app_segments#

The following methods allow for interaction with the ZPA Application Segments API endpoints.

Methods are accessible via zpa.app_segments

class ApplicationSegmentAPI#

Bases: object

add_segment(name, domain_names, segment_group_id, server_group_ids, tcp_port_ranges=None, udp_port_ranges=None, **kwargs)#

Create an application segment.

Parameters:

name (str) – Name of the application segment.
domain_names (list of str) – Domain names or IP addresses for the segment.
segment_group_id (str) – Unique identifier for the segment group.
server_group_ids (list of str) – Server group IDs for this segment.
tcp_port_ranges (list of str, optional) – TCP port range pairs (e.g., [‘22’, ‘22’]).
udp_port_ranges (list of str, optional) – UDP port range pairs (e.g., [‘35000’, ‘35000’]).

Keyword Arguments:

bypass_type (str) – Bypass type for the segment. Values: ALWAYS, NEVER, ON_NET.
clientless_app_ids (list) – IDs for associated clientless apps.
config_space (str) – Config space for the segment. Values: DEFAULT, SIEM.
default_idle_timeout (int) – Default Idle Timeout for the segment.
default_max_age (int) – Default Max Age for the segment.
description (str) – Additional information about the segment.
double_encrypt (bool) – If true, enables double encryption.
enabled (bool) – If true, enables the application segment.
health_check_type (str) – Health Check Type. Values: DEFAULT, NONE.
health_reporting (str) – Health Reporting mode. Values: NONE, ON_ACCESS, CONTINUOUS.
ip_anchored (bool) – If true, enables IP Anchoring.
is_cname_enabled (bool) – If true, enables CNAMEs for the segment.
passive_health_enabled (bool) – If true, enables Passive Health Checks.
icmp_access_type (str) – Sets ICMP access type for ZPA clients.

Returns:

The newly created application segment.

Return type:

Box

Examples

Add a new application segment for example.com on ports 8080-8085:

>>> zpa.app_segments.add_segment('new_app_segment',
...    domain_names=['example.com'],
...    segment_group_id='99999',
...    tcp_port_ranges=['8080', '8085'],
...    server_group_ids=['99999', '88888'])

delete_segment(segment_id, force_delete=False)#

Delete an application segment.

Parameters:

force_delete (bool) – Setting this field to true deletes the mapping between Application Segment and Segment Group.
segment_id (str) – The unique identifier for the application segment.

Returns:

The operation response code.

Return type:

int

Examples

Delete an Application Segment with an id of 99999.

>>> zpa.app_segments.delete('99999')

Force deletion of an Application Segment with an id of 88888.

>>> zpa.app_segments.delete('88888', force_delete=True)

detach_from_segment_group(app_id, seg_group_id)#

get_segment(segment_id)#

Get information for an application segment.

Parameters:: segment_id (str) – The unique identifier for the application segment.
Returns:: The application segment resource record.
Return type:: Box

Examples

>>> app_segment = zpa.app_segments.details('99999')

get_segment_by_name(name)#

list_segments(**kwargs)#

Retrieve all configured application segments.

Keyword Arguments:

**max_items (int) – The maximum number of items to request before stopping iteration.
**max_pages (int) – The maximum number of pages to request before stopping iteration.
**pagesize (int) – Specifies the page size. The default size is 20, but the maximum size is 500.
**page (int) – Specifies the page size. The default size is 20, but the maximum size is 500.
**search (str, optional) – The search string used to match against features and fields.

Returns:

List of application segments.

Return type:

BoxList

Examples

>>> app_segments = zpa.app_segments.list_segments()

reformat_params = [('clientless_app_ids', 'clientlessApps'), ('server_group_ids', 'serverGroups')]#

update_segment(segment_id, **kwargs)#

Update an application segment.

Parameters:

segment_id (str) – The unique identifier for the application segment.
**kwargs – Optional params.

Keyword Arguments:

bypass_type (str) – The type of bypass for the Application Segment. Accepted values are ALWAYS, NEVER and ON_NET.
clientless_app_ids (list) – List of unique IDs for clientless apps to associate with this Application Segment.
config_space (str) – The config space for this Application Segment. Accepted values are DEFAULT and SIEM.
default_idle_timeout (int) – The Default Idle Timeout for the Application Segment.
default_max_age (int) – The Default Max Age for the Application Segment.
description (str) – Additional information about this Application Segment.
domain_names (list of str) – List of domain names or IP addresses for the application segment.
double_encrypt (bool) – Double Encrypt the Application Segment micro-tunnel.
enabled (bool) – Enable the Application Segment.
health_check_type (str) – Set the Health Check Type. Accepted values are DEFAULT and NONE.
health_reporting (str) – Set the Health Reporting. Accepted values are NONE, ON_ACCESS and CONTINUOUS.
ip_anchored (bool) – Enable IP Anchoring for this Application Segment.
is_cname_enabled (bool) – Enable CNAMEs for this Application Segment.
name (str) – The name of the application segment.
passive_health_enabled (bool) – Enable Passive Health Checks for this Application Segment.
segment_group_id (str) – The unique identifer for the segment group this application segment belongs to.
server_group_ids (list of str) – The list of server group IDs that belong to this application segment.
tcp_port_ranges (list of tuple) –

List of TCP port ranges specified as a tuple pair, e.g. for ports 21-23, 8080-8085 and 443:
[(21, 23), (8080, 8085), (443, 443)]
udp_port_ranges (list of tuple) –

List of UDP port ranges specified as a tuple pair, e.g. for ports 34000-35000 and 36000:
[(34000, 35000), (36000, 36000)]
icmp_access_type (str) – Sets ICMP access type for ZPA clients.

Returns:

The updated application segment resource record.

Return type:

Box

Examples

Rename the application segment for example.com.

>>> zpa.app_segments.update('99999',
...    name='new_app_name',