app_protection¶

The following methods allow for interaction with the ZPA App Protection Controller API endpoints.

Methods are accessible via zpa.app_protection

Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies.

THE SOFTWARE IS PROVIDED “AS IS” AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

class InspectionControllerAPI¶

Bases: APIClient

A client object for the ZPA Inspection Profiles resource.

add_custom_control(**kwargs)¶

Adds a new ZPA Inspection Custom Control.

Parameters:: kwargs (dict) – A dictionary of attributes to create the custom control.
Returns:: The newly created custom control object.
Return type:: AppProtectionCustomControl

add_profile(**kwargs)¶

Create a new inspection profile.

Parameters:

name (str) – The name of the inspection profile.
description (str) – The description of the inspection profile.
check_control_deployment_status (bool) – Indicates whether or not the service needs to perform additional validations.
paranoia_level (str) – The OWASP Predefined Paranoia Level.
incarnation_number (str) – A version or incarnation marker for the inspection profile.
global_control_actions (list) – The actions of the predefined, custom, or override controls.
predefined_controls_version (list) – The protocol for the AppProtection application.
zs_defined_control_choice (str) –
Indicates the user’s choice for the ThreatLabZ Controls.

Supported values: - ALL: Zscaler handles the ThreatLabZ Controls for the AppProtection profile. - SPECIFIC: User handles the ThreatLabZ Controls for the AppProtection profile.
custom_controls (list) –
The set of AppProtection controls used to define how inspections are managed.

Each control item may include: - action (str): Action of the custom control. Supported values: PASS, BLOCK, or REDIRECT. - action_value (str): The value for the defined control’s action; only required if the action is REDIRECT. - default_action_value (str): The redirect URL if the default action is set to REDIRECT.
controls_info (list) –
A list of server group IDs for the control set.

Each item may include: - control_type (str): The control type. Supported values: WEBSOCKET_PREDEFINED, WEBSOCKET_CUSTOM, THREATLABZ, CUSTOM, PREDEFINED. - count (int): The count of controls in this set.
threat_labz_controls (list) –
The ThreatLabZ predefined controls.

Each item may include: - action (str): Supported values: PASS, BLOCK, or REDIRECT. - action_value (str): Required only if the action is REDIRECT. - default_action_value (str): Redirect URL if the default action is REDIRECT.
websocket_controls (list) –
The WebSocket controls.

Each item may include: - action (str): Supported values: PASS, BLOCK, or REDIRECT. - action_value (str): Required only if the action is REDIRECT. - default_action_value (str): Redirect URL if the default action is REDIRECT.

Returns:

A tuple containing the InspectionProfile instance, the response object, and an error (if any).

Return type:

tuple

delete_custom_control(control_id)¶

Deletes the specified custom ZPA Inspection Control.

Parameters:: control_id (str) – The unique ID for the custom control.
Returns:: The status code for the operation.
Return type:: int

delete_profile(profile_id)¶

Deletes the specified inspection profile.

Parameters:: profile_id (str) – The unique identifier for the inspection profile to be deleted.
Returns:: Status code of the delete operation.
Return type:: int

get_all_predef_control(query_params=None)¶

Returns all predefined inspection controls.

Parameters:

{dict} (query_params) –

Map of query parameters for the request. [query_params.search] {str}: Search string for filtering results.

[query_params.version] {str}: The predefined control version is required.: Supported values: OWASP_CRS/3.3.0, OWASP_CRS/3.3.5, OWASP_CRS/4.8.0

Returns:

The corresponding predefined control object.

Return type:

PredefinedInspectionControlResource

Examples

>>> predef_controls, _, err = client.zpa.app_protection.get_all_predef_control(
... query_params={'version': 'OWASP_CRS/4.8.0'})
>>> if err:
...     print(f"Error listing predefined controls: {err}")
...     return
... print(f"Total predefined controls found: {len(predef_controls)}")
... for control in predef_controls:
...     print(control.as_dict())

get_custom_control(control_id)¶

Returns the specified custom ZPA Inspection Control.

Parameters:: control_id (str) – The unique ID of the custom control.
Returns:: The corresponding custom control object.
Return type:: AppProtectionCustomControl

get_predef_control(control_id)¶

Returns the specified predefined ZPA Inspection Control.

Parameters:: control_id (str) – The unique ID of the predefined control.
Returns:: The corresponding predefined control object.
Return type:: AppProtectionCustomControl

Examples

>>> fetched_predf_control, _, err = client.zpa.app_protection.get_predef_control(control_id='72057594037928524')
>>> if err:
...     print(f"Error fetching ba predefined control by ID: {err}")
...     return
... print(f"Fetched ba predefined control by ID: {fetched_predf_control.as_dict()}")

get_profile(profile_id, **kwargs)¶

Gets information on the specified inspection profile.

Parameters:: profile_id (str) – The unique identifier for the inspection profile.
Returns:: The corresponding inspection profile object.
Return type:: InspectionProfile

list_control_action_types()¶

Returns a list of ZPA Inspection Control Action Types.

Returns:: A tuple containing (list of action types, Response, error).
Return type:: tuple

Examples

>>> for action_type in zpa.inspection.list_control_action_types():
...     print(action_type)

list_control_severity_types()¶

Returns a list of Inspection Control Severity Types.

Returns:: A dictionary containing all valid Inspection Control Severity Types.
Return type:: tuple

Examples

>>> for severity in zpa.inspection.list_control_severity_types():
...     print(severity)

list_control_types()¶

Returns a list of ZPA Inspection Control Types.

Returns:: A dictionary containing ZPA Inspection Control Types.
Return type:: tuple

Examples

>>> for control_type in zpa.inspection.list_control_types():
...     print(control_type)

list_custom_controls(query_params=None)¶

Enumerates App Protection Custom Control in your organization with pagination. A subset of App Protection Custom Control can be returned that match a supported filter expression or query.

Parameters:

{dict} (query_params) –

Map of query parameters for the request.

[query_params.page] {int}: Specifies the page number. [query_params.page_size] {int}: Page size for pagination. [query_params.search] {str}: Search string for filtering results.

[query_params.sort_dir] {str}: Specifies the sorting order (ascending/descending) for the search results.: Available values : ASC, DESC

Returns:

A tuple containing (list of AppProtectionCustomControl instances, Response, error)

Return type:

tuple

list_custom_http_methods()¶

Returns a list of custom ZPA Inspection Control HTTP Methods.

Returns:: A dictionary containing custom ZPA Inspection Control HTTP Methods.
Return type:: tuple

Examples

>>> for method in zpa.inspection.list_custom_http_methods():
...     print(method)

list_predef_control_adp(query_params=None)¶

Returns all predefined ADP inspection controls for the specified customer.

Parameters:

{dict} (query_params) –

Map of query parameters for the request. [query_params.search] {str}: Search string for filtering results.

[query_params.version] {str}: The predefined control version.: Supported values: OWASP_CRS/3.3.0, OWASP_CRS/3.3.5, OWASP_CRS/4.8.0

Returns:

The corresponding predefined control object.

Return type:

AppProtectionCustomControl

list_predef_control_api(query_params=None)¶

Returns all predefined inspection controls for the specified customer.

Parameters:

{dict} (query_params) –

Map of query parameters for the request. [query_params.search] {str}: Search string for filtering results.

[query_params.version] {str}: The predefined control version.: Supported values: OWASP_CRS/3.3.0, OWASP_CRS/3.3.5, OWASP_CRS/4.8.0

Returns:

The corresponding predefined control object.

Return type:

AppProtectionCustomControl

list_predef_control_versions()¶

Returns a list of predefined ZPA Inspection Control versions.

Returns:: A dictionary containing all predefined ZPA Inspection Control versions.
Return type:: tuple

list_predef_controls(query_params=None)¶

Returns a list of predefined ZPA Inspection Controls.

Parameters:

{dict} (query_params) –

Map of query parameters for the request. [query_params.search] {str}: Search string for filtering results. search_field (str): The value to search for within the field.

[query_params.version] {str}: The predefined control version.: Supported values: OWASP_CRS/3.3.0, OWASP_CRS/3.3.5, OWASP_CRS/4.8.0

Returns:

A tuple containing (list of PredefinedInspectionControl objects, Response, error).

Return type:

tuple

Examples

>>> fetched_predf_control, _, err = client.zpa.app_protection.list_predef_controls(
    query_params={
        "version": "OWASP_CRS/4.8.0",
        "search": "name",
        "search_field": "PHP Injection Attack: High-Risk PHP Function Name Found"
    })
>>> if err:
        print(f"Error fetching predefined control adp: {err}")
        return
    print(f"Fetched predefined control adp: {fetched_predf_control.as_dict()}")

list_profiles(query_params=None)¶

Enumerates App Protection Profile in your organization with pagination. A subset of App Protection Profile can be returned that match a supported filter expression or query.

Parameters:

{dict} (query_params) –

Map of query parameters for the request.

[query_params.page] {str}: Specifies the page number.

[query_params.page_size] {str}: Specifies the page size.: If not provided, the default page size is 20. The max page size is 500.

[query_params.search] {str}: Search string for filtering results.

Returns:

A tuple containing (list of InspectionProfile instances, Response, error)

Return type:

tuple

profile_control_attach(profile_id, action, **kwargs)¶

Attaches or detaches all predefined ZPA Inspection Controls to a ZPA Inspection Profile.

Parameters:

profile_id (str) – The unique ID for the ZPA Inspection Profile that will be modified.
action (str) – The association action that will be taken, accepted values are: * attach: Attaches all predefined controls to the Inspection Profile with the specified version. * detach: Detaches all predefined controls from the Inspection Profile.
**kwargs – Additional keyword arguments.

Keyword Arguments:

profile_version (str) – The version of the Predefined Controls to attach. Only required when using the attach action. Defaults to OWASP_CRS/3.3.0.

Returns:

The updated ZPA Inspection Profile resource record.

Return type:

InspectionProfile

update_custom_control(control_id, **kwargs)¶

Updates the specified custom ZPA Inspection Control.

Parameters:

control_id (str) – The unique ID of the custom control.
kwargs (dict) – A dictionary of attributes to update the custom control.

Returns:

The updated custom control object.

Return type:

AppProtectionCustomControl

update_profile(profile_id, **kwargs)¶

Updates the specified inspection profile.

Parameters:: profile_id (str) – The unique ID of the profile to be updated.
Returns:: The updated inspection profile object.
Return type:: InspectionProfile

update_profile_and_controls(profile_id, **kwargs)¶

Updates the inspection profile and controls for the specified ID.

Parameters:

profile_id (str) – The unique ID of the inspection profile.
inspection_profile (dict) – The new inspection profile object.
**kwargs – Additional keyword arguments.

Returns:

The updated ZPA Inspection Profile resource record.

Return type:

InspectionProfile