Skip to content

Ansible collection that automates the configuration and operational tasks on Zscaler Private Access, using the ZPA API.

License

Notifications You must be signed in to change notification settings

zscaler/zpacloud-ansible

Repository files navigation

Zscaler Private Access (ZPA) Ansible Collection

Galaxy version Ansible Lint sanity Documentation Status License Zscaler Community

Zscaler Support

-> Disclaimer: Please refer to our General Support Statement before proceeding with the use of this collection. You can also refer to our troubleshooting guide for guidance on typical problems.

This collection contains modules and plugins to assist in automating the configuration and operational tasks on Zscaler Private Access cloud, and API interactions with Ansible.

Tested Ansible Versions

This collection is tested with the most current Ansible releases. Ansible versions before 2.15 are not supported.

Python dependencies

The minimum python version for this collection is python 3.9.

The Python module dependencies are not automatically handled by ansible-galaxy. To manually install these dependencies, you have the following options:

  1. Utilize the requirements.txt file located here to install all required packages:
  pip install -r requirements.txt
  1. Alternatively, install the Zscaler SDK Python package directly:
  pip install zscaler-sdk-python

Installation

Install this collection using the Ansible Galaxy CLI:

ansible-galaxy collection install zscaler.zpacloud

You can also include it in a requirements.yml file and install it via ansible-galaxy collection install -r requirements.yml, using the format:

  collections:
    - zscaler.zpacloud

Using modules from the zpacloud Collection in your playbooks

It's preferable to use content in this collection using their Fully Qualified Collection Namespace (FQCN), for example zscaler.zpacloud.zpa_app_connector_groups:

- name: ZPA App Connector Group
  hosts: localhost

  vars:
    zpa_cloud:
      client_id: "{{ lookup('env', 'ZPA_CLIENT_ID') }}"
      client_secret: "{{ lookup('env', 'ZPA_CLIENT_SECRET') }}"
      customer_id: "{{ lookup('env', 'ZPA_CUSTOMER_ID') }}"
      cloud: "{{ lookup('env', 'ZPA_CLOUD') | default(omit) }}"

  tasks:
    - name: Get Information Details of All Customer Version Profiles
      zscaler.zpacloud.zpa_customer_version_profile_facts:
      register: version_profile_id

    - name: Create App Connector Group Example
      zscaler.zpacloud.zpa_app_connector_groups:
        provider: '{{ zpa_cloud }}'
        name: "Example"
        description: "Example"
        enabled: true
        city_country: "California, US"
        country_code: "US"
        latitude: "37.3382082"
        longitude: "-121.8863286"
        location: "San Jose, CA, USA"
        upgrade_day: "SUNDAY"
        upgrade_time_in_secs: "66600"
        override_version_profile: true
        version_profile_id: "{{ version_profile_id.data[0].id }}"
        dns_query_type: "IPV4"

(Note that use of the collections key is now discouraged)

Releasing, changelogs, versioning and deprecation

The intended release frequency for major and minor versions are performed whenever there is a need for fixing issues or to address security concerns.

Changelog details are created automatically and more recently can be found here, but also the full history is here.

Semantic versioning is adhered to for this project.

Deprecations are done by version number, not by date or by age of release. Breaking change deprecations will only be made with major versions.

Support

The Zscaler Private Access (ZPA) Collection of Ansible Modules is certified on Ansible Automation Hub and officially supported for Ansible subscribers. Ansible subscribers can engage for support through their usual route towards Red Hat.

For those who are not Ansible subscribers, this Collection of Ansible Modules is also published on Ansible Galaxy and also supported via the formal Zscaler suppport process. Please refer to our General Support Statement

MIT License

Copyright (c) 2023 Zscaler

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.