file_type_control_rule¶

The following methods allow for interaction with the ZIA File Type Control Rule API endpoints.

Methods are accessible via zia.file_type_control_rule

Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies.

THE SOFTWARE IS PROVIDED “AS IS” AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

class FileTypeControlRuleAPI¶

Bases: APIClient

add_rule(**kwargs)¶

Adds a new file type control rules rule.

Parameters:

name (str) – Name of the rule, max 31 chars.

Keyword Arguments:

description (str) – Additional information about the rule.
state (str) – Rule state, either ‘ENABLED’ or ‘DISABLED’.
order (int) – Order of policy execution with respect to other file-type policies.
filtering_action (str) – Action taken when traffic matches policy. Supported values: “BLOCK”, “CAUTION”, “ALLOW”.
time_quota (int) – Time quota in minutes after which the policy must be applied.
size_quota (int) – Size quota in KB beyond which the policy must be applied.
access_control (str) – Access privilege based on admin’s state.
rank (int) – Admin rank of the rule creator. Supported values: 1-7.
capture_pcap (bool) – Indicates whether packet capture (PCAP) is enabled.
operation (str) – File operation performed by the rule.
active_content (bool) – Checks whether the file contains active content.
unscannable (bool) – Indicates whether the file is unscannable.
cloud_applications (list[str]) – List of cloud applications to which the rule must be applied.
file_types (list[str]) – List of file types to which the rule must be applied.
min_size (int) – Minimum file size in KB for evaluation.
max_size (int) – Maximum file size in KB for evaluation.
protocols (list[str]) – Protocols covered by the rule.
url_categories (list[str]) – List of URL categories the rule must be applied to.
last_modified_time (int) – Timestamp of the last modification.
last_modified_by (dict) – Details of the user who last modified the rule.
locations (list[dict]) – Name-ID pairs of locations for rule application.
location_groups (list[dict]) – Name-ID pairs of location groups for rule application.
groups (list[dict]) – Name-ID pairs of groups for rule application.
departments (list[dict]) – Name-ID pairs of departments for rule application.
users (list[dict]) – Name-ID pairs of users for rule application.
time_windows (list[dict]) – Name-ID pairs of time intervals for rule enforcement.
labels (list[dict]) – Labels associated with the rule for logical grouping.
device_groups (list[dict]) – Device groups managed using Zscaler Client Connector.
devices (list[dict]) – Devices managed using Zscaler Client Connector.
device_trust_levels (list[str]) – Device trust levels based on posture configurations.
zpa_app_segments (list[dict]) – ZPA Application Segments applicable to the rule.

Returns:

Updated firewall dns filtering rule resource record.

Return type:

tuple

Example

Update an existing rule to change its name and action:

>>> zia.file_type_control_rule.update_rule(
...    rule_id=123456,
...    name='UPDATED_RULE',
...    ba_rule_action='ALLOW',
...    description='Updated action for the rule'
... )

delete_rule(rule_id)¶

Deletes the specified file type control rules filter rule.

Parameters:: rule_id (str) – The unique identifier for the file type control rules rule.
Returns:: The status code for the operation.
Return type:: int

Examples

>>> zia.file_type_control_rule.delete_rule('278454')

get_rule(rule_id)¶

Returns information for the specified file type control rules filter rule.

Parameters:: rule_id (str) – The unique identifier for the file type control rules filter rule.
Returns:: A tuple containing (file type control rules rule instance, Response, error).
Return type:: tuple

Example

Retrieve a file type control rules rule by its ID:

>>> rule, response, error = zia.file_type_control_rule.get_rule(rule_id=123456)
>>> if not error:
...    print(rule.as_dict())

list_rules(query_params=None)¶

Lists file type control rules rules in your organization with pagination. A subset of file type control rules rules can be returned that match a supported filter expression or query.

Parameters:

{dict} (query_params) –

Map of query parameters for the request.

[query_params.search] {str}: Search string for filtering results.

Returns:

A tuple containing (list of file type control rules rules instances, Response, error).

Return type:

tuple

Example

List all file type control rules rules with a specific page size:

>>> rules_list, response, error = zia.file_type_control_rule.list_rules(
...    query_params={"pagesize": 50}
... )
>>> for rule in rules_list:
...    print(rule.as_dict())

update_rule(rule_id, **kwargs)¶

Updates an existing file type control rules rule.

Parameters:

rule_id (str) – The unique ID for the rule that is being updated.
**kwargs – Optional keyword args.

Keyword Arguments:

name (str) – Name of the rule, max 31 chars.
description (str) – Additional information about the rule.
state (str) – Rule state, either ‘ENABLED’ or ‘DISABLED’.
order (int) – Order of policy execution with respect to other file-type policies.
filtering_action (str) – Action taken when traffic matches policy. Supported values: “BLOCK”, “CAUTION”, “ALLOW”.
time_quota (int) – Time quota in minutes after which the policy must be applied.
size_quota (int) – Size quota in KB beyond which the policy must be applied.
access_control (str) – Access privilege based on admin’s state.
rank (int) – Admin rank of the rule creator. Supported values: 1-7.
capture_pcap (bool) – Indicates whether packet capture (PCAP) is enabled.
operation (str) – File operation performed by the rule.
active_content (bool) – Checks whether the file contains active content.
unscannable (bool) – Indicates whether the file is unscannable.
cloud_applications (list[str]) – List of cloud applications to which the rule must be applied.
file_types (list[str]) – List of file types to which the rule must be applied.
min_size (int) – Minimum file size in KB for evaluation.
max_size (int) – Maximum file size in KB for evaluation.
protocols (list[str]) – Protocols covered by the rule.
url_categories (list[str]) – List of URL categories the rule must be applied to.
last_modified_time (int) – Timestamp of the last modification.
last_modified_by (dict) – Details of the user who last modified the rule.
locations (list[dict]) – Name-ID pairs of locations for rule application.
location_groups (list[dict]) – Name-ID pairs of location groups for rule application.
groups (list[dict]) – Name-ID pairs of groups for rule application.
departments (list[dict]) – Name-ID pairs of departments for rule application.
users (list[dict]) – Name-ID pairs of users for rule application.
time_windows (list[dict]) – Name-ID pairs of time intervals for rule enforcement.
labels (list[dict]) – Labels associated with the rule for logical grouping.
device_groups (list[dict]) – Device groups managed using Zscaler Client Connector.
devices (list[dict]) – Devices managed using Zscaler Client Connector.
device_trust_levels (list[str]) – Device trust levels based on posture configurations.
zpa_app_segments (list[dict]) – ZPA Application Segments applicable to the rule.

Returns:

Updated firewall dns filtering rule resource record.

Return type:

tuple

Example

Update an existing rule to change its name and action:

>>> zia.file_type_control_rule.update_rule(
...    rule_id=123456,
...    name='UPDATED_RULE',
...    ba_rule_action='ALLOW',
...    description='Updated action for the rule'
... )