I’m trying to update an app segment via the ZPA API. I am able to issue a PUT, but that looks like I need to provide all the existing domains, plus the new one(s) I want to add. Is there a way to just add the new domain(s)? It feels unnecessary to have to pass all of them, so just wanted to double check on a more efficient way to accomplish an app segment update. Thanks!
The PUT is updating the segment with the FQDNs that should be in the segment. So - it’s necessary to include all of the FQDN’s. It’s not an “insert” to add FQDN’s to the segment.
So - you should perform a GET first for the segment which will return the FQDN’s already configured, and then a PUT to update the segment, including all the existing FQDN’s and the additional FQDN’s
It’s the same if you want to delete FQDN’s from an existing segment. You’d perform a GET, remove the FQDN’s you want to delete, then issue a PUT to send the list of remaining FQDN’s. If you want to delete the segment and the FQDN’s entirely, then you’d issue an HTTP DELETE method.
Hi @nateW,
actually we are leveraging put method to keep App Segments unified with Git, which is SSoT for us. In Git we are having versioned YAML files with all domains (app segments + access rules) so we are sure that we have all domains there.
It is just pity that it doesn’t work for UdpPortRange/TcpPortRange. When there is some UDP/TCP port configured via GUI we are not able to empty/erase it via put UdpPortRange command, just via UdpPortRanges which is a bit obsolete while reading the API documentation.
Thanks for confirming, @mryan. I’ve been using the PUT as well. I was just hoping to have the ability to pass the new domain, similar to what is allowed via ZIA API and custom categorizes.
Thanks, @martinkiska. We’ve been dabbling with the terraform provider, which would also have the full list of domains. We’ve got some corner cases where I need a more automated process in regards to updating the app segment when compared to having the need to modify terraform. More or less, I was hoping for a way to just send in the new add or removal without having to keep track of the full list. Not a huge deal. Appreciate the input!