pra_credential

The following methods allow for interaction with the ZPA Privileged Remote Access Credential Console API endpoints.

Methods are accessible via zpa.pra_credential

Copyright (c) 2023, Zscaler Inc.

Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies.

THE SOFTWARE IS PROVIDED “AS IS” AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

class PRACredentialAPI

Bases: APIClient

A Client object for the Privileged Remote Access Credential resource.

add_credential(**kwargs)

Adds a new privileged remote access credential.

Parameters:

  • name (str) – The name of the credential.

  • credential_type (str) – The type of credential (‘USERNAME_PASSWORD’, ‘SSH_KEY’, ‘PASSWORD’).

  • username (str, optional) – The username for ‘USERNAME_PASSWORD’ or ‘SSH_KEY’ types.

  • password (str, optional) – The password for ‘USERNAME_PASSWORD’ or ‘PASSWORD’ types.

  • private_key (str, optional) – The private key for ‘SSH_KEY’ type.

Returns:

PrivilegedRemoteAccessCredential: The newly created credential resource.

Return type:

Tuple

Examples

>>> added_credential, _, err = client.zpa.pra_credential.update_credential(
...     credential_id='999999',
...     name="John Doe",
...     description="Created PRA Credential",
...     credential_type="PASSWORD",
...     user_domain="acme.com",
...     password="",
... )
... if err:
...     print(f"Error adding credential: {err}")
...     return
... print(f"credential added successfully: {added_credential.as_dict()}")
credential_move(credential_id, query_params=None)

Moves privileged remote access credentials between parent tenant and microtenants.

Parameters:

  • credential_id (str) – The unique identifier of the credential.

  • move_data (dict or object) – Dictionary or object that contains the move-related data.

  • target_microtenant_id (str) – The unique identifier of the target microtenant. For Default microtenant, 0 should be passed.

Returns:

Empty dictionary if the move operation is successful.

Return type:

dict

Examples

>>> _, _, err = client.zpa.pra_credential.credential_move(
...     credential_id=updated_credential.id,
...     query_params={
...         "microtenant_id": microtenant_id,
...         "target_microtenant_id": target_microtenant_id
...     }
... )
... if err:
...     print(f"Error moving credential: {err}")
...     return
... print(f"Credential with ID {updated_credential.id} moved successfully.")
delete_credential(credential_id, microtenant_id=None)

Deletes the specified privileged remote access credential.

Parameters:

  • credential_id (str) – The unique identifier of the credential to delete.

  • microtenant_id (str, optional) – The optional ID of the microtenant if applicable.

Returns:

The status code of the delete operation.

Return type:

int

Examples

>>> _, _, err = client.zpa.pra_credential.delete_credential(
...     credential_id='999999'
... )
... if err:
...     print(f"Error deleting pra credential: {err}")
...     return
... print(f"PRA Credential with ID {'999999'} deleted successfully.")
get_credential(credential_id, query_params=None)

Returns information on the specified privileged remote access credential.

Parameters:

  • credential_id (str) – The unique identifier of the credential.

  • query_params (dict, optional) – Map of query parameters for the request. [query_params.microtenant_id] {str}: The microtenant ID, if applicable.

Returns:

PrivilegedRemoteAccessCredential: The resource record for the credential.

Return type:

Tuple

Examples

>>> fetched_credential, _, err = client.zpa.pra_credential.get_credential('999999')
... if err:
...     print(f"Error fetching credential by ID: {err}")
...     return
... print(f"Fetched credential by ID: {fetched_credential.as_dict()}")
list_credentials(query_params=None)

Returns a list of all privileged remote access credentials.

Parameters:

{dict} (query_params) – Map of query parameters for the request. [query_params.page] {str}: Specifies the page number. [query_params.page_size] {int}: Page size for pagination. [query_params.search] {str}: Search string for filtering results. [query_params.microtenant_id] {str}: ID of the microtenant, if applicable.

Returns:

A tuple containing (list of PrivilegedRemoteAccessCredential instances, Response, error)

Return type:

tuple

Examples

>>> credential_list, _, err = client.zpa.pra_credential.list_credentials(
... query_params={'search': 'pra_console01', 'page': '1', 'page_size': '100'})
... if err:
...     print(f"Error listing pra credentials: {err}")
...     return
... print(f"Total pra credentials found: {len(credential_list)}")
... for pra in credential_list:
...     print(pra.as_dict())
update_credential(credential_id, **kwargs)

Updates a specified credential based on provided keyword arguments.

Parameters:

credential_id (str) – The unique identifier for the credential being updated.

Returns:

PrivilegedRemoteAccessCredential: The updated credential resource.

Return type:

Tuple

Examples

>>> updated_console, _, err = client.zpa.pra_credential.update_credential(
...     credential_id='999999',
...     name="John Doe",
...     description="Created PRA Credential",
...     credential_type="PASSWORD",
...     user_domain="acme.com",
...     password="",
... )
... if err:
...     print(f"Error updating credential: {err}")
...     return
... print(f"credential updated successfully: {updated_console.as_dict()}")