v2.5.0

fix: Removed githubactions

v2.4.2

2.4.2 (March 11, 2024)

Notes

• Golang: v1.21

ZPA Additions

Emergency Access

• Added POST /emergencyAccess/user to create an emergency acess user for a specified customer. PR #226
• Added GET /emergencyAccess/user to get all emergency acess users for a specified customer. PR #226
• Added GET /emergencyAccess/user/{userId} to get the emergency access user for a specified customer. PR #226
• Added PUT /emergencyAccess/user/{userId}to update the emergency access user for thae specified customer. PR #226
• Added PUT /emergencyAccess/user/{userId}/activate to activate the emergency access user for the specified customer. PR #226
• Added PUT /emergencyAccess/user/{userId}/deactivate to deactivate the emergency access user for the specified customer. PR #226

Policy Access Controller

• Added POST and PUT /mgmtconfig/v2/admin/customers/{customerId}/policySet/{policySetId}/rule endpoints for access policy rule creation. This endpoint allows for larger payload submission. PR #228

• Added POST and PUT /mgmtconfig/v2/admin/customers/{customerId}/policySet/{policySetId}/rule endpoints for access policy rule creation. This endpoint allows for larger payload submission. PR #228

Privileged Remote Access Approval

• Added GET /mgmtconfig/v1/admin/customers/{customerId}/approval endpoint to get all PRA Approval resources for a specified customer
• Added GET /mgmtconfig/v1/admin/customers/{customerId}/approval/{id} endpoint to get a specific PRA Approval resources for a specified customer
• Added POST /mgmtconfig/v1/admin/customers/{customerId}/approval endpoint to add PRA Approval resources for a specified customer. PR #233
• Added PUT /mgmtconfig/v1/admin/customers/{customerId}/approval/{id} endpoint to update a specific PRA Approval resources for a specified customer. PR #233
• Added DELETE /mgmtconfig/v1/admin/customers/{customerId}/approval/{id} endpoint to delete a specific PRA Approval resources for a specified customer. PR #233
• Added DELETE /mgmtconfig/v1/admin/customers/{customerId}/approval/expired endpoint to delete all PRA Approval resources for a specified customer. PR #233

Privileged Remote Access Console

• Added GET /mgmtconfig/v1/admin/customers/{customerId}/console endpoint to get all PRA Console resources for a specified customer
• Added GET /mgmtconfig/v1/admin/customers/{customerId}/console/{id} endpoint to get a specific PRA Console resources for a specified customer
• Added GET /mgmtconfig/v1/admin/customers/{customerId}/console/praPortal/{portalId} endpoint to get privileged consoles for a specified privileged portal.
• Added POST /mgmtconfig/v1/admin/customers/{customerId}/console endpoint to add PRA Console resources for a specified customer. PR #233
• Added POST /mgmtconfig/v1/admin/customers/{customerId}/console/bulk endpoint to create a list of PRA Console resources to a specified privileged portal and customer. PR #233
• Added PUT /mgmtconfig/v1/admin/customers/{customerId}/console/{id} endpoint to update a specific PRA Console resources for a specified customer. PR #233
• Added DELETE /mgmtconfig/v1/admin/customers/{customerId}/console/{id} endpoint to delete a specific PRA Console resources for a specified customer. PR #233

Privileged Remote Access Portal

• Added GET /mgmtconfig/v1/admin/customers/{customerId}/praPortal endpoint to get all PRA Portal resources for a specified customer
• Added GET /mgmtconfig/v1/admin/customers/{customerId}/praPortal/{id} endpoint to get a specific PRA Portal resources for a specified customer
• Added POST /mgmtconfig/v1/admin/customers/{customerId}/praPortal endpoint to add PRA Portal resource for a specified customer. PR #233
• Added PUT /mgmtconfig/v1/admin/customers/{customerId}/praPortal/{id} endpoint to update a specific PRA Portal resources for a specified customer. PR #233
• Added DELETE /mgmtconfig/v1/admin/customers/{customerId}/praPortal/{id} endpoint to delete a specific PRA Portal resources for a specified customer. PR #233

Privileged Remote Access Credential

• Added GET /mgmtconfig/v1/admin/customers/{customerId}/credential endpoint to get all PRA Credential resources for a specified customer
• Added GET /mgmtconfig/v1/admin/customers/{customerId}/credential/{id} endpoint to get a specific PRA Credential resources for a specified customer
• Added POST /mgmtconfig/v1/admin/customers/{customerId}/credential endpoint to add PRA Credential resource for a specified customer. PR #233
• Added POST /mgmtconfig/v1/admin/customers/{customerId}/credential/move endpoint to move PRA Credentials from one microtenant to another microtenant. PR #233
• Added PUT /mgmtconfig/v1/admin/customers/{customerId}/credential/{id} endpoint to update a specific PRA Credential resources for a specified customer. PR #233
• Added DELETE /mgmtconfig/v1/admin/customers/{customerId}/credential/{id} endpoint to delete a specific PRA Credential resources for a specified customer. PR #233

Application Segment

• Added POST /mgmtconfig/v1/admin/customers/{customerId}/application/move to move application segments from one microtenant to another. PR #233
• Added PUT /mgmtconfig/v1/admin/customers/{customerId}/application/share to share application segments between microtenants. PR #233
  PR #233 Included new application segment attribute matchStyle to support Exact Match vs. Multimatch configuration. Learn More Here
  ment

Acceptance Tests

PR #233 - Implemented centralized ZIA and ZPA sweep facility for tenant cleanup pre and post integration tests.

Fixes

PR #233 - Fixed ZPA API client HTTP request to prevent undesired URL encoding or special characters.

v2.4.1

fix policy rule struct

v2.4.0

Merge pull request #57 from SecurityGeekIO/zpa-#57-support-policycont…

…roller-v2

feat: Introduced policy set controller v2 package

v2.3.8

2.3.8 (January 31, 2024)

Notes

• Golang: v1.19

Fixes

• PR #221 - Fixed new workloadGroups attribute for the following resources:
  • Cloud Firewall Rules
  • DLP Web Rules
  • URL Filtering Rules

v2.3.1

Merge pull request #54 from SecurityGeekIO/zia-#54-url-filtering-poli…

…cy-cbi

Added cbi profile feature to zia url filtering policy

v2.3.0

fix: Enhanced web dlp rule test

v2.2.9

feat: Synced with main repository

v2.2.8

2.2.8 (December 7, 2023)

Notes

• Golang: v1.19

Enhancements

• PR #185 Added ZIA Sandbox Resources:

  • Sandbox Quota Report - The resource access quota for retrieving Sandbox Detail Reports is restricted to 1000 requests per day, with a rate limit of 2/sec and 1000/hour. Use GET /sandbox/report/quota to retrieve details regarding your organization's daily Sandbox API resource usage (i.e., used quota, unused quota).
  • Sandbox Quota MD5 Hash Report - Gets a full (i.e., complete) or summary detail report for an MD5 hash of a file that was analyzed by Sandbox.
  • Sandbox Advanced Settings - Gets and Upddates the custom list of MD5 file hashes that are blocked by Sandbox.
  • Sandbox Advanced Settings Hash Count - Gets the used and unused quota for blocking MD5 file hashes with Sandbox
  • Sandbox Submission - Submits raw or archive files (e.g., ZIP) to Sandbox for analysis. You can submit up to 100 files per day and it supports all file types that are currently supported by Sandbox.
  • Sandbox Out-of-Band File Inspection - Submits raw or archive files (e.g., ZIP) to the Zscaler service for out-of-band file inspection to generate real-time verdicts for known and unknown files. It leverages capabilities such as Malware Prevention, Advanced Threat Prevention, Sandbox cloud effect, AI/ML-driven file analysis, and integrated third-party threat intelligence feeds to inspect files and classify them as benign or malicious instantaneously.

• PR #188 Added support for ZIA 🆕 Forwarding Control Policy endpoint /forwardingRules

• PR #188 Added support for ZIA 🆕 Custom ZPA Gateway endpoint /zpaGatewaysfor use with Forwarding Control policy to forward traffic to ZPA for Source IP Anchoring

• PR #190 Added support for ZIA Group, Department and UserName using SortOrder and SortBy search criteria option

• PR #191 Added support for Zscaler Cloud & Branch Connector API endpoints. The following endpoint resources are supported:

  • /adminRoles
  • /adminUsers
  • /ecgroup
  • /ecgroup/lite
  • /location
  • /location/lite
  • /locationTemplate
  • /apiKeys
  • /apiKeys/{keyId}/regenerate

Fixes

• PR #189 Fixed missing microtenantId and microtenantName attributes in ZPA browser access package.

v2.2.7

2.2.7 (December 6, 2023)

Notes

• Golang: v1.19

Enhancements

• PR #185 Added ZIA Sandbox Resources:

  • Sandbox Quota Report - The resource access quota for retrieving Sandbox Detail Reports is restricted to 1000 requests per day, with a rate limit of 2/sec and 1000/hour. Use GET /sandbox/report/quota to retrieve details regarding your organization's daily Sandbox API resource usage (i.e., used quota, unused quota).
  • Sandbox Quota MD5 Hash Report - Gets a full (i.e., complete) or summary detail report for an MD5 hash of a file that was analyzed by Sandbox.
  • Sandbox Advanced Settings - Gets and Upddates the custom list of MD5 file hashes that are blocked by Sandbox.
  • Sandbox Advanced Settings Hash Count - Gets the used and unused quota for blocking MD5 file hashes with Sandbox
  • Sandbox Submission - Submits raw or archive files (e.g., ZIP) to Sandbox for analysis. You can submit up to 100 files per day and it supports all file types that are currently supported by Sandbox.
  • Sandbox Out-of-Band File Inspection - Submits raw or archive files (e.g., ZIP) to the Zscaler service for out-of-band file inspection to generate real-time verdicts for known and unknown files. It leverages capabilities such as Malware Prevention, Advanced Threat Prevention, Sandbox cloud effect, AI/ML-driven file analysis, and integrated third-party threat intelligence feeds to inspect files and classify them as benign or malicious instantaneously.

• PR #188 Added support for ZIA 🆕 Forwarding Control Policy endpoint /forwardingRules

• PR #188 Added support for ZIA 🆕 Custom ZPA Gateway endpoint /zpaGatewaysfor use with Forwarding Control policy to forward traffic to ZPA for Source IP Anchoring

• PR #190 Added support for ZIA Group, Department and UserName using SortOrder and SortBy search criteria option

• PR #191 Added support for Zscaler Cloud & Branch Connector API endpoints. The following endpoint resources are supported:

  • /adminRoles
  • /adminUsers
  • /ecgroup
  • /ecgroup/lite
  • /location
  • /location/lite
  • /locationTemplate
  • /apiKeys
  • /apiKeys/{keyId}/regenerate

Fixes

• PR #189 Fixed missing microtenantId and microtenantName attributes in ZPA browser access package.