cloud_firewall¶
The following methods allow for interaction with the ZIA Cloud Firewall Resources API endpoints.
Methods are accessible via zia.cloud_firewall
Copyright (c) 2023, Zscaler Inc.
Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED “AS IS” AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- class FirewallResourcesAPI¶
Bases:
APIClient- add_ip_destination_group(**kwargs)¶
Adds a new IP Destination Group.
- Parameters:
name (str) – The name of the IP Destination Group.
**kwargs – Optional keyword args.
- Keyword Arguments:
description (str) – Additional information about the destination IP group.
type (str) – Destination IP group type. Allowed values are DSTN_IP and DSTN_FQDN, DSTN_DOMAIN, DSTN_OTHER.
addresses (list) – Destination IP addresses or FQDNs within the group.
ip_categories (list) – Destination IP address URL categories. Note: Only Custom categories allowed.
countries (list) – Destination IP address counties. i.e COUNTRY_CA, COUNTRY_US.
- Returns:
The newly created IP Destination Group resource record.
- Return type:
Tuple
Examples
Add a Destination IP Group with IP addresses:
>>> added_group, _, error = client.zia.cloud_firewall.add_ip_destination_group( ... name=f"AddNewGroup_{random.randint(1000, 10000)}", ... description=f"AddNewGroup_{random.randint(1000, 10000)}", ... addresses=["192.168.1.1", "192.168.1.2"], ... type='DSTN_IP', ... ) >>> if error: ... print(f"Error adding group: {error}") ... return ... print(f"Group added successfully: {added_group.as_dict()}")
Add a Destination IP Group with FQDN:
>>> added_group, _, error = client.zia.cloud_firewall.add_ip_destination_group( ... name=f"AddNewGroup_{random.randint(1000, 10000)}", ... description='Covers domains for Example Inc.', ... addresses=['example.com', 'example.edu'], ... type='DSTN_FQDN', ... ) >>> if error: ... print(f"Error adding group: {error}") ... return ... print(f"Group added successfully: {added_group.as_dict()}")
Add a Destination IP Group with country and url category for the US:
>>> added_group, _, error = client.zia.cloud_firewall.add_ip_destination_group( ... name=f"AddNewGroup_{random.randint(1000, 10000)}", ... description='Covers domains for Example Inc.', ... type='DSTN_OTHER', ... countries=['COUNTRY_US']), ... ip_categories=['CUSTOM_01']), >>> if error: ... print(f"Error adding group: {error}") ... return ... print(f"Group added successfully: {added_group.as_dict()}")
- add_ip_source_group(**kwargs)¶
Adds a new IP Source Group.
- Parameters:
- Returns:
The new IP Source Group resource record.
- Return type:
Examples
Add a new IP Source Group:
>>> added_group, _, error = client.zia.cloud_firewall.add_ip_source_group( ... name=f"AddNewGroup_{random.randint(1000, 10000)}", ... description=f"AddNewGroup_{random.randint(1000, 10000)}", ... ip_addresses=["192.168.1.1", "192.168.1.2"], ... ) >>> if error: ... print(f"Error adding group: {error}") ... return ... print(f"Group added successfully: {added_group.as_dict()}")
- add_network_app_group(**kwargs)¶
Adds a new Network Application Group.
- Parameters:
- Returns:
The newly created Network Application Group resource record.
- Return type:
Tuple
Examples
Add a new Network Application Group:
>>> added_group, _, error = client.zia.cloud_firewall.add_network_app_group( ... name=f"AddNewGroup_{random.randint(1000, 10000)}", ... description=f"AddNewGroup_{random.randint(1000, 10000)}", ... network_applications=['SALESFORCE', 'GOOGLEANALYTICS', 'OFFICE365'], ... ) >>> if error: ... print(f"Error adding group: {error}") ... return ... print(f"Group added successfully: {added_group.as_dict()}")
- add_network_service(ports=None, **kwargs)¶
Adds a new Network Service
- Parameters:
name – The name of the Network Service
ports (list) –
A list of port protocol tuples. Tuples must follow the convention src/dest, protocol, start port, end port. If this is a single port and not a port range then end port can be omitted. E.g.
('src', 'tcp', '49152', '65535'), ('dest', 'tcp', '22), ('dest', 'tcp', '9010', '9012'), ('dest', 'udp', '9010', '9012')
**kwargs – Optional keyword args.
- Keyword Arguments:
description (str) – Additional information on the Network Service.
- Returns:
The newly created Network Service resource record.
- Return type:
Tuple
Examples
Add Network Services:
>>> added_service, _, error = client.zia.cloud_firewall.add_network_service( ... name=f"NewService {random.randint(1000, 10000)}", ... description=f"NewService {random.randint(1000, 10000)}", ... ports=[ ... ('dest', 'tcp', '389'), ... ('dest', 'udp', '389'), ... ('dest', 'tcp', '636'), ... ('dest', 'tcp', '3268', '3269')]) >>> if error: ... print(f"Error adding network services: {error}") ... return ... print(f"Service added successfully: {added_service.as_dict()}")
- add_network_svc_group(**kwargs)¶
Adds a new Network Service Group.
- Parameters:
- Returns:
The newly created Network Service Group resource record.
- Return type:
Tuple
Examples
Add a new Network Service Group:
>>> added_group, _, error = client.zia.cloud_firewall.add_network_svc_group( ... name=f"AddNewGroup_{random.randint(1000, 10000)}", ... description=f"AddNewGroup_{random.randint(1000, 10000)}", ... service_ids=['159143', '159144', '159145'], >>> if error: ... print(f"Error adding group: {error}") ... return ... print(f"Group added successfully: {added_group.as_dict()}")
- delete_ip_destination_group(group_id)¶
Deletes the specified IP Destination Group.
- Parameters:
group_id (str) – The unique ID of the IP Destination Group.
- Returns:
The status code of the operation.
- Return type:
Examples
>>> _, _, error = client.zia.cloud_firewall.delete_ip_destination_group('18382907') >>> if error: ... print(f"Error deleting group: {error}") ... return ... print(f"Group with ID {updated_group.id} deleted successfully.")
- delete_ip_source_group(group_id)¶
Deletes an IP Source Group.
- Parameters:
group_id (str) – The unique ID of the IP Source Group to be deleted.
- Returns:
The status code for the operation.
- Return type:
Examples
>>> _, _, error = client.zia.cloud_firewall.delete_ip_source_group('18382907') >>> if error: ... print(f"Error deleting group: {error}") ... return ... print(f"Group with ID 18382907 deleted successfully.")
- delete_network_app_group(group_id)¶
Deletes the specified Network Application Group.
- Parameters:
group_id (str) – The unique identifier for the Network Application Group.
- Returns:
The response code for the operation.
- Return type:
Examples
>>> _, _, error = client.zia.cloud_firewall.delete_network_app_group('18382907') >>> if error: ... print(f"Error deleting group: {error}") ... return ... print(f"Group with ID {updated_group.id} deleted successfully.")
- delete_network_service(service_id)¶
Deletes the specified Network Service.
- Parameters:
service_id (str) – The unique ID for the Network Service.
- Returns:
The status code for the operation.
- Return type:
Examples
>>> _, _, error = client.zia.cloud_firewall.delete_network_service('18382907') >>> if error: ... print(f"Error deleting network service: {error}") ... return ... print(f"Network service with ID 18382907 deleted successfully.")
- delete_network_svc_group(group_id)¶
Deletes the specified Network Service Group.
- Parameters:
group_id (str) – The unique identifier for the Network Service Group.
- Returns:
The response code for the operation.
- Return type:
Examples
>>> _, _, error = client.zia.cloud_firewall.delete_network_svc_group('18382907') >>> if error: ... print(f"Error deleting group: {error}") ... return ... print(f"Group with ID {updated_group.id} deleted successfully.")
- get_ip_destination_group(group_id)¶
Returns information on the specified IP Destination Group.
- Parameters:
group_id (str) – The unique ID of the IP Destination Group.
- Returns:
The IP Destination Group resource record.
- Return type:
Examples
>>> fetched_group, response, error = client.zia.cloud_firewall.get_ip_destination_group('18382907') ... if error: ... print(f"Error fetching group by ID: {error}") ... return ... print(f"Fetched group by ID: {fetched_group.as_dict()}")
- get_ip_source_group(group_id)¶
Returns information for the specified IP Source Group.
- Parameters:
group_id (str) – The unique identifier for the source group.
Examples
>>> fetched_group, response, error = client.zia.cloud_firewall.get_ip_source_group('18382907') ... if error: ... print(f"Error fetching group by ID: {error}") ... return ... print(f"Fetched group by ID: {fetched_group.as_dict()}")
- get_network_app(app_id)¶
Returns information for the specified Network Application.
- Parameters:
app_id (str) – The unique ID for the Network Application.
Examples
>>> fetched_app, response, error = client.zia.cloud_firewall.get_network_app('18382907') ... if error: ... print(f"Error fetching app by ID: {error}") ... return ... print(f"Fetched app by ID: {fetched_app.as_dict()}")
- get_network_app_group(group_id)¶
Returns information for the specified Network Application Group.
- Parameters:
group_id (str) – The unique ID for the Network Application Group.
- Returns:
The Network Application Group resource record.
- Return type:
FirewallRule
Examples
>>> fetched_group, response, error = client.zia.cloud_firewall.get_network_app_group('18382907') ... if error: ... print(f"Error fetching group by ID: {error}") ... return ... print(f"Fetched group by ID: {fetched_group.as_dict()}")
- get_network_service(service_id)¶
Returns information for the specified Network Service.
- Parameters:
service_id (str) – The unique ID for the Network Service.
- Returns:
The Network Service resource record.
- Return type:
Tuple
Examples
>>> fetched_service, response, error = client.zia.cloud_firewall.get_network_service('18382907') ... if error: ... print(f"Error fetching service by ID: {error}") ... return ... print(f"Fetched service by ID: {fetched_service.as_dict()}")
- get_network_svc_group(group_id)¶
Returns information for the specified Network Service Group.
- Parameters:
group_id (str) – The unique ID for the Network Service Group.
Examples
>>> fetched_group, response, error = client.zia.cloud_firewall.get_network_svc_group('18382907') ... if error: ... print(f"Error fetching group by ID: {error}") ... return ... print(f"Fetched group by ID: {fetched_group.as_dict()}")
- list_ip_destination_groups(exclude_type=None, query_params=None)¶
Returns a list of IP Destination Groups.
- Parameters:
query_params (dict) –
Map of query parameters for the request.
[query_params.exclude_type](str):Exclude all groups that match the specified IP destination group’s type. Accepted values:
DSTN_IP,DSTN_FQDN,DSTN_DOMAIN,DSTN_OTHER.
- Returns:
A tuple containing (list of IPDestinationGroups instances, Response, error)
- Return type:
Examples
Gets a list of all IP destination groups.
>>> group_list, response, error = zia.cloud_firewall.list_ip_destination_groups(): ... if error: ... print(f"Error listing ip destination groups: {error}") ... return ... print(f"Total groups found: {len(group_list)}") ... for group in group_list: ... print(group.as_dict())
Gets a list of all IP destination groups by excluding specific type.
>>> group_list, response, error = zia.cloud_firewall.list_ip_destination_groups( query_params={"exclude_type": 'DSTN_DOMAIN'}): ... if error: ... print(f"Error listing ip destination groups: {error}") ... return ... print(f"Total groups found: {len(group_list)}") ... for group in group_list: ... print(group.as_dict())
- list_ip_destination_groups_lite(exclude_type=None, query_params=None)¶
Lists IP Destination Groups name and ID all IP Destination Groups. This endpoint retrieves only IPv4 destination address groups. If the search parameter is provided, the function filters the rules client-side.
- Parameters:
query_params (dict) –
Map of query parameters for the request.
[query_params.exclude_type](str):Exclude all groups that match the specified IP destination group’s type. Accepted values:
DSTN_IP,DSTN_FQDN,DSTN_DOMAIN,DSTN_OTHER.
- Returns:
List of IP Destination Groups resource records.
- Return type:
Examples
Gets a list of all IP destination groups.
>>> group_list, response, error = zia.cloud_firewall.list_ip_destination_groups_lite(): ... if error: ... print(f"Error listing ip destination groups: {error}") ... return ... print(f"Total groups found: {len(group_list)}") ... for group in group_list: ... print(group.as_dict())
Gets a list of all IP destination groups by excluding specific type.
>>> group_list, response, error = zia.cloud_firewall.list_ip_destination_groups_lite( query_params={"exclude_type": 'DSTN_DOMAIN'}): ... if error: ... print(f"Error listing ip destination groups: {error}") ... return ... print(f"Total groups found: {len(group_list)}") ... for group in group_list: ... print(group.as_dict())
- list_ip_source_groups(query_params=None)¶
List IP Source Groups in your organization.
- Parameters:
{dict} (query_params) – Map of query parameters for the request.
[query_params.search]{str}: Search string for filtering results by rule name.- Returns:
A tuple containing (list of IP Source Groups instances, Response, error)
- Return type:
Examples
List all IP Source Groups:
>>> group_list, response, error = zia.cloud_firewall.list_ip_source_groups(): ... if error: ... print(f"Error listing IP Source Groups: {error}") ... return ... print(f"Total groups found: {len(group_list)}") ... for group in group_list: ... print(group.as_dict())
Gets a list of all IP Source Groups.
>>> group_list, response, error = zia.cloud_firewall.list_ip_source_groups( query_params={"search": 'Group01'}): ... if error: ... print(f"Error listing IP Source Groups: {error}") ... return ... print(f"Total groups found: {len(group_list)}") ... for group in group_list: ... print(group.as_dict())
- list_ip_source_groups_lite(query_params=None)¶
Lists IP Source Groups name and ID all IP Source Groups. This endpoint retrieves only IPv4 source address groups. If the search parameter is provided, the function filters the rules client-side.
- Parameters:
{dict} (query_params) – Map of query parameters for the request.
[query_params.search]{str}: Search string used to match against a group’s name or description attributes.- Returns:
List of IP Source Groups resource records.
- Return type:
Examples
Gets a list of all IP source groups.
>>> group_list, response, error = zia.cloud_firewall.list_ip_source_groups_lite(): ... if error: ... print(f"Error listing IP source groups: {error}") ... return ... print(f"Total groups found: {len(group_list)}") ... for group in group_list: ... print(group.as_dict())
Gets a list of all IP source groups name and ID.
>>> group_list, response, error = zia.cloud_firewall.list_ip_source_groups_lite( query_params={"search": 'Group01'}): ... if error: ... print(f"Error listing IP source groups: {error}") ... return ... print(f"Total groups found: {len(group_list)}") ... for group in group_list: ... print(group.as_dict())
- list_ipv6_destination_groups(exclude_type=None, query_params=None)¶
Lists IPv6 Destination Groups name and ID all IPv6 Source Groups. Note: User-defined groups for IPv6 addresses are currently not supported, so this endpoint retrieves only the predefined group that includes all IPv6 addresses. If the search parameter is provided, the function filters the rules client-side.
- Parameters:
query_params (dict) –
Map of query parameters for the request.
[query_params.exclude_type](str):Exclude all groups that match the specified IP destination group’s type. Accepted values:
DSTN_IP,DSTN_FQDN,DSTN_DOMAIN,DSTN_OTHER.
- Returns:
A tuple containing (list of IPDestinationGroups instances, Response, error)
- Return type:
Examples
Gets a list of all IP destination groups.
>>> group_list, response, error = zia.cloud_firewall.list_ipv6_destination_groups(): ... if error: ... print(f"Error listing ip destination groups: {error}") ... return ... print(f"Total groups found: {len(group_list)}") ... for group in group_list: ... print(group.as_dict())
Gets a list of all IP destination groups by excluding specific type.
>>> group_list, response, error = zia.cloud_firewall.list_ipv6_destination_groups( query_params={"exclude_type": 'DSTN_DOMAIN'}): ... if error: ... print(f"Error listing ip destination groups: {error}") ... return ... print(f"Total groups found: {len(group_list)}") ... for group in group_list: ... print(group.as_dict())
- list_ipv6_destination_groups_lite(exclude_type=None, query_params=None)¶
Lists IPv6 Destination Groups name and ID all IPv6 Source Groups. Note: User-defined groups for IPv6 addresses are currently not supported, so this endpoint retrieves only the predefined group that includes all IPv6 addresses. If the search parameter is provided, the function filters the rules client-side.
- Parameters:
query_params (dict) –
Map of query parameters for the request.
[query_params.exclude_type](str):Exclude all groups that match the specified IP destination group’s type. Accepted values:
DSTN_IP,DSTN_FQDN,DSTN_DOMAIN,DSTN_OTHER.
- Returns:
List of IP Destination Groups resource records.
- Return type:
Examples
Gets a list of all IP destination groups.
>>> group_list, response, error = zia.cloud_firewall.list_ipv6_destination_groups_lite(): ... if error: ... print(f"Error listing ip destination groups: {error}") ... return ... print(f"Total groups found: {len(group_list)}") ... for group in group_list: ... print(group.as_dict())
Gets a list of all IP destination groups by excluding specific type.
>>> group_list, response, error = zia.cloud_firewall.list_ipv6_destination_groups_lite( query_params={"exclude_type": 'DSTN_DOMAIN'}): ... if error: ... print(f"Error listing ip destination groups: {error}") ... return ... print(f"Total groups found: {len(group_list)}") ... for group in group_list: ... print(group.as_dict())
- list_ipv6_source_groups(query_params=None)¶
List IPv6 Source Groups in your organization. Note: User-defined groups for IPv6 addresses are currently not supported, so this endpoint retrieves only the predefined group that includes all IPv6 addresses. If the search parameter is provided, the function filters the rules client-side.
- Parameters:
{dict} (query_params) – Map of query parameters for the request.
[query_params.search]{str}: Search string for filtering results by rule name.- Returns:
A tuple containing (list of IPv6 Source Groups instances, Response, error)
- Return type:
Examples
List all IPv6 Source Groups:
>>> group_list, response, error = zia.cloud_firewall.list_ipv6_source_groups(): ... if error: ... print(f"Error listing ip destination groups: {error}") ... return ... print(f"Total groups found: {len(group_list)}") ... for group in group_list: ... print(group.as_dict())
Use search parameter to find IP Source Groups with fiji in the name:
>>> group_list, response, error = zia.cloud_firewall.list_ipv6_source_groups('fiji'): ... if error: ... print(f"Error listing ip destination groups: {error}") ... return ... print(f"Total groups found: {len(group_list)}") ... for group in group_list: ... print(group.as_dict())
- list_ipv6_source_groups_lite(query_params=None)¶
Lists IPv6 Source Groups name and ID all IPv6 Source Groups. Note: User-defined groups for IPv6 addresses are currently not supported, so this endpoint retrieves only the predefined group that includes all IPv6 addresses. If the search parameter is provided, the function filters the rules client-side.
- Parameters:
{dict} (query_params) – Map of query parameters for the request.
[query_params.search]{str}: Search string used to match against a group’s name or description attributes.- Returns:
List of IPv6 Source Groups resource records.
- Return type:
Examples
Gets a list of all IP source groups.
>>> group_list, response, error = zia.cloud_firewall.list_ipv6_source_groups_lite(): ... if error: ... print(f"Error listing IP source groups: {error}") ... return ... print(f"Total groups found: {len(group_list)}") ... for group in group_list: ... print(group.as_dict())
Gets a list of all IP source groups name and ID.
>>> group_list, response, error = zia.cloud_firewall.list_ipv6_source_groups_lite( query_params={"search": 'Group01'}): ... if error: ... print(f"Error listing IP source groups: {error}") ... return ... print(f"Total groups found: {len(group_list)}") ... for group in group_list: ... print(group.as_dict())
- list_network_app_groups(query_params=None)¶
List Network Application Groups in your organization.
- Parameters:
{dict} (query_params) – Map of query parameters for the request.
[query_params.search]{str}: Search string for filtering results by rule name.- Returns:
A tuple containing (list of NetworkApplicationGroups instances, Response, error).
- Return type:
Examples
Gets a list of all network app groups.
>>> group_list, response, error = zia.cloud_firewall.list_network_app_groups(): ... if error: ... print(f"Error listing network app groupss: {error}") ... return ... print(f"Total groups found: {len(group_list)}") ... for group in group_list: ... print(group.as_dict())
Gets a list of all network app groups by excluding specific type.
>>> group_list, response, error = zia.cloud_firewall.list_network_app_groups( query_params={"search": 'AppGroup01'}): ... if error: ... print(f"Error listing network app groups: {error}") ... return ... print(f"Total groups found: {len(group_list)}") ... for group in group_list: ... print(group.as_dict())
- list_network_apps(query_params=None)¶
Lists Network Applications in your organization with pagination. A subset of Network Applications can be returned that match a supported filter expression or query.
- Parameters:
query_params (dict) –
Map of query parameters for the request.
[query_params.search](str): Search string for filtering results.[query_params.locale](str): When set to one of the supported locales (e.g.,en-US,de-DE,es-ES,fr-FR,ja-JP,zh-CN), the network application description is localized into the requested language.
- Returns:
A tuple containing (list of firewall rules instances, Response, error).
- Return type:
Examples
Gets a list of all network apps.
>>> app_list, response, error = zia.cloud_firewall.list_network_apps(): ... if error: ... print(f"Error listing ip network apps : {error}") ... return ... print(f"Total apps found: {len(app_list)}") ... for app in app_list: ... print(app.as_dict())
Gets a list of all of specific network apps.
>>> app_list, response, error = zia.cloud_firewall.list_network_apps( query_params={'search': 'ICMP_ANY',"locale": 'fr-FR'}): ... if error: ... print(f"Error listing network apps : {error}") ... return ... print(f"Total apps found: {len(app_list)}") ... for app in app_list: ... print(app.as_dict())
- list_network_services(query_params=None)¶
Lists network services in your organization with pagination. A subset of network services can be returned that match a supported filter expression or query.
- Parameters:
{dict} (query_params) –
Map of query parameters for the request.
[query_params.protocol]{str}: Filter based on the network service protocol. Supported Values: ICMP, TCP, UDP, GRE, ESP, OTHER,[query_params.search]{str}: Search string used to match against a service’s name or description attributes[query_params.locale](str): When set to one of the supported locales (e.g.,en-US,de-DE,es-ES,fr-FR,ja-JP,zh-CN), the network application description is localized into the requested language.
- Returns:
A tuple containing (list of network services instances, Response, error)
- Return type:
Examples
Gets a list of all network services.
>>> service_list, response, error = zia.cloud_firewall.list_network_services(): >>> if error: ... print(f"Error listing network services: {error}") ... return ... print(f"Total network services found: {len(service_list)}") ... for service in service_list: ... print(service.as_dict())
Gets a list of all network services.
>>> service_list, response, error = zia.cloud_firewall.list_network_services(query_params={"search": 'FTP'}): ... if error: ... print(f"Error listing network services: {error}") ... return ... print(f"Total services found: {len(service_list)}") ... for service in service_list: ... print(service.as_dict())
- list_network_services_lite(query_params=None)¶
Lists network services name and ID all network services. A subset of network service groups can be returned that match a supported filter expression or query.
- Parameters:
{dict} (query_params) –
Map of query parameters for the request.
[query_params.search]{str}: Search string used to match against a group’s name or description attributes.[query_params.locale](str): When set to one of the supported locales (e.g.,en-US,de-DE,es-ES,fr-FR,ja-JP,zh-CN), the network application description is localized into the requested language.
- Returns:
List of Network Services resource records.
- Return type:
Examples
Gets a list of all network services.
>>> service_list, response, error = zia.cloud_firewall.list_network_services_lite(): ... if error: ... print(f"Error listing network services: {error}") ... return ... print(f"Total network services found: {len(service_list)}") ... for service in service_list: ... print(service.as_dict())
Gets a list of all network services.
>>> service_list, response, error = zia.cloud_firewall.list_network_services_lite( query_params={"search": 'FTP'}): ... if error: ... print(f"Error listing network services: {error}") ... return ... print(f"Total services found: {len(service_list)}") ... for service in service_list: ... print(service.as_dict())
- list_network_svc_groups(query_params=None)¶
Lists network service groups in your organization with pagination. A subset of network service groups can be returned that match a supported filter expression or query.
- Parameters:
{dict} (query_params) – Map of query parameters for the request.
[query_params.search]{str}: Search string used to match against a group’s name or description attributes.- Returns:
List of Network Service Group resource records.
- Return type:
Examples
Gets a list of all network services group.
>>> group_list, response, error = zia.cloud_firewall.list_network_svc_groups(): ... if error: ... print(f"Error listing network services group: {error}") ... return ... print(f"Total groups found: {len(group_list)}") ... for group in group_list: ... print(group.as_dict())
Gets a list of all network services group.
>>> group_list, response, error = zia.cloud_firewall.list_network_svc_groups( query_params={"search": 'Group01'}): ... if error: ... print(f"Error listing network services group: {error}") ... return ... print(f"Total groups found: {len(group_list)}") ... for group in group_list: ... print(group.as_dict())
- list_network_svc_groups_lite(query_params=None)¶
Lists Network Service Groups name and ID all network service groups. If the search parameter is provided, the function filters the rules client-side.
- Parameters:
query_params (dict) – Map of query parameters for the request.
[query_params.search](str): Search string for filtering results.- Returns:
A tuple containing (list of network service groups instances, Response, error).
- Return type:
Examples
Gets a list of all network services group.
>>> group_list, response, error = zia.cloud_firewall.list_network_svc_groups(): ... if error: ... print(f"Error listing network services group: {error}") ... return ... print(f"Total groups found: {len(group_list)}") ... for group in group_list: ... print(group.as_dict())
Gets a list of all network services group.
>>> group_list, response, error = zia.cloud_firewall.list_network_svc_groups( query_params={"search": 'Group01'}): ... if error: ... print(f"Error listing network services group: {error}") ... return ... print(f"Total groups found: {len(group_list)}") ... for group in group_list: ... print(group.as_dict())
- list_time_windows()¶
Returns a list of time intervals used by the Firewall policy or the URL Filtering policy.
- Returns:
A list of TimeWindow model instances, the response object, and any error encountered.
- Return type:
Examples
>>> result, response, error = zia.cloud_firewall.list_time_windows()
- list_time_windows_lite()¶
Returns name and ID dictionary of time intervals used by the Firewall policy or the URL Filtering policy.
- Returns:
A list of TimeWindowLite model instances, the response object, and any error encountered.
- Return type:
Examples
>>> result, response, error = zia.cloud_firewall.list_time_windows_lite()
- update_ip_destination_group(group_id, query_params=None, **kwargs)¶
Updates the specified IP Destination Group.
- Parameters:
query_params (dict) –
Map of query parameters for the request.
[query_params.override](bool): Indicates whether the IPs must be overridden.When set to false, the IPs are appended Else the existing IPs are overridden. The default value is true.
group_id (str) – The unique ID of the IP Destination Group.
**kwargs – Optional keyword args.
- Keyword Arguments:
name (str) – The name of the IP Destination Group.
description (str) – Additional information about the destination IP group.
type (str) – Destination IP group type. Allowed values are DSTN_IP and DSTN_FQDN, DSTN_DOMAIN, DSTN_OTHER.
addresses (list) – Destination IP addresses or FQDNs within the group.
ip_categories (list) – Destination IP address URL categories. Note: Only Custom URL categories allowed.
countries (list) – Destination IP address counties. i.e COUNTRY_CA, COUNTRY_US.
- Returns:
The updated IP Destination Group resource record.
- Return type:
Tuple
Examples
Update the name of an IP Destination Group:
>>> updated_group, _, error = client.zia.cloud_firewall.update_ip_destination_group( ... group_id='452125', ... name=f"UpdateGroup {random.randint(1000, 10000)}", ... description=f"UpdateGroup {random.randint(1000, 10000)}", ... addresses=["192.168.1.1", "192.168.1.2"], ... type="DSTN_IP" ... ) >>> if error: ... print(f"Error updating group: {error}") ... return ... print(f"Group updated successfully: {updated_group.as_dict()}")
Update the description and FQDNs for an IP Destination Group:
>>> updated_group, _, error = client.zia.cloud_firewall.update_ip_destination_group( ... group_id='452125', ... name=f"UpdateGroup_{random.randint(1000, 10000)}", ... description=f"UpdateGroup {random.randint(1000, 10000)}", ... addresses=['arstechnica.com', 'slashdot.org'], ... type="DSTN_FQDN", ... ) >>> if error: ... print(f"Error updating group: {error}") ... return ... print(f"Group updated successfully: {updated_group.as_dict()}")
Update a Destination IP Group with country and url category for the US:
>>> updated_group, _, error = client.zia.cloud_firewall.update_ip_destination_group( ... group_id='452125', ... name=f"UpdateGroup_{random.randint(1000, 10000)}", ... description=f"UpdateGroup_{random.randint(1000, 10000)}", ... type='DSTN_OTHER', ... countries=['COUNTRY_CA']), ... ip_categories=['CUSTOM_01']), >>> if error: ... print(f"Error adding group: {error}") ... return ... print(f"Group added successfully: {added_group.as_dict()}")
- update_ip_source_group(group_id, **kwargs)¶
Update an IP Source Group.
This method supports updating individual fields in the IP Source Group resource record.
- Parameters:
group_id (str) – The unique ID for the IP Source Group to update.
**kwargs – Optional keyword args.
- Keyword Arguments:
- Returns:
The updated IP Source Group resource record.
- Return type:
Tuple
Examples
Update ip_addresses list of the IP Source Group:
>>> update_group, _, error = client.zia.cloud_firewall.add_ip_source_group( ... name=f"UpdateNewGroup_{random.randint(1000, 10000)}", ... description=f"UpdateNewGroup_{random.randint(1000, 10000)}", ... ip_addresses=["192.168.1.1", "192.168.1.2", "192.168.1.4"], ... ) >>> if error: ... print(f"Error updating group: {error}") ... return ... print(f"Group updated successfully: {update_group.as_dict()}")
- update_network_app_group(group_id, **kwargs)¶
Update an Network Application Group.
This method supports updating individual fields in the Network Application Group resource record.
- Parameters:
group_id (str) – The unique ID for the Network Application Group to update.
- Keyword Arguments:
- Returns:
The updated Network Application Group resource record.
- Return type:
Tuple
Examples
Update the name of an Network Application Group:
>>> update_group, _, error = client.zia.cloud_firewall.add_network_app_group( ... name=f"UpdateNewGroup_{random.randint(1000, 10000)}", ... description=f"UpdateNewGroup_{random.randint(1000, 10000)}", ... network_applications=['SALESFORCE', 'GOOGLEANALYTICS'], ... ) >>> if error: ... print(f"Error adding group: {error}") ... return ... print(f"Group added successfully: {update_group.as_dict()}")
- update_network_service(service_id, ports=None, **kwargs)¶
Updates the specified Network Service.
If ports aren’t provided then no changes will be made to the ports already defined. If ports are provided then the existing ports will be overwritten.
- Parameters:
service_id (str) – The unique ID for the Network Service.
ports (list) –
A list of port protocol tuples. Tuples must follow the convention src/dest, protocol, start port, end port. If this is a single port and not a port range then end port can be omitted. E.g.
('src', 'tcp', '49152', '65535'), ('dest', 'tcp', '22), ('dest', 'tcp', '9010', '9012'), ('dest', 'udp', '9010', '9012')
**kwargs – Optional keyword args.
- Keyword Arguments:
description (str) – Additional information on the Network Service.
- Returns:
The updated Network Service resource record.
- Return type:
Examples
Update the name and description for a Network Service:
>>> update_service, _, error = client.zia.cloud_firewall.update_network_service( ... name=f"UpdateNewService_{random.randint(1000, 10000)}", ... description=f"UpdateNewService_{random.randint(1000, 10000)}", ... ports=[ ... ('dest', 'tcp', '389'), ... ('dest', 'udp', '389'), ... ('dest', 'tcp', '636'), ... ('dest', 'tcp', '3268', '3269')]) >>> if error: ... print(f"Error updating network services: {error}") ... return ... print(f"Service updated successfully: {added_service.as_dict()}")
- update_network_svc_group(group_id, **kwargs)¶
Update a Network Service Group.
- Parameters:
group_id (str) – The unique ID of the Network Service Group.
**kwargs – Optional keyword args.
- Keyword Arguments:
- Returns:
The updated Network Service Group resource record.
- Return type:
Tuple
Examples
Update the name Network Service Group:
>>> update_group, _, error = client.zia.cloud_firewall.update_network_svc_group( ... name=f"UpdateNewGroup_{random.randint(1000, 10000)}", ... description=f"UpdateNewGroup_{random.randint(1000, 10000)}", ... service_ids=['159143', '159144'], >>> if error: ... print(f"Error adding group: {error}") ... return ... print(f"Group added successfully: {update_group.as_dict()}")