v2.7.0

[willguibr]

2.7.0 (January, 17 2023)

Notes

• Release date: (January, 17 2023)
• Supported Terraform version: v1.x

Enhancements

NEW - RESOURCES, DATA SOURCES

• PR #293 - ✨ Added support for ZIA 🆕 Custom ZPA Gateway for use with Forwarding Control policy to forward traffic to ZPA for Source IP Anchoring.

• PR #294 - ✨ Added support for ZIA 🆕 Forwarding Control Rule configuration.

• PR #295 - ✨ Added ZIA Sandbox MD5 Hash and verdict report submission Resources:

  • Sandbox Advanced Settings - zia_sandbox_behavioral_analysis Gets and Upddates the custom list of MD5 file hashes that are blocked by Sandbox.
  • Sandbox Report - zia_sandbox_report Gets a full (i.e., complete) or summary detail report for an MD5 hash of a file that was analyzed by Sandbox.

• PR #295 - ✨ Added ZIA Sandbox raw and archive file submission:

  • Sandbox Submission - zia_sandbox_file_submission - Submits raw or archive files (e.g., ZIP) to Sandbox for analysis. You can submit up to 100 files per day and it supports all file types that are currently supported by Sandbox.
  • Sandbox Submission - zia_sandbox_file_submission - Submits raw or archive files (e.g., ZIP) to the Zscaler service for out-of-band file inspection to generate real-time verdicts for known and unknown files. It leverages capabilities such as Malware Prevention, Advanced Threat Prevention, Sandbox cloud effect, AI/ML-driven file analysis, and integrated third-party threat intelligence feeds to inspect files and classify them as benign or malicious instantaneously.
    ⚠️ Note:: The ZIA Terraform provider requires both the ZIA_CLOUD and ZIA_SANDBOX_TOKEN in order to authenticate to the Zscaler Cloud Sandbox environment. For details on how obtain the API Token visit the Zscaler help portal About Sandbox API Token

• PR #302 - Added new zia_dlp_web_rules attributes:

  • severity - Supported values: RULE_SEVERITY_HIGH, RULE_SEVERITY_MEDIUM, RULE_SEVERITY_LOW, RULE_SEVERITY_INFO
  • user_risk_score_levels - Supported values: LOW, MEDIUM, HIGH, CRITICAL
  • parent_rule
  • sub_rules

• PR #308 - ✨ Added 🆕 Cloud Browser Isolation Profile data source. The data source can be used to associate a CBI profile with the zia_url_filtering_rules resource when the action is set to ISOLATE

• PR #309 - ✨ Added 🆕 support to the following attributes within the zia_firewall_filtering_rule:

  • device_trust_levels - Supported values: UNKNOWN_DEVICETRUSTLEVEL, LOW_TRUST, MEDIUM_TRUST, HIGH_TRUST
  • user_risk_score_levels - Supported values: LOW, MEDIUM, HIGH, CRITICAL
  • devices
  • device_groups

• PR #309 - ✨ Added new attribute zpa_app_segments to zia_firewall_filtering_rule to support ZPA Application Segments. Only ZPA application segments that have the Source IP Anchor option enabled are supported.

Fixes

• PR #299 - Fixed panic with zia_url_categories.
• PR #302 - Fixed zia_dlp_web_rules File Types validation function.

---

This discussion was created from the release v2.7.0.