zscaler-sdk-python 1.0.0__py2.py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- zscaler/__init__.py +34 -0
- zscaler/cache/__init__.py +0 -0
- zscaler/cache/cache.py +105 -0
- zscaler/cache/no_op_cache.py +68 -0
- zscaler/cache/zscaler_cache.py +161 -0
- zscaler/constants.py +26 -0
- zscaler/errors/__init__.py +0 -0
- zscaler/errors/error.py +10 -0
- zscaler/errors/http_error.py +20 -0
- zscaler/errors/zscaler_api_error.py +24 -0
- zscaler/exceptions/__init__.py +1 -0
- zscaler/exceptions/exceptions.py +101 -0
- zscaler/logger.py +57 -0
- zscaler/ratelimiter/__init__.py +0 -0
- zscaler/ratelimiter/ratelimiter.py +39 -0
- zscaler/user_agent.py +23 -0
- zscaler/utils.py +577 -0
- zscaler/zia/__init__.py +657 -0
- zscaler/zia/activate.py +52 -0
- zscaler/zia/admin_and_role_management.py +344 -0
- zscaler/zia/apptotal.py +71 -0
- zscaler/zia/audit_logs.py +95 -0
- zscaler/zia/authentication_settings.py +98 -0
- zscaler/zia/client.py +88 -0
- zscaler/zia/cloud_apps.py +406 -0
- zscaler/zia/device_management.py +90 -0
- zscaler/zia/dlp.py +784 -0
- zscaler/zia/errors.py +37 -0
- zscaler/zia/firewall.py +1104 -0
- zscaler/zia/forwarding_control.py +271 -0
- zscaler/zia/isolation_profile.py +83 -0
- zscaler/zia/labels.py +180 -0
- zscaler/zia/locations.py +661 -0
- zscaler/zia/sandbox.py +180 -0
- zscaler/zia/security.py +236 -0
- zscaler/zia/ssl_inspection.py +175 -0
- zscaler/zia/traffic.py +853 -0
- zscaler/zia/url_categories.py +442 -0
- zscaler/zia/url_filtering.py +310 -0
- zscaler/zia/users.py +386 -0
- zscaler/zia/web_dlp.py +295 -0
- zscaler/zia/workload_groups.py +58 -0
- zscaler/zia/zpa_gateway.py +187 -0
- zscaler/zpa/__init__.py +683 -0
- zscaler/zpa/app_segments.py +331 -0
- zscaler/zpa/app_segments_inspection.py +311 -0
- zscaler/zpa/app_segments_pra.py +310 -0
- zscaler/zpa/certificates.py +234 -0
- zscaler/zpa/client.py +113 -0
- zscaler/zpa/cloud_connector_groups.py +75 -0
- zscaler/zpa/connectors.py +518 -0
- zscaler/zpa/emergency_access.py +178 -0
- zscaler/zpa/errors.py +37 -0
- zscaler/zpa/idp.py +83 -0
- zscaler/zpa/inspection.py +1012 -0
- zscaler/zpa/isolation_profile.py +85 -0
- zscaler/zpa/lss.py +568 -0
- zscaler/zpa/machine_groups.py +79 -0
- zscaler/zpa/policies.py +848 -0
- zscaler/zpa/posture_profiles.py +122 -0
- zscaler/zpa/privileged_remote_access.py +862 -0
- zscaler/zpa/provisioning.py +271 -0
- zscaler/zpa/saml_attributes.py +100 -0
- zscaler/zpa/scim_attributes.py +117 -0
- zscaler/zpa/scim_groups.py +146 -0
- zscaler/zpa/segment_groups.py +191 -0
- zscaler/zpa/server_groups.py +217 -0
- zscaler/zpa/servers.py +202 -0
- zscaler/zpa/service_edges.py +404 -0
- zscaler/zpa/trusted_networks.py +127 -0
- zscaler_sdk_python-1.0.0.dist-info/LICENSE.md +21 -0
- zscaler_sdk_python-1.0.0.dist-info/METADATA +59 -0
- zscaler_sdk_python-1.0.0.dist-info/RECORD +75 -0
- zscaler_sdk_python-1.0.0.dist-info/WHEEL +6 -0
- zscaler_sdk_python-1.0.0.dist-info/top_level.txt +1 -0
zscaler/zia/locations.py
ADDED
|
@@ -0,0 +1,661 @@
|
|
|
1
|
+
# -*- coding: utf-8 -*-
|
|
2
|
+
|
|
3
|
+
# Copyright (c) 2023, Zscaler Inc.
|
|
4
|
+
#
|
|
5
|
+
# Permission to use, copy, modify, and/or distribute this software for any
|
|
6
|
+
# purpose with or without fee is hereby granted, provided that the above
|
|
7
|
+
# copyright notice and this permission notice appear in all copies.
|
|
8
|
+
#
|
|
9
|
+
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
|
10
|
+
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
|
11
|
+
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
|
12
|
+
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
|
13
|
+
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
|
14
|
+
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
|
15
|
+
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
|
16
|
+
|
|
17
|
+
|
|
18
|
+
from box import Box, BoxList
|
|
19
|
+
from requests import Response
|
|
20
|
+
|
|
21
|
+
from zscaler.utils import Iterator, snake_to_camel
|
|
22
|
+
from zscaler.zia import ZIAClient
|
|
23
|
+
|
|
24
|
+
|
|
25
|
+
class LocationsAPI:
|
|
26
|
+
def __init__(self, client: ZIAClient):
|
|
27
|
+
self.rest = client
|
|
28
|
+
|
|
29
|
+
def list_locations(self, **kwargs) -> BoxList:
|
|
30
|
+
"""
|
|
31
|
+
Returns a list of locations.
|
|
32
|
+
|
|
33
|
+
Keyword Args:
|
|
34
|
+
**auth_required (bool, optional):
|
|
35
|
+
Filter based on whether the Enforce Authentication setting is enabled or disabled for a location.
|
|
36
|
+
**bw_enforced (bool, optional):
|
|
37
|
+
Filter based on whether Bandwith Control is being enforced for a location.
|
|
38
|
+
**max_items (int, optional):
|
|
39
|
+
The maximum number of items to request before stopping iteration.
|
|
40
|
+
**max_pages (int, optional):
|
|
41
|
+
The maximum number of pages to request before stopping iteration.
|
|
42
|
+
**page_size (int, optional):
|
|
43
|
+
Specifies the page size. The default size is 100, but the maximum size is 1000.
|
|
44
|
+
**search (str, optional):
|
|
45
|
+
The search string used to partially match against a location's name and port attributes.
|
|
46
|
+
**xff_enabled (bool, optional):
|
|
47
|
+
Filter based on whether the Enforce XFF Forwarding setting is enabled or disabled for a location.
|
|
48
|
+
|
|
49
|
+
Returns:
|
|
50
|
+
:obj:`BoxList`: List of configured locations.
|
|
51
|
+
|
|
52
|
+
Examples:
|
|
53
|
+
List locations using default settings:
|
|
54
|
+
|
|
55
|
+
>>> for location in zia.locations.list_locations():
|
|
56
|
+
... print(location)
|
|
57
|
+
|
|
58
|
+
List locations, limiting to a maximum of 10 items:
|
|
59
|
+
|
|
60
|
+
>>> for location in zia.locations.list_locations(max_items=10):
|
|
61
|
+
... print(location)
|
|
62
|
+
|
|
63
|
+
List locations, returning 200 items per page for a maximum of 2 pages:
|
|
64
|
+
|
|
65
|
+
>>> for location in zia.locations.list_locations(page_size=200, max_pages=2):
|
|
66
|
+
... print(location)
|
|
67
|
+
|
|
68
|
+
"""
|
|
69
|
+
return BoxList(Iterator(self.rest, "locations", **kwargs))
|
|
70
|
+
|
|
71
|
+
def get_location(self, location_id: str = None, location_name: str = None) -> Box:
|
|
72
|
+
"""
|
|
73
|
+
Returns information for the specified location based on the location id or location name.
|
|
74
|
+
|
|
75
|
+
Args:
|
|
76
|
+
location_id (str, optional):
|
|
77
|
+
The unique identifier for the location.
|
|
78
|
+
location_name (str, optional):
|
|
79
|
+
The unique name for the location.
|
|
80
|
+
|
|
81
|
+
Returns:
|
|
82
|
+
:obj:`Box`: The requested location resource record.
|
|
83
|
+
|
|
84
|
+
Examples:
|
|
85
|
+
>>> location = zia.locations.get_location('97456691')
|
|
86
|
+
|
|
87
|
+
>>> location = zia.locations.get_location_name(name='stockholm_office')
|
|
88
|
+
"""
|
|
89
|
+
if location_id and location_name:
|
|
90
|
+
raise ValueError(
|
|
91
|
+
"TOO MANY ARGUMENTS: Expected either location_id or location_name. Both were provided."
|
|
92
|
+
)
|
|
93
|
+
elif location_name:
|
|
94
|
+
location = (
|
|
95
|
+
record
|
|
96
|
+
for record in self.list_locations(search=location_name)
|
|
97
|
+
if record.name == location_name
|
|
98
|
+
)
|
|
99
|
+
return next(location, None)
|
|
100
|
+
|
|
101
|
+
return self.rest.get(f"locations/{location_id}")
|
|
102
|
+
|
|
103
|
+
def add_location(self, name: str, **kwargs) -> Box:
|
|
104
|
+
"""
|
|
105
|
+
Adds a new location.
|
|
106
|
+
|
|
107
|
+
Args:
|
|
108
|
+
name (str):
|
|
109
|
+
Location name.
|
|
110
|
+
|
|
111
|
+
Keyword Args:
|
|
112
|
+
parent_id (int, optional):
|
|
113
|
+
Parent Location ID. If this ID does not exist or is 0, it is implied that it is a parent location.
|
|
114
|
+
up_bandwidth (int, optional):
|
|
115
|
+
Upload bandwidth in kbps. The value 0 implies no Bandwidth Control enforcement. Default: 0.
|
|
116
|
+
dn_bandwidth (int, optional):
|
|
117
|
+
Download bandwidth in kbps. The value 0 implies no Bandwidth Control enforcement. Default: 0.
|
|
118
|
+
country (str, optional):
|
|
119
|
+
Country.
|
|
120
|
+
tz (str, optional):
|
|
121
|
+
Timezone of the location. If not specified, it defaults to GMT.
|
|
122
|
+
ip_addresses (list[str], optional):
|
|
123
|
+
For locations: IP addresses of the egress points that are provisioned in the Zscaler Cloud.
|
|
124
|
+
Each entry is a single IP address (e.g., 238.10.33.9).
|
|
125
|
+
|
|
126
|
+
For sub-locations: Egress, internal, or GRE tunnel IP addresses. Each entry is either a single
|
|
127
|
+
IP address, CIDR (e.g., 10.10.33.0/24), or range (e.g., 10.10.33.1-10.10.33.10)).
|
|
128
|
+
ports (list[int], optional):
|
|
129
|
+
IP ports that are associated with the location.
|
|
130
|
+
vpn_credentials (list, optional):
|
|
131
|
+
VPN User Credentials that are associated with the location.
|
|
132
|
+
auth_required (bool, optional):
|
|
133
|
+
Enforce Authentication. Required when ports are enabled, IP Surrogate is enabled, or Kerberos
|
|
134
|
+
Authentication is enabled. Default: False.
|
|
135
|
+
ssl_scan_enabled (bool, optional):
|
|
136
|
+
Enable SSL Inspection. Set to true in order to apply your SSL Inspection policy to HTTPS traffic in
|
|
137
|
+
the location and inspect HTTPS transactions for data leakage, malicious content, and viruses.
|
|
138
|
+
Default: False.
|
|
139
|
+
zapp_ssl_scan_enabled (bool, optional):
|
|
140
|
+
Enable Zscaler App SSL Setting. When set to true, the Zscaler App SSL Scan Setting takes effect,
|
|
141
|
+
irrespective of the SSL policy that is configured for the location. Default: False.
|
|
142
|
+
xff_forward_enabled (bool, optional):
|
|
143
|
+
Enable XFF Forwarding for a location. When set to true, traffic is passed to Zscaler Cloud via the
|
|
144
|
+
X-Forwarded-For (XFF) header. Default: False.
|
|
145
|
+
other_sub_location (bool, optional):
|
|
146
|
+
If set to true, indicates that this is a default sub-location created by the Zscaler service to
|
|
147
|
+
accommodate IPv4 addresses that are not part of any user-defined sub-locations. Default: False.
|
|
148
|
+
other6_sub_location (bool, optional):
|
|
149
|
+
If set to true, indicates that this is a default sub-location created by the Zscaler service to
|
|
150
|
+
accommodate IPv6 addresses that are not part of any user-defined sub-locations. Default: False.
|
|
151
|
+
surrogate_ip (bool, optional):
|
|
152
|
+
Enable Surrogate IP. When set to true, users are mapped to internal device IP addresses. Default: False.
|
|
153
|
+
idle_time_in_minutes (int, optional):
|
|
154
|
+
Idle Time to Disassociation. The user mapping idle time (in minutes) is required if Surrogate IP is
|
|
155
|
+
enabled.
|
|
156
|
+
display_time_unit (str, optional):
|
|
157
|
+
Display Time Unit. The time unit to display for IP Surrogate idle time to disassociation.
|
|
158
|
+
surrogate_ip_enforced_for_known_browsers (bool, optional):
|
|
159
|
+
Enforce Surrogate IP for Known Browsers. When set to true, IP Surrogate is enforced for all known
|
|
160
|
+
browsers. Default: False.
|
|
161
|
+
surrogate_refresh_time_in_minutes (int, optional):
|
|
162
|
+
Refresh Time for re-validation of Surrogacy. The surrogate refresh time (in minutes) to re-validate
|
|
163
|
+
the IP surrogates.
|
|
164
|
+
surrogate_refresh_time_unit (str, optional):
|
|
165
|
+
Display Refresh Time Unit. The time unit to display for refresh time for re-validation of surrogacy.
|
|
166
|
+
ofw_enabled (bool, optional):
|
|
167
|
+
Enable Firewall. When set to true, Firewall is enabled for the location. Default: False.
|
|
168
|
+
ips_control (bool, optional):
|
|
169
|
+
Enable IPS Control. When set to true, IPS Control is enabled for the location if Firewall is enabled.
|
|
170
|
+
Default: False.
|
|
171
|
+
aup_enabled (bool, optional):
|
|
172
|
+
Enable AUP. When set to true, AUP is enabled for the location. Default: False.
|
|
173
|
+
caution_enabled (bool, optional):
|
|
174
|
+
Enable Caution. When set to true, a caution notification is enabled for the location. Default: False.
|
|
175
|
+
aup_block_internet_until_accepted (bool, optional):
|
|
176
|
+
For First Time AUP Behavior, Block Internet Access. When set, all internet access (including non-HTTP
|
|
177
|
+
traffic) is disabled until the user accepts the AUP. Default: False.
|
|
178
|
+
aup_force_ssl_inspection (bool, optional):
|
|
179
|
+
For First Time AUP Behavior, Force SSL Inspection. When set, Zscaler forces SSL Inspection in order
|
|
180
|
+
to enforce AUP for HTTPS traffic. Default: False.
|
|
181
|
+
ipv6_enabled (bool, optional):
|
|
182
|
+
If set to true, IPv6 is enabled for the location and IPv6 traffic from the location can be forwarded
|
|
183
|
+
to the Zscaler service to enforce security policies.
|
|
184
|
+
ipv6_dns64_prefix (str, optional):
|
|
185
|
+
Name-ID pair of the NAT64 prefix configured as the DNS64 prefix for the location.
|
|
186
|
+
aup_timeout_in_days (int, optional):
|
|
187
|
+
Custom AUP Frequency. Refresh time (in days) to re-validate the AUP.
|
|
188
|
+
managed_by (str, optional):
|
|
189
|
+
SD-WAN Partner that manages the location. If a partner does not manage the location, this is set to
|
|
190
|
+
Self.
|
|
191
|
+
profile (str, optional):
|
|
192
|
+
Profile tag that specifies the location traffic type. If not specified, this tag defaults to
|
|
193
|
+
"Unassigned".
|
|
194
|
+
description (str, optional):
|
|
195
|
+
Additional notes or information regarding the location or sub-location. The description cannot
|
|
196
|
+
exceed 1024 characters.
|
|
197
|
+
|
|
198
|
+
Returns:
|
|
199
|
+
:obj:`Box`: The newly created location resource record
|
|
200
|
+
|
|
201
|
+
Examples:
|
|
202
|
+
Add a new location with an IP address.
|
|
203
|
+
|
|
204
|
+
>>> zia.locations.add_location(name='new_location',
|
|
205
|
+
... ip_addresses=['203.0.113.10'])
|
|
206
|
+
|
|
207
|
+
Add a location with VPN credentials.
|
|
208
|
+
|
|
209
|
+
>>> zia.locations.add_location(name='new_location',
|
|
210
|
+
... vpn_credentials=[{'id': '99999', 'type': 'UFQDN'}])
|
|
211
|
+
|
|
212
|
+
"""
|
|
213
|
+
payload = {
|
|
214
|
+
"name": name,
|
|
215
|
+
}
|
|
216
|
+
|
|
217
|
+
# Add optional parameters to payload
|
|
218
|
+
for key, value in kwargs.items():
|
|
219
|
+
payload[snake_to_camel(key)] = value
|
|
220
|
+
|
|
221
|
+
response = self.rest.post("locations", json=payload)
|
|
222
|
+
if isinstance(response, Response):
|
|
223
|
+
# Handle error response
|
|
224
|
+
status_code = response.status_code
|
|
225
|
+
if status_code != 200:
|
|
226
|
+
raise Exception(
|
|
227
|
+
f"API call failed with status {status_code}: {response.json()}"
|
|
228
|
+
)
|
|
229
|
+
return response
|
|
230
|
+
|
|
231
|
+
def list_sub_locations(self, location_id: str, **kwargs) -> BoxList:
|
|
232
|
+
"""
|
|
233
|
+
Returns sub-location information for the specified location ID.
|
|
234
|
+
|
|
235
|
+
Args:
|
|
236
|
+
location_id (str):
|
|
237
|
+
The unique identifier for the parent location.
|
|
238
|
+
**kwargs:
|
|
239
|
+
Optional keyword args.
|
|
240
|
+
|
|
241
|
+
Keyword Args:
|
|
242
|
+
**auth_required (bool, optional):
|
|
243
|
+
Filter based on whether the Enforce Authentication setting is enabled or disabled for a location.
|
|
244
|
+
**bw_enforced (bool, optional):
|
|
245
|
+
Filter based on whether Bandwith Control is being enforced for a location.
|
|
246
|
+
**enable_firewall (bool, optional):
|
|
247
|
+
Filter based on whether Enable Firewall setting is enabled or disabled for a sub-location.
|
|
248
|
+
**enforce_aup (bool, optional):
|
|
249
|
+
Filter based on whether Enforce AUP setting is enabled or disabled for a sub-location.
|
|
250
|
+
**max_items (int, optional):
|
|
251
|
+
The maximum number of items to request before stopping iteration.
|
|
252
|
+
**max_pages (int, optional):
|
|
253
|
+
The maximum number of pages to request before stopping iteration.
|
|
254
|
+
**page_size (int, optional):
|
|
255
|
+
Specifies the page size. The default size is 100, but the maximum size is 1000.
|
|
256
|
+
**search (str, optional):
|
|
257
|
+
The search string used to partially match against a location's name and port attributes.
|
|
258
|
+
**xff_enabled (bool, optional):
|
|
259
|
+
Filter based on whether the Enforce XFF Forwarding setting is enabled or disabled for a location.
|
|
260
|
+
|
|
261
|
+
Returns:
|
|
262
|
+
:obj:`BoxList`: A list of sub-locations configured for the parent location.
|
|
263
|
+
|
|
264
|
+
Examples:
|
|
265
|
+
>>> for sub_location in zia.locations.list_sub_locations('97456691'):
|
|
266
|
+
... pprint(sub_location)
|
|
267
|
+
|
|
268
|
+
"""
|
|
269
|
+
return BoxList(
|
|
270
|
+
Iterator(
|
|
271
|
+
self.rest,
|
|
272
|
+
f"locations/{location_id}/sublocations",
|
|
273
|
+
max_pages=1,
|
|
274
|
+
**kwargs,
|
|
275
|
+
)
|
|
276
|
+
)
|
|
277
|
+
|
|
278
|
+
def list_locations_lite(self, **kwargs) -> BoxList:
|
|
279
|
+
"""
|
|
280
|
+
Returns only the name and ID of all configured locations.
|
|
281
|
+
|
|
282
|
+
Keyword Args:
|
|
283
|
+
**include_parent_locations (bool, optional):
|
|
284
|
+
Only locations with sub-locations will be included in the response if `True`.
|
|
285
|
+
**include_sub_locations (bool, optional):
|
|
286
|
+
Sub-locations will be included in the response if `True`.
|
|
287
|
+
**max_items (int, optional):
|
|
288
|
+
The maximum number of items to request before stopping iteration.
|
|
289
|
+
**max_pages (int, optional):
|
|
290
|
+
The maximum number of pages to request before stopping iteration.
|
|
291
|
+
**page_size (int, optional):
|
|
292
|
+
Specifies the page size. The default size is 100, but the maximum size is 1000.
|
|
293
|
+
**search (str, optional):
|
|
294
|
+
The search string used to partially match against a location's name and port attributes.
|
|
295
|
+
|
|
296
|
+
Returns:
|
|
297
|
+
:obj:`BoxList`: A list of configured locations.
|
|
298
|
+
|
|
299
|
+
Examples:
|
|
300
|
+
List locations with default settings:
|
|
301
|
+
|
|
302
|
+
>>> for location in zia.locations.list_locations_lite():
|
|
303
|
+
... print(location)
|
|
304
|
+
|
|
305
|
+
List locations, limiting to a maximum of 10 items:
|
|
306
|
+
|
|
307
|
+
>>> for location in zia.locations.list_locations_lite(max_items=10):
|
|
308
|
+
... print(location)
|
|
309
|
+
|
|
310
|
+
List locations, returning 200 items per page for a maximum of 2 pages:
|
|
311
|
+
|
|
312
|
+
>>> for location in zia.locations.list_locations_lite(page_size=200, max_pages=2):
|
|
313
|
+
... print(location)
|
|
314
|
+
|
|
315
|
+
"""
|
|
316
|
+
return BoxList(Iterator(self.rest, "locations/lite", **kwargs))
|
|
317
|
+
|
|
318
|
+
def update_location(self, location_id: str, **kwargs) -> Box:
|
|
319
|
+
"""
|
|
320
|
+
Update the specified location.
|
|
321
|
+
|
|
322
|
+
Note: Changes are not additive and will replace existing values.
|
|
323
|
+
|
|
324
|
+
Args:
|
|
325
|
+
location_id (str):
|
|
326
|
+
The unique identifier for the location you are updating.
|
|
327
|
+
**kwargs:
|
|
328
|
+
Optional keyword arguments.
|
|
329
|
+
|
|
330
|
+
Keyword Args:
|
|
331
|
+
name (str, optional):
|
|
332
|
+
Location name.
|
|
333
|
+
parent_id (int, optional):
|
|
334
|
+
Parent Location ID. If this ID does not exist or is 0, it is implied that it is a parent location.
|
|
335
|
+
up_bandwidth (int, optional):
|
|
336
|
+
Upload bandwidth in kbps. The value 0 implies no Bandwidth Control enforcement.
|
|
337
|
+
dn_bandwidth (int, optional):
|
|
338
|
+
Download bandwidth in kbps. The value 0 implies no Bandwidth Control enforcement.
|
|
339
|
+
country (str, optional):
|
|
340
|
+
Country.
|
|
341
|
+
tz (str, optional):
|
|
342
|
+
Timezone of the location. If not specified, it defaults to GMT.
|
|
343
|
+
ip_addresses (list[str], optional):
|
|
344
|
+
For locations: IP addresses of the egress points that are provisioned in the Zscaler Cloud.
|
|
345
|
+
Each entry is a single IP address (e.g., 238.10.33.9).
|
|
346
|
+
|
|
347
|
+
For sub-locations: Egress, internal, or GRE tunnel IP addresses. Each entry is either a single
|
|
348
|
+
IP address, CIDR (e.g., 10.10.33.0/24), or range (e.g., 10.10.33.1-10.10.33.10)).
|
|
349
|
+
ports (list[int], optional):
|
|
350
|
+
IP ports that are associated with the location.
|
|
351
|
+
vpn_credentials (list, optional):
|
|
352
|
+
VPN User Credentials that are associated with the location.
|
|
353
|
+
auth_required (bool, optional):
|
|
354
|
+
Enforce Authentication. Required when ports are enabled, IP Surrogate is enabled, or Kerberos
|
|
355
|
+
Authentication is enabled.
|
|
356
|
+
ssl_scan_enabled (bool, optional):
|
|
357
|
+
Enable SSL Inspection. Set to true in order to apply your SSL Inspection policy to HTTPS traffic in the
|
|
358
|
+
location and inspect HTTPS transactions for data leakage, malicious content, and viruses.
|
|
359
|
+
zapp_ssl_scan_enabled (bool, optional):
|
|
360
|
+
Enable Zscaler App SSL Setting. When set to true, the Zscaler App SSL Scan Setting takes effect,
|
|
361
|
+
irrespective of the SSL policy that is configured for the location.
|
|
362
|
+
xff_forward_enabled (bool, optional):
|
|
363
|
+
Enable XFF Forwarding for a location. When set to true, traffic is passed to Zscaler Cloud via the
|
|
364
|
+
X-Forwarded-For (XFF) header.
|
|
365
|
+
other_sub_location (bool, optional):
|
|
366
|
+
If set to true, indicates that this is a default sub-location created by the Zscaler service to
|
|
367
|
+
accommodate IPv4 addresses that are not part of any user-defined sub-locations.
|
|
368
|
+
other6_sub_location (bool, optional):
|
|
369
|
+
If set to true, indicates that this is a default sub-location created by the Zscaler service to
|
|
370
|
+
accommodate IPv6 addresses that are not part of any user-defined sub-locations.
|
|
371
|
+
surrogate_ip (bool, optional):
|
|
372
|
+
Enable Surrogate IP. When set to true, users are mapped to internal device IP addresses.
|
|
373
|
+
idle_time_in_minutes (int, optional):
|
|
374
|
+
Idle Time to Disassociation. The user mapping idle time (in minutes) is required if a Surrogate IP is
|
|
375
|
+
enabled.
|
|
376
|
+
display_time_unit (str, optional):
|
|
377
|
+
Display Time Unit. The time unit to display for IP Surrogate idle time to disassociation.
|
|
378
|
+
surrogate_ip_enforced_for_known_browsers (bool, optional):
|
|
379
|
+
Enforce Surrogate IP for Known Browsers. When set to true, IP Surrogate is enforced for all known
|
|
380
|
+
browsers.
|
|
381
|
+
surrogate_refresh_time_in_minutes (int, optional):
|
|
382
|
+
Refresh Time for re-validation of Surrogacy. The surrogate refresh time (in minutes) to re-validate
|
|
383
|
+
the IP surrogates.
|
|
384
|
+
surrogate_refresh_time_unit (str, optional):
|
|
385
|
+
Display Refresh Time Unit. The time unit to display for refresh time for re-validation of surrogacy.
|
|
386
|
+
ofw_enabled (bool, optional):
|
|
387
|
+
Enable Firewall. When set to true, Firewall is enabled for the location.
|
|
388
|
+
ips_control (bool, optional):
|
|
389
|
+
Enable IPS Control. When set to true, IPS Control is enabled for the location if Firewall is enabled.
|
|
390
|
+
aup_enabled (bool, optional):
|
|
391
|
+
Enable AUP. When set to true, AUP is enabled for the location.
|
|
392
|
+
caution_enabled (bool, optional):
|
|
393
|
+
Enable Caution. When set to true, a caution notification is enabled for the location.
|
|
394
|
+
aup_block_internet_until_accepted (bool, optional):
|
|
395
|
+
For First Time AUP Behavior, Block Internet Access. When set, all internet access (including non-HTTP
|
|
396
|
+
traffic) is disabled until the user accepts the AUP.
|
|
397
|
+
aup_force_ssl_inspection (bool, optional):
|
|
398
|
+
For First Time AUP Behavior, Force SSL Inspection. When set, Zscaler forces SSL Inspection in order to
|
|
399
|
+
enforce AUP for HTTPS traffic.
|
|
400
|
+
ipv6_enabled (bool, optional):
|
|
401
|
+
If set to true, IPv6 is enabled for the location and IPv6 traffic from the location can be forwarded
|
|
402
|
+
to the Zscaler service to enforce security policies.
|
|
403
|
+
ipv6_dns64_prefix (str, optional):
|
|
404
|
+
Name-ID pair of the NAT64 prefix configured as the DNS64 prefix for the location.
|
|
405
|
+
aup_timeout_in_days (int, optional):
|
|
406
|
+
Custom AUP Frequency. Refresh time (in days) to re-validate the AUP.
|
|
407
|
+
managed_by (str, optional):
|
|
408
|
+
SD-WAN Partner that manages the location. If a partner does not manage the location, this is set to
|
|
409
|
+
Self.
|
|
410
|
+
profile (str, optional):
|
|
411
|
+
Profile tag that specifies the location traffic type. If not specified, this tag defaults to
|
|
412
|
+
"Unassigned".
|
|
413
|
+
description (str, optional):
|
|
414
|
+
Additional notes or information regarding the location or sub-location. The description cannot exceed
|
|
415
|
+
1024 characters.
|
|
416
|
+
|
|
417
|
+
Returns:
|
|
418
|
+
:obj:`Box`: The updated resource record.
|
|
419
|
+
|
|
420
|
+
Examples:
|
|
421
|
+
Update the name of a location:
|
|
422
|
+
|
|
423
|
+
>>> zia.locations.update_location('99999',
|
|
424
|
+
... name='updated_location_name')
|
|
425
|
+
|
|
426
|
+
Update the IP address of a location:
|
|
427
|
+
|
|
428
|
+
>>> zia.locations.update_location('99999',
|
|
429
|
+
... ip_addresses=['203.0.113.20'])
|
|
430
|
+
|
|
431
|
+
Update the VPN credentials of a location:
|
|
432
|
+
|
|
433
|
+
>>> zia.locations.update_location('99999',
|
|
434
|
+
... vpn_credentials=[{'id': '88888', 'type': 'UFQDN'}])
|
|
435
|
+
|
|
436
|
+
"""
|
|
437
|
+
# Set payload to value of existing record
|
|
438
|
+
payload = {
|
|
439
|
+
snake_to_camel(k): v for k, v in self.get_location(location_id).items()
|
|
440
|
+
}
|
|
441
|
+
|
|
442
|
+
# Add optional parameters to payload
|
|
443
|
+
for key, value in kwargs.items():
|
|
444
|
+
payload[snake_to_camel(key)] = value
|
|
445
|
+
|
|
446
|
+
# Fixes edge case where the sublocation object is missing displayTimeUnit, which will result in a 500 error.
|
|
447
|
+
if not payload.get("displayTimeUnit"):
|
|
448
|
+
payload["displayTimeUnit"] = "MINUTE"
|
|
449
|
+
|
|
450
|
+
response = self.rest.put(f"locations/{location_id}", json=payload)
|
|
451
|
+
if isinstance(response, Response) and not response.ok:
|
|
452
|
+
# Handle error response
|
|
453
|
+
raise Exception(
|
|
454
|
+
f"API call failed with status {response.status_code}: {response.json()}"
|
|
455
|
+
)
|
|
456
|
+
|
|
457
|
+
# Return the updated object
|
|
458
|
+
return self.get_location(location_id)
|
|
459
|
+
|
|
460
|
+
def delete_location(self, location_id: str) -> int:
|
|
461
|
+
"""
|
|
462
|
+
Deletes the location or sub-location for the specified ID
|
|
463
|
+
|
|
464
|
+
Args:
|
|
465
|
+
location_id (str):
|
|
466
|
+
The unique identifier for the location or sub-location.
|
|
467
|
+
|
|
468
|
+
Returns:
|
|
469
|
+
:obj:`int`: Response code for the operation.
|
|
470
|
+
|
|
471
|
+
Examples:
|
|
472
|
+
>>> zia.locations.delete_location('97456691')
|
|
473
|
+
|
|
474
|
+
"""
|
|
475
|
+
return self.rest.delete(f"locations/{location_id}").status_code
|
|
476
|
+
|
|
477
|
+
def list_location_groups(self, **kwargs) -> BoxList:
|
|
478
|
+
"""
|
|
479
|
+
Return a list of location groups in ZIA.
|
|
480
|
+
|
|
481
|
+
Args:
|
|
482
|
+
**kwargs: Optional keyword args.
|
|
483
|
+
|
|
484
|
+
Keyword Args:
|
|
485
|
+
groupType (str): The location group's type (i.e., Static or Dynamic).
|
|
486
|
+
|
|
487
|
+
Returns:
|
|
488
|
+
:obj:`BoxList`: A list of location group resource records.
|
|
489
|
+
|
|
490
|
+
Examples:
|
|
491
|
+
Get a list of all configured location groups:
|
|
492
|
+
>>> location = zia.locations.list_location_groups()
|
|
493
|
+
"""
|
|
494
|
+
payload = {snake_to_camel(key): value for key, value in kwargs.items()}
|
|
495
|
+
return self.rest.get("locations/groups", json=payload)
|
|
496
|
+
|
|
497
|
+
def get_location_group_by_id(self, group_id: int) -> Box:
|
|
498
|
+
"""
|
|
499
|
+
Return a specific location group by ID in ZIA.
|
|
500
|
+
|
|
501
|
+
Args:
|
|
502
|
+
group_id (int): The ID of the location group.
|
|
503
|
+
|
|
504
|
+
Returns:
|
|
505
|
+
:obj:`Box`: A location group resource record.
|
|
506
|
+
|
|
507
|
+
Examples:
|
|
508
|
+
Get a specific location group by its ID:
|
|
509
|
+
>>> location = zia.locations.get_location_group_by_id(24326827)
|
|
510
|
+
"""
|
|
511
|
+
return self.rest.get(f"locations/groups/{group_id}")
|
|
512
|
+
|
|
513
|
+
def get_location_group_by_name(
|
|
514
|
+
self, group_name: str, page: int = 1, page_size: int = 100
|
|
515
|
+
) -> Box:
|
|
516
|
+
"""
|
|
517
|
+
Return a specific location group by its name in ZIA.
|
|
518
|
+
|
|
519
|
+
Args:
|
|
520
|
+
group_name (str): The name of the location group.
|
|
521
|
+
page (int, optional): Page number to retrieve. Defaults to 1.
|
|
522
|
+
page_size (int, optional): Number of records per page. Defaults to 100.
|
|
523
|
+
|
|
524
|
+
Returns:
|
|
525
|
+
:obj:`Box`: A location group resource record.
|
|
526
|
+
|
|
527
|
+
Examples:
|
|
528
|
+
Get a specific location group by its name:
|
|
529
|
+
>>> location = zia.locations.get_location_group_by_name("Unassigned Locations")
|
|
530
|
+
"""
|
|
531
|
+
params = {"page": page, "pageSize": page_size, "search": group_name}
|
|
532
|
+
return self.rest.get("locations/groups", json=params)
|
|
533
|
+
|
|
534
|
+
def list_location_groups_lite(self, **kwargs) -> BoxList:
|
|
535
|
+
"""
|
|
536
|
+
Returns a list of location groups (lite version) by their ID where only name and ID is returned in ZIA.
|
|
537
|
+
|
|
538
|
+
Args:
|
|
539
|
+
**kwargs: Optional keyword args.
|
|
540
|
+
|
|
541
|
+
Keyword Args:
|
|
542
|
+
groupType (str): The location group's type (i.e., Static or Dynamic).
|
|
543
|
+
|
|
544
|
+
Returns:
|
|
545
|
+
:obj:`BoxList`: A list of location group resource records.
|
|
546
|
+
|
|
547
|
+
Examples:
|
|
548
|
+
Get a list of all configured location groups:
|
|
549
|
+
>>> location = zia.locations.list_location_groups_lite()
|
|
550
|
+
"""
|
|
551
|
+
payload = {snake_to_camel(key): value for key, value in kwargs.items()}
|
|
552
|
+
return self.rest.get("locations/groups/lite", json=payload)
|
|
553
|
+
|
|
554
|
+
def get_location_group_lite_by_id(self, group_id: int) -> Box:
|
|
555
|
+
"""
|
|
556
|
+
Return specific location groups (lite version) by their ID where only name and ID is returned in ZIA.
|
|
557
|
+
|
|
558
|
+
Args:
|
|
559
|
+
group_id (int): The ID of the location group.
|
|
560
|
+
|
|
561
|
+
Returns:
|
|
562
|
+
:obj:`Box`: A location group resource record.
|
|
563
|
+
|
|
564
|
+
Examples:
|
|
565
|
+
Get a specific location group by its ID:
|
|
566
|
+
>>> location = zia.locations.get_location_group_lite_by_id(24326827)
|
|
567
|
+
"""
|
|
568
|
+
return self.rest.get(f"locations/groups/lite/{group_id}")
|
|
569
|
+
|
|
570
|
+
def get_location_group_lite_by_name(
|
|
571
|
+
self, group_name: str, page: int = 1, page_size: int = 100
|
|
572
|
+
) -> BoxList:
|
|
573
|
+
"""
|
|
574
|
+
Return specific location groups (lite version) by their name where only name and ID is returned in ZIA.
|
|
575
|
+
|
|
576
|
+
Args:
|
|
577
|
+
group_name (str): The name of the location group.
|
|
578
|
+
page (int, optional): Page number to retrieve. Defaults to 1.
|
|
579
|
+
page_size (int, optional): Number of records per page. Defaults to 100.
|
|
580
|
+
|
|
581
|
+
Returns:
|
|
582
|
+
:obj:`BoxList`: A list of location group resource records with only ID and name.
|
|
583
|
+
|
|
584
|
+
Examples:
|
|
585
|
+
Get specific location groups (lite version) by name:
|
|
586
|
+
>>> locations = zia.locations.get_location_group_lite_by_name("Unassigned Locations")
|
|
587
|
+
"""
|
|
588
|
+
params = {"page": page, "pageSize": page_size, "search": group_name}
|
|
589
|
+
return self.rest.get("locations/groups/lite", json=params)
|
|
590
|
+
|
|
591
|
+
def list_region_geo_coordinates(self, latitude: int, longitude: int) -> Box:
|
|
592
|
+
"""
|
|
593
|
+
Retrieves the geographical data of the region or city that is located in the specified latitude and longitude
|
|
594
|
+
coordinates. The geographical data includes the city name, state, country, geographical ID of the city and
|
|
595
|
+
state, etc.
|
|
596
|
+
|
|
597
|
+
Args:
|
|
598
|
+
latitude (int): The latitude of the location.
|
|
599
|
+
longitude (int): The longitude of the location.
|
|
600
|
+
|
|
601
|
+
Returns:
|
|
602
|
+
:obj:`Box`: The geographical data of the region or city that is located in the specified coordinates.
|
|
603
|
+
|
|
604
|
+
Examples:
|
|
605
|
+
Get the geographical data of the region or city that is located in the specified coordinates::
|
|
606
|
+
|
|
607
|
+
print(zia.locations.get_geo_by_coordinates(37.3860517, -122.0838511))
|
|
608
|
+
|
|
609
|
+
"""
|
|
610
|
+
payload = {"latitude": latitude, "longitude": longitude}
|
|
611
|
+
return self.rest.get("region/byGeoCoordinates", params=payload)
|
|
612
|
+
|
|
613
|
+
def get_geo_by_ip(self, ip: str) -> Box:
|
|
614
|
+
"""
|
|
615
|
+
Retrieves the geographical data of the region or city that is located in the specified IP address. The
|
|
616
|
+
geographical data includes the city name, state, country, geographical ID of the city and state, etc.
|
|
617
|
+
|
|
618
|
+
Args:
|
|
619
|
+
ip (str): The IP address of the location.
|
|
620
|
+
|
|
621
|
+
Returns:
|
|
622
|
+
:obj:`Box`: The geographical data of the region or city that is located in the specified IP address.
|
|
623
|
+
|
|
624
|
+
Examples:
|
|
625
|
+
Get the geographical data of the region or city that is located in the specified IP address::
|
|
626
|
+
|
|
627
|
+
print(zia.locations.get_geo_by_ip("8.8.8.8")
|
|
628
|
+
"""
|
|
629
|
+
return self.rest.get(f"region/byIPAddress/{ip}")
|
|
630
|
+
|
|
631
|
+
def list_cities_by_name(self, **kwargs) -> BoxList:
|
|
632
|
+
"""
|
|
633
|
+
Retrieves the list of cities (along with their geographical data) that match the prefix search. The geographical
|
|
634
|
+
data includes the latitude and longitude coordinates of the city, geographical ID of the city and state,
|
|
635
|
+
country, postal code, etc.
|
|
636
|
+
|
|
637
|
+
Args:
|
|
638
|
+
**kwargs: Optional keyword arguments including 'prefix', 'page', and 'page_size'.
|
|
639
|
+
|
|
640
|
+
Keyword Args:
|
|
641
|
+
prefix (str): The prefix string to search for cities.
|
|
642
|
+
page (int): The page number of the results.
|
|
643
|
+
page_size (int): The number of results per page.
|
|
644
|
+
|
|
645
|
+
Returns:
|
|
646
|
+
:obj:`BoxList`: The list of cities (along with their geographical data) that match the prefix search.
|
|
647
|
+
|
|
648
|
+
Examples:
|
|
649
|
+
Get the list of cities (along with their geographical data) that match the prefix search::
|
|
650
|
+
|
|
651
|
+
for city in zia.locations.list_cities_by_name(prefix="San Jose"):
|
|
652
|
+
print(city)
|
|
653
|
+
|
|
654
|
+
Notes:
|
|
655
|
+
Very broad or generic search terms may return a large number of results which can take a long time to be
|
|
656
|
+
returned. Ensure you narrow your search result as much as possible to avoid this.
|
|
657
|
+
|
|
658
|
+
"""
|
|
659
|
+
return BoxList(Iterator(self.rest, "region/search", **kwargs))
|
|
660
|
+
# data, _ = self.rest.get_paginated_data(path="region/search", params=kwargs)
|
|
661
|
+
# return BoxList([Box(city) for city in data])
|