zscaler.zpacloud.zpa_application_segment_info module – Retrieve an application segment information.

Note

This module is part of the zscaler.zpacloud collection (version 2.0.0).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install zscaler.zpacloud. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: zscaler.zpacloud.zpa_application_segment_info.

New in zscaler.zpacloud 1.0.0

Synopsis

  • This module will allow the retrieval of information about an application segment.

Requirements

The below requirements are needed on the host that executes this module.

Parameters

Parameter

Comments

client_id

string

The client ID for OAuth2 authentication.

Required for OneAPI client authentication when use_legacy_client=false.

client_secret

string

The client secret for OAuth2 authentication.

Used for OneAPI client authentication when use_legacy_client=false and not using private_key.

cloud

string

The ZPA cloud provisioned for your organization.

Used for OneAPI client authentication when use_legacy_client=false.

Choices:

  • "BETA"

  • "GOV"

  • "GOVUS"

  • "PRODUCTION"

  • "QA"

  • "QA2"

  • "PREVIEW"

  • "beta"

  • "production"

customer_id

string

The ZPA tenant ID found in the Administration Company menu in the ZPA console.

Used for OneAPI client authentication when use_legacy_client=false.

id

string

ID of the application segment.

microtenant_id

string

The unique identifier of the Microtenant for the ZPA tenant

name

string

Name of the application segment.

private_key

string

The private key for JWT-based OAuth2 authentication.

Used for OneAPI client authentication when use_legacy_client=false and not using client_secret.

provider

dictionary

A dict containing authentication credentials.

client_id

string

The client ID for OAuth2 authentication.

Required for OneAPI client authentication when use_legacy_client=false.

client_secret

string

The client secret for OAuth2 authentication.

Used for OneAPI client authentication when use_legacy_client=false and not using private_key.

cloud

string

The ZPA cloud provisioned for your organization.

Used for OneAPI client authentication when use_legacy_client=false.

Choices:

  • "BETA"

  • "GOV"

  • "GOVUS"

  • "PRODUCTION"

  • "QA"

  • "QA2"

  • "PREVIEW"

  • "beta"

  • "production"

customer_id

string

The ZPA tenant ID found in the Administration Company menu in the ZPA console.

Used for OneAPI client authentication when use_legacy_client=false.

microtenant_id

string

The ZPA Microtenant ID found in the Administration Company menu in the ZPA console.

Used for OneAPI client authentication when use_legacy_client=false.

private_key

string

The private key for JWT-based OAuth2 authentication.

Used for OneAPI client authentication when use_legacy_client=false and not using client_secret.

use_legacy_client

boolean

Whether to use the legacy Zscaler API client.

When true, uses zpa_client_id/zpa_client_secret/zpa_customer_id/zpa_cloud for authentication.

When false (default), uses client_id/client_secret/private_key with vanity_domain for OAuth2 authentication.

Choices:

  • false ← (default)

  • true

vanity_domain

string

The vanity domain provisioned by Zscaler for OAuth2 flows.

Required for OneAPI client authentication when use_legacy_client=false.

zpa_client_id

string

The ZPA API client ID generated from the ZPA console.

Required for legacy client authentication when use_legacy_client=true.

zpa_client_secret

string

The ZPA API client secret generated from the ZPA console.

Required for legacy client authentication when use_legacy_client=true.

zpa_cloud

string

The ZPA cloud provisioned for your organization.

Required for legacy client authentication when use_legacy_client=true.

Choices:

  • "BETA"

  • "GOV"

  • "GOVUS"

  • "PRODUCTION"

  • "QA"

  • "QA2"

  • "PREVIEW"

  • "beta"

  • "production"

zpa_customer_id

string

The ZPA tenant ID found in the Administration Company menu in the ZPA console.

Required for legacy client authentication when use_legacy_client=true.

zpa_microtenant_id

string

The ZPA Microtenant ID found in the Administration Company menu in the ZPA console.

Used for legacy client authentication when use_legacy_client=true.

use_legacy_client

boolean

Whether to use the legacy Zscaler API client.

When true, uses zpa_client_id/zpa_client_secret/zpa_customer_id/zpa_cloud for authentication.

When false (default), uses client_id/client_secret/private_key with vanity_domain for OAuth2 authentication.

Choices:

  • false ← (default)

  • true

vanity_domain

string

The vanity domain provisioned by Zscaler for OAuth2 flows.

Required for OneAPI client authentication when use_legacy_client=false.

zpa_client_id

string

The ZPA API client ID generated from the ZPA console.

Required for legacy client authentication when use_legacy_client=true.

zpa_client_secret

string

The ZPA API client secret generated from the ZPA console.

Required for legacy client authentication when use_legacy_client=true.

zpa_cloud

string

The ZPA cloud provisioned for your organization.

Required for legacy client authentication when use_legacy_client=true.

Choices:

  • "BETA"

  • "GOV"

  • "GOVUS"

  • "PRODUCTION"

  • "QA"

  • "QA2"

  • "PREVIEW"

  • "beta"

  • "production"

zpa_customer_id

string

The ZPA tenant ID found in the Administration Company menu in the ZPA console.

Required for legacy client authentication when use_legacy_client=true.

zpa_microtenant_id

string

The ZPA Microtenant ID found in the Administration Company menu in the ZPA console.

Used for legacy client authentication when use_legacy_client=true.

Notes

Note

  • Check mode is not supported.

Examples

- name: Retrieve Details of All Application Segments
  zscaler.zpacloud.zpa_application_segment_info:
    provider: "{{ zpa_cloud }}"

- name: Retrieve Details of a Specific Application Segments by Name
  zscaler.zpacloud.zpa_application_segment_info:
    provider: "{{ zpa_cloud }}"
    name: "Example Application Segment"

- name: Retrieve Details of a Specific Application Segments by ID
  zscaler.zpacloud.zpa_application_segment_info:
    provider: "{{ zpa_cloud }}"
    id: "216196257331291981"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

app_segments

list / elements=dictionary

Details of the application segments that match the criteria.

Returned: always

adp_enabled

boolean

Indicates if Advanced Data Protection (ADP) is enabled.

Returned: success

Sample: false

api_protection_enabled

boolean

Indicates if API protection is enabled.

Returned: success

Sample: false

auto_app_protect_enabled

boolean

Indicates if automatic application protection is enabled.

Returned: success

Sample: false

bypass_on_reauth

boolean

Indicates if the application segment bypasses authentication on reauthorization.

Returned: success

Sample: false

bypass_type

string

The type of bypass configured for the application segment.

Returned: success

Sample: "NEVER"

config_space

string

The configuration space of the application segment.

Returned: success

Sample: "DEFAULT"

creation_time

string

The time when the application segment was created, in epoch format.

Returned: success

Sample: "1724127537"

description

string

A description of the application segment.

Returned: success

Sample: "app01"

domain_names

list / elements=string

A list of domain names associated with the application segment.

Returned: success

Sample: ["app01.acme.com"]

double_encrypt

boolean

Indicates if double encryption is enabled.

Returned: success

Sample: false

enabled

boolean

Indicates if the application segment is enabled.

Returned: success

Sample: true

fqdn_dns_check

boolean

Indicates if FQDN DNS checks are enabled.

Returned: success

Sample: false

health_check_type

string

The type of health check configured for the application segment.

Returned: success

Sample: "DEFAULT"

health_reporting

string

The health reporting mode for the application segment.

Returned: success

Sample: "ON_ACCESS"

icmp_access_type

string

The ICMP access type for the application segment.

Returned: success

Sample: "NONE"

id

string

The unique identifier of the application segment.

Returned: success

Sample: "216199618143442006"

inspect_traffic_with_zia

boolean

Indicates if traffic inspection with ZIA is enabled.

Returned: success

Sample: false

ip_anchored

boolean

Indicates if IP anchoring is enabled.

Returned: success

Sample: false

is_cname_enabled

boolean

Indicates if CNAME is enabled for the application segment.

Returned: success

Sample: true

is_incomplete_dr_config

boolean

Indicates if the application segment has an incomplete disaster recovery configuration.

Returned: success

Sample: false

match_style

string

The match style of the application segment.

Returned: success

Sample: "EXCLUSIVE"

microtenant_name

string

The name of the microtenant associated with the application segment.

Returned: success

Sample: "Default"

modified_by

string

The ID of the user who last modified the application segment.

Returned: success

Sample: "216199618143191041"

modified_time

string

The time when the application segment was last modified, in epoch format.

Returned: success

Sample: "1724127537"

name

string

The name of the application segment.

Returned: success

Sample: "app01"

passive_health_enabled

boolean

Indicates if passive health monitoring is enabled.

Returned: success

Sample: true

segment_group_id

string

The ID of the segment group associated with the application segment.

Returned: success

Sample: "216199618143442005"

segment_group_name

string

The name of the segment group associated with the application segment.

Returned: success

Sample: "Example200"

select_connector_close_to_app

boolean

Indicates if the connector closest to the application should be selected.

Returned: success

Sample: false

server_groups

list / elements=dictionary

A list of server groups associated with the application segment.

Returned: success

config_space

string

The configuration space of the server group.

Returned: success

Sample: "DEFAULT"

creation_time

string

The time when the server group was created, in epoch format.

Returned: success

Sample: "1724111999"

dynamic_discovery

boolean

Indicates if dynamic discovery is enabled for the server group.

Returned: success

Sample: true

enabled

boolean

Indicates if the server group is enabled.

Returned: success

Sample: true

id

string

The unique identifier of the server group.

Returned: success

Sample: "216199618143442001"

modified_by

string

The ID of the user who last modified the server group.

Returned: success

Sample: "216199618143191041"

modified_time

string

The time when the server group was last modified, in epoch format.

Returned: success

Sample: "1724111999"

name

string

The name of the server group.

Returned: success

Sample: "Example200"

tcp_keep_alive

string

Indicates if TCP keep-alive is enabled for the application segment.

Returned: success

Sample: "0"

tcp_port_range

list / elements=dictionary

A list of TCP port ranges associated with the application segment.

Returned: success

from

string

The starting port in the range.

Returned: success

Sample: "8080"

to

string

The ending port in the range.

Returned: success

Sample: "8080"

tcp_port_ranges

list / elements=string

A list of TCP port ranges as strings associated with the application segment.

Returned: success

Sample: ["8080", "8080"]

use_in_dr_mode

boolean

Indicates if the application segment is used in disaster recovery mode.

Returned: success

Sample: false

weighted_load_balancing

boolean

Indicates if weighted load balancing is enabled.

Returned: success

Sample: false

changed

boolean

Indicates if any changes were made.

Returned: always

Sample: false

failed

boolean

Indicates if the operation failed.

Returned: always

Sample: false

Authors

  • William Guilherme (@willguibr)