obtained from PyPI https://pypi.org/project/zscaler-sdk-python/

Parameters 

Parameter	Comments
bypass_type string	Indicates whether users can bypass ZPA to access applications. Choices: `"ALWAYS"` `"NEVER"` `"ON_NET"`
client_id string	The ZPA API client ID generated from the ZPA console.
client_secret string	The ZPA API client secret generated from the ZPA console.
clientless_app_ids list / elements=dictionary / required
allow_options boolean	Whether the options are enabled for the Browser Access application or not Choices: `false` ← (default) `true`
application_port string	The port for the Browser Access application.
application_protocol string	The protocol for the Browser Access application. Choices: `"HTTP"` `"HTTPS"`
certificate_id string	The unique identifier of the Browser Access certificate.
cname string	The canonical name (CNAME DNS records) of the Browser Access application.
description string	The description of the Browser Access application
domain string	The domain of the Browser Access application.
enabled boolean	Whether the Browser Access application is enabled or not. Choices: `false` `true` ← (default)
name string	The name of the Browser Access application
trust_untrusted_cert boolean	Whether the use of untrusted certificates is enabled or disabled for the Browser Access application Choices: `false` ← (default) `true`
cloud string	The ZPA cloud provisioned for your organization. Choices: `"PRODUCTION"` `"BETA"` `"QA"` `"QA2"` `"GOV"` `"GOVUS"` `"PREVIEW"` `"ZPATWO"`
customer_id string	The ZPA tenant ID found in the Administration Company menu in the ZPA console.
description string	Description of the application.
domain_names list / elements=string / required	List of domains and IPs.
double_encrypt boolean	Whether Double Encryption is enabled or disabled for the app. Choices: `false` ← (default) `true`
enabled boolean	Whether this application is enabled or not. Choices: `false` `true` ← (default)
health_check_type string	Whether the health check is enabled (DEFAULT) or disabled (NONE) for the application Choices: `"DEFAULT"` ← (default) `"NONE"`
health_reporting string	Whether health reporting for the app is Continuous or On Access. Supported values: NONE, ON_ACCESS, CONTINUOUS. Choices: `"NONE"` ← (default) `"ON_ACCESS"` `"CONTINUOUS"`
icmp_access_type boolean	Indicates the ICMP access type. Choices: `false` `true` ← (default)
id string	Unique ID.
inspect_traffic_with_zia boolean	Indicates if Inspect Traffic with ZIA is enabled for the application When enabled, this leverages a single posture for securing internet/SaaS and private applications and applies Data Loss Prevention policies to the application segment you are creating Choices: `false` ← (default) `true`
ip_anchored boolean	Whether Source IP Anchoring for use with ZIA is enabled or disabled for the application Choices: `false` ← (default) `true`
is_cname_enabled boolean	Indicates if the Zscaler Client Connector (formerly Zscaler App or Z App) receives CNAME DNS records from the connectors. Choices: `false` `true` ← (default)
is_incomplete_dr_config boolean	Indicates whether or not the disaster recovery configuration is incomplete Choices: `false` ← (default) `true`
name string / required	Name of the application.
passive_health_enabled boolean	passive health enabled. Choices: `false` `true` ← (default)
provider dictionary	A dict object containing authentication details.
client_id string	The ZPA API client ID generated from the ZPA console.
client_secret string	The ZPA API client secret generated from the ZPA console.
cloud string	The ZPA cloud provisioned for your organization. Choices: `"PRODUCTION"` `"BETA"` `"QA"` `"QA2"` `"GOV"` `"GOVUS"` `"PREVIEW"` `"ZPATWO"`
customer_id string	The ZPA tenant ID found in the Administration Company menu in the ZPA console.
segment_group_id string / required	segment group id.
select_connector_close_to_app boolean	Whether the App Connector is closest to the application (True) or closest to the user (False). Choices: `false` ← (default) `true`
server_group_ids list / elements=string / required	List of the server group IDs.
state string	The state. Choices: `"present"` ← (default) `"absent"`
tcp_keep_alive boolean	Indicates whether TCP communication sockets are enabled or disabled. Choices: `false` ← (default) `true`
tcp_port_range list / elements=dictionary	The TCP port ranges used to access the application
from string	The starting port for a port range
to string	The ending port for a port range
udp_port_range list / elements=dictionary	The UDP port ranges used to access the application
from string	The starting port for a port range
to string	The ending port for a port range
use_in_dr_mode boolean	Whether or not the application resource is designated for disaster recovery Choices: `false` ← (default) `true`

Notes 

Note

Check mode is supported.

Examples 

- name: Create an app segment
  zscaler.zpacloud.zpa_application_segment_browser_access:
    provider: "{{ zpa_cloud }}"
    name: Example Application
    description: Example Application Test
    enabled: true
    health_reporting: ON_ACCESS
    bypass_type: NEVER
    clientless_app_ids:
      - name: "crm.example.com"
        application_protocol: "HTTP"
        application_port: "8080"
        certificate_id: "216196257331282583"
        trust_untrusted_cert: true
        enabled: true
        domain: "crm.example.com"
      - name: "crm2.example.com"
        application_protocol: "HTTP"
        application_port: "8082"
        certificate_id: "216196257331282583"
        trust_untrusted_cert: true
        enabled: true
        domain: "crm.example.com"
    is_cname_enabled: true
    tcp_port_range:
      - from: "80"
        to: "80"
    domain_names:
      - crm.example.com
    segment_group_id: "216196257331291896"
    server_group_ids:
      - "216196257331291969"

Authors

William Guilherme (@willguibr)

zscaler.zpacloud.zpa_application_segment_browser_access module – Create a Browser Access Application Segment.

Synopsis

Requirements

Parameters

Notes

Examples