feat: Added Zenith video article links to documentation (#190)

* Added Zenith video article links to documentation

CHANGELOG.md

@@ -507,4 +507,4 @@ Note: To import resources not currently supported, the resource numeric ID is re
 - New Data Source: ``data_source_zpa_scim_group`` 🆕
 - New Data Source: ``data_source_zpa_segment_group`` 🆕
 - New Data Source: ``data_source_zpa_server_group`` 🆕
-- New Data Source: ``data_source_zpa_trusted_network`` 🆕
+- New Data Source: ``data_source_zpa_trusted_network`` 🆕

docs/data-sources/zpa_app_connector_group.md

@@ -50,9 +50,24 @@ The following attributes are exported:
 * `upgrade_day` - (String) App Connectors in this group will attempt to update to a newer version of the software during this specified day
 * `upgrade_time_in_secs` - (String) App Connectors in this group will attempt to update to a newer version of the software during this specified time. Default value: `66600`. Integer in seconds (i.e., `-66600`). The integer should be greater than or equal to `0` and less than `86400`, in `15` minute intervals
 * `override_version_profile` - (bool) Whether the default version profile of the App Connector Group is applied or overridden. Default: `false` Supported values: `true`, `false`
-* `version_profile_id` - (String) ID of the version profile. To learn more, see Version Profile Use Cases.
+* `version_profile_id` - (String) ID of the version profile.
+  Exported values are:
+  * ``0`` = ``Default``
+  * ``1`` = ``Previous Default``
+  * ``2`` = ``New Release``
 * `version_profile_name` - (String)
+  Exported values are:
+  * ``Default`` = ``0``
+  * ``Previous Default`` = ``1``
+  * ``New Release`` = ``2``
 * `version_profile_visibility_scope` - (String)
+  Exported values are:
+  * ``"IPV4_IPV6"``
+  * ``"IPV4"``
+  * ``"IPV6``
 * `country_code` - (String)
 * `dns_query_type` - (String)
+  * ``0`` = ``Default``
+  * ``1`` = ``Previous Default``
+  * ``2`` = ``New Release``
 * `geo_location_id` - (String)

docs/data-sources/zpa_policy_type.md

@@ -6,7 +6,7 @@ description: |-
   Get information about Policy Set ID in Zscaler Private Access cloud.
 ---
 
-# Data Source: zpa_policy_timeout
+# Data Source: zpa_policy_type
 
 Use the **zpa_policy_type** data source to get information about an a ``policy_set_id`` and ``policy_type``. This data source is required when creating:
 

docs/data-sources/zpa_service_edge_group.md

@@ -43,16 +43,80 @@ In addition to all arguments above, the following attributes are exported:
 
 * `description` (string) Description of the Service Edge Group.
 * `enabled` - (bool) Whether this App Connector Group is enabled or not. Default value: `true`. Supported values: `true`, `false`
+* `city_country` - (string) Whether Double Encryption is enabled or disabled for the app.
+* `country_code` - (string)
+* `creation_time` - (string)
+* `geo_location_id` - (string)
+* `is_public` - (string)
 * `latitude` - (string) Latitude of the Service Edge Group. Integer or decimal. With values in the range of `-90` to `90`
 * `longitude` - (string) Longitude of the Service Edge Group.Integer or decimal. With values in the range of `-180` to `180`
 * `location` - (string) Location of the Service Edge Group.
-* `city_country` - (string) Whether Double Encryption is enabled or disabled for the app.
+* `modified_by` - (string)
+* `modified_time` - (string)
 * `upgrade_day` - (string) App Connectors in this group will attempt to update to a newer version of the software during this specified day
 * `upgrade_time_in_secs` - (string) App Connectors in this group will attempt to update to a newer version of the software during this specified time. Default value: `66600`. Integer in seconds (i.e., `-66600`). The integer should be greater than or equal to `0` and less than `86400`, in `15` minute intervals
 * `override_version_profile` - (bool) Whether the default version profile of the App Connector Group is applied or overridden. Default: `false` Supported values: `true`, `false`
-* `version_profile_id` - (string) ID of the version profile. To learn more, see Version Profile Use Cases.
-* `version_profile_name` - (string)
+* `version_profile_id` - (String) ID of the version profile.
+  Exported values are:
+  * ``0`` = ``Default``
+  * ``1`` = ``Previous Default``
+  * ``2`` = ``New Release``
+* `version_profile_name` - (String)
+  Exported values are:
+  * ``Default`` = ``0``
+  * ``Previous Default`` = ``1``
+  * ``New Release`` = ``2``
 * `version_profile_visibility_scope` - (string)
-* `country_code` - (string)
-* `dns_query_type` - (string)
-* `geo_location_id` - (string)
+  Exported values are:
+  * ``ALL``
+  * ``NONE``
+  * ``CUSTOM``
+* `service_edges` - (string)
+  * `name` (string)
+  * `application_start_time` (string)
+  * `service_edge_group_id` (string)
+  * `service_edge_group_name` (string)
+  * `control_channel_status` (string)
+  * `creation_time` (string)
+  * `modified_by` (string)
+  * `modified_time` (string)
+  * `ctrl_broker_name` (string)
+  * `current_version` (string)
+  * `expected_upgrade_time` (string)
+  * `expected_version` (string)
+  * `figerprint` (string)
+  * `ip_acl` (string)
+  * `issued_cert_id` (string)
+  * `last_broker_connect_time` (string)
+  * `last_broker_connect_time_duration` (string)
+  * `last_broker_disconnect_time` (string)
+  * `last_broker_disconnect_time_duration` (string)
+  * `last_upgrade_time` (string)
+  * `latitude` (string)
+  * `listen_ips` (string)
+  * `location` (string)
+  * `longitude` (string)
+  * `provisioning_key_id` (string)
+  * `provisioning_key_name` (string)
+  * `platform` (string)
+  * `previous_version` (string)
+  * `private_ip` (string)
+  * `public_ip` (string)
+  * `publish_ips` (string)
+  * `sarge_version` (string)
+  * `enrollment_cert` (string)
+  * `upgrade_attempt` (string)
+  * `upgrade_status` (string)
+
+* `trusted_networks` - (string)
+  * `creation_time` (string)
+  * `domain` (string)
+  * `id` (string)
+  * `master_customer_id` (string)
+  * `modified_by` (string)
+  * `modified_time` (string)
+  * `name` (string)
+  * `network_id` (string)
+  * `zscaler_cloud` (string)
+
+:warning: Notice that certificate and public_keys are omitted from the output.

docs/guides/release-notes.md

@@ -495,4 +495,4 @@ Note: To import resources not currently supported, the resource numeric ID is re
 - New Data Source: ``data_source_zpa_scim_group`` 🆕
 - New Data Source: ``data_source_zpa_segment_group`` 🆕
 - New Data Source: ``data_source_zpa_server_group`` 🆕
-- New Data Source: ``data_source_zpa_trusted_network`` 🆕
+- New Data Source: ``data_source_zpa_trusted_network`` 🆕

docs/index.md

@@ -13,7 +13,8 @@ Use the navigation on the left to read about the available resources.
 
 ## Zenith Community - ZPA Terraform Provider Introduction
 
-[![ZPA Terraform provider Video Series Ep1](../images/zpa_terraform_provider_introduction.png)](https://community.zscaler.com/t/video-zpa-terraform-provider-video-series-ep1/18691)
+[![ZPA Terraform provider Video Series Ep1](../images/zpa_terraform_provider_introduction.svg)](https://community.zscaler.com/t/video-zpa-terraform-provider-video-series-ep1/18691)
+
 ## Example Usage ZPA Production Cloud
 
 For customers running this provider in their production tenant, the variable `ZPA_CLOUD` is optional. If provided, it must be followed by the value `PRODUCTION`.

docs/resources/zpa_app_connector_group.md

@@ -10,9 +10,9 @@ description: |-
 
 The **zpa_app_connector_group** resource creates a and manages app connector groups in the Zscaler Private Access (ZPA) cloud. This resource can then be associated with the following resoueces: server groups, log receivers and access policies.
 
-## Zenith Community - ZPA App Connector Group Video
+## Zenith Community - ZPA App Connector Group
 
-[![VIDEO ZPA Terraform provider Video Series Ep2 - Connector Groups](../../images/zpa-app_connector_group.png)](https://community.zscaler.com/t/video-zpa-terraform-provider-video-series-ep2-connector-groups/18692)
+[![ZPA Terraform provider Video Series Ep2 - Connector Groups](../../images/zpa_app_connector_group.svg)](https://community.zscaler.com/t/video-zpa-terraform-provider-video-series-ep2-connector-groups/18692)
 
 ## Example Usage
 
@@ -30,8 +30,8 @@ resource "zpa_app_connector_group" "example" {
   upgrade_day                   = "SUNDAY"
   upgrade_time_in_secs          = "66600"
   override_version_profile      = true
-  version_profile_id            = 0
-  dns_query_type                = "IPV4"
+  version_profile_name          = "New Release"
+  dns_query_type                = "IPV4_IPV6"
 }
 ```
 

docs/resources/zpa_application_segment.md

@@ -10,6 +10,10 @@ description: |-
 
 The **zpa_application_segment** resource creates an application segment in the Zscaler Private Access cloud. This resource can then be referenced in an access policy rule, access policy timeout rule or access policy client forwarding rule.
 
+## Zenith Community - ZPA Application Segment
+
+[![ZPA Terraform provider Video Series Ep7 - Application Segment](../../images/zpa_application_segments.svg)](https://community.zscaler.com/t/video-zpa-terraform-provider-video-series-ep-7-zpa-application-segment/18946)
+
 ## Example 1 Usage
 
 ```hcl
@@ -157,6 +161,7 @@ The following arguments are supported:
   * `from:`
   * `to:`
 
+-> **NOTE:** Application segments must have unique ports and cannot have overlapping domain names using the same tcp/udp ports across multiple application segments.
 
 ## Attributes Reference
 

docs/resources/zpa_application_segment_browser_access.md

@@ -10,6 +10,10 @@ description: |-
 
 The **zpa_application_segment_browser_access** creates and manages a browser access application segment resource in the Zscaler Private Access cloud. This resource can then be referenced in an access policy rule, access policy timeout rule or access policy client forwarding rule.
 
+## Zenith Community - ZPA Application Segment Browser Access
+
+[![ZPA Terraform provider Video Series Ep7 - Application Segment Browser Access](../../images/zpa_application_segment_browser_access.svg)](https://community.zscaler.com/t/video-zpa-terraform-provider-video-series-ep-7-zpa-application-segment/18946)
+
 ## Example Usage
 
 ```hcl

docs/resources/zpa_application_segment_inspection.md

@@ -74,6 +74,8 @@ The following arguments are supported:
   * `from:`
   * `to:`
 
+-> **NOTE:** Application segments must have unique ports and cannot have overlapping domain names using the same tcp/udp ports across multiple application segments.
+
 ## Attributes Reference
 
 * `description` - (Optional) Description of the application.

docs/resources/zpa_application_segment_pra.md

@@ -78,6 +78,8 @@ The following arguments are supported:
   * `from:`
   * `to:`
 
+-> **NOTE:** Application segments must have unique ports and cannot have overlapping domain names using the same tcp/udp ports across multiple application segments.
+
 ## Attributes Reference
 
 * `description` - (Optional) Description of the application.

docs/resources/zpa_application_server.md

@@ -10,6 +10,10 @@ description: |-
 
 The **zpa_application_server** resource creates an application server in the Zscaler Private Access cloud. This resource can then be referenced in a server group.
 
+## Zenith Community - ZPA Application Server
+
+[![ZPA Terraform provider Video Series Ep5 - Application Server](../../images/zpa_application_servers.svg)](https://community.zscaler.com/t/video-terraform-provider-video-series-ep-5-zpa-application-server/18807)
+
 ## Example Usage
 
 ```hcl

docs/resources/zpa_policy_access_forwarding_rule.md

@@ -13,10 +13,25 @@ The **zpa_policy_forwarding_rule** resource creates a policy forwarding access r
 ## Example Usage
 
 ```hcl
+# Get Global Policy Forwading ID
+data "zpa_policy_type" "client_forwarding_policy" {
+    policy_type = "CLIENT_FORWARDING_POLICY"
+}
+# Get IdP ID
+data "zpa_idp_controller" "idp_name" {
+ name = "IdP_Name"
+}
+
+# Get SCIM Group attribute ID
+data "zpa_scim_groups" "engineering" {
+  name = "Engineering"
+  idp_name = "IdP_Name"
+}
+
 #Create Client Forwarding Access Rule
-resource "zpa_policy_forwarding_rule" "test_forwarding_rule" {
-  name            = "test1-forwarding-rule"
-  description     = "test1-forwarding-rule"
+resource "zpa_policy_forwarding_rule" "this" {
+  name            = "Example"
+  description     = "Example"
   action          = "BYPASS"
   operator        = "AND"
   policy_set_id   = data.zpa_policy_type.client_forwarding_policy.id
@@ -27,7 +42,7 @@ resource "zpa_policy_forwarding_rule" "test_forwarding_rule" {
     operands {
       object_type = "APP"
       lhs = "id"
-      rhs = [ zpa_application_segment.test_app_segment.id ]
+      rhs = [ zpa_application_segment.this.id ]
     }
   }
   conditions {
@@ -39,35 +54,12 @@ resource "zpa_policy_forwarding_rule" "test_forwarding_rule" {
       rhs = [ data.zpa_scim_groups.engineering.id ]
     }
   }
-  depends_on = [
-    data.zpa_policy_type.client_forwarding_policy,
-    data.zpa_idp_controller.idp_name,
-    data.zpa_scim_groups.engineering,
-    zpa_application_segment.test_app_segment
-  ]
 }
 
-# Get Global Policy Forwading ID
-data "zpa_policy_type" "client_forwarding_policy" {
-    policy_type = "CLIENT_FORWARDING_POLICY"
-}
-
-# Get IdP ID
-data "zpa_idp_controller" "idp_name" {
- name = "IdP_Name"
-}
-
-# Get SCIM Group attribute ID
-data "zpa_scim_groups" "engineering" {
-  name = "Engineering"
-  idp_name = "IdP_Name"
-}
-
-```hcl
 # ZPA Application Segment resource
-resource "zpa_application_segment" "test_app_segment" {
-    name              = "test1-app-segment"
-    description       = "test1-app-segment"
+resource "zpa_application_segment" "this" {
+    name              = "Example"
+    description       = "Example"
     enabled           = true
     health_reporting  = "ON_ACCESS"
     bypass_type       = "NEVER"
@@ -84,28 +76,26 @@ resource "zpa_application_segment" "test_app_segment" {
 ### Required
 
 * `name` - (Required) This is the name of the forwarding policy rule.
-* `policy_set_id` - (Required)
+* `policy_set_id` - (Required) Use [zpa_policy_type](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/data-sources/zpa_policy_type) data source to retrieve the necessary policy Set ID ``policy_set_id``
 
 ## Attributes Reference
 
 * `action` - (Optional) This is for providing the rule action.
   * The supported actions for a policy forwarding rule are: `BYPASS`, `INTERCEPT` or `INTERCEPT_ACCESSIBLE`
-* `action_id` - (Optional) This field defines the description of the server.
-* `bypass_default_rule` - (Optional)
 * `custom_msg` - (Optional) This is for providing a customer message for the user.
 * `description` - (Optional) This is the description of the access policy rule.
-* `operator` (Optional)
-* `policy_type` - (Optional)
+* `operator` (Optional) Supported values: ``AND``, ``OR``
+* `policy_type` (Optional) Supported values: ``CLIENT_FORWARDING_POLICY`` or ``BYPASS_POLICY``
   * The supported policy type values for a policy forwarding rule are: `CLIENT_FORWARDING_POLICY` and `BYPASS_POLICY`
 * `rule_order` - (Optional)
 
 * `conditions` - (Optional)
-  * `negated` - (Optional)
-  * `operator` (Optional)
-  * `operands`
+  * `negated` - (Optional) Supported values: ``true`` or ``false``
+  * `operator` (Optional) Supported values: ``AND``, and ``OR``
+  * `operands` (Optional) - Operands block must be repeated if multiple per `object_type` conditions are to be added to the rule.
     * `name` (Optional)
-    * `lhs` (Optional)
-    * `rhs` (Optional) This denotes the value for the given object type. Its value depends upon the key.
+    * `lhs` (Optional) LHS must always carry the string value ``id`` or the attribute ID of the resource being associated with the rule.
+    * `rhs` (Optional) RHS is either the ID attribute of a resource or fixed string value. Refer to the chart below for further details.
     * `idp_id` (Optional)
     * `object_type` (Optional) This is for specifying the policy critiera. Supported values: `APP`, `APP_GROUP`, `SAML`, `IDP`, `CLIENT_TYPE`, `TRUSTED_NETWORK`, `POSTURE`, `SCIM`, `SCIM_GROUP`, and `CLOUD_CONNECTOR_GROUP`. `TRUSTED_NETWORK`, and `CLIENT_TYPE`.
     * `CLIENT_TYPE` (Optional) - The below options are the only ones supported in a timeout policy rule.
@@ -125,3 +115,21 @@ For example:
 ```shell
 terraform import zpa_policy_forwarding_rule.example <policy_forwarding_rule_id>
 ```
+
+## LHS and RHS Values
+
+LHS and RHS values differ based on object types. Refer to the following table:
+
+| Object Type | LHS| RHS
+|----------|-----------|----------
+| [APP](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_application_segment) | "id" | <application_segment_ID> |
+| [APP_GROUP](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_segment_group) | "id" | <segment_group_ID> |
+| [CLIENT_TYPE](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/resources/zpa_application_segment_browser_access) | "id" | zpn_client_type_zappl or zpn_client_type_exporter |
+| [EDGE_CONNECTOR_GROUP](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/data-sources/zpa_cloud_connector_group) | "id" | <edge_connector_ID> |
+| [IDP](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/data-sources/zpa_idp_controller) | "id" | <identity_provider_ID> |
+| [MACHINE_GRP](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/data-sources/zpa_machine_group) | "id" | <machine_group_ID> |
+| [POSTURE](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/data-sources/zpa_posture_profile) | <posture_udid>  | "true" / "false" |
+| [TRUSTED_NETWORK](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/data-sources/zpa_trusted_network) | <network_id>  | "true" |
+| [SAML](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/data-sources/zpa_saml_attribute) | <saml_attribute_id>  | <Attribute_value_to_match> |
+| [SCIM](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/data-sources/zpa_scim_attribute_header) | <scim_attribute_id>  | <Attribute_value_to_match>  |
+| [SCIM_GROUP](https://registry.terraform.io/providers/zscaler/zpa/latest/docs/data-sources/zpa_scim_groups) | <scim_group_attribute_id>  | <Attribute_value_to_match>  |