app_segments_inspection¶
The following methods allow for interaction with the ZPA Inspection Application Segment API endpoints.
Methods are accessible via zpa.app_segments_inspection
Copyright (c) 2023, Zscaler Inc.
Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED “AS IS” AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- class AppSegmentsInspectionAPI¶
Bases:
APIClientA client object for the Application Segment Inspection resource.
- add_segment_inspection(**kwargs)¶
Create an AppProtection application segment.
- Parameters:
name (str) – Required. Name of the application segment (user-defined).
domain_names (list of str) – Required. Domain names or IP addresses for the segment.
segment_group_id (str) – Required. Unique identifier for the segment group.
server_group_ids (list of str) – Required. List of server group IDs this segment belongs to.
tcp_port_ranges (list of str, optional) – Legacy format. TCP port range pairs (e.g., [‘22’, ‘22’]).
udp_port_ranges (list of str, optional) – Legacy format. UDP port range pairs (e.g., [‘35000’, ‘35000’]).
tcp_port_range (list of dict, optional) – New format. TCP port range pairs [{“from”: “8081”, “to”: “8081”}].
udp_port_range (list of dict, optional) – New format. UDP port range pairs [{“from”: “8081”, “to”: “8081”}].
**kwargs – Optional keyword args.
- Keyword Arguments:
bypass_type (str) – The type of bypass for the Application Segment. Accepted values are ALWAYS, NEVER and ON_NET.
config_space (str) – The config space for this Application Segment. Accepted values are DEFAULT and SIEM.
description (str) – Additional information about this Application Segment.
double_encrypt (bool) – Double Encrypt the Application Segment micro-tunnel.
enabled (bool) – Enable the Application Segment.
health_check_type (str) – Set the Health Check Type. Accepted values are DEFAULT and NONE.
health_reporting (str) – Set the Health Reporting. Accepted values are NONE, ON_ACCESS and CONTINUOUS.
ip_anchored (bool) – Enable IP Anchoring for this Application Segment.
is_cname_enabled (bool) – Enable CNAMEs for this Application Segment.
passive_health_enabled (bool) – Enable Passive Health Checks for this Application Segment.
icmp_access_type (str) – Sets ICMP access type for ZPA clients.
common_apps_dto (dict, optional) –
Dictionary containing application-specific configurations.
apps_config (list[dict], optional): List of application configuration blocks.
application_port (str): The port used by the application.
application_protocol (str): The protocol used (e.g., HTTP, HTTPS).
enabled (bool): Whether the application is enabled.
domain (str): The domain name of the application.
name (str): The name of the application.
app_types (list[str]): The types of applications is optional (i.e., INSPECT)
- Returns:
The newly created application segment resource record.
- Return type:
Examples
Create an application segment using new TCP port format (tcp_port_range):
>>> added_segment, _, err = client.zpa.app_segments_inspection.add_segment_inspection( ... name=f"NewInspectionSegment_{random.randint(1000, 10000)}", ... description=f"NewInspectionSegment_{random.randint(1000, 10000)}", ... enabled=True, ... domain_names=["server.acme.com"], ... segment_group_id="72058304855089379", ... server_group_ids=["72058304855090128"], ... tcp_port_range=[{"from": "443", "to": "443"}], ... udp_port_range=[{"from": "443", "to": "443"}], ... common_apps_dto={ ... "apps_config": [ ... { ... "application_port": "443", ... "application_protocol": "HTTPS", ... "certificate_id": "72058304855021564", ... "enabled": True, ... "domain": "server.acme.com", ... "name": "server.acme.com", ... } ... ] ... }, ... ) ... if err: ... print(f"Error creating segment: {err}") ... return ... print(f"segment created successfully: {added_segment.as_dict()}")
- delete_segment_inspection(segment_id, force_delete=False)¶
Delete an AppProtection application segment.
- Parameters:
- Returns:
The operation response code.
- Return type:
Examples
>>> _, _, err = client.zpa.app_segments_inspection.delete_segment_inspection( ... segment_id='999999' ... ) ... if err: ... print(f"Error deleting application segment: {err}") ... return ... print(f"application segment with ID {'999999'} deleted successfully.")
- get_segment_inspection(segment_id, query_params=None)¶
Get information for an AppProtection application segment.
- Parameters:
segment_id (str) – The unique identifier for the AppProtection application segment.
- Returns:
A tuple containing (ApplicationSegment, Response, error)
- Return type:
Tuple
Examples
>>> fetched_segment, _, err = client.zpa.app_segments_inspection.get_segment_inspection('999999') ... if err: ... print(f"Error fetching segment by ID: {err}") ... return ... print(f"Fetched segment by ID: {fetched_segment.as_dict()}")
- list_segment_inspection(query_params=None, **kwargs)¶
Returns all configured application segment inspection with pagination support.
- Parameters:
{dict} (query_params) –
Map of query parameters for the request.
[query_params.page]{str}: Specifies the page number.[query_params.page_size]{str}: Specifies the page size.If not provided, the default page size is 20. The max page size is 500.
[query_params.search]{str}: Search string for filtering results.[query_params.microtenant_id]{str}: The unique identifier of the microtenant of ZPA tenant.- Returns:
A tuple containing (list of ApplicationSegments instances, Response, error)
- Return type:
Examples
>>> segment_list, _, err = client.zpa.app_segments_inspection.list_segment_inspection( ... query_params={'search': 'AppSegment01', 'page': '1', 'page_size': '100'}) ... if err: ... print(f"Error listing inspection application segment: {err}") ... return ... print(f"Total application segment inspectiion found: {len(segment_list)}") ... for app in segments: ... print(app.as_dict())
- reformat_params = [('server_group_ids', 'serverGroups')]¶
- update_segment_inspection(segment_id, **kwargs)¶
Update an AppProtection application segment.
- Parameters:
segment_id (str) – The unique identifier for the AppProtection application segment.
**kwargs – Optional params.
- Keyword Arguments:
bypass_type (str) – Bypass type for the segment. Values: ALWAYS, NEVER, ON_NET.
config_space (str) – Config space for the segment. Values: DEFAULT, SIEM.
description (str) – Additional information about this AppProtection Application Segment.
domain_names (
listofstr) – List of domain names or IP addresses for the AppProtection application segment.double_encrypt (bool) – Double Encrypt the AppProtection Application Segment micro-tunnel.
enabled (bool) – Enable the AppProtection Application Segment.
health_check_type (str) – Set the Health Check Type. Accepted values are DEFAULT and NONE.
health_reporting (str) – Set the Health Reporting. Accepted values are NONE, ON_ACCESS and CONTINUOUS.
ip_anchored (bool) – Enable IP Anchoring for this AppProtection Application Segment.
is_cname_enabled (bool) – Enable CNAMEs for this AppProtection Application Segment.
name (str) – The name of the AppProtection Application Segment.
passive_health_enabled (bool) – Enable Passive Health Checks for this AppProtection Application Segment.
segment_group_id (str) – The unique identifer for the segment group this AppProtection application segment belongs to.
server_group_ids (
listofstr) – The list of server group IDs that belong to this AppProtection application segment.- List of TCP port ranges specified as a tuple pair, e.g. for ports 21-23, 8080-8085 and 443:
[(21, 23), (8080, 8085), (443, 443)]
- List of UDP port ranges specified as a tuple pair, e.g. for ports 34000-35000 and 36000:
[(34000, 35000), (36000, 36000)]
icmp_access_type (str) – Sets ICMP access type for ZPA clients.
common_apps_dto (dict, optional) –
Dictionary containing application-specific configurations.
apps_config (list[dict], optional): List of application configuration blocks.
application_port (str): The port used by the application.
application_protocol (str): The protocol used (e.g., HTTP, HTTPS).
enabled (bool): Whether the application is enabled.
domain (str): The domain name of the application.
name (str): The name of the application.
app_types (list[str]): The types of applications is optional (i.e., INSPECT).
- Returns:
The updated AppProtection application segment resource record.
- Return type:
Examples
Update an app protection segment using new TCP port format (tcp_port_range):
>>> updated_segment, _, err = client.zpa.app_segments_inspection.update_segment_inspection( ... segment_id='9999999' ... name=f"UpdatedAppSegmentInspection_{random.randint(1000, 10000)}", ... description=f"UpdatedAppSegmentInspection_{random.randint(1000, 10000)}", ... enabled=True, ... domain_names=["server.acme.com"], ... segment_group_id="72058304855089379", ... server_group_ids=["72058304855090128"], ... tcp_port_range=[{"from": "443", "to": "443"}], ... udp_port_range=[{"from": "443", "to": "443"}], ... common_apps_dto={ ... "apps_config": [ ... { ... "application_port": "443", ... "application_protocol": "HTTPS", ... "certificate_id": "72058304855021564", ... "enabled": True, ... "domain": "server.acme.com", ... "name": "server.acme.com", ... } ... ] ... }, ... ) ... if err: ... print(f"Error updating segment: {err}") ... return ... print(f"segment updated successfully: {updated_segment.as_dict()}")