forwarding_rules

package
v2.2.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 6, 2023 License: MIT Imports: 6 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type ForwardingRules

type ForwardingRules struct {
	// A unique identifier assigned to the forwarding rule
	ID int `json:"id,omitempty"`

	// The name of the forwarding rule
	Name string `json:"name,omitempty"`

	// Additional information about the forwarding rule
	Description string `json:"description,omitempty"`

	// The rule type selected from the available options
	// Supported Values: "FIREWALL", "DNS", "DNAT", "SNAT", "FORWARDING", "INTRUSION_PREVENTION", "EC_DNS", "EC_RDR", "EC_SELF", "DNS_RESPONSE"
	Type string `json:"type,omitempty"`

	// The order of execution for the forwarding rule order
	Order int `json:"order"`

	// Admin rank assigned to the forwarding rule
	Rank int `json:"rank"`

	// Name-ID pairs of the locations to which the forwarding rule applies. If not set, the rule is applied to all locations.
	Locations []common.IDNameExtensions `json:"locations,omitempty"`

	// Name-ID pairs of the location groups to which the forwarding rule applies
	LocationsGroups []common.IDNameExtensions `json:"locationGroups,omitempty"`

	// Name-ID pairs of the Zscaler Cloud Connector groups to which the forwarding rule applies
	ECGroups []common.IDNameExtensions `json:"ecGroups,omitempty"`

	// Name-ID pairs of the departments to which the forwarding rule applies. If not set, the rule applies to all departments.
	Departments []common.IDNameExtensions `json:"departments,omitempty"`

	// Name-ID pairs of the user groups to which the forwarding rule applies. If not set, the rule applies to all groups.
	Groups []common.IDNameExtensions `json:"groups,omitempty"`

	// Name-ID pairs of the users to which the forwarding rule applies. If not set, user criteria is ignored during policy enforcement.
	Users []common.IDNameExtensions `json:"users,omitempty"`

	// The type of traffic forwarding method selected from the available options
	// Supported Values: "INVALID", "DIRECT", "PROXYCHAIN", "ZIA", "ZPA", "ECZPA", "ECSELF", "DROP"
	ForwardMethod string `json:"forwardMethod,omitempty"`

	// Indicates whether the forwarding rule is enabled or disabled
	// Supported Values: DISABLED and ENABLED
	State string `json:"state,omitempty"`

	// Timestamp when the rule was last modified. This field is not applicable for POST or PUT request.
	LastModifiedTime int `json:"lastModifiedTime,omitempty"`

	// Admin user that last modified the rule. This field is not applicable for POST or PUT request.
	LastModifiedBy *common.IDNameExtensions `json:"lastModifiedBy,omitempty"`

	// User-defined source IP addresses for which the rule is applicable. If not set, the rule is not restricted to a specific source IP address.
	SrcIps []string `json:"srcIps,omitempty"`

	// Source IP address groups for which the rule is applicable. If not set, the rule is not restricted to a specific source IP address group.
	// Note: For organizations that have enabled IPv6, the srcIpv6Groups field lists the IPv6 source address groups for which the rule is applicable.
	SrcIpGroups []common.IDNameExtensions `json:"srcIpGroups,omitempty"`

	// Source IP address groups for which the rule is applicable. If not set, the rule is not restricted to a specific source IP address group.
	// Note: For organizations that have enabled IPv6, the srcIpv6Groups field lists the IPv6 source address groups for which the rule is applicable.
	SrcIpv6Groups []common.IDNameExtensions `json:"srcIpv6Groups,omitempty"`

	// List of destination IP addresses or FQDNs for which the rule is applicable. CIDR notation can be used for destination IP addresses.
	//  If not set, the rule is not restricted to a specific destination addresses unless specified by destCountries, destIpGroups, or destIpCategories.
	DestAddresses []string `json:"destAddresses,omitempty"`

	// List of destination IP categories to which the rule applies. If not set, the rule is not restricted to specific destination IP categories.
	DestIpCategories []string `json:"destIpCategories,omitempty"`

	// List of destination IP categories to which the rule applies. If not set, the rule is not restricted to specific destination IP categories.
	ResCategories []string `json:"resCategories,omitempty"`

	// Destination countries for which the rule is applicable. If not set, the rule is not restricted to specific destination countries.
	DestCountries []string `json:"destCountries,omitempty"`

	// User-defined destination IP address groups to which the rule is applied.
	// If not set, the rule is not restricted to a specific destination IP address group.
	DestIpGroups []common.IDNameExtensions `json:"destIpGroups,omitempty"`

	// Destination IPv6 address groups for which the rule is applicable.
	// If not set, the rule is not restricted to a specific source IPv6 address group.
	DestIpv6Groups []common.IDNameExtensions `json:"destIpv6Groups,omitempty"`

	// User-defined network services to which the rule applies. If not set, the rule is not restricted to a specific network service.
	// Note: When the forwarding method is Proxy Chaining, only TCP-based network services are considered for policy match .
	NwServices []common.IDNameExtensions `json:"nwServices,omitempty"`

	// User-defined network service group to which the rule applies.
	// If not set, the rule is not restricted to a specific network service group.
	NwServiceGroups []common.IDNameExtensions `json:"nwServiceGroups,omitempty"`

	// Name-ID pairs of devices for which the rule must be applied.
	// Specifies devices that are managed using Zscaler Client Connector.
	// If no value is set, this field is ignored during the policy evaluation.
	Devices []common.IDNameExtensions `json:"devices,omitempty"`

	// Name-ID pairs of device groups for which the rule must be applied.
	// This field is applicable for devices that are managed using Zscaler Client Connector.
	//  If no value is set, this field is ignored during the policy evaluation.
	DeviceGroups []common.IDNameExtensions `json:"deviceGroups,omitempty"`

	// Labels that are applicable to the rule.
	Labels []common.IDNameExtensions `json:"labels,omitempty"`

	// User-defined network service applications to which the rule applies.
	//If not set, the rule is not restricted to a specific network service application.
	NwApplications []string `json:"nwApplications,omitempty"`

	// User-defined network service application groups to which the rule applied.
	// If not set, the rule is not restricted to a specific network service application group.
	NwApplicationGroups []common.IDNameExtensions `json:"nwApplicationGroups,omitempty"`

	AppServiceGroups []common.IDNameExtensions `json:"appServiceGroups,omitempty"`

	// The time interval at which the forwarding rule applies
	TimeWindows []common.IDNameExtensions `json:"timeWindows,omitempty"`

	// The proxy gateway for which the rule is applicable. This field is applicable only for the Proxy Chaining forwarding method.
	ProxyGateway *common.IDName `json:"proxyGateway,omitempty"`

	// The ZPA Server Group for which this rule is applicable.
	// Only the Server Groups that are associated with the selected Application Segments are allowed.
	// This field is applicable only for the ZPA forwarding method.
	ZPAGateway *common.IDName `json:"zpaGateway,omitempty"`

	// The proxy gateway for which the rule is applicable. This field is applicable only for the Proxy Chaining forwarding method.
	ZPAAppSegments []ZPAAppSegments `json:"zpaAppSegments"`

	// List of ZPA Application Segments for which this rule is applicable.
	// This field is applicable only for the ECZPA forwarding method (used for Zscaler Cloud Connector).
	ZPAApplicationSegments []ZPAApplicationSegments `json:"zpaApplicationSegments,omitempty"`

	// List of ZPA Application Segment Groups for which this rule is applicable.
	// This field is applicable only for the ECZPA forwarding method (used for Zscaler Cloud Connector).
	ZPAApplicationSegmentGroups []ZPAApplicationSegmentGroups `json:"zpaApplicationSegmentGroups,omitempty"`

	// The predefined ZPA Broker Rule generated by Zscaler (readonly: true)
	ZPABrokerRule bool `json:"zpaBrokerRule,omitempty"`
}

type Service

type Service struct {
	Client *zia.Client
}

func New

func New(c *zia.Client) *Service

func (*Service) Create

func (service *Service) Create(rule *ForwardingRules) (*ForwardingRules, error)

func (*Service) Delete

func (service *Service) Delete(ruleID int) (*http.Response, error)

func (*Service) Get

func (service *Service) Get(ruleID int) (*ForwardingRules, error)

func (*Service) GetAll

func (service *Service) GetAll() ([]ForwardingRules, error)

func (*Service) GetByName

func (service *Service) GetByName(ruleName string) (*ForwardingRules, error)

func (*Service) Update

func (service *Service) Update(ruleID int, rules *ForwardingRules) (*ForwardingRules, error)

type ZPAAppSegments

type ZPAAppSegments struct {
	// A unique identifier assigned to the Application Segment
	ID int `json:"id"`

	// The name of the Application Segment
	Name string `json:"name,omitempty"`

	// Indicates the external ID. Applicable only when this reference is of an external entity.
	ExternalID string `json:"externalId"`

	// ID of the ZPA tenant where the Application Segment is configured.
	ZPATenantId string `json:"zpaTenantId"`
}

type ZPAApplicationSegmentGroups

type ZPAApplicationSegmentGroups struct {
	// A unique identifier assigned to the Application Segment Group
	ID int `json:"id,omitempty"`

	// The name of the Application Segment Group
	Name string `json:"name,omitempty"`

	// ID of the ZPA tenant where the Application Segment is configured
	ZPAID int `json:"zpaId,omitempty"`

	// Indicates whether the ZPA Application Segment has been deleted
	Deleted bool `json:"deleted,omitempty"`

	// The number of ZPA Application Segments in the group
	ZPAAppSegmentsCount int `json:"zpaAppSegmentsCount,omitempty"`
}

type ZPAApplicationSegments

type ZPAApplicationSegments struct {
	// A unique identifier assigned to the Application Segment
	ID int `json:"id,omitempty"`

	// The name of the Application Segment
	Name string `json:"name,omitempty"`

	// Additional information about the Application Segment
	Description string `json:"description,omitempty"`

	// ID of the ZPA tenant where the Application Segment is configured
	ZPAID int `json:"zpaId,omitempty"`

	// Indicates whether the ZPA Application Segment has been deleted
	Deleted bool `json:"deleted,omitempty"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL