FEATURES: Resource Update: Support approved_ips on account_user resource
BUT FIXES:
- Account_role: support caid for role delete (#622)
FEATURES:
- New Resource:
incapsula_api_client
IMPROVEMENTS:
- add PQC flag to site ssl config resource(#613)
BUT FIXES:
- V3 Site: Cant Create site under sub account (#619)
IMPROVEMENTS:
- Support client_apps & countries & continents in bot_access_control rule exception(#606)
BUT FIXES: Site_v3: Don't save account id change to state (#605) Account_role: Support caid for account role editing (#610)
IMPROVEMENTS:
- Improve documentation for compatibility constraints for v1/v3 site resources (#595)
IMPROVEMENTS:
- Added HidePositionInLine attribute to the waiting room resource (#584)
BUT FIXES: Fixed documentation for ssl_instructions and ssl_validation (#588) Converting datatype int to int64 to handle 32 bit systems (#590) incapsula_custom_certificate resource update flow crash (#591)
BUG FIXES:
- Fixing the waf_security_rule.html.markdown documentation. (#580)
- Remove validation from domain field . (#581)
- Omit the HstsConfiguration and TLSConfigurations. (#582)
BUG FIXES:
- Parse error while converting from int to int64. Added a fix to convert it properly. (#578)
BUG FIXES:
- Bug fix on incapsula_ssl_instuctions where account certificate was not ignored (#573)
- Documentation update to remove the unwanted html tag (#574)
- Omit refId in incapsula_site_v3 when marshaling to JSON if the field has no value (#575)
IMPROVEMENTS:
- Added to incapsula_account resource optional field inactivity_timeout (#563)
BUG FIXES:
- Converting datatype int to int64 to handle 32 bit systems (#566)
IMPROVEMENTS:
- Allow deletion of the last domain for v1 sites that have migrated to the v3 resource (#553)
- Ignore grace period for site deletion (#554)
- Support sub-account on resource_mtls_client_to_imperva_certificate_site_association (#555)
IMPROVEMENTS:
- support sub account on incapsula_mtls_imperva_to_origin_certificate_site_association resource (#540)
- Added support for ref_id and active fields in incapsula_site_v3 resource (#544)
- Added site masking settings to site-log-configuration resource (#545)
FEATURES:
- New Resource:
incapsula_site_log_configuration
BUG FIXES:
- Fix block duration fields (#536)
- Fix corrupted release
FEATURES:
- New Resource:
incapsula_site_cache_configuration
IMPROVEMENTS:
- Adding Block duration parameters to incap_rule resource (#517)
- Documentation improvements
BUG FIXES:
- Fix Terraform crash caused by incorrect site_id usage in ManagedCertificate resource (#508)
- Removing the account id from the request body for update site (#514)
- Adding send_notifications to the incap_rule resource (#515)
IMPROVEMENTS:
- Bug fix for the data source incapsula_ssl_instructions – The site certificate process could not be completed when an auto-discovered domain existed due to missing SANs. These SANs were not added to the certificate if the corresponding domains originated through the auto-discovered domain mechanism. (#511)
IMPROVEMENTS:
IMPROVEMENTS:
- Organize resources tree by products (#494)
BUG FIXES:
- Updates the log to avoid printing the user details (#492)
- Fix link in site_v3 docs (#495)
- incapsula_security_rule_exception resource - Remove usages of ignored parameter 'url_patterns' and add deprecation message (#496)
- Improve docs in security_rule_exception resource (#497)
IMPROVEMENTS:
- Fix managed certificate existence check (#485)
- Adding an example for a policy exception that's assign to a site (#488)
FEATURES:
- New Resource:
incapsula_siem_connnection_sftpadded cwaf, attack analytics and dnsms log configurations added new fields to log configuration resource (compression,encryption) added datasets to log-configuration
IMPROVEMENTS: Add accountId parameter to managed certificate resource (#481) Remove 'restore defaults' logic when deleting application delivery resource (#482)
FEATURES: New Incapsula site, SSL and domain management model:
- New Resource:
incapsula_ssl_instructionsfor SSL configuration guidance - New Resource:
incapsula_domainfor managing domains - New Resource:
incapsula_managed_certificate_settingsfor certificate settings configuration - New Resource:
incapsula_site_v3for site management (v3 API) - New Resource:
incapsula_ssl_validationfor SSL validation setup
IMPROVEMENTS:
- Add info about adaptive ddos mode (#467)
IMPROVEMENTS:
- Update documentation sub account and additive ddos (#465)
- Change how empty data values in policies are suppressed (#440)
IMPROVEMENTS:
- Adding unknownClientsChallenge and blockNonEssentialBots to the waf security ddos rules (#459)
- Adding validation in incapsula_security_rule_exception for url_patterns <> url (#461)
IMPROVEMENTS:
- Add adpative DDoS activation mode to WAF security rule (#456)
IMPROVEMENTS:
- fix site ssl settings documentation (#454)
IMPROVEMENTS:
- Change outputs for SSL verification records so they always exist and have values when using CNAME verification. (#439)
- Ato - support site id in import command (#449)
IMPROVEMENTS:
- Account export capability for ATO (#430)
IMPROVEMENTS:
- Add optional account id parameter to the site ssl settings resource (#424)
FEATURES:
- New Resource:
incapsula_mtls_imperva_to_origin_certificate
IMPROVEMENTS:
- SiemLogConfiguration: Adding support for SIGNIFICANT_SCRIPT_DISCOVERY and SIGNIFICANT_DATA_TRANSFER_DISCOVERY (#420)
FEATURES:
- New Resource:
incapsula_certificate_signing_request
IMPROVEMENTS:
- Change error pages to full-update endpoint (#414)
- add docs for mtls imperva to origin resource (#418)
- removing deprecated account id from policy dto upon update (#411)
- fix client_certificate_test (#412)
IMPROVEMENTS:
- Add auth type to custom certificate resource (#402)
- Extending the site ssl settings resource and adding inbound TLS settings that will allow clients to configure which tls versions and which ciphers to use at the site level. And extending the already existing ssl settings resource tests to cover inbound TLS settings. (#406)
- Use different operation name for the new delivery rules resource (#407)
IMPROVEMENTS:
- Delivery rules configuration improvements (#398)
- deprecating account id for incapsula_policy use incapsula_account_policy_association instead (#400)
- siem_log_configuration: fix documentation (#401)
FEATURES:
- New Resource:
incapsula_siem_connnection_splunk - New Resource:
incapsula_simplified_redirect_rules_configuration.go - New Resource:
incapsula_delivery_rules_configuration.go
- Change account_user URLs (internal change) (#391)
IMPROVEMENTS:
- Add HTTP2 attributes in account and sub-account resources (#388)
- incapsula_site_ssl_settings: Revert last changes (#386)
- Documentation fixes
- Documentation fixes
- Incapsula_account: fix bug of roles name (#378)
- incapsula_mtls_client_to_imperva_ca_certificate: fix parameter name (#379)
- incapsula_security_rule_exception: fix bug (#380)
IMPROVEMENTS:
- Add ABP identification failed error page to application delivery resource (#370)
- Incapsula_Api_Security_API_Config bug fix - missing base path in update method (#368)
- Vulnerabilities fixes (#361(#365)
- Incapsula_site documentation fixes (#363)
- Incapsula_waf_security_rule documentation fixes (#362)
- Incapsula_application_delivery - fix http2 flag(#359)
- Incapsula_notification_policy documentation fixes (#355)
- Incapsula_abp_websites documentation fixes (#356)
- Incapsula_account_policy_association and client resources bug fixes (#351)
- incapsula_bots_configuration resource documentation fix (#345)
- Incapsula_account_policy_association resource documentation fix (#346)
- Incapsula_data_center_configuration resource: fix documentation (#341)
- Incapsula_account_ssl_settings resource: fix documentation (#342)
FEATURES:
- New Resource:
incapsula_ato_site_allowlist - New Resource:
incapsula_ato_endpoint_mitigation_configuration
FEATURES:
- New Resource:
incapsula_abp_websites
IMPROVEMENTS:
- Adding CSP for SIEM Log configuration producer and the accompanying datasets (#334))
BUG FIXES:
- Incapsula_account resource changes: allow to edit account_name + map naked_domain_san_for_new_www_sites value on Read (#325)
BUG FIXES:
- Policy resource - fix bug with empty policyDataExceptions array in local resource always shows diff (#322)
BUG FIXES:
- Fix documentation site_ssl_settings resource (#317)
- Fix import for site_ssl_settings resource (#318)
- Fix rewrite_existing cannot be set to false in incap_rule resource (#319)
FEATURES:
- New Resource:
incapsula_site_ssl_settings
IMPROVEMENTS:
- incapsula_account - support managing consent (#307)
- incapsula_siem_log_configuration - Support ATO and AUDIT_TRAIL (#308)
IMPROVEMENTS:
- incapsula_application_delivery - support compression_type (#301)
BUG FIXES:
- Fix a bug of '+' character in a user's email (#292)
BUG FIXES:
- Fix unchangeable attributes bug in account resource (#284)
- Fix bug in import command of siem_log_configuration and incapsula_siem_connection resources (#285)
FEATURES:
-
New Resource:
incapsula_waiting_room
FEATURES:
- New Resource:
incapsula_site_domain_configuration - New Resource:
incapsula_siem_log_configuration - New Resource:
incapsula_siem_connection
FEATURES:
-
New Resource:
incapsula_account_role -
New Resource:
incapsula_account_user -
New DataSource:
incapsula_account_permissions
IMPROVEMENTS:
- incapsula_incap_rule - Incap rules enable flag (#259)
FEATURES:
- New Resource: incapsula_bots_configuration
IMPROVEMENTS:
- incapsula_incap_rule - Support overrideExisting Flag (#244)
- incapsula_account_policy_association - added available_policy_ids optional argument + move to v3 apis to improve performance (#250)
BUG FIXES:
- Fix issue #234 - remove omitempty for boolean fields (#247)
BUG FIXES:
- adding current account id support to incapsula_policy_asset_association (#243)
BUG FIXES:
- policy resource fails to read when account_id param is not provided (#240)
BUG FIXES:
- Fix account ssl settings resource documentation (#238)
FEATURES:
- New Resource: incapsula_account_ssl_settings
Deprecations: wildcard_san_for_new_sites, naked_domain_san_for_new_www_sites and support_all_tls_versions in account resource are now deprecated, matched arguments in the account SSL settings resource should be used instead
BUG FIXES:
- Adding account status response to the client object. This allows to have the account context on any client request. (#232)
- Adding account type to the account status response. (#232)
- Adding current account to the policy actions. This allows a reseller to manage its accounts' policies (#232)
BUG FIXES:
- documentation corrections (#229)
FEATURES:
- New Resource:
incapsula_mtls_client_to_imperva_ca_certificate - New Resource:
incapsula_mtls_client_to_imperva_ca_certificate_site_settings - New Resource:
incapsula_mtls_client_to_imperva_ca_certificate_site_association
BUG FIXES:
- fix documentation of api_security_api_config (#224)
BUG FIXES:
- remove future resource from the documentation (#219)
IMPROVEMENTS:
- incapsula_subaccount: Support for setting default data region for subaccounts (#207)
BUG FIXES:
- incapsula_policy: fixing bug that clears policy account's defaults when updating policy resource. (#211)
- The parameters
incapsula_site.restricted_cname_reuseandinvalid_param_name_violation_actionin allincapsula_api_securityresources should not be used as they are currently not supported (will be in the future) (#215)
BUG FIXES:
- Add retries of read operations when fail (#200)
- incapsula_api_security_site_config: make is_automatic_discovery_api_integration_enabled optional to align with BE API (#205)
BUG FIXES:
- incapsula_subaccount: fix 'read' method to use another API to the backend (#197)
BUG FIXES:
- remove future resource from the documentation (#195)
BUG FIXES:
- incapsula_application_delivery: return ports to default upon deleting the resource (#189)
IMPROVEMENTS:
- incapsula_site: Add cname option to domain validation options
BUG FIXES:
- incapsula_account_policy_association: change default_waf_policy_id to be optional - for customers who have not migrated yet to waf policy (#185)
- incapsula_site: change default values from string to bool (#186)
FEATURES:
-
New Resource:
incapsula_account-policy-association -
New Resource:
incapsula_application_delivery -
New Resource:
incapsula_site_monitoring -
New DataSource:
account-data
FEATURES:
- New Resource:
incapsula_waf_log_setup
FEATURES:
- New Resource:
incapsula_custom_hsm_certificate
IMPROVEMENTS:
- Add deprecation message to already deprecated resources (old data_center resources)
BUG FIXES:
- incapsula_site: formatting parameters with %t fails if the values are strings, not bool (#158)
- incapsula_site: add retries when configuring site after creating it - to allow the site creation to fully finish (#165)
- incapsula_notification_center_policy: Fix redundant slash in path issue (#162)
- incapsula_origin_pop: avoid crashing when upgrading from version 2* to 3* without changing the resource format in the state file(#167)
BUG FIXES:
- Fix a bug where naked_domain_san and wildcard_san attributes on site resource weren't handled by 'modify' method
FEATURES:
- New Resource:
CSP_Site_configuration,CSP_Site_domain
IMPROVEMENTS:
- Add operation type to HTTP client calls
- Fix acceptance test for Custom Certificate resource
- Add support for notification center
- Fix bug in Custom Certificate resource
- Fix pagination bug in sub-account resource
- Edit business logic, add acceptance test for incapsula_txt_record resource
- No Changes were detected
- SubAccount resource addition (incapsula_subaccount)
- Support 'force-risky-operation' header for cache settings
- Fix custom_certificate resource: remove 'ForceNew' and unecessary base64 encoding
- Fix
perf_response_cache_404_timein thesiteresource. Validate if its value is divisible by 60 - Make
original_data_center_iddeprecated in thesiteresource - Add "ForceNew" for
methodandpatharguments in theapi_security_endpoint_configresource
- Support API-Security with new resources: api_security_api_config, api_security_endpoint_config, api_security_site_config
- Fix TTL attribute of incap_rule resource: enable zero as value
- New attribute on site resource: strict_cname_reuse
- New resource: data_centers_configuration
- Remove unnecessary 'ForceNew' from attributes of site resource
- Fix
acceleration_levelin thesiteresource - Fix support for
continentsin thesecurity_rule_exceptionresource - Fix the default value for
seal_locationin thesiteresource - Fix documentation for the
security_rule_exceptionresource - Add TF provider version to HTTP client calls
- Add new
incap_ruleproperties andRULE_ACTION_FORWARD_TO_PORTaction - Fix
security_rule_exceptionimport - Fix redundant
data_center_serverwhenenabled=false - Fix
origin_popimport - Add
policy_asset_associationimport - Fix
siteresource to use thelogs_account_idfor various methods (read/update) - Fix
siteresource to read/updateseal_location
- Fixed
naked_domain_sanandwildcard_sanon thesiteresource. - Adding edit
server_addressability todata_centerresource. - Updating several resources parameters to include
ForceNew.
- Add retry logic to
siteanddata_centerresources - Set the
dns_record_namein thesiteresource - Add the
naked_domain_sanin thesiteresource - Add the
wildcard_sanin thesiteresource - Update type
PerformanceSettingsstruct to omit when empty except the mode_level - Add
txt_record_value_*resource - Update the
siteresource valuesite_ipto be computed - Fix the
site_ipto store in state file - Fix
data_storage_regionissue inaccountresource, defaults toUS
- Set the
log_levelin thesiteresource to be optional - Fix
omitemptyissues inclient_performance
- Fix documentation bug for
accountresource
- Fix documentation bug for origin POP codes
- Add support for setting the data center's origin POP with a new synthetic resource
- Fix a bug on setting
is_contenton thedata_centerresource - Remove old
acl_security_ruleresource as it has been migrated to thepolicyresource - Update all documentation to include all import operations
- Provider fixes
parameterson SQL Injection Security Exception resource - Merged support for account creation (used by re-sellers) w/ fixes
- Provider has landed in the Terraform Registry
- Cleared out old GitHub workflows
- Add support for policy management
- Add support for performance settings in the
siteresource
- Add support for site masking settings
- Add support for specifying the log level on a site
- Re-factor internal site resource (lots of copy/pasta in create and update)
- Fix an issue with computed and optional attributes for
data_storage_region - Configure
siteresource values during an update for:active,acceleration_level,seal_location,domain_redirect_to_full,remove_ssl,ignore_ssl
- Add support for setting the data storage region on a site
- Remove the deprecated setting for
is_standbyon thedata_centerresource (is_enabledreplaces this functionality); should resolve flapping integration tests + potential production issues - Properly configuring
siteresource values for:active,acceleration_level,seal_location,domain_redirect_to_full,remove_ssl,ignore_ssl - Added
domain_verificationas an exported variable for thesiteresource
- Add support for cache rules
- Improve documentation
- Fix Incap Rule example bugs
Add checks for resource destruction during reads. The following resources have been updated:
- ACL Security Rule
- Certificate
- Data Center
- Data Center Server
- Incap Rule
- Security Rule Exception
- Site
- WAF Security Rule
As we near certification readiness, we've made lots of changes to the provider. Backwards incompatible changes have been made to the Incap Rule resources. Please review the documentation. Changes below:
- All acceptance and unit tests now pass. There was a race condition issue with dependencies - see this Hashicorp issues: hashicorp/terraform#23169 and hashicorp/terraform#23635
- Migrate
resource_incap_ruleto use APIv2. See updated documentation and example files for the latest resource spec. - Add fixes for data center and data center server result codes (oscillation between strings and ints)
- Fix importing of various resources: data center, data center server, Incap Rule, etc.
- Fix ceriticate argument requirements (thanks @areifert)
- Added GitHub workflow integration for side builds prior to certification (thanks @pklime2)
- Upgrade to Terraform v0.12
- Migrate to standalone Terraform SDK
- Started to improve consistency of error log messages (Site IDs, Rule IDs, etc.)
Initial release of the Incapsula Terraform Provider.