app_segments_inspection#
The following methods allow for interaction with the ZPA Inspection Application Segment API endpoints.
Methods are accessible via zpa.app_segments_inspection
- class AppSegmentsInspectionAPI#
Bases:
object- add_segment_inspection(name, domain_names, segment_group_id, server_group_ids, tcp_port_ranges=None, udp_port_ranges=None, common_apps_dto=None, **kwargs)#
Create an AppProtection application segment.
- Parameters:
segment_group_id (str) – The unique identifer for the segment group this application segment belongs to.
udp_ports (
listofstr) – List of udp port range pairs, e.g. [‘35000’, ‘35000’] for port 35000.tcp_ports (
listofstr) – List of tcp port range pairs, e.g. [‘22’, ‘22’] for port 22-22, [‘80’, ‘100’] for 80-100.domain_names (
listofstr) – List of domain names or IP addresses for the application segment.name (str) – The name of the application segment.
server_group_ids (
listofstr) – The list of server group IDs that belong to this application segment.**kwargs – Optional keyword args.
- Keyword Arguments:
bypass_type (str) – The type of bypass for the Application Segment. Accepted values are ALWAYS, NEVER and ON_NET.
config_space (str) – The config space for this Application Segment. Accepted values are DEFAULT and SIEM.
default_idle_timeout (int) – The Default Idle Timeout for the Application Segment.
default_max_age (int) – The Default Max Age for the Application Segment.
description (str) – Additional information about this Application Segment.
double_encrypt (bool) – Double Encrypt the Application Segment micro-tunnel.
enabled (bool) – Enable the Application Segment.
health_check_type (str) – Set the Health Check Type. Accepted values are DEFAULT and NONE.
health_reporting (str) – Set the Health Reporting. Accepted values are NONE, ON_ACCESS and CONTINUOUS.
ip_anchored (bool) – Enable IP Anchoring for this Application Segment.
is_cname_enabled (bool) – Enable CNAMEs for this Application Segment.
passive_health_enabled (bool) – Enable Passive Health Checks for this Application Segment.
icmp_access_type (str) – Sets ICMP access type for ZPA clients.
- Returns:
The newly created application segment resource record.
- Return type:
Box
Examples
Add a new AppProtection application segment for example.com, ports 8080-8085.
>>> zpa.app_segments_inspection.add_segment_inspection('new_app_segment', ... domain_names=['example.com'], ... segment_group_id='99999', ... tcp_ports=['8080', '8085'], ... server_group_ids=['99999', '88888'])
- delete_segment_inspection(segment_id, force_delete=False)#
Delete an AppProtection application segment.
- Parameters:
- Returns:
The operation response code.
- Return type:
Examples
Delete an AppProtection Application Segment with an id of 99999.
>>> zpa.app_segments.delete('99999')
Force deletion of an AppProtection Application Segment with an id of 88888.
>>> zpa.app_segments_inspection.delete('88888', force_delete=True)
- get_segment_inspection(segment_id)#
Get information for an AppProtection application segment.
- Parameters:
segment_id (str) – The unique identifier for the AppProtection application segment.
- Returns:
The AppProtection application segment resource record.
- Return type:
Box
Examples
>>> app_segment = zpa.app_segments_inspection.details('99999')
- get_segment_inspection_by_name(name)#
- list_segment_inspection(**kwargs)#
Retrieve all configured AppProtection application segments.
- Returns:
List of AppProtection application segments.
- Return type:
BoxList
Examples
>>> app_segments = zpa.app_segments_inspection.list_segments_inspection()
- reformat_params = [('server_group_ids', 'serverGroups')]#
- update_segment_inspection(segment_id, common_apps_dto=None, **kwargs)#
Update an AppProtection application segment.
- Parameters:
segment_id (str) – The unique identifier for the AppProtection application segment.
**kwargs – Optional params.
- Keyword Arguments:
bypass_type (str) – Bypass type for the segment. Values: ALWAYS, NEVER, ON_NET.
config_space (str) – Config space for the segment. Values: DEFAULT, SIEM.
default_idle_timeout (int) – The Default Idle Timeout for the AppProtection Application Segment.
default_max_age (int) – The Default Max Age for the AppProtection Application Segment.
description (str) – Additional information about this AppProtection Application Segment.
domain_names (
listofstr) – List of domain names or IP addresses for the AppProtection application segment.double_encrypt (bool) – Double Encrypt the AppProtection Application Segment micro-tunnel.
enabled (bool) – Enable the AppProtection Application Segment.
health_check_type (str) – Set the Health Check Type. Accepted values are DEFAULT and NONE.
health_reporting (str) – Set the Health Reporting. Accepted values are NONE, ON_ACCESS and CONTINUOUS.
ip_anchored (bool) – Enable IP Anchoring for this AppProtection Application Segment.
is_cname_enabled (bool) – Enable CNAMEs for this AppProtection Application Segment.
name (str) – The name of the AppProtection Application Segment.
passive_health_enabled (bool) – Enable Passive Health Checks for this AppProtection Application Segment.
segment_group_id (str) – The unique identifer for the segment group this AppProtection application segment belongs to.
server_group_ids (
listofstr) – The list of server group IDs that belong to this AppProtection application segment.- List of TCP port ranges specified as a tuple pair, e.g. for ports 21-23, 8080-8085 and 443:
[(21, 23), (8080, 8085), (443, 443)]
- List of UDP port ranges specified as a tuple pair, e.g. for ports 34000-35000 and 36000:
[(34000, 35000), (36000, 36000)]
icmp_access_type (str) – Sets ICMP access type for ZPA clients.
- Returns:
The updated AppProtection application segment resource record.
- Return type:
Box
Examples
Rename the application segment for example.com.
>>> zpa.app_segments_inspection.update('99999', ... name='new_app_name',