zscaler.zpacloud.zpa_scim_group_info module – Retrieves scim group information from a given IDP
Note
This module is part of the zscaler.zpacloud collection (version 2.0.0).
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install zscaler.zpacloud.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: zscaler.zpacloud.zpa_scim_group_info.
New in zscaler.zpacloud 1.0.0
Synopsis
This module will allow the retrieval of information about scim group(s) from a given IDP
Requirements
The below requirements are needed on the host that executes this module.
Zscaler SDK Python can be obtained from PyPI https://pypi.org/project/zscaler-sdk-python/
Parameters
Parameter |
Comments |
|---|---|
Return all SCIM groups (including the deleted ones) if set to true. Choices:
|
|
The client ID for OAuth2 authentication. Required for OneAPI client authentication when use_legacy_client=false. |
|
The client secret for OAuth2 authentication. Used for OneAPI client authentication when use_legacy_client=false and not using private_key. |
|
The ZPA cloud provisioned for your organization. Used for OneAPI client authentication when use_legacy_client=false. Choices:
|
|
The ZPA tenant ID found in the Administration Company menu in the ZPA console. Used for OneAPI client authentication when use_legacy_client=false. |
|
The end of a time range for requesting last updated data (modified_time) for the SCIM group. This requires setting the startTime parameter as well. |
|
ID of the scim group. |
|
The unique identifier of the SCIM group. |
|
Name of the IDP. |
|
The ZPA Microtenant ID found in the Administration Company menu in the ZPA console. Used for OneAPI client authentication when use_legacy_client=false. |
|
Name of the scim group. |
|
The private key for JWT-based OAuth2 authentication. Used for OneAPI client authentication when use_legacy_client=false and not using client_secret. |
|
A dict containing authentication credentials. |
|
The client ID for OAuth2 authentication. Required for OneAPI client authentication when use_legacy_client=false. |
|
The client secret for OAuth2 authentication. Used for OneAPI client authentication when use_legacy_client=false and not using private_key. |
|
The ZPA cloud provisioned for your organization. Used for OneAPI client authentication when use_legacy_client=false. Choices:
|
|
The ZPA tenant ID found in the Administration Company menu in the ZPA console. Used for OneAPI client authentication when use_legacy_client=false. |
|
The ZPA Microtenant ID found in the Administration Company menu in the ZPA console. Used for OneAPI client authentication when use_legacy_client=false. |
|
The private key for JWT-based OAuth2 authentication. Used for OneAPI client authentication when use_legacy_client=false and not using client_secret. |
|
Whether to use the legacy Zscaler API client. When true, uses zpa_client_id/zpa_client_secret/zpa_customer_id/zpa_cloud for authentication. When false (default), uses client_id/client_secret/private_key with vanity_domain for OAuth2 authentication. Choices:
|
|
The vanity domain provisioned by Zscaler for OAuth2 flows. Required for OneAPI client authentication when use_legacy_client=false. |
|
The ZPA API client ID generated from the ZPA console. Required for legacy client authentication when use_legacy_client=true. |
|
The ZPA API client secret generated from the ZPA console. Required for legacy client authentication when use_legacy_client=true. |
|
The ZPA cloud provisioned for your organization. Required for legacy client authentication when use_legacy_client=true. Choices:
|
|
The ZPA tenant ID found in the Administration Company menu in the ZPA console. Required for legacy client authentication when use_legacy_client=true. |
|
The ZPA Microtenant ID found in the Administration Company menu in the ZPA console. Used for legacy client authentication when use_legacy_client=true. |
|
The unique identifier for the SCIM user. |
|
The name of the SCIM user. |
|
Specifies the field name to sort the results. The supported Sort fields are id, name, creation_time, and modified_time. If not provided, the results are sorted by the modifiedTime field. |
|
Sort the last updated time (modified_time) by ascending (ASC) or descending (DSC) order Choices:
|
|
The start of a time range for requesting last updated data (modified_time) for the SCIM group. This requires setting the endTime parameter as well. |
|
Whether to use the legacy Zscaler API client. When true, uses zpa_client_id/zpa_client_secret/zpa_customer_id/zpa_cloud for authentication. When false (default), uses client_id/client_secret/private_key with vanity_domain for OAuth2 authentication. Choices:
|
|
The vanity domain provisioned by Zscaler for OAuth2 flows. Required for OneAPI client authentication when use_legacy_client=false. |
|
The ZPA API client ID generated from the ZPA console. Required for legacy client authentication when use_legacy_client=true. |
|
The ZPA API client secret generated from the ZPA console. Required for legacy client authentication when use_legacy_client=true. |
|
The ZPA cloud provisioned for your organization. Required for legacy client authentication when use_legacy_client=true. Choices:
|
|
The ZPA tenant ID found in the Administration Company menu in the ZPA console. Required for legacy client authentication when use_legacy_client=true. |
|
The ZPA Microtenant ID found in the Administration Company menu in the ZPA console. Used for legacy client authentication when use_legacy_client=true. |
Notes
Note
Check mode is not supported.
Examples
- name: Get Information About All SCIM Groups from an IdP
zscaler.zpacloud.zpa_scim_group_info:
provider: "{{ zpa_cloud }}"
idp_name: "IdP_Name"
- name: Get Information About a SCIM Group by ID
zscaler.zpacloud.zpa_scim_group_info:
provider: "{{ zpa_cloud }}"
id: 216196257331285827
idp_name: "IdP_Name"
- name: Get Information About a SCIM Group by Name
zscaler.zpacloud.zpa_scim_group_info:
provider: "{{ zpa_cloud }}"
name: "Finance"
idp_name: "IdP_Name"
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
Details of the SCIM groups retrieved from the specified Identity Provider (IdP). Returned: always |
|
The time when the SCIM group was created, in epoch format. Returned: always Sample: |
|
The unique identifier of the SCIM group. Returned: always Sample: |
|
The group ID in the IdP system, if available. Returned: when available |
|
The unique identifier of the associated Identity Provider (IdP). Returned: always Sample: |
|
The internal identifier of the SCIM group. Returned: always Sample: |
|
The time when the SCIM group was last modified, in epoch format. Returned: always Sample: |
|
The name of the SCIM group. Returned: always Sample: |