Skip to content

Terraform Provider Release: 23.2

23.2.1 - February 17, 2023

  • Enhancement: Enhances the alert_rule resource to accommodate sending Audit Logs to a 3rd-party alerting systems
  • Enhancement: [Public Preview] Provides support for Terraform import of Valtix resources to create Terraform state to manage resources that have been created outside of Terraform or outside of the immediate Terraform pipeline
  • Enhancement: Enhances the FQDN Profile (valtix_profile_fqdn) resource to allow the Profile to be used for SNI matching. The resource introduces a new argument called mode. The mode can take two values: FILTER or MATCH. When not specified or set to FILTER, the resource operates as an FQDN Filter Profile (default). When set to MATCH, the resource operates as an FQDN Match Profile. The FQDN Match Profile can be used by the Rules of an Egress/East-West Policy Ruleset to enhance the segmentation policy to use the TLS Hello SNI as an additional tuple match, in addition to the common Source/Destination IP/Port and Protocol tuple matching. (requires Gateway version 23.02 or later)
  • Enhancement: Enhances the DNS-based FQDN Address Object (valtix_address_object) resource to accommodate IP Address caching. The enhancement provides a configurable set of Gateway (valtix_gateway) resource settings related to DNS resolution frequency (update interval), IP Address TTL (entry TTL) and IP Address cache size (cache). These settings can be applied using Terraform only. When not applied, default values are: 60 (seconds) for DNS resolution frequency, 0 (seconds) for IP Address TTL (no caching), and 0 (address count) for IP Address cache size (no caching). (requires Gateway version 23.02 or later)
  • Fix: Fixes an issue where Network Intrusion (valtix_network_intrusion) and Web Protection (valtix_web_protection) resources could not be operated on when Vendor is not properly set
  • Fix: Fixes an issue with the change to FQDN Profile (valtix_fqdn) resource to include a new Group Member IDs (group_member_ids) argument replacing the old FQDN Child IDs (fqdn_child_ids) argument that is now deprecated