- Release date: (May, 15 2023)
- Supported Terraform version: v1.x
- PR #236 Added new datasource
zia_dlp_edm_schema
to retrieve Exact Data Matchschema_id
. The shema_id value can then be used as part ofzia_dlp_dictionaries
when thedictionary_type
is set toEXACT_DATA_MATCH
- Release date: (May, 13 2023)
- Supported Terraform version: v1.x
- PR #231
zia_dlp_web_rules
: Fixed panic withzia_web_dlp_rules
due todlp_engines
attribute expand function
- Release date: (May, 1 2023)
- Supported Terraform version: v1.x
- PR #224
zia_dlp_web_rule
: Reduced TimeTicker for faster rule order processing during creation and modifications. - PR #224
zia_dlp_web_rule
: Updated DLP Web Rule documentation with more examples - PR #226 Expanded ZIA search criteria to include auditor users.
- PR #227 Introduced new attribute
parent_name
to the resourcezia_location_management
. The attribute will allow the ability to search for sublocation resources across multiple parent locations specially when overlapping names are in use. Issue #223
- PR #219
zia_dlp_web_rules
: Fixed drift issues with attributesurl_categories
anddlp_engines
- PR #221
zia_dlp_dictionary
: Fix DLP dictionary resource whenphrase
attribute is not provided - PR #228
zia_dlp_dictionary
: Fixedidm_profile_match_accuracy
attribute to prevent drifts, plus acceptzia_dlp_idm_profile_lite
template_id when selectingdictionary_type
INDEXED_DATA_MATCH
- Release date: (April, 12 2023)
- Supported Terraform version: v1.x
- PR #213
zia_location_management
: Added to support to sub-location search within data source. Issue #209
- PR #217
zia_dlp_engines
: Fixed DLP Engine data source to allow search for predefined engines. Issue #216 - PR #219
zia_dlp_web_rules
: DLP Web rule configuration drift for certain attributes when not set in order.
- Release date: (March, 27 2023)
- Supported Terraform version: v1.x
-
PR #202
zia_user_management
: Implemented new attributeauth_methods
. The attribute supports the following values:BASIC
and/orDIGEST
. -
zia_location_management
: Implemented new attributebasic_auth_enabled
. The supported values are:true
orfalse
-
PR #202 The provider now supports authentication to Zscaler
preview
andzscalerten
clouds. -
PR #211 Added new datasource
zia_location_lite
. This data source can be used to return the "Road Warrior" location, which can then be used in the following resources:zia_url_filtering_rules
,zia_firewall_filtering_rule
andzia_dlp_web_rules
-
PR #213 Added support to search for sub-location within the resource
zia_location_management
-
PR #212
zia_user_management
: Fixed flattening function to expand group attribute values. Issue #205 -
PR #214
zia_traffic_forwarding_gre_tunnel
: Fixed issue while creating GRE Tunnels. Issue #208
- Release date: (March, 6 2023)
- Supported Terraform version: v1.x
zia_location_management
: Fixed IPv4 Address and IPv4Address range validation.zia_traffic_forwarding_static_ip
: Fixed Longitude and Latitude computed attributes.zia_url_categories
: RemovedDefault: false
attribute to prevent drifts.
- Release date: (March, 2 2023)
- Supported Terraform version: v1.x
-
PR #199 Improved
Timeout
reorder functions to ensure the rules across the below resources are organized correctly.- ``zia_firewall_filtering_rule`
-
PR #200 Improved
Timeout
reorder functions to ensure the rules across the below resources are organized correctly.- ``zia_dlp_web_rules`
- ``zia_url_filtering_rules`
- Release date: (March, 1 2023)
- Supported Terraform version: v1.x
- PR #193 Added new following new datasources:
-
zia_firewall_filtering_application_services
The returned values are:SKYPEFORBUSINESS
,FILE_SHAREPT_ONEDRIVE
,EXCHANGEONLINE
,M365COMMON
,ZOOMMEETING
,WEBEXMEETING
,WEBEXTEAMS
,WEBEXCALLING
,RINGCENTRALMEETING
,GOTOMEETING
,GOTOMEETING_INROOM
,LOGMEINMEETING
,LOGMEINRESCUE
-
zia_firewall_filtering_application_services_group
The returned values are:OFFICE365
,ZOOM
,WEBEX
,RINGCENTRAL
,LOGMEIN
-
- PR #194 Improved
Timeout
reorder functions to ensure the rules across the below resources are organized correctly.zia_dlp_web_rules
zia_url_filtering_rules
- ``zia_firewall_filtering_rule`
This will allow the API to settle these resources in the correct order. Pushing large batches of security rules at once, may incur in Terraform to Timeout after 20 mins, as it will try to place the rules in the incorrect order. This issue will be addressed in future versions.
In order to accomplish this, make sure you set the parallelism value at or below this limit to prevent performance impacts.
- PR #195 Fixed
zia_traffic_forwarding_gre_tunnel
by removing unecessary computed values to prevent drifts.
- Release date: (February, 28 2023)
- Supported Terraform version: v1.x
- PR #193 Added new following new datasources:
-
zia_firewall_filtering_application_services
The returned values are:SKYPEFORBUSINESS
,FILE_SHAREPT_ONEDRIVE
,EXCHANGEONLINE
,M365COMMON
,ZOOMMEETING
,WEBEXMEETING
,WEBEXTEAMS
,WEBEXCALLING
,RINGCENTRALMEETING
,GOTOMEETING
,GOTOMEETING_INROOM
,LOGMEINMEETING
,LOGMEINRESCUE
-
zia_firewall_filtering_application_services_group
The returned values are:OFFICE365
,ZOOM
,WEBEX
,RINGCENTRAL
,LOGMEIN
-
- PR #194 Improved
Timeout
reorder functions to ensure the rules across the below resources are organized correctly.zia_dlp_web_rules
zia_url_filtering_rules
- ``zia_firewall_filtering_rule`
This will allow the API to settle these resources in the correct order. Pushing large batches of security rules at once, may incur in Terraform to Timeout after 20 mins, as it will try to place the rules in the incorrect order. This issue will be addressed in future versions.
In order to accomplish this, make sure you set the parallelism value at or below this limit to prevent performance impacts.
- PR #195 Fixed
zia_traffic_forwarding_gre_tunnel
by removing unecessary computed values to prevent drifts.
- Release date: (February, 13 2023)
- Supported Terraform version: v1.x
-
PR #180 Implemented customizable
Timeouts
for Create and Update functions to help with rule reorder across the following resources:zia_dlp_web_rules
zia_url_filtering_rules
zia_firewall_filtering_rule
-
PR #182 Implemented validation for
ocr_enabled
attribute validation forzia_dlp_web_rules
- Release date: (February, 10 2023)
- Supported Terraform version: v1.x
- PR #181 Implemented customizable
Timeouts
for Create and Update functions to help with rule reorder across the following resources:zia_dlp_web_rules
zia_url_filtering_rules
zia_firewall_filtering_rule
- Release date: (January, 31 2023)
- Supported Terraform version: v1.x
- PR #176 Added the following ZIA data sources
zia_dlp_icap_servers
- Gets a the list of DLP servers using ICAPzia_dlp_incident_receiver_servers
- Gets a list of DLP Incident Receiverszia_dlp_idm_profiles
- Indexed Document Match (IDM) template (or profile) information.
- Release date: (January, 25 2023)
- Supported Terraform version: v1.x
- PR #171 - Update to Zscaler-Go-SDK to fix bool parameter
enable_full_logging
in the ZIA Firewall Filtering resource. - PR #174 - Fix
zia_web_rules
file_types attribute to accept empty values. Also, added new supported file types to the validation fuction.
- Release date: (January, 12 2023)
- Supported Terraform version: v1.x
- PR #160 - Fixed Pagination Issues across all resources
- Release date: (January, 4 2023)
- Supported Terraform version: v1.x
-
PR #168
zia_firewall_filtering_rule
Added the following new network applications to validation functionVMWARE_HORIZON_VIEW
,ADOBE_CREATIVE_CLOUD
,ZOOMINFO
,SERVICE_NOW
,MS_SSAS
,GOOGLE_DNS
,CLOUDFLARE_DNS
,ADGUARD
,QUAD9
,OPENDNS
,CLEANBROWSING
,COMCAST_DNS
,NEXTDNS
,POWERDNS
,BLAHDNS
,SECUREDNS
,RUBYFISH
,DOH_UNKNOWN
,GOOGLE_KEEP
,AMAZON_CHIME
,WORKDAY
,FIFA
,ROBLOX
,WANGWANG
,S7COMM_PLUS
,DOH
,AGORA_IO
,MS_DFSR
,WS_DISCOVERY
,STUN
,FOLDINGATHOME
,GE_PROCIFY
,MOXA_ASPP
,APP_CH
,GLASSDOOR
,TINDER
,BAIDU_TIEBA
,MIMEDIA
,FILESANYWHERE
,HOUSEPARTY
,GBRIDGE
,HAMACHI
,HEXATECH
,HOTSPOT_SHIELD
,MEGAPROXY
,OPERA_VPN
,SPOTFLUX
,TUNNELBEAR
,ZENMATE
,OPENGW
,VPNOVERDNS
,HOXX_VPN
,VPN1_COM
,SPRINGTECH_VPN
,BARRACUDA_VPN
,HIDEMAN_VPN
,WINDSCRIBE
,BROWSEC_VPN
,EPIC_BROWSER_VPN
,SKYVPN
,KPN_TUNNEL
,ERSPAN
,EVASIVE_PROTOCOL
,DOTDASH
,ADOBE_DOCUMENT_CLOUD
,FLIPKART_BOOKS
-
PR #165
zia_url_filtering_rules
Added new URL Categories
- Release date: (January, 1 2023)
- Supported Terraform version: v1.x
- PR #167 Published provider as v2 go-module
- Release date: (December, 30 2022)
- Supported Terraform version: v1.x
- PR #164 Added missing URL Category resource parameters
- PR #165 Added missing URL Category to
zia_url_filtering_rule
- Release date: (December, 3 2022)
- Supported Terraform version: v1.x
- PR #150 Fixed DLP Web rule resource panic due to incorrect assignment
- PR #150 Fixed DLP Notification Template resource panic due to incorrect assignment
- PR #151 Fixed DLP Dictionary panic due to incorrect assignment
- Release date: (November, 25 2022)
- Supported Terraform version: v1.x
- PR #147 Fixed Read/Update/Delete functions to allow automatic recreation of resources, that have been manually deleted via the UI.
- PR #147 Removed
deprecated
helper fromzia_location_management
resource.
- Release date: (October, 20 2022)
- Supported Terraform version: v1.x
- PR #137 Added Customizable Timeouts to zia_activation_status resource.
- PR #138 Added acceptance test to
zia_activation_status
data source.
- PR #134 Update to zscaler-sdk-go v0.1.1
- PR #135 Update to zscaler-sdk-go v0.1.2
- PR #135 Added missing parameter
comment
tozia_traffic_forwarding_static_ips
- PR #136 Updated Documentation for zia_activation_status resource and data source.
- Release date: (September, 25 2022)
- Supported Terraform version: v1.x
- PR #130 Fix Import Resource By ID
- Release date: (September, 21 2022)
- Supported Terraform version: v1.x
- PR #127 Updated provider to zscaler-go-sdk v0.0.10
- PR #127 zia_user_management group attribute to hold a list of group IDs as a typeList instead of typeSet.
- Release date: (August 19 2022)
- Supported Terraform version: v1.x
- PR #113 Integrated newly created Zscaler GO SDK. Models are now centralized in the repository zscaler-sdk-go
- Terraform import failing for zia_traffic_forwarding_static_ip resource. Search by IP criteria was not implemented.
- Release date: (July 19 2022)
- Supported Terraform version: v1.x
- PR #110 Added Terraform UserAgent for Backend API tracking
- PR #111 Updated Import GPG key in goreleaser to paultyng/ghaction-import-gpg
- PR #111 Updated golangci-lint to use golang 18
-
Supported Terraform version: v1.x
-
Fix: Fixed provider file to include resource and datasource hooks.
zia_auth_settings_urls
Added new resource to support adding and removing URLs to ZIA exemption list.zia_security_policy_settings
Added new resource to support adding and removing whitelisted and blacklisted URLs to the Advanced Threat Protection feature in ZIA.
- Supported Terraform version: v1.x
zia_auth_settings_urls
Added new resource to support adding and removing URLs to ZIA exemption list.zia_security_policy_settings
Added new resource to support adding and removing whitelisted and blacklisted URLs to the Advanced Threat Protection feature in ZIA.
- Supported Terraform version: v1.x
The Terraform Provider for Zscaler Internet Access (ZIA) is now officially hosted under Zscaler's GitHub account and published in the Terraform Registry. For more details, visit the Zscaler Community Article Here Administrators who used previous versions of the provider, and followed instructions to install the binary as a custom provider, must update their provider block as such:
terraform {
required_providers {
zia = {
source = "zscaler/zia"
version = "2.0.3"
}
}
}
provider "zia" {}
zia_dlp_engines
- PR#91 🔧
Several schema type, expand and flattening function fixes were implemented to prevent undesired plan refresh updates and further provider optimization.
zia_dlp_dictionaries
- PR#61 🔧zia_dlp_web_rules
- PR#62 🔧zia_firewall_filtering_rule
- Added schema validationorder
parameter to ensure value is at least 1. PR#63 🔧zia_url_filtering_rules
- PR#66 🔧zia_admin_users
- PR#67 🔧zia_user_management
- PR#67 🔧
-
Updated ZIA API client to validate the corresponding Zscaler cloud name. The previous environment variable
ZIA_BASE_URL
was replaced withZIA_CLOUD
. PR#58 -
The provider now validates the proper Zscaler cloud name. PR#58 For instructions on how to find your Zscaler cloud name, refer to the following help article Here
-
Added and fixed multiple acceptance tests to easily and routinely verify that Terraform Plugins produce the expected outcome
-
Updated GitHub Actions CI to include both build and acceptance test workflow
-
Added new optimized acceptance tests - PR#71 🔧
The ZIA cloud service API now includes new endpoints in order to fully support Data Loss Prevention (DLP) rule creation and updates. The following Terraform resources and data source have been added:
DATA SOURCES:
data_source_zia_device_group
PR#50 🚀data_source_zia_dlp_notification_templates
.PR#53 🚀data_source_zia_dlp_web_rules
.PR#53 🚀data_source_zia_dlp_engines
.PR#53 🚀
RESOURCES:
resource_zia_dlp_notification_templates
.PR#53🚀resource_zia_dlp_web_rules
.PR#53 🚀resource_zia_dlp_engines
.PR#53 🚀
UPDATES:
- Added
zia_device_groups
toresource_zia_url_filtering_rules
.PR#51 🚀
- Added multiple acceptance tests to easily and routinely verify that Terraform Plugins produce the expected outcome. PR#54
- Added GoRelease workflow to GitHub Actions CI/CD for automatic software release.
- Fixed issue where Terraform showed that resources had been modified even though nothing had been changed in the upstream resources. PR#45 🔧
-
Added multiple validators across several resources for better API abstraction and mistake prevention during
terraform apply
PR#46 🚀 -
The provider now supports the ability to import resources via its
name
and/orid
property to support easier migration of existing ZIA resources viaterraform import
command. The following resources are supported:- resource_zia_admin_users - PR#47] 🚀
- resource_zia_dlp_dictionaries - PR#47 🚀
- resource_zia_firewall_filtering_rules - PR#47 🚀
- resource_zia_fw_filtering_ip_destination_groups - PR#47 🚀
- resource_zia_fw_filtering_ip_source_groups - PR#47 🚀
- resource_zia_fw_filtering_network_application_groups - PR#47 🚀
- resource_zia_fw_filtering_network_services_groups - PR#47 🚀
- resource_zia_fw_filtering_network_services - PR#47 🚀
- resource_zia_location_management - PR#47 🚀
- resource_zia_url_categories - PR#47 🚀
- resource_zia_url_filtering_rules - PR#47 🚀
- resource_zia_user_management_users - PR#47 🚀
-
VPN Credentials: Fixed issue where when creating a VPN credential and
type
was set toIP
, the fieldip_address
was being returned as a non-expected argument. The issue was addressed on PR#36 -
VPN Credentials: Fixed issue where when creating VPN credential and
type
was set toUFQDN
, the parameter was not being validated if it was empty. The issue was addressed on PR#36 -
VPN Credentials: Removed unsupported VPN Credential types
CN
andXAUTH
. The issue was addressed on PR#36 -
Location Management: Fixed issue where when creating a sub-location and the
ip_addresses
field was empty or the value was not a valid IPv4 address r IPv4 range, the provider pushed partial configuration and then exited with failure. The new validation function, will check if theparent_id
has been set to a value greater than0
and if theip_addresses
parameter has been fullfilled. The issue was addressed on PR#37
-
Static IP: Added
ForceNew
option toip_address
in the schema, so the resource will be destroyed and recreated PR#40 -
VPN Credentials: Added
ForceNew
option totype
in the schema, so the resource will be destroyed and recreated if the type of the VPN resource needs to be changed fromIP
toUFQDN
and vice-versa PR#41