zscaler.zpacloud.zpa_pra_approval module – Create a PRA Approval Controller.

Note

This module is part of the zscaler.zpacloud collection (version 1.1.0).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install zscaler.zpacloud. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: zscaler.zpacloud.zpa_pra_approval.

New in zscaler.zpacloud 1.1.0

Synopsis

  • This module will create/update/delete Privileged Remote Access Approval.

Requirements

The below requirements are needed on the host that executes this module.

Parameters

Parameter

Comments

application_ids

list / elements=string

The unique identifier of the pra application segment.

client_id

string

The ZPA API client ID generated from the ZPA console.

client_secret

string

The ZPA API client secret generated from the ZPA console.

cloud

string

The ZPA cloud provisioned for your organization.

Choices:

  • "PRODUCTION"

  • "BETA"

  • "QA"

  • "QA2"

  • "GOV"

  • "GOVUS"

  • "PREVIEW"

  • "ZPATWO"

customer_id

string

The ZPA tenant ID found in the Administration Company menu in the ZPA console.

email_ids

list / elements=string

The email address of the user that you are assigning the privileged approval to

end_time

string

The end date that the user no longer has access to the privileged approval i.e Tue, 07 Jun 2024 11:05:30 PST

id

string

The unique identifier of the privileged approval

provider

dictionary

A dict object containing authentication details.

client_id

string

The ZPA API client ID generated from the ZPA console.

client_secret

string

The ZPA API client secret generated from the ZPA console.

cloud

string

The ZPA cloud provisioned for your organization.

Choices:

  • "PRODUCTION"

  • "BETA"

  • "QA"

  • "QA2"

  • "GOV"

  • "GOVUS"

  • "PREVIEW"

  • "ZPATWO"

customer_id

string

The ZPA tenant ID found in the Administration Company menu in the ZPA console.

start_time

string

The start date that the user has access to the privileged approval i.e Tue, 07 May 2024 11:05:30 PST

state

string

The state.

Choices:

  • "present" ← (default)

  • "absent"

working_hours

dictionary

Privileged Approval WorkHours configuration.

days

list / elements=string

The days of the week when the privileged approval is active.

Choices:

  • "MON"

  • "TUE"

  • "WED"

  • "THU"

  • "FRI"

  • "SAT"

  • "SUN"

end_time

string

The local end time for the privileged approval.

end_time_cron

string

The cron expression for the end time of the privileged approval, specifying the exact time of day the approval ends.

Example: ‘0 0 18 ? * MON-FRI’ ends the approval at 6:00 PM on weekdays.

start_time

string

The local start time for the privileged approval.

start_time_cron

string

The cron expression for the start time of the privileged approval, specifying the exact time of day the approval begins.

Example: ‘0 15 10 ? * MON-FRI’ starts the approval at 10:15 AM on weekdays.

time_zone

string

The IANA time zone identifier for the privileged approval’s timing.

Examples

- name: Create PRA Approval
  zscaler.zpacloud.zpa_pra_approval:
    provider: '{{ zpa_cloud }}'
    state: present
    email_ids:
      - 'jdoe@example.com'
    start_time: 'Thu, 09 May 2024 8:00:00 PST'
    end_time: 'Mon, 10 Jun 2024 5:00:00 PST'
    application_ids:
      - '216199618143356658'
      - '216199618143356661'
    working_hours:
      days:
        - 'FRI'
        - 'MON'
        - 'SAT'
        - 'SUN'
        - 'THU'
        - 'TUE'
        - 'WED'
      start_time: '09:00'
      end_time: '17:00'
      start_time_cron: '0 0 16 ? * MON,TUE,WED,THU,FRI,SAT,SUN'
      end_time_cron: '0 0 0 ? * MON,TUE,WED,THU,FRI,SAT,SUN'
      time_zone: 'America/Vancouver'
  register: result

Authors

  • William Guilherme (@willguibr)