zscaler.zpacloud.zpa_provisioning_key module – Create a Provisioning Key.
Note
This module is part of the zscaler.zpacloud collection (version 2.0.7).
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install zscaler.zpacloud.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: zscaler.zpacloud.zpa_provisioning_key.
New in zscaler.zpacloud 1.0.0
Synopsis
This module will create/update/delete a specific Provisioning Key by association type (CONNECTOR_GRP or SERVICE_EDGE_GRP).
Requirements
The below requirements are needed on the host that executes this module.
Zscaler SDK Python can be obtained from PyPI https://pypi.org/project/zscaler-sdk-python/
Parameters
Parameter |
Comments |
|---|---|
The client ID for OAuth2 authentication. Required for OneAPI client authentication when use_legacy_client=false. |
|
The client secret for OAuth2 authentication. Used for OneAPI client authentication when use_legacy_client=false and not using private_key. |
|
The ZPA cloud provisioned for your organization. Used for OneAPI client authentication when use_legacy_client=false. Choices:
|
|
The unique identifier of the App Connector or Service Edge |
|
The ZPA tenant ID found in the Administration Company menu in the ZPA console. Used for OneAPI client authentication when use_legacy_client=false. |
|
The unique identifier of the provisioning key |
|
Specifies the provisioning key type for App Connectors or ZPA Private Service Edges. The supported values are CONNECTOR_GRP (App Connector group) and SERVICE_EDGE_GRP (ZPA Private Service Edge group). Choices:
|
|
The maximum usage of the provisioning key |
|
The ZPA Microtenant ID found in the Administration Company menu in the ZPA console. Used for OneAPI client authentication when use_legacy_client=false. |
|
The name of the provisioning key |
|
The private key for JWT-based OAuth2 authentication. Used for OneAPI client authentication when use_legacy_client=false and not using client_secret. |
|
A dict containing authentication credentials. |
|
The client ID for OAuth2 authentication. Required for OneAPI client authentication when use_legacy_client=false. |
|
The client secret for OAuth2 authentication. Used for OneAPI client authentication when use_legacy_client=false and not using private_key. |
|
The ZPA cloud provisioned for your organization. Used for OneAPI client authentication when use_legacy_client=false. Choices:
|
|
The ZPA tenant ID found in the Administration Company menu in the ZPA console. Used for OneAPI client authentication when use_legacy_client=false. |
|
The ZPA Microtenant ID found in the Administration Company menu in the ZPA console. Used for OneAPI client authentication when use_legacy_client=false. |
|
The private key for JWT-based OAuth2 authentication. Used for OneAPI client authentication when use_legacy_client=false and not using client_secret. |
|
Whether to use the legacy Zscaler API client. When true, uses zpa_client_id/zpa_client_secret/zpa_customer_id/zpa_cloud for authentication. When false (default), uses client_id/client_secret/private_key with vanity_domain for OAuth2 authentication. Choices:
|
|
The vanity domain provisioned by Zscaler for OAuth2 flows. Required for OneAPI client authentication when use_legacy_client=false. |
|
The ZPA API client ID generated from the ZPA console. Required for legacy client authentication when use_legacy_client=true. |
|
The ZPA API client secret generated from the ZPA console. Required for legacy client authentication when use_legacy_client=true. |
|
The ZPA cloud provisioned for your organization. Required for legacy client authentication when use_legacy_client=true. Choices:
|
|
The ZPA tenant ID found in the Administration Company menu in the ZPA console. Required for legacy client authentication when use_legacy_client=true. |
|
The ZPA Microtenant ID found in the Administration Company menu in the ZPA console. Used for legacy client authentication when use_legacy_client=true. |
|
Specifies the desired state of the resource. Choices:
|
|
Whether to use the legacy Zscaler API client. When true, uses zpa_client_id/zpa_client_secret/zpa_customer_id/zpa_cloud for authentication. When false (default), uses client_id/client_secret/private_key with vanity_domain for OAuth2 authentication. Choices:
|
|
The vanity domain provisioned by Zscaler for OAuth2 flows. Required for OneAPI client authentication when use_legacy_client=false. |
|
The ZPA API client ID generated from the ZPA console. Required for legacy client authentication when use_legacy_client=true. |
|
The ZPA API client secret generated from the ZPA console. Required for legacy client authentication when use_legacy_client=true. |
|
The ZPA cloud provisioned for your organization. Required for legacy client authentication when use_legacy_client=true. Choices:
|
|
The ZPA tenant ID found in the Administration Company menu in the ZPA console. Required for legacy client authentication when use_legacy_client=true. |
|
The ZPA Microtenant ID found in the Administration Company menu in the ZPA console. Used for legacy client authentication when use_legacy_client=true. |
Notes
Note
Check mode is supported.
Examples
- name: Get ID Information of a Connector Enrollment Certificate
zscaler.zpacloud.zpa_enrollement_certificate_Info:
provider: "{{ zpa_cloud }}"
name: "Connector"
register: enrollment_cert_connector
- name: Get ID Information of a App Connector Group
zscaler.zpacloud.zpa_app_connector_group_facts:
provider: "{{ zpa_cloud }}"
name: "Example"
register: app_connector_group
- name: "Create/Update/Delete App Connector Group Provisioning Key"
zscaler.zpacloud.zpa_provisioning_key:
provider: "{{ zpa_cloud }}"
name: "App Connector Group Provisioning Key"
key_type: "connector"
max_usage: "10"
enrollment_cert_id: "{{ enrollment_cert_connector.data[0].id }}"
component_id: "{{ enrollment_cert_connector.data[0].id }}"