zscaler.zpacloud.zpa_application_segment_multimatch_bulk module – Bulk update multimatch settings for Application Segments.

Note

This module is part of the zscaler.zpacloud collection (version 2.1.0).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install zscaler.zpacloud. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: zscaler.zpacloud.zpa_application_segment_multimatch_bulk.

New in zscaler.zpacloud 1.0.0

Synopsis

  • This module allows bulk updating of multimatch (match_style) settings for multiple application segments.

  • The match_style can be set to either EXCLUSIVE or INCLUSIVE for all specified application segments.

Requirements

The below requirements are needed on the host that executes this module.

Parameters

Parameter

Comments

application_ids

list / elements=string / required

List of application segment IDs to update match_style for.

At least one application ID must be provided.

client_id

string

The client ID for OAuth2 authentication.

Required for OneAPI client authentication when use_legacy_client=false.

client_secret

string

The client secret for OAuth2 authentication.

Used for OneAPI client authentication when use_legacy_client=false and not using private_key.

cloud

string

The ZPA cloud provisioned for your organization.

Used for OneAPI client authentication when use_legacy_client=false.

Choices:

  • "BETA"

  • "GOV"

  • "GOVUS"

  • "PRODUCTION"

  • "QA"

  • "QA2"

  • "PREVIEW"

  • "beta"

  • "production"

customer_id

string

The ZPA tenant ID found in the Administration Company menu in the ZPA console.

Used for OneAPI client authentication when use_legacy_client=false.

match_style

string / required

Match style to apply to all specified application segments.

EXCLUSIVE means domains are matched exclusively to this segment.

INCLUSIVE means domains can be shared with other segments.

Choices:

  • "EXCLUSIVE"

  • "INCLUSIVE"

microtenant_id

string

The unique identifier of the Microtenant for the ZPA tenant.

private_key

string

The private key for JWT-based OAuth2 authentication.

Used for OneAPI client authentication when use_legacy_client=false and not using client_secret.

provider

dictionary

A dict containing authentication credentials.

client_id

string

The client ID for OAuth2 authentication.

Required for OneAPI client authentication when use_legacy_client=false.

client_secret

string

The client secret for OAuth2 authentication.

Used for OneAPI client authentication when use_legacy_client=false and not using private_key.

cloud

string

The ZPA cloud provisioned for your organization.

Used for OneAPI client authentication when use_legacy_client=false.

Choices:

  • "BETA"

  • "GOV"

  • "GOVUS"

  • "PRODUCTION"

  • "QA"

  • "QA2"

  • "PREVIEW"

  • "beta"

  • "production"

customer_id

string

The ZPA tenant ID found in the Administration Company menu in the ZPA console.

Used for OneAPI client authentication when use_legacy_client=false.

microtenant_id

string

The ZPA Microtenant ID found in the Administration Company menu in the ZPA console.

Used for OneAPI client authentication when use_legacy_client=false.

private_key

string

The private key for JWT-based OAuth2 authentication.

Used for OneAPI client authentication when use_legacy_client=false and not using client_secret.

use_legacy_client

boolean

Whether to use the legacy Zscaler API client.

When true, uses zpa_client_id/zpa_client_secret/zpa_customer_id/zpa_cloud for authentication.

When false (default), uses client_id/client_secret/private_key with vanity_domain for OAuth2 authentication.

Choices:

  • false ← (default)

  • true

vanity_domain

string

The vanity domain provisioned by Zscaler for OAuth2 flows.

Required for OneAPI client authentication when use_legacy_client=false.

zpa_client_id

string

The ZPA API client ID generated from the ZPA console.

Required for legacy client authentication when use_legacy_client=true.

zpa_client_secret

string

The ZPA API client secret generated from the ZPA console.

Required for legacy client authentication when use_legacy_client=true.

zpa_cloud

string

The ZPA cloud provisioned for your organization.

Required for legacy client authentication when use_legacy_client=true.

Choices:

  • "BETA"

  • "GOV"

  • "GOVUS"

  • "PRODUCTION"

  • "QA"

  • "QA2"

  • "PREVIEW"

  • "beta"

  • "production"

zpa_customer_id

string

The ZPA tenant ID found in the Administration Company menu in the ZPA console.

Required for legacy client authentication when use_legacy_client=true.

zpa_microtenant_id

string

The ZPA Microtenant ID found in the Administration Company menu in the ZPA console.

Used for legacy client authentication when use_legacy_client=true.

use_legacy_client

boolean

Whether to use the legacy Zscaler API client.

When true, uses zpa_client_id/zpa_client_secret/zpa_customer_id/zpa_cloud for authentication.

When false (default), uses client_id/client_secret/private_key with vanity_domain for OAuth2 authentication.

Choices:

  • false ← (default)

  • true

vanity_domain

string

The vanity domain provisioned by Zscaler for OAuth2 flows.

Required for OneAPI client authentication when use_legacy_client=false.

zpa_client_id

string

The ZPA API client ID generated from the ZPA console.

Required for legacy client authentication when use_legacy_client=true.

zpa_client_secret

string

The ZPA API client secret generated from the ZPA console.

Required for legacy client authentication when use_legacy_client=true.

zpa_cloud

string

The ZPA cloud provisioned for your organization.

Required for legacy client authentication when use_legacy_client=true.

Choices:

  • "BETA"

  • "GOV"

  • "GOVUS"

  • "PRODUCTION"

  • "QA"

  • "QA2"

  • "PREVIEW"

  • "beta"

  • "production"

zpa_customer_id

string

The ZPA tenant ID found in the Administration Company menu in the ZPA console.

Required for legacy client authentication when use_legacy_client=true.

zpa_microtenant_id

string

The ZPA Microtenant ID found in the Administration Company menu in the ZPA console.

Used for legacy client authentication when use_legacy_client=true.

Notes

Note

  • Check mode is supported.

Examples

- name: Update Multiple Application Segments to INCLUSIVE Match Style
  zscaler.zpacloud.zpa_application_segment_multimatch_bulk:
    provider: "{{ zpa_cloud }}"
    application_ids:
      - "216196257331372697"
      - "216196257331372698"
    match_style: "INCLUSIVE"

- name: Update Multiple Application Segments to EXCLUSIVE Match Style
  zscaler.zpacloud.zpa_application_segment_multimatch_bulk:
    provider: "{{ zpa_cloud }}"
    application_ids:
      - "216196257331372697"
    match_style: "EXCLUSIVE"

- name: Update Application Segments with Microtenant
  zscaler.zpacloud.zpa_application_segment_multimatch_bulk:
    provider: "{{ zpa_cloud }}"
    application_ids:
      - "216196257331372697"
      - "216196257331372698"
    match_style: "INCLUSIVE"
    microtenant_id: "216199618143373000"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

data

dictionary

Result message from the bulk update operation.

Returned: always

application_ids

list / elements=string

List of application segment IDs that were updated.

Returned: success

Sample: ["216196257331372697", "216196257331372698"]

match_style

string

The match_style that was applied.

Returned: success

Sample: "INCLUSIVE"

message

string

Status message indicating the result of the operation.

Returned: success

Sample: "Bulk update multimatch operation completed successfully."

Authors

  • William Guilherme (@willguibr)