zscaler.zpacloud.zpa_pra_console_controller module – Create a PRA Console Controller.

Note

This module is part of the zscaler.zpacloud collection (version 2.0.0).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install zscaler.zpacloud. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: zscaler.zpacloud.zpa_pra_console_controller.

New in zscaler.zpacloud 1.1.0

Synopsis 

This module will create/update/delete Privileged Remote Access Console.

Requirements 

The below requirements are needed on the host that executes this module.

Zscaler SDK Python can be obtained from PyPI https://pypi.org/project/zscaler-sdk-python/

Parameters 

Parameter	Comments
client_id string	The client ID for OAuth2 authentication. Required for OneAPI client authentication when use_legacy_client=false.
client_secret string	The client secret for OAuth2 authentication. Used for OneAPI client authentication when use_legacy_client=false and not using private_key.
cloud string	The ZPA cloud provisioned for your organization. Used for OneAPI client authentication when use_legacy_client=false. Choices: `"BETA"` `"GOV"` `"GOVUS"` `"PRODUCTION"` `"QA"` `"QA2"` `"PREVIEW"` `"beta"` `"production"`
customer_id string	The ZPA tenant ID found in the Administration Company menu in the ZPA console. Used for OneAPI client authentication when use_legacy_client=false.
description string	The description of the privileged console
enabled boolean	Whether or not the privileged console is enabled Choices: `false` `true` ← (default)
icon_text string	The privileged console icon. The icon image is converted to base64 encoded text format
id string	The unique identifier of the privileged console
microtenant_id string	The unique identifier of the Microtenant for the ZPA tenant
name string / required	The name of the privileged console
pra_application_id string	The unique identifier of the Privileged Remote Access-enabled application.
pra_portal_ids list / elements=string	The unique identifier of the privileged portal.
private_key string	The private key for JWT-based OAuth2 authentication. Used for OneAPI client authentication when use_legacy_client=false and not using client_secret.
provider dictionary	A dict containing authentication credentials.
client_id string	The client ID for OAuth2 authentication. Required for OneAPI client authentication when use_legacy_client=false.
client_secret string	The client secret for OAuth2 authentication. Used for OneAPI client authentication when use_legacy_client=false and not using private_key.
cloud string	The ZPA cloud provisioned for your organization. Used for OneAPI client authentication when use_legacy_client=false. Choices: `"BETA"` `"GOV"` `"GOVUS"` `"PRODUCTION"` `"QA"` `"QA2"` `"PREVIEW"` `"beta"` `"production"`
customer_id string	The ZPA tenant ID found in the Administration Company menu in the ZPA console. Used for OneAPI client authentication when use_legacy_client=false.
microtenant_id string	The ZPA Microtenant ID found in the Administration Company menu in the ZPA console. Used for OneAPI client authentication when use_legacy_client=false.
private_key string	The private key for JWT-based OAuth2 authentication. Used for OneAPI client authentication when use_legacy_client=false and not using client_secret.
use_legacy_client boolean	Whether to use the legacy Zscaler API client. When true, uses zpa_client_id/zpa_client_secret/zpa_customer_id/zpa_cloud for authentication. When false (default), uses client_id/client_secret/private_key with vanity_domain for OAuth2 authentication. Choices: `false` ← (default) `true`
vanity_domain string	The vanity domain provisioned by Zscaler for OAuth2 flows. Required for OneAPI client authentication when use_legacy_client=false.
zpa_client_id string	The ZPA API client ID generated from the ZPA console. Required for legacy client authentication when use_legacy_client=true.
zpa_client_secret string	The ZPA API client secret generated from the ZPA console. Required for legacy client authentication when use_legacy_client=true.
zpa_cloud string	The ZPA cloud provisioned for your organization. Required for legacy client authentication when use_legacy_client=true. Choices: `"BETA"` `"GOV"` `"GOVUS"` `"PRODUCTION"` `"QA"` `"QA2"` `"PREVIEW"` `"beta"` `"production"`
zpa_customer_id string	The ZPA tenant ID found in the Administration Company menu in the ZPA console. Required for legacy client authentication when use_legacy_client=true.
zpa_microtenant_id string	The ZPA Microtenant ID found in the Administration Company menu in the ZPA console. Used for legacy client authentication when use_legacy_client=true.
state string	Specifies the desired state of the resource. Choices: `"present"` ← (default) `"absent"`
use_legacy_client boolean	Whether to use the legacy Zscaler API client. When true, uses zpa_client_id/zpa_client_secret/zpa_customer_id/zpa_cloud for authentication. When false (default), uses client_id/client_secret/private_key with vanity_domain for OAuth2 authentication. Choices: `false` ← (default) `true`
vanity_domain string	The vanity domain provisioned by Zscaler for OAuth2 flows. Required for OneAPI client authentication when use_legacy_client=false.
zpa_client_id string	The ZPA API client ID generated from the ZPA console. Required for legacy client authentication when use_legacy_client=true.
zpa_client_secret string	The ZPA API client secret generated from the ZPA console. Required for legacy client authentication when use_legacy_client=true.
zpa_cloud string	The ZPA cloud provisioned for your organization. Required for legacy client authentication when use_legacy_client=true. Choices: `"BETA"` `"GOV"` `"GOVUS"` `"PRODUCTION"` `"QA"` `"QA2"` `"PREVIEW"` `"beta"` `"production"`
zpa_customer_id string	The ZPA tenant ID found in the Administration Company menu in the ZPA console. Required for legacy client authentication when use_legacy_client=true.
zpa_microtenant_id string	The ZPA Microtenant ID found in the Administration Company menu in the ZPA console. Used for legacy client authentication when use_legacy_client=true.

Notes 

Note

Check mode is supported.

Examples 

- name: Gather Details of a Specific Browser Certificates by Name
  zscaler.zpacloud.zpa_ba_certificate_info:
    provider: "{{ zpa_cloud }}"
    name: 'portal.acme.com'
    register: cert_name

- name: Get details of a specific SECURE_REMOTE_ACCESS application segment by name
  zscaler.zpacloud.zpa_application_segment_by_type_info:
    provider: "{{ zpa_cloud }}"
    application_type: SECURE_REMOTE_ACCESS
    name: pra_app_segment01
    register: pra_app_segment01

- name: Create/Update/Delete PRA Console
  zscaler.zpacloud.zpa_pra_portal_controller:
    provider: "{{ zpa_cloud }}"
    name: 'portal.acme.com'
    description: 'PRA Console'
    enabled: true
    domain: 'portal.acme.com'
    certificate_id: "{{ cert_name.certificates[0].id }}"
    user_notification: 'PRA Console'
    user_notification_enabled: true
    register: portal

- name: Create PRA Console
  zscaler.zpacloud.zpa_pra_console_controller:
    provider: "{{ zpa_cloud }}"
    name: 'PRA Console'
    description: 'PRA Console'
    enabled: true
    pra_application_id: "{{ pra_app_segment01.apps[0].id }}"
    pra_portal_ids:
      - "{{ portal.data.id }}"
    register: result

Authors

William Guilherme (@willguibr)

zscaler.zpacloud.zpa_pra_console_controller module – Create a PRA Console Controller.

Synopsis

Requirements

Parameters

Notes

Examples