diff --git a/pyzscaler/zia/locations.py b/pyzscaler/zia/locations.py index ddc5a58..af39214 100644 --- a/pyzscaler/zia/locations.py +++ b/pyzscaler/zia/locations.py @@ -56,16 +56,91 @@ def add_location(self, name: str, **kwargs) -> Box: Location name. Keyword Args: - ip_addresses (list): + parent_id (int, optional): + Parent Location ID. If this ID does not exist or is 0, it is implied that it is a parent location. + up_bandwidth (int, optional): + Upload bandwidth in kbps. The value 0 implies no Bandwidth Control enforcement. Default: 0. + dn_bandwidth (int, optional): + Download bandwidth in kbps. The value 0 implies no Bandwidth Control enforcement. Default: 0. + country (str, optional): + Country. + tz (str, optional): + Timezone of the location. If not specified, it defaults to GMT. + ip_addresses (list[str], optional): For locations: IP addresses of the egress points that are provisioned in the Zscaler Cloud. Each entry is a single IP address (e.g., 238.10.33.9). For sub-locations: Egress, internal, or GRE tunnel IP addresses. Each entry is either a single IP address, CIDR (e.g., 10.10.33.0/24), or range (e.g., 10.10.33.1-10.10.33.10)). - ports (:obj:`list` of :obj:`str`): - List of whitelisted Proxy ports for the location. - vpn_credentials (dict): - VPN credentials for the location. + ports (list[int], optional): + IP ports that are associated with the location. + vpn_credentials (dict, optional): + VPN User Credentials that are associated with the location. + auth_required (bool, optional): + Enforce Authentication. Required when ports are enabled, IP Surrogate is enabled, or Kerberos + Authentication is enabled. Default: False. + ssl_scan_enabled (bool, optional): + Enable SSL Inspection. Set to true in order to apply your SSL Inspection policy to HTTPS traffic in + the location and inspect HTTPS transactions for data leakage, malicious content, and viruses. + Default: False. + zapp_ssl_scan_enabled (bool, optional): + Enable Zscaler App SSL Setting. When set to true, the Zscaler App SSL Scan Setting takes effect, + irrespective of the SSL policy that is configured for the location. Default: False. + xff_forward_enabled (bool, optional): + Enable XFF Forwarding for a location. When set to true, traffic is passed to Zscaler Cloud via the + X-Forwarded-For (XFF) header. Default: False. + other_sub_location (bool, optional): + If set to true, indicates that this is a default sub-location created by the Zscaler service to + accommodate IPv4 addresses that are not part of any user-defined sub-locations. Default: False. + other6_sub_location (bool, optional): + If set to true, indicates that this is a default sub-location created by the Zscaler service to + accommodate IPv6 addresses that are not part of any user-defined sub-locations. Default: False. + surrogate_ip (bool, optional): + Enable Surrogate IP. When set to true, users are mapped to internal device IP addresses. Default: False. + idle_time_in_minutes (int, optional): + Idle Time to Disassociation. The user mapping idle time (in minutes) is required if Surrogate IP is + enabled. + display_time_unit (str, optional): + Display Time Unit. The time unit to display for IP Surrogate idle time to disassociation. + surrogate_ip_enforced_for_known_browsers (bool, optional): + Enforce Surrogate IP for Known Browsers. When set to true, IP Surrogate is enforced for all known + browsers. Default: False. + surrogate_refresh_time_in_minutes (int, optional): + Refresh Time for re-validation of Surrogacy. The surrogate refresh time (in minutes) to re-validate + the IP surrogates. + surrogate_refresh_time_unit (str, optional): + Display Refresh Time Unit. The time unit to display for refresh time for re-validation of surrogacy. + ofw_enabled (bool, optional): + Enable Firewall. When set to true, Firewall is enabled for the location. Default: False. + ips_control (bool, optional): + Enable IPS Control. When set to true, IPS Control is enabled for the location if Firewall is enabled. + Default: False. + aup_enabled (bool, optional): + Enable AUP. When set to true, AUP is enabled for the location. Default: False. + caution_enabled (bool, optional): + Enable Caution. When set to true, a caution notification is enabled for the location. Default: False. + aup_block_internet_until_accepted (bool, optional): + For First Time AUP Behavior, Block Internet Access. When set, all internet access (including non-HTTP + traffic) is disabled until the user accepts the AUP. Default: False. + aup_force_ssl_inspection (bool, optional): + For First Time AUP Behavior, Force SSL Inspection. When set, Zscaler forces SSL Inspection in order + to enforce AUP for HTTPS traffic. Default: False. + ipv6_enabled (bool, optional): + If set to true, IPv6 is enabled for the location and IPv6 traffic from the location can be forwarded + to the Zscaler service to enforce security policies. + ipv6_dns64_prefix (str, optional): + Name-ID pair of the NAT64 prefix configured as the DNS64 prefix for the location. + aup_timeout_in_days (int, optional): + Custom AUP Frequency. Refresh time (in days) to re-validate the AUP. + managed_by (str, optional): + SD-WAN Partner that manages the location. If a partner does not manage the location, this is set to + Self. + profile (str, optional): + Profile tag that specifies the location traffic type. If not specified, this tag defaults to + "Unassigned". + description (str, optional): + Additional notes or information regarding the location or sub-location. The description cannot + exceed 1024 characters. Returns: :obj:`Box`: The newly created location resource record @@ -203,15 +278,94 @@ def update_location(self, location_id: str, **kwargs) -> Box: location_id (str): The unique identifier for the location you are updating. **kwargs: - Optional keyword args. + Optional keyword arguments. Keyword Args: - ip_addresses (:obj:`list` of :obj:`str`): - List of updated ip addresses. - ports (:obj:`list` of :obj:`str`): - List of whitelisted Proxy ports for the location. - vpn_credentials (dict): - VPN credentials for the location. + name (str, optional): + Location name. + parent_id (int, optional): + Parent Location ID. If this ID does not exist or is 0, it is implied that it is a parent location. + up_bandwidth (int, optional): + Upload bandwidth in kbps. The value 0 implies no Bandwidth Control enforcement. + dn_bandwidth (int, optional): + Download bandwidth in kbps. The value 0 implies no Bandwidth Control enforcement. + country (str, optional): + Country. + tz (str, optional): + Timezone of the location. If not specified, it defaults to GMT. + ip_addresses (list[str], optional): + For locations: IP addresses of the egress points that are provisioned in the Zscaler Cloud. + Each entry is a single IP address (e.g., 238.10.33.9). + + For sub-locations: Egress, internal, or GRE tunnel IP addresses. Each entry is either a single + IP address, CIDR (e.g., 10.10.33.0/24), or range (e.g., 10.10.33.1-10.10.33.10)). + ports (list[int], optional): + IP ports that are associated with the location. + vpn_credentials (dict, optional): + VPN User Credentials that are associated with the location. + auth_required (bool, optional): + Enforce Authentication. Required when ports are enabled, IP Surrogate is enabled, or Kerberos + Authentication is enabled. + ssl_scan_enabled (bool, optional): + Enable SSL Inspection. Set to true in order to apply your SSL Inspection policy to HTTPS traffic in the + location and inspect HTTPS transactions for data leakage, malicious content, and viruses. + zapp_ssl_scan_enabled (bool, optional): + Enable Zscaler App SSL Setting. When set to true, the Zscaler App SSL Scan Setting takes effect, + irrespective of the SSL policy that is configured for the location. + xff_forward_enabled (bool, optional): + Enable XFF Forwarding for a location. When set to true, traffic is passed to Zscaler Cloud via the + X-Forwarded-For (XFF) header. + other_sub_location (bool, optional): + If set to true, indicates that this is a default sub-location created by the Zscaler service to + accommodate IPv4 addresses that are not part of any user-defined sub-locations. + other6_sub_location (bool, optional): + If set to true, indicates that this is a default sub-location created by the Zscaler service to + accommodate IPv6 addresses that are not part of any user-defined sub-locations. + surrogate_ip (bool, optional): + Enable Surrogate IP. When set to true, users are mapped to internal device IP addresses. + idle_time_in_minutes (int, optional): + Idle Time to Disassociation. The user mapping idle time (in minutes) is required if a Surrogate IP is + enabled. + display_time_unit (str, optional): + Display Time Unit. The time unit to display for IP Surrogate idle time to disassociation. + surrogate_ip_enforced_for_known_browsers (bool, optional): + Enforce Surrogate IP for Known Browsers. When set to true, IP Surrogate is enforced for all known + browsers. + surrogate_refresh_time_in_minutes (int, optional): + Refresh Time for re-validation of Surrogacy. The surrogate refresh time (in minutes) to re-validate + the IP surrogates. + surrogate_refresh_time_unit (str, optional): + Display Refresh Time Unit. The time unit to display for refresh time for re-validation of surrogacy. + ofw_enabled (bool, optional): + Enable Firewall. When set to true, Firewall is enabled for the location. + ips_control (bool, optional): + Enable IPS Control. When set to true, IPS Control is enabled for the location if Firewall is enabled. + aup_enabled (bool, optional): + Enable AUP. When set to true, AUP is enabled for the location. + caution_enabled (bool, optional): + Enable Caution. When set to true, a caution notification is enabled for the location. + aup_block_internet_until_accepted (bool, optional): + For First Time AUP Behavior, Block Internet Access. When set, all internet access (including non-HTTP + traffic) is disabled until the user accepts the AUP. + aup_force_ssl_inspection (bool, optional): + For First Time AUP Behavior, Force SSL Inspection. When set, Zscaler forces SSL Inspection in order to + enforce AUP for HTTPS traffic. + ipv6_enabled (bool, optional): + If set to true, IPv6 is enabled for the location and IPv6 traffic from the location can be forwarded + to the Zscaler service to enforce security policies. + ipv6_dns64_prefix (str, optional): + Name-ID pair of the NAT64 prefix configured as the DNS64 prefix for the location. + aup_timeout_in_days (int, optional): + Custom AUP Frequency. Refresh time (in days) to re-validate the AUP. + managed_by (str, optional): + SD-WAN Partner that manages the location. If a partner does not manage the location, this is set to + Self. + profile (str, optional): + Profile tag that specifies the location traffic type. If not specified, this tag defaults to + "Unassigned". + description (str, optional): + Additional notes or information regarding the location or sub-location. The description cannot exceed + 1024 characters. Returns: :obj:`Box`: The updated resource record. @@ -219,12 +373,12 @@ def update_location(self, location_id: str, **kwargs) -> Box: Examples: Update the name of a location: - >>> zia.locations.update('97456691', + >>> zia.locations.update_location('97456691', ... name='updated_location_name') - Upodate the IP address of a location: + Update the IP address of a location: - >>> zia.locations.update('97456691', + >>> zia.locations.update_location('97456691', ... ip_addresses=['203.0.113.20']) """