This README serves as a quick start guide to deploy Zscaler VZEN resources in an AWS cloud using Terraform.
Use this repository to create the deployment resources required to deploy and operate VZEN in a new or existing virtual private cloud (VPC). The examples directory contains complete automation scripts for both Standalone VZEN and VZEN Cluster using AWS Gateway Load Balancer (GWLB).
The AWS Terraform scripts leverage Terraform v1.1.9 which includes full binary and provider support for macOS M1 chips, but any Terraform version 0.13.7 should be generally supported.
- provider registry.terraform.io/hashicorp/aws v5.49.x (minimum 5.32.0)
- provider registry.terraform.io/hashicorp/random v3.3.x
- provider registry.terraform.io/hashicorp/local v2.2.x
- provider registry.terraform.io/hashicorp/null v3.1.x
- provider registry.terraform.io/providers/hashicorp/tls v3.4.x
- A valid AWS account with Administrator Access to deploy required resources
- AWS ACCESS KEY ID
- AWS SECRET ACCESS KEY
- AWS Region (E.g. us-west-2)
- Subscribe and accept the terms of using Zscaler VZEN image at this link
- Install Terraform CLI
- Must have Zscaler VZEN SKUs Subscription
- Zscaler Admin UI Credentials
Use the Starter Deployment Template to deploy your Virtual Service Edge (VZEN) in a new VPC.
Use the Starter Deployment Template with GWLB to deploy your Virtual Service Edges (VZENs) in a new VPC and to load balance traffic across multiple VZENs. Zscaler's recommended deployment method is Gateway Load Balancer (GWLB). GWLB distributes traffic across multiple VZENs and achieves high availability.
For brownfield deployments, update the BYO (Bring Your Own) Terraform variables as needed to align with the deployment requirements.