Zscaler + HashiCorp

Accelerating digital transformation by securing cloud native applications

Optimize the DevOps Experience with Security and Automation

Zscaler and HashiCorp have partnered together to deliver a secure, consistent DevOps workflow on any cloud native environment. By leveraging a repeatable, reliable workflow delivered through this partnership, you can increase efficiency, enable rapid application configuration and development, and foster seamless collaboration between security and development teams.

The Challenges

Security is an afterthought

Security is an afterthought

Rapid application development is often aligned with business goals, and as a result, liberties are taken with regard to security.

Infrastructure complexity

Infrastructure complexity

Ad-hoc changes to manage multicloud infrastructure often introduce misconfigurations, which lead to security vulnerabilities.

Widening skill gaps

Widening skill gaps

Varied experience and skill levels of DevSecOps professionals can lead to the use of multiple tools and processes that can weaken an infrastructure’s security posture.

ZSCALER AND HASHICORP

Securely configure and automate cloud native application development

Posture Control by Zscaler improves cloud security posture by identifying misconfigurations and recommending corrective measures for the HashiCorp Terraform templates. Zscaler Terraform providers ensure rapid and uniform methods to interact with Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA), while the Consul-Terraform-Sync modules enforce zero trust change management of ZIA and ZPA.

Securing the CI/CD pipeline for an enriched DevOps experience

Securing the CI/CD pipeline for an enriched DevOps experience

Prevent misconfigurations, code leaks, environmental drift, and other cloud security issues in the Terraform Cloud with Posture Control, our integrated platform.

  • Gain crucial visibility and insights: All teams get uniform visibility of each commit and pull request being scanned for changes that may lead to issues related to hardcoded secrets, access changes that may cause misconfigurations, storage that’s shared widely beyond the scope of the content, and more.
  • Respond quickly and seamlessly: Near-to-real-time alerts and guided response are critical for expedited and informed remediation.

Achieving Zero Trust with seamless orchestration

Leveraging Consul-Terraform-Sync integration with ZIA and ZPA, network and security teams can initiate infrastructure changes with precise security guardrails.

  • Manage server and application segments: With ZPA, you can automate application segment and server creation based on access requirements originated from the Consul services catalog.
  • Orchestrate firewall management: Dynamically automate IP source group changes in the ZIA Cloud Firewall with the CTS module for ZIA to ensure strict adherence to security and compliance policies.
Achieving Zero Trust with seamless orchestration
Consistent infrastructure management

Consistent infrastructure management

Create and maintain deployment and configuration of your Zscaler product portfolio with easy-to-use Terraform providers.

  • Managing ZIA: The Zscaler Internet Access provider interacts with the ZIA API to automate provisioning of new locations, IPSec and GRE tunnels, URL filtering policies, Cloud Firewall policies, DLP Dictionaries, local accounts, etc. The provider is intended to save time and reduce configuration errors. With this ZIA provider, DevOps teams can automate their security and transform it into DevSecOps workflows.
  • Managing ZPA: The Zscaler Private Access (ZPA) provider is used to interact with the ZPA platform to onboard new application segments, segment groups, and server groups, and create zero trust access policies.
    Securing the CI/CD pipeline for an enriched DevOps experience

    Securing the CI/CD pipeline for an enriched DevOps experience

    Prevent misconfigurations, code leaks, environmental drift, and other cloud security issues in the Terraform Cloud with Posture Control, our integrated platform.

    • Gain crucial visibility and insights: All teams get uniform visibility of each commit and pull request being scanned for changes that may lead to issues related to hardcoded secrets, access changes that may cause misconfigurations, storage that’s shared widely beyond the scope of the content, and more.
    • Respond quickly and seamlessly: Near-to-real-time alerts and guided response are critical for expedited and informed remediation.
    Achieving Zero Trust with seamless orchestration

    Achieving Zero Trust with seamless orchestration

    Leveraging Consul-Terraform-Sync integration with ZIA and ZPA, network and security teams can initiate infrastructure changes with precise security guardrails.

    • Manage server and application segments: With ZPA, you can automate application segment and server creation based on access requirements originated from the Consul services catalog.
    • Orchestrate firewall management: Dynamically automate IP source group changes in the ZIA Cloud Firewall with the CTS module for ZIA to ensure strict adherence to security and compliance policies.
    Consistent infrastructure management

    Consistent infrastructure management

    Create and maintain deployment and configuration of your Zscaler product portfolio with easy-to-use Terraform providers.

    • Managing ZIA: The Zscaler Internet Access provider interacts with the ZIA API to automate provisioning of new locations, IPSec and GRE tunnels, URL filtering policies, Cloud Firewall policies, DLP Dictionaries, local accounts, etc. The provider is intended to save time and reduce configuration errors. With this ZIA provider, DevOps teams can automate their security and transform it into DevSecOps workflows.
    • Managing ZPA: The Zscaler Private Access (ZPA) provider is used to interact with the ZPA platform to onboard new application segments, segment groups, and server groups, and create zero trust access policies.

    Suggested Resources

    Solution brief

    Building Secure Applications with HashiCorp Terraform and Posture Control by Zscaler

    Terraform registry

    HashiCorp Terraform Verified ZIA Provider Link

    Terraform registry

    HashiCorp Terraform Verified ZPA Provider Link

    Github

    Consul-Terraform-Sync Modules

    Video

    Posture Control + HashiCorp Terraform Cloud IaC Scanning