zscaler.zpacloud.zpa_policy_access_forwarding_rule module – Create a Policy Forwarding Rule.
Note
This module is part of the zscaler.zpacloud collection (version 1.4.2).
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install zscaler.zpacloud.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: zscaler.zpacloud.zpa_policy_access_forwarding_rule.
New in zscaler.zpacloud 1.0.0
Synopsis
This module will create, update or delete a specific Policy Forwarding Rule
Requirements
The below requirements are needed on the host that executes this module.
Zscaler SDK Python can be obtained from PyPI https://pypi.org/project/zscaler-sdk-python/
Parameters
Parameter |
Comments |
|---|---|
The action of the forwarding rule Choices:
|
|
The ZPA API client ID generated from the ZPA console. |
|
The ZPA API client secret generated from the ZPA console. |
|
The ZPA cloud provisioned for your organization. Choices:
|
|
Specifies the set of conditions for the policy rule |
|
The operands of the condition set |
|
The unique identifier of the IdP |
|
The key for the object type |
|
The object type of the operand Choices:
|
|
The value for the given object type. Its value depends upon the key |
|
The operator of the condition set Choices:
|
|
The ZPA tenant ID found in the Administration Company menu in the ZPA console. |
|
The description of the forwarding rule |
|
The unique identifier of the policy set |
|
The name of the forwarding rule |
|
Denotes the operation type. These are operands used between criteria Choices:
|
|
Indicates the policy type. The following value is supported: client_forwarding |
|
A dict object containing authentication details. |
|
The ZPA API client ID generated from the ZPA console. |
|
The ZPA API client secret generated from the ZPA console. |
|
The ZPA cloud provisioned for your organization. Choices:
|
|
The ZPA tenant ID found in the Administration Company menu in the ZPA console. |
|
The policy evaluation order number of the rule. |
|
The state. Choices:
|
Notes
Note
Check mode is supported.
Examples
- name: Policy Forwarding Rule - Example
zscaler.zpacloud.zpa_policy_access_forwarding_rule:
provider: "{{ zpa_cloud }}"
name: "Policy Forwarding Rule - Example"
description: "Policy Forwarding Rule - Example"
action: "BYPASS"
rule_order: 1
operator: "AND"
conditions:
- operator: "OR"
operands:
- name: "app_segment"
object_type: "APP"
lhs: "id"
rhs: "216196257331292105"
- operator: "OR"
operands:
- name: "segment_group"
object_type: "APP_GROUP"
lhs: "id"
rhs: "216196257331292103"
- operator: "OR"
operands:
- name: "zpn_client_type_exporter"
object_type: "CLIENT_TYPE"
lhs: "id"
rhs: "zpn_client_type_exporter"
- name: "zpn_client_type_browser_isolation"
object_type: "CLIENT_TYPE"
lhs: "id"
rhs: "zpn_client_type_browser_isolation"
- name: "zpn_client_type_zapp"
object_type: "CLIENT_TYPE"
lhs: "id"
rhs: "zpn_client_type_zapp"
- operator: "OR"
operands:
- name: "CrowdStrike_ZPA_ZTA_80"
object_type: "POSTURE"
lhs: "{{ postures.data[0].posture_udid }}"
rhs: "false"