zscaler.zpacloud.zpa_policy_access_timeout_rule module – Create a Policy Timeout Rule
Note
This module is part of the zscaler.zpacloud collection (version 1.4.2).
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install zscaler.zpacloud.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: zscaler.zpacloud.zpa_policy_access_timeout_rule.
New in zscaler.zpacloud 1.0.0
Synopsis
This module create/update/delete a Policy Timeout Rule in the ZPA Cloud.
Requirements
The below requirements are needed on the host that executes this module.
Zscaler SDK Python can be obtained from PyPI https://pypi.org/project/zscaler-sdk-python/
Parameters
Parameter |
Comments |
|---|---|
This is for providing the rule action. Choices:
|
|
The ZPA API client ID generated from the ZPA console. |
|
The ZPA API client secret generated from the ZPA console. |
|
The ZPA cloud provisioned for your organization. Choices:
|
|
Specifies the set of conditions for the policy rule |
|
The operands of the condition set |
|
The unique identifier of the IdP |
|
The key for the object type |
|
The object type of the operand Choices:
|
|
The value for the given object type. Its value depends upon the key |
|
The operator of the condition set Choices:
|
|
This is for providing a customer message for the user. |
|
The ZPA tenant ID found in the Administration Company menu in the ZPA console. |
|
This is the description of the access policy. |
|
The unique identifier of the policy set |
|
This is the name of the timeout policy. |
|
This denotes the operation type. Choices:
|
|
Indicates the policy type. The following value is supported: client_forwarding |
|
A dict object containing authentication details. |
|
The ZPA API client ID generated from the ZPA console. |
|
The ZPA API client secret generated from the ZPA console. |
|
The ZPA cloud provisioned for your organization. Choices:
|
|
The ZPA tenant ID found in the Administration Company menu in the ZPA console. |
|
The reauthentication idle timeout Use minute, minutes, hour, hours, day, days, or never. Timeout interval must be at least 10 minutes or ‘never. i.e 10 minutes, 1 hour, 2 hours, or never |
|
The reauthentication timeout. Use minute, minutes, hour, hours, day, days, or never. Timeout interval must be at least 10 minutes or ‘never. i.e 10 minutes, 1 hour, 2 hours, or never |
|
The policy evaluation order number of the rule. |
|
The state. Choices:
|
Notes
Note
Check mode is supported.
Examples
- name: "Policy Timeout Rule - Example"
zscaler.zpacloud.zpa_policy_access_timeout_rule:
provider: "{{ zpa_cloud }}"
name: "Policy Timeout Rule - Example"
description: "Policy Timeout Rule - Example"
action: "RE_AUTH"
rule_order: 1
reauth_idle_timeout: '1 day'
reauth_timeout: '10 days'
operator: "AND"
conditions:
- operator: "OR"
operands:
- object_type: "APP"
lhs: "id"
rhs: "216196257331292105"
- operator: "OR"
operands:
- object_type: "APP_GROUP"
lhs: "id"
rhs: "216196257331292103"
- operator: "OR"
operands:
- object_type: "CLIENT_TYPE"
lhs: "id"
rhs: "zpn_client_type_exporter"
- object_type: "CLIENT_TYPE"
lhs: "id"
rhs: "zpn_client_type_browser_isolation"
- object_type: "CLIENT_TYPE"
lhs: "id"
rhs: "zpn_client_type_zapp"
- operator: "OR"
operands:
- object_type: "POSTURE"
lhs: "13ba3d97-aefb-4acc-9e54-6cc230dee4a5"
rhs: "true"