public_cloud_info¶
The following methods allow for interaction with the ZTW Public Cloud Info API endpoints.
Methods are accessible via ztw.public_cloud_info
Copyright (c) 2023, Zscaler Inc.
Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED “AS IS” AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- class PublicCloudInfoAPI¶
Bases:
APIClient- add_public_cloud_info(**kwargs)¶
Creates a new AWS account with the provided account and region details. You can create a maximum of 512 accounts in each organization.
- Keyword Arguments:
name (str) – The name of the public cloud account.
cloud_type (str) – The cloud provider type (e.g., “AWS”).
external_id (str, optional) – External identifier for the account.
account_details (dict) – Account details object containing: - awsAccountId (str): AWS account ID. - awsRoleName (str): AWS IAM role name. - cloudWatchGroupArn (str): CloudWatch log group ARN. Use “DISABLED” to disable. - eventBusName (str): EventBridge event bus name. - externalId (str, optional): External identifier. - logInfoType (str, optional): Log information type (e.g., “INFO”). - troubleShootingLogging (bool): Enable troubleshooting logging. - trustedAccountId (str): Trusted AWS account ID. - trustedRole (str): Trusted IAM role ARN or name.
account_groups (list, optional) – List of account group IDs.
permission_status (str, optional) – Permission status (e.g., “TBD”).
region_status (list, optional) – List of region status objects.
supported_region_ids (list) – List of IDs for supported region objects.
See the Partner Integrations API reference (publicCloudInfo-post): for further detail on payload structure.
- Returns:
A tuple containing (PublicCloudInfo instance, Response, error)
- Return type:
Examples
Add a new Public Cloud Info:
>>> new_cloud_info, response, error = ztw.public_cloud_info.add_public_cloud_info( ... name="AWSAccount01", ... cloud_type="AWS", ... account_details={ ... "awsAccountId": "202719523534", ... "awsRoleName": "bedrock-core-zscaler-role", ... "cloudWatchGroupArn": "DISABLED", ... "eventBusName": "zscaler-bus-24326813-zscalerthree.net", ... "troubleShootingLogging": True, ... "trustedAccountId": "175726779870", ... "trustedRole": "arn:aws:iam::175726779870:role/ZscalerTagDiscoveryRole" ... }, ... supported_region_ids=[12345] ... ) ... if error: ... print(f"Error adding public cloud info: {error}") ... return ... print(f"Created public cloud info: {new_cloud_info.as_dict()}")
- change_state_public_cloud_info(cloud_id, **kwargs)¶
Enables or disables a specific AWS account in all regions based on the provided ID.
- Parameters:
cloud_id (int) – The unique ID of the AWS account.
- Keyword Arguments:
{dict} (query_params) –
Optional query parameters.
[query_params.enable]{bool}: Set true to enable the AWS account, and false to disable it.- Returns:
A tuple containing (PublicCloudInfo instance, Response, error)
- Return type:
Examples
Update public cloud info:
>>> change_state, _, error = client.ztw.public_cloud_info.change_state_public_cloud_info( ... cloud_id=452125, ... }, ... ) ... if error: ... print(f"Error changing state of public cloud info: {error}") ... return ... print(f"Public cloud info updated: {change_state.as_dict()}")
- delete_public_cloud_info(cloud_id)¶
Removes a specific AWS account based on the provided ID.
- Parameters:
cloud_id (int) – The unique ID of the AWS account.
- Returns:
A tuple containing (None, Response, error). The API returns 204 No Content on success.
- Return type:
Examples
>>> _, _, error = client.ztw.public_cloud_info.delete_public_cloud_info(545845) ... if error: ... print(f"Error deleting public cloud info: {error}") ... return ... print("Public cloud info deleted successfully")
- generate_external_id(**kwargs)¶
Generates an external ID for an AWS account.
This endpoint creates a unique external ID that can be used when configuring AWS IAM roles for cross-account access. The external ID is required for secure cross-account access scenarios.
- Keyword Arguments:
See the Partner Integrations API reference (publicCloudInfo-generateExternalId): for further detail on payload structure.
- Returns:
A tuple containing (AccountDetails instance with the generated external_id, Response, error)
- Return type:
Examples
Generate an external ID for an AWS account:
>>> account_details, response, error = client.ztw.public_cloud_info.generate_external_id( ... aws_account_id="202719523534", ... aws_role_name="bedrock-core-zscaler-role" ... ) ... if error: ... print(f"Error generating external ID: {error}") ... return ... print(f"Generated external ID: {account_details.external_id}") ... print(f"Account details: {account_details.as_dict()}")
- get_cloud_formation_template(aws_account_id=None)¶
Retrieves the CloudFormation template URL.
This endpoint returns a URL string pointing to a CloudFormation template YAML file. The URL can be customized with an AWS account ID if provided.
- Parameters:
aws_account_id (str, optional) – The AWS account ID to customize the CloudFormation template URL. If provided, the URL is customized with account-specific values. If not provided, a generic template URL is returned.
- Returns:
A tuple containing (URL string, Response, error)
- Return type:
Examples
Get generic CloudFormation template URL:
>>> template_url, _, error = client.ztw.public_cloud_info.get_cloud_formation_template() ... if error: ... print(f"Error getting CloudFormation template: {error}") ... return ... print(f"CloudFormation template URL: {template_url}")
Get customized CloudFormation template URL for specific AWS account:
>>> template_url, _, error = client.ztw.public_cloud_info.get_cloud_formation_template( ... aws_account_id="202719523534" ... ) ... if error: ... print(f"Error getting CloudFormation template: {error}") ... return ... print(f"CloudFormation template URL: {template_url}")
- get_public_cloud_info(cloud_id)¶
Retrieves the existing AWS account details based on the provided ID.
- Parameters:
cloud_id (int) – The unique ID of the AWS account.
- Returns:
A tuple containing (PublicCloudInfo instance, Response, error)
- Return type:
Examples
>>> fetched_public_cloud_info, response, error = ( ... client.ztw.public_cloud_info.get_public_cloud_info(18382907) ... ) ... if error: ... print(f"Error fetching public cloud info by ID: {error}") ... return ... print(f"Fetched public cloud info by ID: {fetched_public_cloud_info.as_dict()}")
- get_public_cloud_info_count()¶
Returns the count of configured public cloud accounts for the provided customer.
This endpoint returns a list of dictionaries, each containing the number of public cloud accounts configured and the date when the configuration was set.
- Returns:
A tuple containing a list of dictionaries with configuration count information, the response object, and error if any.
- Return type:
Tuple
Examples
>>> counts, _, error = client.ztw.public_cloud_info.get_public_cloud_info_count() ... if error: ... print(f"Error getting public cloud info count: {error}") ... return ... print(f"Found {len(counts)} count records:") ... for count in counts: ... print(count)
- list_public_cloud_info(query_params=None)¶
Retrieves the list of AWS accounts with metadata.
See the Partner Integrations API reference (publicCloudInfo-list): for further detail on payload structure.
- Keyword Arguments:
{dict} (query_params) –
Optional query parameters.
[query_params.page]{int}: Specifies the page offset.[query_params.page_size]{int}: Specifies the page size. The defaultsize is 100, but the maximum size is 1000.
- Returns:
A tuple containing (list of PublicCloudInfo instances, Response, error)
- Return type:
Examples
Gets a list of all public cloud info.
>>> public_cloud_info_list, response, error = ztw.public_cloud_info.list_public_cloud_info() ... if error: ... print(f"Error listing public cloud info: {error}") ... return ... print(f"Total public cloud info found: {len(public_cloud_info_list)}") ... for public_cloud_info in public_cloud_info_list: ... print(public_cloud_info.as_dict())
Gets a list of all public cloud info with search filter.
>>> public_cloud_info_list, response, error = ztw.public_cloud_info.list_public_cloud_info( ... query_params={"search": "FTP"} ... ) ... if error: ... print(f"Error listing public cloud info: {error}") ... return ... print(f"Total public cloud info found: {len(public_cloud_info_list)}") ... for public_cloud_info in public_cloud_info_list: ... print(public_cloud_info.as_dict())
- list_public_cloud_info_lite(query_params=None)¶
Retrieves basic information about the public cloud accounts.
- Keyword Arguments:
{dict} (query_params) –
Optional query parameters.
[query_params.page]{int}: Specifies the page offset.[query_params.page_size]{int}: Specifies the page size.The default size is 250, but the maximum size is 1000.
[query_params.search]{str}: Search string for filtering results.[query_params.cloud_type]{str}: The cloud type. The default and mandatory value is AWS.Supported values: AWS, AZURE, GCP
- Returns:
A list of configured public accounts.
- Return type:
Tuple
Examples
List public accounts with default settings:
>>> public_accounts_list, _, err = client.ztw.public_cloud_info.list_public_cloud_info_lite() >>> if err: ... print(f"Error listing public accounts: {err}") ... return ... print(f"Total public accounts found: {len(public_accounts_list)}") ... for public_account in public_accounts_list: ... print(public_account.as_dict())
- update_public_cloud_info(cloud_id, **kwargs)¶
Updates the existing AWS account details based on the provided ID.
- Parameters:
cloud_id (int) – The unique ID of the AWS account.
- Keyword Arguments:
name (str, optional) – The name of the public cloud account.
cloud_type (str, optional) – The cloud provider type (e.g., “AWS”).
external_id (str, optional) – External identifier for the account.
account_details (dict, optional) – Account details object containing: - awsAccountId (str): AWS account ID. - awsRoleName (str): AWS IAM role name. - cloudWatchGroupArn (str): CloudWatch log group ARN. Use “DISABLED” to disable. - eventBusName (str): EventBridge event bus name. - externalId (str, optional): External identifier. - logInfoType (str, optional): Log information type (e.g., “INFO”). - troubleShootingLogging (bool): Enable troubleshooting logging. - trustedAccountId (str): Trusted AWS account ID. - trustedRole (str): Trusted IAM role ARN or name.
account_groups (list, optional) – List of account group IDs.
permission_status (str, optional) – Permission status (e.g., “TBD”).
region_status (list, optional) – List of region status objects.
supported_region_ids (list, optional) – List of supported region IDs.
- Returns:
A tuple containing (PublicCloudInfo instance, Response, error)
- Return type:
Examples
Update public cloud info:
>>> updated_cloud_info, _, error = client.ztw.public_cloud_info.update_public_cloud_info( ... cloud_id=452125, ... name="Updated AWS Account", ... account_details={ ... "awsAccountId": "202719523534", ... "awsRoleName": "updated-zscaler-role", ... "cloudWatchGroupArn": "DISABLED", ... "eventBusName": "zscaler-bus-24326813-zscalerthree.net", ... "troubleShootingLogging": True, ... "trustedAccountId": "175726779870", ... "trustedRole": "arn:aws:iam::175726779870:role/ZscalerTagDiscoveryRole" ... }, ... supported_region_ids=[12345] ... ) ... if error: ... print(f"Error updating public cloud info: {error}") ... return ... print(f"Public cloud info updated: {updated_cloud_info.as_dict()}")