diff --git a/.github/workflows/reuse-zia-tests.yml b/.github/workflows/reuse-zia-tests.yml index 15a9b4e3..370c835d 100644 --- a/.github/workflows/reuse-zia-tests.yml +++ b/.github/workflows/reuse-zia-tests.yml @@ -61,7 +61,7 @@ jobs: run: make build - name: Run tests with retry - uses: nick-invision/retry@v2 + uses: nick-fields/retry@v2 with: max_attempts: 3 timeout_minutes: 60 diff --git a/CHANGELOG.md b/CHANGELOG.md index 264cf138..a8278962 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,25 @@ # Changelog +# 2.7.2 (January 31, 2024) + +## Notes +- Golang: **v1.19** + +### Enhacements + +- [PR #315](https://github.com/zscaler/terraform-provider-zia/pull/315) - Added support to new `workload_groups` attributes to the following resources: + - ``zia_firewall_filtering_rule`` + - ``zia_url_filtering_rules`` + - ``zia_dlp_web_rules`` + +### Fixes + +- [PR #315](https://github.com/zscaler/terraform-provider-zia/pull/315) - Fixed panic within the resource ``zia_location_management`` when setting the attribute ``ip_addresses`` in a sub-location. The provider now supports and validates the following ``ip_addresses`` formats: + - `10.0.0.0-10.0.0.255` + - `10.0.0.1` + + ~> **NOTE** CIDR notation is currently not supported due to API response incosistencies that may introduce drifts in the Terraform execution. This issue will be addressed in the future. + # 2.7.1 (January 26, 2024) ## Notes diff --git a/GNUmakefile b/GNUmakefile index 309f38b2..0d72d24e 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -49,14 +49,14 @@ testacc: build13: GOOS=$(shell go env GOOS) build13: GOARCH=$(shell go env GOARCH) ifeq ($(OS),Windows_NT) # is Windows_NT on XP, 2000, 7, Vista, 10... -build13: DESTINATION=$(APPDATA)/terraform.d/plugins/$(ZIA_PROVIDER_NAMESPACE)/2.7.1/$(GOOS)_$(GOARCH) +build13: DESTINATION=$(APPDATA)/terraform.d/plugins/$(ZIA_PROVIDER_NAMESPACE)/2.7.2/$(GOOS)_$(GOARCH) else -build13: DESTINATION=$(HOME)/.terraform.d/plugins/$(ZIA_PROVIDER_NAMESPACE)/2.7.1/$(GOOS)_$(GOARCH) +build13: DESTINATION=$(HOME)/.terraform.d/plugins/$(ZIA_PROVIDER_NAMESPACE)/2.7.2/$(GOOS)_$(GOARCH) endif build13: fmtcheck @echo "==> Installing plugin to $(DESTINATION)" @mkdir -p $(DESTINATION) - go build -o $(DESTINATION)/terraform-provider-zia_v2.7.1 + go build -o $(DESTINATION)/terraform-provider-zia_v2.7.2 coverage: test @echo "✓ Opening coverage for unit tests ..." diff --git a/docs/data-sources/zia_dlp_web_rules.md b/docs/data-sources/zia_dlp_web_rules.md index 550a6e2c..48715fe6 100644 --- a/docs/data-sources/zia_dlp_web_rules.md +++ b/docs/data-sources/zia_dlp_web_rules.md @@ -120,3 +120,7 @@ rules. * `icap_server` - (Optional) The DLP server, using ICAP, to which the transaction content is forwarded. * `id` - (Number) Identifier that uniquely identifies an entity + +* `workload_groups` (List) The list of preconfigured workload groups to which the policy must be applied + * `id` - (Number) A unique identifier assigned to the workload group + * `name` - (String) The name of the workload group diff --git a/docs/data-sources/zia_firewall_filtering_rule.md b/docs/data-sources/zia_firewall_filtering_rule.md index 8995d770..01be0685 100644 --- a/docs/data-sources/zia_firewall_filtering_rule.md +++ b/docs/data-sources/zia_firewall_filtering_rule.md @@ -110,6 +110,10 @@ In addition to all arguments above, the following attributes are exported: - `name` - (String) The configured name of the entity - `extensions` - (Map of String) +* `workload_groups` (List) The list of preconfigured workload groups to which the policy must be applied + * `id` - (Number) A unique identifier assigned to the workload group + * `name` - (String) The name of the workload group + * `Other Exported Arguments` * `id` - (Number) The ID of this resource. * `last_modified_time` - (Number) diff --git a/docs/data-sources/zia_url_filtering_rules.md b/docs/data-sources/zia_url_filtering_rules.md index 1924a04b..aaed245c 100644 --- a/docs/data-sources/zia_url_filtering_rules.md +++ b/docs/data-sources/zia_url_filtering_rules.md @@ -105,3 +105,7 @@ In addition to all arguments above, the following attributes are exported: * `id` - (Number) Identifier that uniquely identifies an entity * `name` -(String) The configured name of the entity * `extensions` - (Map of String) + +* `workload_groups` (List) The list of preconfigured workload groups to which the policy must be applied + * `id` - (Number) A unique identifier assigned to the workload group + * `name` - (String) The name of the workload group diff --git a/docs/guides/release-notes.md b/docs/guides/release-notes.md index 0c6473a0..e6d561d1 100644 --- a/docs/guides/release-notes.md +++ b/docs/guides/release-notes.md @@ -12,10 +12,30 @@ description: |- Track all ZIA Terraform provider's releases. New resources, features, and bug fixes will be tracked here. --- -``Last updated: v2.7.1`` +``Last updated: v2.7.2`` --- +# 2.7.2 (January 31, 2024) + +## Notes +- Golang: **v1.19** + +### Enhacements + +- [PR #315](https://github.com/zscaler/terraform-provider-zia/pull/315) - Added support to new `workload_groups` attributes to the following resources: + - ``zia_firewall_filtering_rule`` + - ``zia_url_filtering_rules`` + - ``zia_dlp_web_rules`` + +### Fixes + +- [PR #315](https://github.com/zscaler/terraform-provider-zia/pull/315) - Fixed panic within the resource ``zia_location_management`` when setting the attribute ``ip_addresses`` in a sub-location. The provider now supports and validates the following ``ip_addresses`` formats: + - `10.0.0.0-10.0.0.255` + - `10.0.0.1` + + ~> **NOTE** CIDR notation is currently not supported due to API response incosistencies that may introduce drifts in the Terraform execution. This issue will be addressed in the future. + # 2.7.1 (January 26, 2024) ## Notes diff --git a/docs/resources/zia_activation_status.md b/docs/resources/zia_activation_status.md index 1513ce96..168b7655 100644 --- a/docs/resources/zia_activation_status.md +++ b/docs/resources/zia_activation_status.md @@ -30,8 +30,6 @@ The following arguments are supported: * `status` - (Required) Activates configuration changes. * ``0`` = ``ACTIVE`` - * ``1`` = ``PENDING`` - * ``2`` = ``INPROGRESS`` ## Attributes Reference diff --git a/docs/resources/zia_dlp_web_rules.md b/docs/resources/zia_dlp_web_rules.md index 187ecf14..9f459281 100644 --- a/docs/resources/zia_dlp_web_rules.md +++ b/docs/resources/zia_dlp_web_rules.md @@ -153,3 +153,7 @@ The following arguments are supported: * `icap_server` The DLP server, using ICAP, to which the transaction content is forwarded. * `id` - (Optional) Identifier that uniquely identifies an entity + +* `workload_groups` (Optional) The list of preconfigured workload groups to which the policy must be applied + * `id` - (Optional) A unique identifier assigned to the workload group + * `name` - (Optional) The name of the workload group diff --git a/docs/resources/zia_firewall_filtering_rule.md b/docs/resources/zia_firewall_filtering_rule.md index f043cf2b..ab6fba63 100644 --- a/docs/resources/zia_firewall_filtering_rule.md +++ b/docs/resources/zia_firewall_filtering_rule.md @@ -116,6 +116,10 @@ The following arguments are supported: * `labels` Labels that are applicable to the rule. - `id` - (String) Identifier that uniquely identifies an entity +* `workload_groups` (Optional) The list of preconfigured workload groups to which the policy must be applied + * `id` - (Optional) A unique identifier assigned to the workload group + * `name` - (Optional) The name of the workload group + * `Other Exported Arguments` * `enable_full_logging` (Boolean) * `predefined` - (Boolean) If set to true, a predefined rule is applied diff --git a/docs/resources/zia_url_filtering_rules.md b/docs/resources/zia_url_filtering_rules.md index a8c54bd1..957424d8 100644 --- a/docs/resources/zia_url_filtering_rules.md +++ b/docs/resources/zia_url_filtering_rules.md @@ -115,3 +115,7 @@ The following arguments are supported: * `labels` * `id` - (Optional) Identifier that uniquely identifies an entity + +* `workload_groups` (Optional) The list of preconfigured workload groups to which the policy must be applied + * `id` - (Optional) A unique identifier assigned to the workload group + * `name` - (Optional) The name of the workload group diff --git a/go.mod b/go.mod index 1cb67f10..9635842e 100644 --- a/go.mod +++ b/go.mod @@ -8,8 +8,8 @@ require ( github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 github.com/hashicorp/go-hclog v1.6.2 github.com/hashicorp/terraform-plugin-sdk v1.17.2 - github.com/hashicorp/terraform-plugin-sdk/v2 v2.31.0 - github.com/zscaler/zscaler-sdk-go/v2 v2.3.7 + github.com/hashicorp/terraform-plugin-sdk/v2 v2.32.0 + github.com/zscaler/zscaler-sdk-go/v2 v2.3.8 ) require ( @@ -34,9 +34,9 @@ require ( github.com/hashicorp/hc-install v0.6.2 // indirect github.com/hashicorp/hcl/v2 v2.19.1 // indirect github.com/hashicorp/logutils v1.0.0 // indirect - github.com/hashicorp/terraform-exec v0.19.0 // indirect - github.com/hashicorp/terraform-json v0.18.0 // indirect - github.com/hashicorp/terraform-plugin-go v0.20.0 // indirect + github.com/hashicorp/terraform-exec v0.20.0 // indirect + github.com/hashicorp/terraform-json v0.21.0 // indirect + github.com/hashicorp/terraform-plugin-go v0.21.0 // indirect github.com/hashicorp/terraform-plugin-log v0.9.0 // indirect github.com/hashicorp/terraform-registry-address v0.2.3 // indirect github.com/hashicorp/terraform-svchost v0.1.1 // indirect @@ -52,14 +52,14 @@ require ( github.com/vmihailenco/msgpack v4.0.4+incompatible // indirect github.com/vmihailenco/msgpack/v5 v5.4.1 // indirect github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect - github.com/zclconf/go-cty v1.14.1 // indirect - golang.org/x/crypto v0.17.0 // indirect + github.com/zclconf/go-cty v1.14.2 // indirect + golang.org/x/crypto v0.18.0 // indirect golang.org/x/mod v0.14.0 // indirect golang.org/x/net v0.18.0 // indirect - golang.org/x/sys v0.15.0 // indirect + golang.org/x/sys v0.16.0 // indirect golang.org/x/text v0.14.0 // indirect google.golang.org/appengine v1.6.8 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20231002182017-d307bd883b97 // indirect - google.golang.org/grpc v1.60.0 // indirect - google.golang.org/protobuf v1.31.0 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17 // indirect + google.golang.org/grpc v1.61.0 // indirect + google.golang.org/protobuf v1.32.0 // indirect ) diff --git a/go.sum b/go.sum index fccfd932..dc55cbce 100644 --- a/go.sum +++ b/go.sum @@ -220,19 +220,19 @@ github.com/hashicorp/logutils v1.0.0 h1:dLEQVugN8vlakKOUE3ihGLTZJRB4j+M2cdTm/ORI github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= github.com/hashicorp/terraform-config-inspect v0.0.0-20191212124732-c6ae6269b9d7/go.mod h1:p+ivJws3dpqbp1iP84+npOyAmTTOLMgCzrXd3GSdn/A= github.com/hashicorp/terraform-exec v0.13.3/go.mod h1:SSg6lbUsVB3DmFyCPjBPklqf6EYGX0TlQ6QTxOlikDU= -github.com/hashicorp/terraform-exec v0.19.0 h1:FpqZ6n50Tk95mItTSS9BjeOVUb4eg81SpgVtZNNtFSM= -github.com/hashicorp/terraform-exec v0.19.0/go.mod h1:tbxUpe3JKruE9Cuf65mycSIT8KiNPZ0FkuTE3H4urQg= +github.com/hashicorp/terraform-exec v0.20.0 h1:DIZnPsqzPGuUnq6cH8jWcPunBfY+C+M8JyYF3vpnuEo= +github.com/hashicorp/terraform-exec v0.20.0/go.mod h1:ckKGkJWbsNqFKV1itgMnE0hY9IYf1HoiekpuN0eWoDw= github.com/hashicorp/terraform-json v0.10.0/go.mod h1:3defM4kkMfttwiE7VakJDwCd4R+umhSQnvJwORXbprE= -github.com/hashicorp/terraform-json v0.18.0 h1:pCjgJEqqDESv4y0Tzdqfxr/edOIGkjs8keY42xfNBwU= -github.com/hashicorp/terraform-json v0.18.0/go.mod h1:qdeBs11ovMzo5puhrRibdD6d2Dq6TyE/28JiU4tIQxk= -github.com/hashicorp/terraform-plugin-go v0.20.0 h1:oqvoUlL+2EUbKNsJbIt3zqqZ7wi6lzn4ufkn/UA51xQ= -github.com/hashicorp/terraform-plugin-go v0.20.0/go.mod h1:Rr8LBdMlY53a3Z/HpP+ZU3/xCDqtKNCkeI9qOyT10QE= +github.com/hashicorp/terraform-json v0.21.0 h1:9NQxbLNqPbEMze+S6+YluEdXgJmhQykRyRNd+zTI05U= +github.com/hashicorp/terraform-json v0.21.0/go.mod h1:qdeBs11ovMzo5puhrRibdD6d2Dq6TyE/28JiU4tIQxk= +github.com/hashicorp/terraform-plugin-go v0.21.0 h1:VSjdVQYNDKR0l2pi3vsFK1PdMQrw6vGOshJXMNFeVc0= +github.com/hashicorp/terraform-plugin-go v0.21.0/go.mod h1:piJp8UmO1uupCvC9/H74l2C6IyKG0rW4FDedIpwW5RQ= github.com/hashicorp/terraform-plugin-log v0.9.0 h1:i7hOA+vdAItN1/7UrfBqBwvYPQ9TFvymaRGZED3FCV0= github.com/hashicorp/terraform-plugin-log v0.9.0/go.mod h1:rKL8egZQ/eXSyDqzLUuwUYLVdlYeamldAHSxjUFADow= github.com/hashicorp/terraform-plugin-sdk v1.17.2 h1:V7DUR3yBWFrVB9z3ddpY7kiYVSsq4NYR67NiTs93NQo= github.com/hashicorp/terraform-plugin-sdk v1.17.2/go.mod h1:wkvldbraEMkz23NxkkAsFS88A1R9eUiooiaUZyS6TLw= -github.com/hashicorp/terraform-plugin-sdk/v2 v2.31.0 h1:Bl3e2ei2j/Z3Hc2HIS15Gal2KMKyLAZ2om1HCEvK6es= -github.com/hashicorp/terraform-plugin-sdk/v2 v2.31.0/go.mod h1:i2C41tszDjiWfziPQDL5R/f3Zp0gahXe5No/MIO9rCE= +github.com/hashicorp/terraform-plugin-sdk/v2 v2.32.0 h1:7xdO9aOXVmhvMxNAq8UloyyqW0EEzyAY37llSTHJgjo= +github.com/hashicorp/terraform-plugin-sdk/v2 v2.32.0/go.mod h1:LxQzs7AQl/5JE1IGFd6LX8E4A0InRJ/7s245gOmsejA= github.com/hashicorp/terraform-plugin-test/v2 v2.2.1/go.mod h1:eZ9JL3O69Cb71Skn6OhHyj17sLmHRb+H6VrDcJjKrYU= github.com/hashicorp/terraform-registry-address v0.2.3 h1:2TAiKJ1A3MAkZlH1YI/aTVcLZRu7JseiXNRHbOAyoTI= github.com/hashicorp/terraform-registry-address v0.2.3/go.mod h1:lFHA76T8jfQteVfT7caREqguFrW3c4MFSPhZB7HHgUM= @@ -364,12 +364,12 @@ github.com/zclconf/go-cty v1.1.0/go.mod h1:xnAOWiHeOqg2nWS62VtQ7pbOu17FtxJNW8RLE github.com/zclconf/go-cty v1.2.0/go.mod h1:hOPWgoHbaTUnI5k4D2ld+GRpFJSCe6bCM7m1q/N4PQ8= github.com/zclconf/go-cty v1.2.1/go.mod h1:hOPWgoHbaTUnI5k4D2ld+GRpFJSCe6bCM7m1q/N4PQ8= github.com/zclconf/go-cty v1.8.2/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= -github.com/zclconf/go-cty v1.14.1 h1:t9fyA35fwjjUMcmL5hLER+e/rEPqrbCK1/OSE4SI9KA= -github.com/zclconf/go-cty v1.14.1/go.mod h1:VvMs5i0vgZdhYawQNq5kePSpLAoz8u1xvZgrPIxfnZE= +github.com/zclconf/go-cty v1.14.2 h1:kTG7lqmBou0Zkx35r6HJHUQTvaRPr5bIAf3AoHS0izI= +github.com/zclconf/go-cty v1.14.2/go.mod h1:VvMs5i0vgZdhYawQNq5kePSpLAoz8u1xvZgrPIxfnZE= github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b/go.mod h1:ZRKQfBXbGkpdV6QMzT3rU1kSTAnfu1dO8dPKjYprgj8= github.com/zclconf/go-cty-yaml v1.0.2/go.mod h1:IP3Ylp0wQpYm50IHK8OZWKMu6sPJIUgKa8XhiVHura0= -github.com/zscaler/zscaler-sdk-go/v2 v2.3.7 h1:lJOujmoSFLlfRh0ol8ZqfyYU51QJ8fWYIzKSjm0VtKI= -github.com/zscaler/zscaler-sdk-go/v2 v2.3.7/go.mod h1:g/qnPLyT4QQErOWkMZ6wgn3IM3r3mIjdm3ZDUKIgdbk= +github.com/zscaler/zscaler-sdk-go/v2 v2.3.8 h1:ajdAHp0SSbY5BahC2EfQo/812v2QwpKaDjsnwtYSbAM= +github.com/zscaler/zscaler-sdk-go/v2 v2.3.8/go.mod h1:v8TLsPbVlQ3kAvGs8sIWsuhSAVggLbowiyDzaGYPWKg= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= @@ -387,8 +387,8 @@ golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.3.1-0.20221117191849-2c476679df9a/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU= -golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k= -golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= +golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc= +golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -525,14 +525,14 @@ golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= -golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU= +golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= -golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4= +golang.org/x/term v0.16.0 h1:m+B6fahuftsE9qjo0VWp2FW0mB3MTJvR0BaMQrq0pmE= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -654,8 +654,8 @@ google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto/googleapis/rpc v0.0.0-20231002182017-d307bd883b97 h1:6GQBEOdGkX6MMTLT9V+TjtIRZCw9VPD5Z+yHY9wMgS0= -google.golang.org/genproto/googleapis/rpc v0.0.0-20231002182017-d307bd883b97/go.mod h1:v7nGkzlmW8P3n/bKmWBn2WpBjpOEx8Q6gMueudAmKfY= +google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17 h1:Jyp0Hsi0bmHXG6k9eATXoYtjd6e2UzZ1SCn/wIupY14= +google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17/go.mod h1:oQ5rr10WTTMvP4A36n8JpR1OrO1BEiV4f78CneXZxkA= google.golang.org/grpc v1.8.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= @@ -671,8 +671,8 @@ google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= google.golang.org/grpc v1.31.1/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= google.golang.org/grpc v1.32.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= -google.golang.org/grpc v1.60.0 h1:6FQAR0kM31P6MRdeluor2w2gPaS4SVNrD/DNTxrQ15k= -google.golang.org/grpc v1.60.0/go.mod h1:OlCHIeLYqSSsLi6i49B5QGdzaMZK9+M7LXN2FKz4eGM= +google.golang.org/grpc v1.61.0 h1:TOvOcuXn30kRao+gfcvsebNEa5iZIiLkisYEkf7R7o0= +google.golang.org/grpc v1.61.0/go.mod h1:VUbo7IFqmF1QtCAstipjG0GIoq49KvMe9+h1jFLBNJs= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -685,8 +685,8 @@ google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGj google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= -google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.32.0 h1:pPC6BG5ex8PDFnkbrGU3EixyhKcQ2aDuBS36lqK/C7I= +google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= diff --git a/zia/common.go b/zia/common.go index 89beb72f..5a26450d 100644 --- a/zia/common.go +++ b/zia/common.go @@ -169,27 +169,6 @@ func expandIDNameExtensionsSet(d *schema.ResourceData, key string) []common.IDNa return []common.IDNameExtensions{} } -/* -// Deprecated common helper function - - func expandIDSet(d *schema.ResourceData, key string) []int { - var ids []int - - if v, ok := d.GetOk(key); ok { - set := v.(*schema.Set) - list := set.List() - for _, item := range list { - if idMap, ok := item.(map[string]interface{}); ok { - if id, ok := idMap["id"].(int); ok { - ids = append(ids, id) - } - } - } - } - return ids - } -*/ - func expandUserDepartment(d *schema.ResourceData) *common.UserDepartment { departmentObj, ok := d.GetOk("department") if !ok { @@ -360,6 +339,48 @@ func expandIDNameSet(d *schema.ResourceData, key string) *common.IDName { return nil } +// Common Flattening function to support Workload Groups across other resources +func flattenWorkloadGroups(workloadGroups []common.IDName) []interface{} { + if workloadGroups == nil { + return nil + } + + wgList := make([]interface{}, len(workloadGroups)) + for i, wg := range workloadGroups { + wgMap := make(map[string]interface{}) + wgMap["id"] = wg.ID + wgMap["name"] = wg.Name + wgList[i] = wgMap + } + + return wgList +} + +// Common expand function to support Workload Groups across other resources +func expandWorkloadGroups(d *schema.ResourceData, key string) []common.IDName { + // Retrieve the set from the resource data + if v, ok := d.GetOk(key); ok { + workloadGroupsSet := v.(*schema.Set) + // Initialize the slice to hold the expanded workload groups + workloadGroups := make([]common.IDName, 0, workloadGroupsSet.Len()) + + // Iterate over the set and construct the slice of common.IDName + for _, wgMapInterface := range workloadGroupsSet.List() { + wgMap := wgMapInterface.(map[string]interface{}) + wg := common.IDName{ + ID: wgMap["id"].(int), + Name: wgMap["name"].(string), + } + workloadGroups = append(workloadGroups, wg) + } + + return workloadGroups + } + + // Return an empty slice if the key is not set + return []common.IDName{} +} + func flattenLastModifiedBy(lastModifiedBy *common.IDNameExtensions) []interface{} { lastModified := make([]interface{}, 0) if lastModifiedBy != nil { diff --git a/zia/common/version.go b/zia/common/version.go index 7facf1ff..b38bacf4 100644 --- a/zia/common/version.go +++ b/zia/common/version.go @@ -1,6 +1,6 @@ package common -var version = "2.6.3" +var version = "2.7.2" // Version returns version of provider func Version() string { diff --git a/zia/data_source_zia_dlp_web_rules.go b/zia/data_source_zia_dlp_web_rules.go index 844deef3..56f13f63 100644 --- a/zia/data_source_zia_dlp_web_rules.go +++ b/zia/data_source_zia_dlp_web_rules.go @@ -529,6 +529,114 @@ func dataSourceDlpWebRules() *schema.Resource { }, }, }, + "workload_groups": { + Type: schema.TypeList, + Computed: true, + Description: "The list of preconfigured workload groups to which the policy must be applied", + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "id": { + Type: schema.TypeInt, + Computed: true, + Description: "A unique identifier assigned to the workload group", + }, + "name": { + Type: schema.TypeString, + Computed: true, + Description: "The name of the workload group", + }, + "description": { + Type: schema.TypeString, + Computed: true, + Description: "The description of the workload group", + }, + "expression_json": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "expression_containers": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "tag_type": { + Type: schema.TypeString, + Computed: true, + }, + "operator": { + Type: schema.TypeString, + Computed: true, + }, + "tag_container": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "tags": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "key": { + Type: schema.TypeString, + Computed: true, + }, + "value": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + "operator": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + }, + }, + }, + }, + }, + }, + "expression": { + Type: schema.TypeString, + Computed: true, + Description: "The description of the workload group", + }, + "last_modified_time": { + Type: schema.TypeInt, + Computed: true, + }, + "last_modified_by": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "id": { + Type: schema.TypeInt, + Computed: true, + }, + "name": { + Type: schema.TypeString, + Computed: true, + }, + "extensions": { + Type: schema.TypeMap, + Computed: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + }, + }, + }, + }, + }, + }, }, } } @@ -646,7 +754,9 @@ func dataSourceDlpWebRulesRead(d *schema.ResourceData, m interface{}) error { if err := d.Set("excluded_users", flattenIDExtensions(resp.ExcludedUsers)); err != nil { return err } - + if err := d.Set("workload_groups", flattenWorkloadGroups(resp.WorkloadGroups)); err != nil { + return fmt.Errorf("error setting workload_groups: %s", err) + } } else { return fmt.Errorf("couldn't find any web dlp rule with name '%s' or id '%d'", name, id) } diff --git a/zia/data_source_zia_firewall_filtering_rules.go b/zia/data_source_zia_firewall_filtering_rules.go index fc2d823e..b7a68377 100644 --- a/zia/data_source_zia_firewall_filtering_rules.go +++ b/zia/data_source_zia_firewall_filtering_rules.go @@ -497,6 +497,114 @@ func dataSourceFirewallFilteringRule() *schema.Resource { }, }, }, + "workload_groups": { + Type: schema.TypeList, + Computed: true, + Description: "The list of preconfigured workload groups to which the policy must be applied", + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "id": { + Type: schema.TypeInt, + Computed: true, + Description: "A unique identifier assigned to the workload group", + }, + "name": { + Type: schema.TypeString, + Computed: true, + Description: "The name of the workload group", + }, + "description": { + Type: schema.TypeString, + Computed: true, + Description: "The description of the workload group", + }, + "expression_json": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "expression_containers": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "tag_type": { + Type: schema.TypeString, + Computed: true, + }, + "operator": { + Type: schema.TypeString, + Computed: true, + }, + "tag_container": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "tags": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "key": { + Type: schema.TypeString, + Computed: true, + }, + "value": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + "operator": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + }, + }, + }, + }, + }, + }, + "expression": { + Type: schema.TypeString, + Computed: true, + Description: "The description of the workload group", + }, + "last_modified_time": { + Type: schema.TypeInt, + Computed: true, + }, + "last_modified_by": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "id": { + Type: schema.TypeInt, + Computed: true, + }, + "name": { + Type: schema.TypeString, + Computed: true, + }, + "extensions": { + Type: schema.TypeMap, + Computed: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + }, + }, + }, + }, + }, + }, "default_rule": { Type: schema.TypeBool, Computed: true, @@ -619,7 +727,9 @@ func dataSourceFirewallFilteringRuleRead(d *schema.ResourceData, m interface{}) if err := d.Set("devices", flattenIDNameExtensions(resp.Devices)); err != nil { return err } - + if err := d.Set("workload_groups", flattenWorkloadGroups(resp.WorkloadGroups)); err != nil { + return fmt.Errorf("error setting workload_groups: %s", err) + } if err := d.Set("zpa_app_segments", flattenZPAAppSegments(resp.ZPAAppSegments)); err != nil { return err } diff --git a/zia/data_source_zia_firewall_filtering_rules_test.go b/zia/data_source_zia_firewall_filtering_rules_test.go index 22bfaa7e..e805f607 100644 --- a/zia/data_source_zia_firewall_filtering_rules_test.go +++ b/zia/data_source_zia_firewall_filtering_rules_test.go @@ -1,6 +1,5 @@ package zia -/* import ( "strconv" "testing" @@ -53,4 +52,3 @@ func TestAccDataSourceFirewallFilteringRule_Basic(t *testing.T) { }, }) } -*/ diff --git a/zia/data_source_zia_url_filtering_rules.go b/zia/data_source_zia_url_filtering_rules.go index 962223fd..b9907421 100644 --- a/zia/data_source_zia_url_filtering_rules.go +++ b/zia/data_source_zia_url_filtering_rules.go @@ -404,6 +404,114 @@ func dataSourceURLFilteringRules() *schema.Resource { Type: schema.TypeBool, Computed: true, }, + "workload_groups": { + Type: schema.TypeList, + Computed: true, + Description: "The list of preconfigured workload groups to which the policy must be applied", + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "id": { + Type: schema.TypeInt, + Computed: true, + Description: "A unique identifier assigned to the workload group", + }, + "name": { + Type: schema.TypeString, + Computed: true, + Description: "The name of the workload group", + }, + "description": { + Type: schema.TypeString, + Computed: true, + Description: "The description of the workload group", + }, + "expression_json": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "expression_containers": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "tag_type": { + Type: schema.TypeString, + Computed: true, + }, + "operator": { + Type: schema.TypeString, + Computed: true, + }, + "tag_container": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "tags": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "key": { + Type: schema.TypeString, + Computed: true, + }, + "value": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + "operator": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + }, + }, + }, + }, + }, + }, + "expression": { + Type: schema.TypeString, + Computed: true, + Description: "The description of the workload group", + }, + "last_modified_time": { + Type: schema.TypeInt, + Computed: true, + }, + "last_modified_by": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "id": { + Type: schema.TypeInt, + Computed: true, + }, + "name": { + Type: schema.TypeString, + Computed: true, + }, + "extensions": { + Type: schema.TypeMap, + Computed: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + }, + }, + }, + }, + }, + }, }, } } @@ -514,7 +622,9 @@ func dataSourceURLFilteringRulesRead(d *schema.ResourceData, m interface{}) erro return err } } - + if err := d.Set("workload_groups", flattenWorkloadGroups(resp.WorkloadGroups)); err != nil { + return fmt.Errorf("error setting workload_groups: %s", err) + } } else { return fmt.Errorf("couldn't find any url filtering rule with name '%s' or id '%d'", name, id) } diff --git a/zia/data_source_zia_url_filtering_rules_test.go b/zia/data_source_zia_url_filtering_rules_test.go index 7e90f216..501ada2c 100644 --- a/zia/data_source_zia_url_filtering_rules_test.go +++ b/zia/data_source_zia_url_filtering_rules_test.go @@ -1,6 +1,5 @@ package zia -/* import ( "testing" @@ -39,4 +38,3 @@ func TestAccDataSourceURLFilteringRules_Basic(t *testing.T) { }, }) } -*/ diff --git a/zia/resource_zia_activation.go b/zia/resource_zia_activation.go index b1833fd9..51ac33d3 100644 --- a/zia/resource_zia_activation.go +++ b/zia/resource_zia_activation.go @@ -25,8 +25,6 @@ func resourceActivationStatus() *schema.Resource { Description: "Organization Policy Edit/Update Activation status", ValidateFunc: validation.StringInSlice([]string{ "ACTIVE", - "PENDING", - "INPROGRESS", }, false), }, }, diff --git a/zia/resource_zia_activation_test.go b/zia/resource_zia_activation_test.go index 4efbf59c..515c0f18 100644 --- a/zia/resource_zia_activation_test.go +++ b/zia/resource_zia_activation_test.go @@ -1,5 +1,6 @@ package zia +/* import ( "testing" @@ -8,25 +9,18 @@ import ( ) func TestAccResourceActivationStatus(t *testing.T) { - resourceName := "zia_activation_status.test" + resourceName := "zia_activation_status.this" resource.ParallelTest(t, resource.TestCase{ Providers: testAccProviders, // Ensure you have a provider configuration for testing CheckDestroy: testAccCheckActivationStatusDestroy, Steps: []resource.TestStep{ { - Config: testAccResourceActivationStatusConfig("ACTIVE"), + Config: testAccResourceActivationStatusConfig(), Check: resource.ComposeTestCheckFunc( testAccCheckActivationStatusExists(resourceName), resource.TestCheckResourceAttr(resourceName, "status", "ACTIVE"), ), }, - { - Config: testAccResourceActivationStatusConfig("PENDING"), - Check: resource.ComposeTestCheckFunc( - testAccCheckActivationStatusExists(resourceName), - resource.TestCheckResourceAttr(resourceName, "status", "PENDING"), - ), - }, }, }) } @@ -45,10 +39,11 @@ func testAccCheckActivationStatusExists(n string) resource.TestCheckFunc { } } -func testAccResourceActivationStatusConfig(status string) string { +func testAccResourceActivationStatusConfig() string { // This mimics a .tf file configuration return ` -resource "zia_activation_status" "test" { - status = "` + status + `" +resource "zia_activation_status" "this" { + status = "ACTIVE" }` } +*/ diff --git a/zia/resource_zia_dlp_web_rules.go b/zia/resource_zia_dlp_web_rules.go index 5e2997d0..535c0ceb 100644 --- a/zia/resource_zia_dlp_web_rules.go +++ b/zia/resource_zia_dlp_web_rules.go @@ -217,6 +217,7 @@ func resourceDlpWebRules() *schema.Resource { "excluded_departments": setIDsSchemaTypeCustom(intPtr(256), "The Name-ID pairs of users to which the DLP policy rule must be applied."), "excluded_users": setIDsSchemaTypeCustom(intPtr(256), "The Name-ID pairs of users to which the DLP policy rule must be applied."), "excluded_groups": setIDsSchemaTypeCustom(intPtr(256), "The Name-ID pairs of users to which the DLP policy rule must be applied."), + "workload_groups": setIdNameSchemaCustom(255, "The list of preconfigured workload groups to which the policy must be applied"), "dlp_engines": setIDsSchemaTypeCustom(intPtr(4), "The list of DLP engines to which the DLP policy rule must be applied."), "time_windows": setIDsSchemaTypeCustom(intPtr(2), "list of time interval during which rule must be enforced."), "labels": setIDsSchemaTypeCustom(intPtr(1), "list of Labels that are applicable to the rule."), @@ -410,7 +411,9 @@ func resourceDlpWebRulesRead(d *schema.ResourceData, m interface{}) error { if err := d.Set("excluded_users", flattenIDExtensions(resp.ExcludedUsers)); err != nil { return err } - + if err := d.Set("workload_groups", flattenWorkloadGroups(resp.WorkloadGroups)); err != nil { + return fmt.Errorf("error setting workload_groups: %s", err) + } return nil } @@ -541,6 +544,7 @@ func expandDlpWebRules(d *schema.ResourceData) dlp_web_rules.WebDLPRules { ExcludedUsers: expandIDNameExtensionsSet(d, "excluded_groups"), ExcludedGroups: expandIDNameExtensionsSet(d, "excluded_departments"), ExcludedDepartments: expandIDNameExtensionsSet(d, "excluded_users"), + WorkloadGroups: expandWorkloadGroups(d, "workload_groups"), } return result } diff --git a/zia/resource_zia_dlp_web_rules_test.go b/zia/resource_zia_dlp_web_rules_test.go index 27e1b56e..10907b7d 100644 --- a/zia/resource_zia_dlp_web_rules_test.go +++ b/zia/resource_zia_dlp_web_rules_test.go @@ -145,10 +145,6 @@ data "zia_url_categories" "finance"{ id = "FINANCE" } -data "zia_rule_labels" "can"{ - name = "GLOBAL" -} - data "zia_firewall_filtering_time_window" "work_hours" { name = "Work Hours" } diff --git a/zia/resource_zia_firewall_filtering_rules.go b/zia/resource_zia_firewall_filtering_rules.go index d96dc102..1bacd580 100644 --- a/zia/resource_zia_firewall_filtering_rules.go +++ b/zia/resource_zia_firewall_filtering_rules.go @@ -142,7 +142,7 @@ func resourceFirewallFilteringRules() *schema.Resource { "users": setIDsSchemaTypeCustom(intPtr(4), "list of users for which rule must be applied"), "groups": setIDsSchemaTypeCustom(intPtr(8), "list of groups for which rule must be applied"), "departments": setIDsSchemaTypeCustom(intPtr(140000), "list of departments for which rule must be applied"), - "time_windows": setIDsSchemaTypeCustom(intPtr(2), "list of time interval during which rule must be enforced."), + "time_windows": setIDsSchemaTypeCustom(intPtr(2), "The time interval in which the Firewall Filtering policy rule applies"), "labels": setIDsSchemaTypeCustom(intPtr(1), "list of Labels that are applicable to the rule."), "device_groups": setIDsSchemaTypeCustom(nil, "This field is applicable for devices that are managed using Zscaler Client Connector."), "devices": setIDsSchemaTypeCustom(nil, "Name-ID pairs of devices for which rule must be applied."), @@ -152,6 +152,7 @@ func resourceFirewallFilteringRules() *schema.Resource { "app_services": setIDsSchemaTypeCustom(nil, "list of application services"), "nw_application_groups": setIDsSchemaTypeCustom(nil, "list of nw application groups"), "nw_service_groups": setIDsSchemaTypeCustom(nil, "list of nw service groups"), + "workload_groups": setIdNameSchemaCustom(255, "The list of preconfigured workload groups to which the policy must be applied"), "nw_services": setIDsSchemaTypeCustom(intPtr(1024), "list of nw services"), "zpa_app_segments": setExtIDNameSchemaCustom(intPtr(255), "The list of ZPA Application Segments for which this rule is applicable. This field is applicable only for the ZPA Gateway forwarding method."), "dest_countries": getDestinationCountries(), @@ -358,7 +359,9 @@ func resourceFirewallFilteringRulesRead(d *schema.ResourceData, m interface{}) e if err := d.Set("devices", flattenIDs(resp.Devices)); err != nil { return err } - + if err := d.Set("workload_groups", flattenWorkloadGroups(resp.WorkloadGroups)); err != nil { + return fmt.Errorf("error setting workload_groups: %s", err) + } if err := d.Set("zpa_app_segments", flattenZPAAppSegmentsSimple(resp.ZPAAppSegments)); err != nil { return err } @@ -493,6 +496,7 @@ func expandFirewallFilteringRules(d *schema.ResourceData) filteringrules.Firewal Labels: expandIDNameExtensionsSet(d, "labels"), DeviceGroups: expandIDNameExtensionsSet(d, "device_groups"), Devices: expandIDNameExtensionsSet(d, "devices"), + WorkloadGroups: expandWorkloadGroups(d, "workload_groups"), ZPAAppSegments: expandZPAAppSegmentSet(d, "zpa_app_segments"), } return result diff --git a/zia/resource_zia_firewall_filtering_rules_test.go b/zia/resource_zia_firewall_filtering_rules_test.go index 0dbb208e..1d6969b2 100644 --- a/zia/resource_zia_firewall_filtering_rules_test.go +++ b/zia/resource_zia_firewall_filtering_rules_test.go @@ -1,6 +1,5 @@ package zia -/* import ( "fmt" "log" @@ -272,4 +271,3 @@ resource "%s" "%s" { dstIPGroupTypeAndName, ) } -*/ diff --git a/zia/resource_zia_location_management.go b/zia/resource_zia_location_management.go index a491a953..688abbe4 100644 --- a/zia/resource_zia_location_management.go +++ b/zia/resource_zia_location_management.go @@ -88,6 +88,8 @@ func resourceLocationManagement() *schema.Resource { ValidateFunc: validation.Any( validation.IsIPv4Address, validation.IsIPv4Range, + validation.IsIPAddress, + validation.IsCIDRNetwork(0, 32), ), }, Description: "For locations: IP addresses of the egress points that are provisioned in the Zscaler Cloud. Each entry is a single IP address (e.g., 238.10.33.9).", @@ -316,8 +318,8 @@ func resourceLocationManagementCreate(d *schema.ResourceData, m interface{}) err zClient := m.(*Client) if parentIDInt, ok := d.GetOk("parent_id"); ok && parentIDInt.(int) != 0 { - ipInter, ipSet := d.GetOk("ip_addresses") - if !ipSet || len(removeEmpty(ListToStringSlice(ipInter.([]interface{})))) == 0 { + ipAddresses := d.Get("ip_addresses").(*schema.Set) + if len(removeEmpty(ListToStringSlice(ipAddresses.List()))) == 0 { return fmt.Errorf("when the location is a sub-location ip_addresses must not be empty: %v", d.Get("name")) } } diff --git a/zia/resource_zia_url_filtering_rules.go b/zia/resource_zia_url_filtering_rules.go index c536775f..fc8c25b9 100644 --- a/zia/resource_zia_url_filtering_rules.go +++ b/zia/resource_zia_url_filtering_rules.go @@ -193,6 +193,7 @@ func resourceURLFilteringRules() *schema.Resource { "devices": setIDsSchemaTypeCustom(nil, "Name-ID pairs of devices for which rule must be applied."), "location_groups": setIDsSchemaTypeCustom(intPtr(32), "Name-ID pairs of the location groups to which the rule must be applied."), "labels": setIDsSchemaTypeCustom(nil, "The URL Filtering rule's label."), + "workload_groups": setIdNameSchemaCustom(255, "The list of preconfigured workload groups to which the policy must be applied"), "device_trust_levels": getDeviceTrustLevels(), "user_risk_score_levels": getUserRiskScoreLevels(), "url_categories": getURLCategories(), @@ -400,7 +401,9 @@ func resourceURLFilteringRulesRead(d *schema.ResourceData, m interface{}) error if err := d.Set("devices", flattenIDs(resp.Devices)); err != nil { return err } - + if err := d.Set("workload_groups", flattenWorkloadGroups(resp.WorkloadGroups)); err != nil { + return fmt.Errorf("error setting workload_groups: %s", err) + } return nil } @@ -518,6 +521,7 @@ func expandURLFilteringRules(d *schema.ResourceData) urlfilteringpolicies.URLFil Labels: expandIDNameExtensionsSet(d, "labels"), DeviceGroups: expandIDNameExtensionsSet(d, "device_groups"), Devices: expandIDNameExtensionsSet(d, "devices"), + WorkloadGroups: expandWorkloadGroups(d, "workload_groups"), CBIProfile: expandCBIProfile(d), } diff --git a/zia/version.go b/zia/version.go index 441dd6c4..3b14ae1b 100644 --- a/zia/version.go +++ b/zia/version.go @@ -1,4 +1,4 @@ package zia // ProviderVersion is set at build-time in the release process -var ProviderVersion = "2.7.0" +var ProviderVersion = "2.7.2"