app_segments#

The following methods allow for interaction with the ZPA Application Segments API endpoints.

Methods are accessible via zpa.app_segments

class AppSegmentsAPI#
add_segment(name, domain_names, segment_group_id, server_group_ids, tcp_ports=None, udp_ports=None, **kwargs)#

Create an application segment.

Parameters:

  • segment_group_id (str) – The unique identifer for the segment group this application segment belongs to.

  • udp_ports (list of str) – List of udp port range pairs, e.g. [‘35000’, ‘35000’] for port 35000.

  • tcp_ports (list of str) – List of tcp port range pairs, e.g. [‘22’, ‘22’] for port 22-22, [‘80’, ‘100’] for 80-100.

  • domain_names (list of str) – List of domain names or IP addresses for the application segment.

  • name (str) – The name of the application segment.

  • server_group_ids (list of str) – The list of server group IDs that belong to this application segment.

  • **kwargs – Optional keyword args.

Keyword Arguments:

  • bypass_type (str) – The type of bypass for the Application Segment. Accepted values are ALWAYS, NEVER and ON_NET.

  • clientless_app_ids (list) – List of unique IDs for clientless apps to associate with this Application Segment.

  • config_space (str) – The config space for this Application Segment. Accepted values are DEFAULT and SIEM.

  • default_idle_timeout (int) – The Default Idle Timeout for the Application Segment.

  • default_max_age (int) – The Default Max Age for the Application Segment.

  • description (str) – Additional information about this Application Segment.

  • double_encrypt (bool) – Double Encrypt the Application Segment micro-tunnel.

  • enabled (bool) – Enable the Application Segment.

  • health_check_type (str) – Set the Health Check Type. Accepted values are DEFAULT and NONE.

  • health_reporting (str) – Set the Health Reporting. Accepted values are NONE, ON_ACCESS and CONTINUOUS.

  • ip_anchored (bool) – Enable IP Anchoring for this Application Segment.

  • is_cname_enabled (bool) – Enable CNAMEs for this Application Segment.

  • passive_health_enabled (bool) – Enable Passive Health Checks for this Application Segment.

Returns:

The newly created application segment resource record.

Return type:

Box

Examples

Add a new application segment for example.com, ports 8080-8085.

>>> zpa.app_segments.add_segment('new_app_segment',
...    domain_names=['example.com'],
...    segment_group_id='99999',
...    tcp_ports=['8080', '8085'],
...    server_group_ids=['99999', '88888'])
delete_segment(segment_id, force_delete=False)#

Delete an application segment.

Parameters:

  • force_delete (bool) – Setting this field to true deletes the mapping between Application Segment and Segment Group.

  • segment_id (str) – The unique identifier for the application segment.

Returns:

The operation response code.

Return type:

int

Examples

Delete an Application Segment with an id of 99999.

>>> zpa.app_segments.delete('99999')

Force deletion of an Application Segment with an id of 88888.

>>> zpa.app_segments.delete('88888', force_delete=True)
get_segment(segment_id)#

Get information for an application segment.

Parameters:

segment_id (str) – The unique identifier for the application segment.

Returns:

The application segment resource record.

Return type:

Box

Examples

>>> app_segment = zpa.app_segments.details('99999')
list_segments(**kwargs)#

Retrieve all configured application segments.

Returns:

List of application segments.

Return type:

BoxList

Examples

>>> app_segments = zpa.app_segments.list_segments()
update_segment(segment_id, **kwargs)#

Update an application segment.

Parameters:

  • segment_id (str) – The unique identifier for the application segment.

  • **kwargs – Optional params.

Keyword Arguments:

  • bypass_type (str) – The type of bypass for the Application Segment. Accepted values are ALWAYS, NEVER and ON_NET.

  • clientless_app_ids (list) – List of unique IDs for clientless apps to associate with this Application Segment.

  • config_space (str) – The config space for this Application Segment. Accepted values are DEFAULT and SIEM.

  • default_idle_timeout (int) – The Default Idle Timeout for the Application Segment.

  • default_max_age (int) – The Default Max Age for the Application Segment.

  • description (str) – Additional information about this Application Segment.

  • domain_names (list of str) – List of domain names or IP addresses for the application segment.

  • double_encrypt (bool) – Double Encrypt the Application Segment micro-tunnel.

  • enabled (bool) – Enable the Application Segment.

  • health_check_type (str) – Set the Health Check Type. Accepted values are DEFAULT and NONE.

  • health_reporting (str) – Set the Health Reporting. Accepted values are NONE, ON_ACCESS and CONTINUOUS.

  • ip_anchored (bool) – Enable IP Anchoring for this Application Segment.

  • is_cname_enabled (bool) – Enable CNAMEs for this Application Segment.

  • name (str) – The name of the application segment.

  • passive_health_enabled (bool) – Enable Passive Health Checks for this Application Segment.

  • segment_group_id (str) – The unique identifer for the segment group this application segment belongs to.

  • server_group_ids (list of str) – The list of server group IDs that belong to this application segment.

  • tcp_ports (list of tuple) –

    List of TCP port ranges specified as a tuple pair, e.g. for ports 21-23, 8080-8085 and 443:

    [(21, 23), (8080, 8085), (443, 443)]

  • udp_ports (list of tuple) –

    List of UDP port ranges specified as a tuple pair, e.g. for ports 34000-35000 and 36000:

    [(34000, 35000), (36000, 36000)]

Returns:

The updated application segment resource record.

Return type:

Box

Examples

Rename the application segment for example.com.

>>> zpa.app_segments.update('99999',
...    name='new_app_name',