app_segments_pra#

The following methods allow for interaction with the ZPA Privileged Remote Access Application Segment API endpoints.

Methods are accessible via zpa.app_segments_pra

class AppSegmentsPRAAPI#

Bases: object

add_segment_pra(name, domain_names, segment_group_id, server_group_ids, tcp_port_ranges=None, udp_port_ranges=None, common_apps_dto=None, **kwargs)#

Create an application segment.

Parameters:

  • segment_group_id (str) – The unique identifer for the segment group this application segment belongs to.

  • udp_ports (list of str) – List of udp port range pairs, e.g. [‘35000’, ‘35000’] for port 35000.

  • tcp_ports (list of str) – List of tcp port range pairs, e.g. [‘22’, ‘22’] for port 22-22, [‘80’, ‘100’] for 80-100.

  • domain_names (list of str) – List of domain names or IP addresses for the application segment.

  • name (str) – The name of the application segment.

  • server_group_ids (list of str) – The list of server group IDs that belong to this application segment.

  • **kwargs – Optional keyword args.

Keyword Arguments:

  • bypass_type (str) – The type of bypass for the Application Segment. Accepted values are ALWAYS, NEVER and ON_NET.

  • config_space (str) – The config space for this Application Segment. Accepted values are DEFAULT and SIEM.

  • default_idle_timeout (int) – The Default Idle Timeout for the Application Segment.

  • default_max_age (int) – The Default Max Age for the Application Segment.

  • description (str) – Additional information about this Application Segment.

  • double_encrypt (bool) – Double Encrypt the Application Segment micro-tunnel.

  • enabled (bool) – Enable the Application Segment.

  • health_check_type (str) – Set the Health Check Type. Accepted values are DEFAULT and NONE.

  • health_reporting (str) – Set the Health Reporting. Accepted values are NONE, ON_ACCESS and CONTINUOUS.

  • ip_anchored (bool) – Enable IP Anchoring for this Application Segment.

  • is_cname_enabled (bool) – Enable CNAMEs for this Application Segment.

  • passive_health_enabled (bool) – Enable Passive Health Checks for this Application Segment.

  • icmp_access_type (str) – Sets ICMP access type for ZPA clients.

Returns:

The newly created application segment resource record.

Return type:

Box

Examples

Add a new application segment for example.com, ports 8080-8085.

>>> zpa.app_segments.add_segment('new_app_segment',
...    domain_names=['example.com'],
...    segment_group_id='99999',
...    tcp_ports=['8080', '8085'],
...    server_group_ids=['99999', '88888'])
delete_segment_pra(segment_id, force_delete=False)#

Delete an application segment.

Parameters:

  • force_delete (bool) – Setting this field to true deletes the mapping between Application Segment and Segment Group.

  • segment_id (str) – The unique identifier for the application segment.

Returns:

The operation response code.

Return type:

int

Examples

Delete an Application Segment with an id of 99999.

>>> zpa.app_segments.delete('99999')

Force deletion of an Application Segment with an id of 88888.

>>> zpa.app_segments.delete('88888', force_delete=True)
get_segment_pra(segment_id)#

Get information for an application segment.

Parameters:

segment_id (str) – The unique identifier for the application segment.

Returns:

The application segment resource record.

Return type:

Box

Examples

>>> app_segment = zpa.app_segments.details('99999')
get_segment_pra_by_name(name)#
list_segments_pra(**kwargs)#

Retrieve all configured application segments.

Returns:

List of application segments.

Return type:

BoxList

Examples

>>> app_segments = zpa.app_segments.list_segments()
reformat_params = [('server_group_ids', 'serverGroups')]#
update_segment_pra(segment_id, common_apps_dto=None, **kwargs)#

Update an application segment.

Parameters:

  • segment_id (str) – The unique identifier for the application segment.

  • **kwargs – Optional params.

Keyword Arguments:

  • bypass_type (str) – The type of bypass for the Application Segment. Accepted values are ALWAYS, NEVER and ON_NET.

  • config_space (str) – The config space for this Application Segment. Accepted values are DEFAULT and SIEM.

  • default_idle_timeout (int) – The Default Idle Timeout for the Application Segment.

  • default_max_age (int) – The Default Max Age for the Application Segment.

  • description (str) – Additional information about this Application Segment.

  • domain_names (list of str) – List of domain names or IP addresses for the application segment.

  • double_encrypt (bool) – Double Encrypt the Application Segment micro-tunnel.

  • enabled (bool) – Enable the Application Segment.

  • health_check_type (str) – Set the Health Check Type. Accepted values are DEFAULT and NONE.

  • health_reporting (str) – Set the Health Reporting. Accepted values are NONE, ON_ACCESS and CONTINUOUS.

  • ip_anchored (bool) – Enable IP Anchoring for this Application Segment.

  • is_cname_enabled (bool) – Enable CNAMEs for this Application Segment.

  • name (str) – The name of the application segment.

  • passive_health_enabled (bool) – Enable Passive Health Checks for this Application Segment.

  • segment_group_id (str) – The unique identifer for the segment group this application segment belongs to.

  • server_group_ids (list of str) – The list of server group IDs that belong to this application segment.

  • tcp_ports (list of tuple) –

    List of TCP port ranges specified as a tuple pair, e.g. for ports 21-23, 8080-8085 and 443:

    [(21, 23), (8080, 8085), (443, 443)]

  • udp_ports (list of tuple) –

    List of UDP port ranges specified as a tuple pair, e.g. for ports 34000-35000 and 36000:

    [(34000, 35000), (36000, 36000)]

  • icmp_access_type (str) – Sets ICMP access type for ZPA clients.

Returns:

The updated application segment resource record.

Return type:

Box

Examples

Rename the application segment for example.com.

>>> zpa.app_segments.update('99999',
...    name='new_app_name',