v4.0.0

4.0.0 (January, 22 2025) - BREAKING CHANGES

Notes

• Release date: (January, 22 2025)
• Supported Terraform version: v1.x

Enhancements - Zscaler OneAPI Support

PR #383: The ZIA Terraform Provider now offers support for OneAPI Oauth2 authentication through Zidentity.

NOTE As of version v4.0.0, this Terraform provider offers backwards compatibility to the Zscaler legacy API framework. This is the recommended authentication method for organizations whose tenants are still not migrated to Zidentity.

⚠️ WARNING: Please refer to the Index Page page for details on authentication requirements prior to upgrading your provider configuration.

⚠️ WARNING: Attention Government customers. OneAPI and Zidentity is not currently supported for the following clouds: zscalergov and zscalerten. Refer to the Legacy API Framework section for more information on how authenticate to these environments using the legacy method.

NEW - RESOURCES, DATA SOURCES, PROPERTIES, ATTRIBUTES, ENV VARS

ENV VARS: ZIA Sandbox Submission - BREAKING CHANGES

PR #383: Authentication to Zscaler Sandbox service now use the following attributes.

• sandboxToken - Can also be sourced from the ZSCALER_SANDBOX_TOKEN environment variable.
• sandboxCloud - Can also be sourced from the ZSCALER_SANDBOX_CLOUD environment variable.

The use of the previous envioronment variables combination ZIA_SANDBOX_TOKEN and ZIA_CLOUD is now deprecated.

NEW - RESOURCES, DATA SOURCES

PR #383: The following new resources and data sources have been introduced:

• Added the datasource and resource zia_sandbox_rules PR #383 🚀 - Manage Sandbox Rules
• Added the datasource and resource zia_firewall_dns_rulePR #383 🚀 - Manage Cloud Firewall DNS Rules
• Added the datasource and resource zia_firewall_ips_rule PR #383 🚀 - Manage Cloud Firewall IPS Rules
• Added the datasource and resource zia_file_type_control_rules PR #383 🚀 - Manage File Type Control Rules
• Added the datasource and resource zia_advanced_threat_settings PR #383 🚀 - Manages advanced threat configuration settings
• Added the datasource and resource zia_atp_malicious_urls PR #383 🚀 - Manages malicious URLs added to the denylist in ATP policy
• Added the datasource and resource zia_atp_security_exceptions PR #383 🚀 - Manages Security Exceptions (URL Bypass List) for the ATP policy
• Added the datasource and resource zia_advanced_settings PR #383 🚀 - Manages Advanced Settings configuration. Configuring Advanced Settings
• Added the datasource and resource zia_atp_malware_inspection PR #383 🚀 - Manages Advanced Threat Protection Malware Inspection configuration. Malware Protection
• Added the datasource and resource zia_atp_malware_protocols PR #383 🚀 - Manages Advanced Threat Protection Malware Protocols configuration. Malware Protection
• Added the datasource and resource zia_atp_malware_settings PR #383 🚀 - Manages Advanced Threat Protection Malware Settings. Malware Protection
• Added the datasource and resource zia_atp_malware_policy PR #383 🚀 - Manages Advanced Threat Protection Malware Policy. Malware Protection
• Added the datasource and resource zia_end_user_notification PR #383 🚀 - Retrieves information of browser-based end user notification (EUN) configuration details.Understanding Browser-Based End User Notifications
• Added the datasource and resource zia_url_filtering_and_cloud_app_settings PR #383 🚀 - Manages the URL and Cloud App Control advanced policy settings.Configuring Advanced Policy Settings
• Added the datasource zia_cloud_applications PR #383 🚀 - Retrieves Predefined and User Defined Cloud Applications associated with the DLP rules, Cloud App Control rules, Advanced Settings, Bandwidth Classes, File Type Control rules, and SSL Inspection rules.
• Added the datasource zia_forwarding_control_proxy_gateway PR #383 🚀 - Retrieves information of existing Proxy Gateway configuration.
• Added the datasource and resource zia_ssl_inspection_rules PR #383 🚀 - Manages SSL Inspection Rules.

NEW ATTRIBUTES

• PR #383 - Added new actions values to resource zia_cloud_app_control_rule.
  Please refer to the Cloud Application Control - Rule Types vs Actions Matrix page for details each action per rule_type

v3.0.7

3.0.7 (November, 17 2024)

Notes

• Release date: (November, 17 2024)
• Supported Terraform version: v1.x

Internal Fixes

• PR #374 - Added new file_types supported values in the zia_dlp_web_rules resource. See the zia_dlp_web_rules documentation.

v3.0.6

3.0.6 (October, 8 2024)

Notes

• Release date: (October, 8 2024)
• Supported Terraform version: v1.x

Bug Fixes

• PR #374 - Added missing attribute source_countries to ZIA zia_firewall_filtering_rule

v3.0.5

3.0.5 (October, 4 2024)

Notes

• Release date: (October, 4 2024)
• Supported Terraform version: v1.x

Bug Fixes

• PR #373 - The resource zia_forwarding_control_rule now pauses for 60 seconds before proceeding with the create or update process whenever the forward_method attribute is set to ZPA. In case of a failure related to resource synchronization, the provider will retry the resource creation or update up to 3 times, waiting 30 seconds between each retry. This behavior ensures that ZIA and ZPA have sufficient time to synchronize and replicate the necessary resource IDs, reducing the risk of transient errors during provisioning.
  NOTE This retry mechanism helps to automatically overcome temporary latency without manual intervention. This behavior does not affect forwarding rules configured with other forward_methods such as DIRECT.

v3.0.4

3.0.4 (September, 6 2024)

Notes

• Release date: (September, 6 2024)
• Supported Terraform version: v1.x

Bug Fixes

• PR #369 - Fixed zia_dlp_web_rules validation function for the attribute file_types.

v3.0.3

3.0.3 (August, 27 2024)

Notes

• Release date: (August, 27 2024)
• Supported Terraform version: v1.x

Bug Fixes

• PR #368 - Implemented runtime validation for the attribute dest_addresses in the resource: zia_firewall_filtering_rule. The provider now validates if the IP address provided is an IPv4.

v3.0.2

3.0.2 (August, 19 2024)

Notes

• Release date: (August, 19 2024)
• Supported Terraform version: v1.x

Bug Fixes

• PR #366 - Implemented runtime validation for resource: zia_forwarding_control_rule. The provider now validates incompatible attributes during the plan and apply stages at the schema level.

• PR #366 - Fixed the datasource zia_traffic_forwarding_gre_vip_recommended_list to allow Geo location information override when needed. The datasource now supports the following optional attributes:

  • routable_ip - (Boolean) The routable IP address.
  • within_country_only - (Boolean) Search within country only.
  • include_private_service_edge - (Boolean) Include ZIA Private Service Edge VIPs.
  • include_current_vips - (Boolean) Include currently assigned VIPs.
  • latitude - (Number) The latitude coordinate of the GRE tunnel source.
  • longitude - (Number) The longitude coordinate of the GRE tunnel source.
  • subcloud - (String) The longitude coordinate of the GRE tunnel source.

• PR #366 - Added centralized semaphore functionality to manipulate concurrent request limitations.

v3.0.1

3.0.1 (August, 13 2024)

Notes

• Release date: (August, 13 2024)
• Supported Terraform version: v1.x

Bug Fixes

• PR #365 - Fixed ports attribute in zia_location_management resource to support TypeSet with elements of TypeInt.

Documentation

• PR #365 - Updated documentation for resources: zia_location_management and zia_cloud_app_control_rule

v3.0.0

3.0.0 (August, 12 2024)

Notes

• Release date: (August, 12 2024)
• Supported Terraform version: v1.x

Enhancements

• PR #361 - Added new resource and datasource zia_cloud_app_control_rule for Cloud Application Control rule management.
• PR #361 - Added new datasource zia_dlp_dictionary_predefined_identifiers to retrieve DLP Dictionary Hierarchical Identifiers. The information can be used when configuring DLP Dictionary resource attribute hierarchical_identifiers to clone predefined dictionaries.
• PR #361 - Added new attribute hierarchical_identifiers to zia_dlp_dictionaries resource.
• PR #361 - Enhanced zia_security_settings to support maximum number of blacklist urls.

Bug Fixes

• PR #361 - Added Semaphore retry logic to resource zia_url_categories. This fix will prevent eventual 412 errors due to concurrent backend database changes.
• PR #361 - Fixed ports attribute in zia_location_management resource to support TypeList.

v2.91.4

2.91.4 (July, 3 2024)

Notes

• Release date: (July, 3 2024)
• Supported Terraform version: v1.x

Bug Fix

• PR #357 - Fixed zia_url_filtering_rules drift due to attribute conversion validatidy_start_time and validity_end_time.