From e6adc2d07961b434954909fc568e8db36668bcd7 Mon Sep 17 00:00:00 2001
From: William Guilherme <wguilherme@zscaler.com>
Date: Wed, 6 Mar 2024 21:32:04 -0800
Subject: [PATCH] (feat): Added import support to several resources (#325)

* (feat): Added import support to several resources

* (Fix): Updated go.mod to GO v1.21

* (Fix): Fixed Importing in several resources
---
 .github/workflows/zia-test.yml                |  8 +--
 CHANGELOG.md                                  | 14 ++++
 GNUmakefile                                   |  6 +-
 docs/guides/release-notes.md                  | 16 ++++-
 docs/guides/support.md                        | 10 ++-
 docs/index.md                                 | 18 +-----
 docs/resources/zia_admin_users.md             | 21 ++++++
 docs/resources/zia_auth_settings_urls.md      | 13 ++++
 docs/resources/zia_dlp_dictionaries.md        | 19 ++++++
 docs/resources/zia_dlp_engines.md             | 19 ++++++
 .../zia_dlp_notification_templates.md         | 19 ++++++
 docs/resources/zia_dlp_web_rules.md           | 19 ++++++
 ...a_firewall_filtering_destination_groups.md | 19 ++++++
 ...zia_firewall_filtering_ip_source_groups.md | 19 ++++++
 ...ll_filtering_network_application_groups.md | 19 ++++++
 .../zia_firewall_filtering_network_service.md | 19 ++++++
 ...rewall_filtering_network_service_groups.md | 19 ++++++
 docs/resources/zia_firewall_filtering_rule.md | 19 ++++++
 docs/resources/zia_forwarding_control_rule.md | 21 +++++-
 .../zia_forwarding_control_zpa_gateway.md     | 19 ++++++
 docs/resources/zia_location_management.md     | 19 ++++++
 docs/resources/zia_rule_labels.md             | 19 ++++++
 .../zia_sandbox_behavioral_analysis.md        | 13 ++++
 .../resources/zia_security_policy_settings.md | 64 ++++++++++++++-----
 .../zia_traffic_forwarding_gre_tunnel.md      | 19 ++++++
 .../zia_traffic_forwarding_static_ip.md       |  3 +
 .../zia_traffic_forwarding_vpn_credentials.md | 11 ++--
 docs/resources/zia_url_categories.md          | 23 +++++++
 docs/resources/zia_url_filtering_rules.md     | 19 ++++++
 docs/resources/zia_user_management.md         | 21 ++++++
 examples/zia_security_settings/basic.tf       | 35 ++++++++++
 go.mod                                        |  4 +-
 go.sum                                        | 18 ++++++
 zia/resource_zia_admin_users_test.go          |  9 +++
 zia/resource_zia_auth_settings_urls.go        | 22 +++++++
 zia/resource_zia_auth_settings_urls_test.go   |  6 ++
 ...source_zia_forwarding_control_rule_test.go |  6 ++
 ..._zia_fw_filtering_ip_destination_groups.go | 16 ++---
 ...ource_zia_fw_filtering_ip_source_groups.go | 16 ++---
 ...fw_filtering_network_application_groups.go |  1 +
 ...ltering_network_application_groups_test.go |  6 ++
 ...ia_fw_filtering_network_services_groups.go | 18 +++---
 ..._filtering_network_services_groups_test.go |  6 ++
 ...x_behavioral_analysis_advanced_settings.go | 25 ++++++++
 ...avioral_analysis_advanced_settings_test.go |  6 ++
 zia/resource_zia_security_policy_settings.go  | 25 ++++++++
 ...ource_zia_security_policy_settings_test.go |  6 ++
 ...zia_traffic_forwarding_gre_tunnels_test.go |  6 ++
 ..._zia_traffic_forwarding_static_ips_test.go |  6 ++
 ..._zia_traffic_forwarding_vpn_credentials.go | 18 +++---
 ...traffic_forwarding_vpn_credentials_test.go | 20 +++++-
 zia/resource_zia_url_categories.go            | 20 +++---
 zia/resource_zia_url_categories_test.go       |  6 ++
 ...resource_zia_user_management_users_test.go |  9 +++
 54 files changed, 758 insertions(+), 99 deletions(-)
 create mode 100644 examples/zia_security_settings/basic.tf

diff --git a/.github/workflows/zia-test.yml b/.github/workflows/zia-test.yml
index f27311e7..57002d5e 100644
--- a/.github/workflows/zia-test.yml
+++ b/.github/workflows/zia-test.yml
@@ -24,7 +24,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        goVersion: ["1.20"]
+        goVersion: ["1.21"]
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
@@ -89,7 +89,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        goVersion: ["1.20"]
+        goVersion: ["1.21"]
         environment:
           - ZIA_ZSCLOUD
           - ZIA_ZS0
@@ -160,7 +160,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        goVersion: ["1.20"]
+        goVersion: ["1.21"]
         environment:
           - ZIA_ZS1
     environment: ${{ matrix.environment }}
@@ -229,7 +229,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        goVersion: ["1.20"]
+        goVersion: ["1.21"]
         environment:
           - ZIA_ZS2
     environment: ${{ matrix.environment }}
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3763c859..a2a6d16d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,19 @@
 # Changelog
 
+## 2.7.33 (March, 6 2024)
+
+### Notes
+
+- Release date: **(March, 6 2024)**
+- Supported Terraform version: **v1.x**
+
+### Enhacements
+
+- [PR #325](https://github.com/zscaler/terraform-provider-zia/pull/325) - Added support to import of the following resources:
+- ``zia_auth_settings_urls``
+- ``zia_sandbox_behavioral_analysis``
+- ``zia_security_settings``
+
 ## 2.7.32 (February, 28 2024)
 
 ### Notes
diff --git a/GNUmakefile b/GNUmakefile
index d4fe9524..0a04e9b5 100644
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -189,14 +189,14 @@ test\:integration\:zscalertwo:
 build13: GOOS=$(shell go env GOOS)
 build13: GOARCH=$(shell go env GOARCH)
 ifeq ($(OS),Windows_NT)  # is Windows_NT on XP, 2000, 7, Vista, 10...
-build13: DESTINATION=$(APPDATA)/terraform.d/plugins/$(ZIA_PROVIDER_NAMESPACE)/2.7.32/$(GOOS)_$(GOARCH)
+build13: DESTINATION=$(APPDATA)/terraform.d/plugins/$(ZIA_PROVIDER_NAMESPACE)/2.7.33/$(GOOS)_$(GOARCH)
 else
-build13: DESTINATION=$(HOME)/.terraform.d/plugins/$(ZIA_PROVIDER_NAMESPACE)/2.7.32/$(GOOS)_$(GOARCH)
+build13: DESTINATION=$(HOME)/.terraform.d/plugins/$(ZIA_PROVIDER_NAMESPACE)/2.7.33/$(GOOS)_$(GOARCH)
 endif
 build13: fmtcheck
 	@echo "==> Installing plugin to $(DESTINATION)"
 	@mkdir -p $(DESTINATION)
-	go build -o $(DESTINATION)/terraform-provider-zia_v2.7.32
+	go build -o $(DESTINATION)/terraform-provider-zia_v2.7.33
 
 coverage: test
 	@echo "✓ Opening coverage for unit tests ..."
diff --git a/docs/guides/release-notes.md b/docs/guides/release-notes.md
index 11ef0218..7acb3616 100644
--- a/docs/guides/release-notes.md
+++ b/docs/guides/release-notes.md
@@ -12,10 +12,24 @@ description: |-
 Track all ZIA Terraform provider's releases. New resources, features, and bug fixes will be tracked here.
 
 ---
-``Last updated: v2.7.32``
+``Last updated: v2.7.33``
 
 ---
 
+## 2.7.33 (March, 6 2024)
+
+### Notes
+
+- Release date: **(March, 6 2024)**
+- Supported Terraform version: **v1.x**
+
+### Enhacements
+
+- [PR #325](https://github.com/zscaler/terraform-provider-zia/pull/325) - Added support to import of the following resources:
+- ``zia_auth_settings_urls``
+- ``zia_sandbox_behavioral_analysis``
+- ``zia_security_settings``
+
 ## 2.7.32 (February, 28 2024)
 
 ### Notes
diff --git a/docs/guides/support.md b/docs/guides/support.md
index 8940ec93..3299b985 100644
--- a/docs/guides/support.md
+++ b/docs/guides/support.md
@@ -7,16 +7,14 @@ page_title: "Support Guide"
 The ZIA Terraform provider is supported and maintained by the Zscaler Technology Alliances team, and we welcome questions on how to use the provider.
 Please, refer to our [troubleshooting guide](troubleshooting.md) for guidance on typical problems.
 
-All bug reports and feature requests must be submitted via [GitHub issues](https://github.com/zscaler/terraform-provider-zia/issues). When reporting bugs, please include the Terraform script that demonstrates the bug and the command output. Stack traces will also be helpful.
-
-⚠️ **IMPORTANT:**:: Please ensure any sensitive information is redacted as Issues and Pull Requests are publicly viewable.
-
-Notice that we will **NOT**, however, fix bugs upon customer demand, as we have to prioritize all pending bugs and features, as part of the product's backlog and release cycles.
-
 ## Support Ticket Severity
 
 Support tickets related to the Terraform providers can be opened with [Zscaler Support](https://help.zscaler.com/login-tickets), however since the provider is just a client of the underlying product API, we will **NOT** be able to treat provider related support requests as a Severity-1 (Immediate time frame).
 
+When reporting bugs, please provide the Terraform script that demonstrates the bug and the command output. Stack traces will also be helpful.
+
+Notice that we will **NOT**, however, fix bugs upon customer demand, as we have to prioritize all pending bugs and features, as part of the product's backlog and release cycles.
+
 Urgent, production related Terraform issues can be resolved via direct interaction with the underlying API or UI. We will ask customers to resort to these methods to resolve downtime or urgent issues. If you have an urgent escalation, please contact your local Zscaler account team (RSM/SE/CSM/TAM) for assistance.
 
 ## Contact
diff --git a/docs/index.md b/docs/index.md
index 2f08f14e..fa5e8c29 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -123,18 +123,6 @@ operations is launches exceeds
 
 In order to accomplish this, make sure you set the [parallelism](https://www.terraform.io/cli/commands/apply#parallelism-n) value at or below this limit to prevent performance impacts.
 
-## Support
-
-This template/solution are released under an as-is, best effort, support
-policy. These scripts should be seen as community supported and Zscaler
-Business Development Team will contribute our expertise as and when possible.
-We do not provide technical support or help in using or troubleshooting the components
-of the project through our normal support options such as Zscaler support teams,
-or ASC (Authorized Support Centers) partners and backline
-support options. The underlying product used (Zscaler Internet Access API) by the
-scripts or templates are still supported, but the support is only for the
-product functionality and not for help in deploying or using the template or
-script itself. Unless explicitly tagged, all projects or work posted in our
-GitHub repository at (<https://github.com/zscaler>) or sites other
-than our official Downloads page on <https://support.zscaler.com>
-are provided under the best effort policy.
+## General Support Statement
+
+-> **Disclaimer:** Please refer to our [General Support Statement](guides/support.md) before proceeding with the use of this provider. You can also refer to our [troubleshooting guide](guides/troubleshooting.md) for guidance on typical problems.
diff --git a/docs/resources/zia_admin_users.md b/docs/resources/zia_admin_users.md
index d3e952d7..edab6607 100644
--- a/docs/resources/zia_admin_users.md
+++ b/docs/resources/zia_admin_users.md
@@ -158,3 +158,24 @@ The following arguments are supported:
 * `admin_scope_type` - (Optional) The admin's scope. A scope is required for admins, but not applicable to auditors. This attribute is subject to change. Support values are: `ORGANIZATION`, `DEPARTMENT`, `LOCATION`, `LOCATION_GROUP`
   * `admin_scope_entities` - (Optional) Based on the admin scope type, the entities can be the ID/name pair of departments, locations, or location groups.
     * `id` - (Optional) Identifier that uniquely identifies an entity
+
+## Import
+
+Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language.
+[Visit](https://github.com/zscaler/zscaler-terraformer)
+
+**zia_admin_users** can be imported by using `<ADMIN ID>` or `<LOGIN NAME>` as the import ID.
+
+For example:
+
+```shell
+terraform import zia_admin_users.example <admin_id>
+```
+
+or
+
+```shell
+terraform import zia_admin_users.example <login_name>
+```
+
+⚠️ **NOTE :**:  This provider do not import the password attribute value during the importing process.
diff --git a/docs/resources/zia_auth_settings_urls.md b/docs/resources/zia_auth_settings_urls.md
index 94dde451..4f017672 100644
--- a/docs/resources/zia_auth_settings_urls.md
+++ b/docs/resources/zia_auth_settings_urls.md
@@ -47,3 +47,16 @@ The following arguments are supported:
 ### Optional
 
 There are no optional parameters supported by this resource.
+
+## Import
+
+Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language.
+[Visit](https://github.com/zscaler/zscaler-terraformer)
+
+**zia_auth_settings_urls** can be imported by using `all_urls` as the import ID.
+
+For example:
+
+```shell
+terraform import zia_auth_settings_urls.example all_urls
+```
diff --git a/docs/resources/zia_dlp_dictionaries.md b/docs/resources/zia_dlp_dictionaries.md
index d2816b9a..a3172d3b 100644
--- a/docs/resources/zia_dlp_dictionaries.md
+++ b/docs/resources/zia_dlp_dictionaries.md
@@ -110,3 +110,22 @@ The following arguments are supported:
 * `include_bin_numbers` - (Optional) A true value denotes that the specified Bank Identification Number (BIN) values are included in the Credit Cards dictionary. A false value denotes that the specified BIN values are excluded from the Credit Cards dictionary. Note: This field is applicable only to the predefined Credit Cards dictionary and its clones.
 * `bin_numbers` - (Optional) The list of Bank Identification Number (BIN) values that are included or excluded from the Credit Cards dictionary. BIN values can be specified only for Diners Club, Mastercard, RuPay, and Visa cards. Up to 512 BIN values can be configured in a dictionary. Note: This field is applicable only to the predefined Credit Cards dictionary and its clones.
 * `dict_template_id` - (Optional) ID of the predefined dictionary (original source dictionary) that is used for cloning. This field is applicable only to cloned dictionaries. Only a limited set of identification-based predefined dictionaries (e.g., Credit Cards, Social Security Numbers, National Identification Numbers, etc.) can be cloned. Up to 4 clones can be created from a predefined dictionary.
+
+## Import
+
+Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language.
+[Visit](https://github.com/zscaler/zscaler-terraformer)
+
+**zia_dlp_dictionaries** can be imported by using `<DICTIONARY ID>` or `<DICTIONARY_NAME>` as the import ID.
+
+For example:
+
+```shell
+terraform import zia_dlp_dictionaries.example <dictionary_id>
+```
+
+or
+
+```shell
+terraform import zia_dlp_dictionaries.example <dictionary_name>
+```
diff --git a/docs/resources/zia_dlp_engines.md b/docs/resources/zia_dlp_engines.md
index 4b9b19d1..84a3b9d7 100644
--- a/docs/resources/zia_dlp_engines.md
+++ b/docs/resources/zia_dlp_engines.md
@@ -38,3 +38,22 @@ The following arguments are supported:
 ### Optional
 
 * `description` - (String) The DLP engine's description.
+
+## Import
+
+Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language.
+[Visit](https://github.com/zscaler/zscaler-terraformer)
+
+**zia_dlp_engines** can be imported by using `<ENGINE_ID>` or `<ENGINE_NAME>` as the import ID.
+
+For example:
+
+```shell
+terraform import zia_dlp_engines.example <engine_id>
+```
+
+or
+
+```shell
+terraform import zia_dlp_engines.example <engine_name>
+```
diff --git a/docs/resources/zia_dlp_notification_templates.md b/docs/resources/zia_dlp_notification_templates.md
index 6b240e2d..f125075f 100644
--- a/docs/resources/zia_dlp_notification_templates.md
+++ b/docs/resources/zia_dlp_notification_templates.md
@@ -38,3 +38,22 @@ The following arguments are supported:
 * `subject` - (Optional) The Subject line that is displayed within the DLP notification email.
 * `attach_content` - (Optional) If set to true, the content that is violation is attached to the DLP notification email.
 * `tls_enabled` - (Optional) If set to true, the content that is violation is attached to the DLP notification email.
+
+## Import
+
+Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language.
+[Visit](https://github.com/zscaler/zscaler-terraformer)
+
+**zia_dlp_notification_templates** can be imported by using `<TEMPLATE ID>` or `<TEMPLATE NAME>` as the import ID.
+
+For example:
+
+```shell
+terraform import zia_dlp_notification_templates.example <template_id>
+```
+
+or
+
+```shell
+terraform import zia_dlp_notification_templates.example <template_name>
+```
diff --git a/docs/resources/zia_dlp_web_rules.md b/docs/resources/zia_dlp_web_rules.md
index 9f459281..bdad8703 100644
--- a/docs/resources/zia_dlp_web_rules.md
+++ b/docs/resources/zia_dlp_web_rules.md
@@ -157,3 +157,22 @@ The following arguments are supported:
 * `workload_groups` (Optional) The list of preconfigured workload groups to which the policy must be applied
   * `id` - (Optional) A unique identifier assigned to the workload group
   * `name` - (Optional) The name of the workload group
+
+## Import
+
+Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language.
+[Visit](https://github.com/zscaler/zscaler-terraformer)
+
+**zia_dlp_web_rules** can be imported by using `<RULE ID>` or `<RULE NAME>` as the import ID.
+
+For example:
+
+```shell
+terraform import zia_dlp_web_rules.example <rule_id>
+```
+
+or
+
+```shell
+terraform import zia_dlp_web_rules.example <rule_name>
+```
diff --git a/docs/resources/zia_firewall_filtering_destination_groups.md b/docs/resources/zia_firewall_filtering_destination_groups.md
index 6e5af42b..6cfc309d 100644
--- a/docs/resources/zia_firewall_filtering_destination_groups.md
+++ b/docs/resources/zia_firewall_filtering_destination_groups.md
@@ -76,3 +76,22 @@ The following arguments are supported:
 * `description` (Optional) Additional information about the destination IP group
 * `ip_categories` (Optional) Destination IP address URL categories. You can identify destinations based on the URL category of the domain. See list of all IP Categories [Here](https://help.zscaler.com/zia/firewall-policies#/ipDestinationGroups-get)
   * !> **WARNING:** The `ip_categories` attribute only accepts custom URL categories.
+
+## Import
+
+Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language.
+[Visit](https://github.com/zscaler/zscaler-terraformer)
+
+**zia_firewall_filtering_destination_groups** can be imported by using `<GROUP_ID>` or `<GROUP_NAME>` as the import ID.
+
+For example:
+
+```shell
+terraform import zia_firewall_filtering_destination_groups.example <group_id>
+```
+
+or
+
+```shell
+terraform import zia_firewall_filtering_destination_groups.example <group_name>
+```
diff --git a/docs/resources/zia_firewall_filtering_ip_source_groups.md b/docs/resources/zia_firewall_filtering_ip_source_groups.md
index f53cf563..215e22b6 100644
--- a/docs/resources/zia_firewall_filtering_ip_source_groups.md
+++ b/docs/resources/zia_firewall_filtering_ip_source_groups.md
@@ -54,3 +54,22 @@ The following arguments are supported:
 ### Optional
 
 * `description` (Optional) - Description of the source IP group
+
+## Import
+
+Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language.
+[Visit](https://github.com/zscaler/zscaler-terraformer)
+
+**zia_firewall_filtering_ip_source_groups** can be imported by using `<GROUP_ID>` or `<GROUP_NAME>` as the import ID.
+
+For example:
+
+```shell
+terraform import zia_firewall_filtering_ip_source_groups.example <group_id>
+```
+
+or
+
+```shell
+terraform import zia_firewall_filtering_ip_source_groups.example <group_name>
+```
diff --git a/docs/resources/zia_firewall_filtering_network_application_groups.md b/docs/resources/zia_firewall_filtering_network_application_groups.md
index 5dc65add..c46ded2a 100644
--- a/docs/resources/zia_firewall_filtering_network_application_groups.md
+++ b/docs/resources/zia_firewall_filtering_network_application_groups.md
@@ -35,3 +35,22 @@ The following arguments are supported:
 ### Optional
 
 * `description` (Optional) - Description of the network application group
+
+## Import
+
+Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language.
+[Visit](https://github.com/zscaler/zscaler-terraformer)
+
+**zia_firewall_filtering_network_application_groups** can be imported by using `<GROUP_ID>` or `<GROUP_NAME>` as the import ID.
+
+For example:
+
+```shell
+terraform import zia_firewall_filtering_network_application_groups.example <group_id>
+```
+
+or
+
+```shell
+terraform import zia_firewall_filtering_network_application_groups.example <group_name>
+```
diff --git a/docs/resources/zia_firewall_filtering_network_service.md b/docs/resources/zia_firewall_filtering_network_service.md
index c6cce63f..bfc25ae1 100644
--- a/docs/resources/zia_firewall_filtering_network_service.md
+++ b/docs/resources/zia_firewall_filtering_network_service.md
@@ -71,3 +71,22 @@ The following arguments are supported:
 * `description` - (Optional) Description of the service
 * `is_name_l10n_tag` - (Optional
 * `tag` - (Optional) The following values are supported: `"ICMP_ANY`, `"UDP_ANY"`, `"TCP_ANY"`, `"OTHER_NETWORK_SERVICE"`, `"DNS"`, `"NETBIOS"`, `"FTP"`, `"GNUTELLA"`, `"H_323"`, `"HTTP"`, `"HTTPS"`, `"IKE"`, `"IMAP"`, `"ILS"`, `"IKE_NAT"`, `"IRC"`, `"LDAP"`, `"QUIC"`, `"TDS"`, `"NETMEETING"`, `"NFS"`, `"NTP"`, `"SIP"`, `"SNMP"`, `"SMB"`, `"SMTP"`, `"SSH"`, `"SYSLOG"`, `"TELNET"`, `"TRACEROUTE"`, `"POP3"`, `"PPTP"`, `"RADIUS"`, `"REAL_MEDIA"`, `"RTSP"`, `"VNC"`, `"WHOIS"`, `"KERBEROS_SEC"`, `"TACACS"`, `"SNMPTRAP"`, `"NMAP"`, `"RSYNC"`, `"L2TP"`, `"HTTP_PROXY"`, `"PC_ANYWHERE"`, `"MSN"`, `"ECHO"`, `"AIM"`, `"IDENT"`, `"YMSG"`, `"SCCP"`, `"MGCP_UA"`, `"MGCP_CA"`, `"VDO_LIVE"`, `"OPENVPN"`, `"TFTP"`, `"FTPS_IMPLICIT"`, `"ZSCALER_PROXY_NW_SERVICES"`, `"GRE_PROTOCOL"`, `"ESP_PROTOCOL"`, `"DHCP"`
+
+## Import
+
+Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language.
+[Visit](https://github.com/zscaler/zscaler-terraformer)
+
+**zia_firewall_filtering_network_service** can be imported by using `<SERVICE_ID>` or `<SERVICE_NAME>` as the import ID.
+
+For example:
+
+```shell
+terraform import zia_firewall_filtering_network_service.example <service_id>
+```
+
+or
+
+```shell
+terraform import zia_firewall_filtering_network_service.example <service_name>
+```
diff --git a/docs/resources/zia_firewall_filtering_network_service_groups.md b/docs/resources/zia_firewall_filtering_network_service_groups.md
index 42ead18f..572604ce 100644
--- a/docs/resources/zia_firewall_filtering_network_service_groups.md
+++ b/docs/resources/zia_firewall_filtering_network_service_groups.md
@@ -51,3 +51,22 @@ The following arguments are supported:
 ### Optional
 
 * `description` (Optional) - Description of the network services group
+
+## Import
+
+Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language.
+[Visit](https://github.com/zscaler/zscaler-terraformer)
+
+**firewall_filtering_network_service_groups** can be imported by using `<GROUP_ID>` or `<GROUP_NAME>` as the import ID.
+
+For example:
+
+```shell
+terraform import firewall_filtering_network_service_groups.example <group_id>
+```
+
+or
+
+```shell
+terraform import firewall_filtering_network_service_groups.example <group_name>
+```
diff --git a/docs/resources/zia_firewall_filtering_rule.md b/docs/resources/zia_firewall_filtering_rule.md
index ab6fba63..4faef571 100644
--- a/docs/resources/zia_firewall_filtering_rule.md
+++ b/docs/resources/zia_firewall_filtering_rule.md
@@ -123,3 +123,22 @@ The following arguments are supported:
 * `Other Exported Arguments`
   * `enable_full_logging` (Boolean)
   * `predefined` - (Boolean) If set to true, a predefined rule is applied
+
+## Import
+
+Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language.
+[Visit](https://github.com/zscaler/zscaler-terraformer)
+
+**zia_firewall_filtering_rule** can be imported by using `<RULE ID>` or `<RULE NAME>` as the import ID.
+
+For example:
+
+```shell
+terraform import zia_firewall_filtering_rule.example <rule_id>
+```
+
+or
+
+```shell
+terraform import zia_firewall_filtering_rule.example <rule_name>
+```
diff --git a/docs/resources/zia_forwarding_control_rule.md b/docs/resources/zia_forwarding_control_rule.md
index 1645f78d..f14ac5eb 100644
--- a/docs/resources/zia_forwarding_control_rule.md
+++ b/docs/resources/zia_forwarding_control_rule.md
@@ -197,4 +197,23 @@ In addition to all arguments above, the following attributes are exported:
 
 * `zpa_application_segment_groups` (set) List of ZPA Application Segment Groups for which this rule is applicable. This field is applicable only for the `ECZPA` forwarding method (used for Zscaler Cloud Connector).
       - `name` - (string) The configured name of the entity
-      - `external_id` - (int) Identifier that uniquely identifies an entity
\ No newline at end of file
+      - `external_id` - (int) Identifier that uniquely identifies an entity
+
+## Import
+
+Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language.
+[Visit](https://github.com/zscaler/zscaler-terraformer)
+
+**zia_forwarding_control_rule** can be imported by using `<RULE ID>` or `<RULE NAME>` as the import ID.
+
+For example:
+
+```shell
+terraform import zia_forwarding_control_rule.example <rule_id>
+```
+
+or
+
+```shell
+terraform import zia_forwarding_control_rule.example <rule_name>
+```
diff --git a/docs/resources/zia_forwarding_control_zpa_gateway.md b/docs/resources/zia_forwarding_control_zpa_gateway.md
index a655805d..f48d6938 100644
--- a/docs/resources/zia_forwarding_control_zpa_gateway.md
+++ b/docs/resources/zia_forwarding_control_zpa_gateway.md
@@ -65,3 +65,22 @@ In addition to all arguments above, the following attributes are exported:
 
 * `description` - (string) - Additional details about the ZPA gateway
 * `type` - (string) - Indicates whether the ZPA gateway is configured for Zscaler Internet Access (using option ZPA) or Zscaler Cloud Connector (using option ECZPA). Supported values: ``ZPA`` and ``ECZPA``
+
+## Import
+
+Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language.
+[Visit](https://github.com/zscaler/zscaler-terraformer)
+
+**forwarding_control_zpa_gateway** can be imported by using `<GATEWAY_ID>` or `<GATEWAY_NAME>` as the import ID.
+
+For example:
+
+```shell
+terraform import forwarding_control_zpa_gateway.example <gateway_id>
+```
+
+or
+
+```shell
+terraform import forwarding_control_zpa_gateway.example <gateway_name>
+```
diff --git a/docs/resources/zia_location_management.md b/docs/resources/zia_location_management.md
index ecc4482c..b012060d 100644
--- a/docs/resources/zia_location_management.md
+++ b/docs/resources/zia_location_management.md
@@ -106,3 +106,22 @@ The following arguments are supported:
   * `id` - (Optional) Identifier that uniquely identifies an entity
   * `name` - (Optional) The configured name of the entity
   * `extensions` - (Optional)
+
+## Import
+
+Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language.
+[Visit](https://github.com/zscaler/zscaler-terraformer)
+
+**zia_location_management** can be imported by using `<LOCATION_ID>` or `<LOCATION_NAME>` as the import ID.
+
+For example:
+
+```shell
+terraform import zia_location_management.example <location_id>
+```
+
+or
+
+```shell
+terraform import zia_location_management.example <location_name>
+```
diff --git a/docs/resources/zia_rule_labels.md b/docs/resources/zia_rule_labels.md
index acbab71b..defe305c 100644
--- a/docs/resources/zia_rule_labels.md
+++ b/docs/resources/zia_rule_labels.md
@@ -29,3 +29,22 @@ The following arguments are supported:
 ### Optional
 
 * `description` - (String) The rule label description.
+
+## Import
+
+Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language.
+[Visit](https://github.com/zscaler/zscaler-terraformer)
+
+**zia_rule_labels** can be imported by using `<LABEL_ID>` or `<LABEL_NAME>` as the import ID.
+
+For example:
+
+```shell
+terraform import zia_rule_labels.example <label_id>
+```
+
+or
+
+```shell
+terraform import zia_rule_labels.example <label_name>
+```
diff --git a/docs/resources/zia_sandbox_behavioral_analysis.md b/docs/resources/zia_sandbox_behavioral_analysis.md
index eb92c0cb..589d96bf 100644
--- a/docs/resources/zia_sandbox_behavioral_analysis.md
+++ b/docs/resources/zia_sandbox_behavioral_analysis.md
@@ -42,3 +42,16 @@ The following arguments are supported:
 * `file_hashes_to_be_blocked` - (Required) A custom list of unique MD5 file hashes that must be blocked by Sandbox. A maximum of 10000 MD5 file hashes can be blocked.
 
 **Note 3**: The Sandbox only supports MD5 hashes. The provider will validate the MD5 format prior to submission.
+
+## Import
+
+Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language.
+[Visit](https://github.com/zscaler/zscaler-terraformer)
+
+**zia_sandbox_behavioral_analysis** can be imported by using `sandbox_settings` as the import ID.
+
+For example:
+
+```shell
+terraform import zia_sandbox_behavioral_analysis.example sandbox_settings
+```
diff --git a/docs/resources/zia_security_policy_settings.md b/docs/resources/zia_security_policy_settings.md
index a5d47406..262cd1bf 100644
--- a/docs/resources/zia_security_policy_settings.md
+++ b/docs/resources/zia_security_policy_settings.md
@@ -1,36 +1,57 @@
 ---
 subcategory: "Security Policy Settings"
 layout: "zscaler"
-page_title: "ZIA: security_policy_settings"
+page_title: "ZIA: zia_security_settings"
 description: |-
-  Add or Remove a URL to and from the allow and deny list in the advanced threat protection.
+  Add or Remove URLs for whitelisting or blacklisting in the Malware and Advanced Threat Protection.
 ---
 
-# Resource: zia_security_policy_settings
+# Resource: zia_security_settings
 
-The **zia_security_policy_settings** resource alows you to add or remove a URL to the allow and denylist under the Advanced Threat Protection policy in the Zscaler Internet Access cloud or via the API.
+The **zia_security_settings** resource alows you to add or remove a URL to the allow and denylist under the Advanced Threat Protection policy in the Zscaler Internet Access cloud or via the API.
 
 ## Example Usage
 
 ```hcl
-# Add URLs to Whitelist
-resource "zia_security_settings" "test"{
-    whitelist_urls = []
+# Add URLs to ZIA Whitelist - Malware Protection
+resource "zia_security_settings" "this" {
+  whitelist_urls = [
+    "resource5.acme.net",
+    "resource6.acme.net",
+    "resource7.acme.net",
+    "resource8.acme.net",
+  ]
 }
 ```
 
 ```hcl
-# Add URLs to Blacklist
-resource "zia_security_settings" "test"{
-    blacklist_urls = []
+# Add URLs to ZIA Blacklist - Advanced Threat Protection
+resource "zia_security_settings" "this" {
+  blacklist_urls = [
+    "resource1.acme.net",
+    "resource2.acme.net",
+    "resource3.acme.net",
+    "resource4.acme.net",
+  ]
 }
 ```
 
 ```hcl
 # Add URLs to both Whitelist and Blacklist
-resource "zia_security_settings" "test"{
-    whitelist_urls = []
-    blacklist_urls = []
+# Advanced Threat Protection & Malware Protection
+resource "zia_security_settings" "this" {
+  whitelist_urls = [
+    "resource5.acme.net",
+    "resource6.acme.net",
+    "resource7.acme.net",
+    "resource8.acme.net",
+  ]
+  blacklist_urls = [
+    "resource1.acme.net",
+    "resource2.acme.net",
+    "resource3.acme.net",
+    "resource4.acme.net",
+  ]
 }
 ```
 
@@ -40,5 +61,18 @@ The following arguments are supported:
 
 ### Optional
 
-* `whitelist_urls` - (Required) Allowlist URLs whose contents will not be scanned. Allows up to 255 URLs
-* `blacklist_urls` - (Optional) URLs on the denylist for your organization. Allow up to 25000 URLs.
+* `whitelist_urls` - (Required) Allowlist URLs whose contents will not be scanned. Allows up to `255` URLs
+* `blacklist_urls` - (Optional) URLs on the denylist for your organization. Allow up to `25000` URLs.
+
+## Import
+
+Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language.
+[Visit](https://github.com/zscaler/zscaler-terraformer)
+
+**zia_security_settings** can be imported by using `all_urls` as the import ID.
+
+For example:
+
+```shell
+terraform import zia_security_settings.example all_urls
+```
diff --git a/docs/resources/zia_traffic_forwarding_gre_tunnel.md b/docs/resources/zia_traffic_forwarding_gre_tunnel.md
index ab99630c..aadf4fd0 100644
--- a/docs/resources/zia_traffic_forwarding_gre_tunnel.md
+++ b/docs/resources/zia_traffic_forwarding_gre_tunnel.md
@@ -124,3 +124,22 @@ The following arguments are supported:
   * `virtual_ip` (Optional) GRE cluster virtual IP address (VIP)
 
 * `internal_ip_range` (Optional) The start of the internal IP address in /29 CIDR range. Automatically set by the provider if `ip_unnumbered` is set to `false`.
+
+## Import
+
+Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language.
+[Visit](https://github.com/zscaler/zscaler-terraformer)
+
+**zia_traffic_forwarding_gre_tunnel** can be imported by using `<TUNNEL_ID>` as the import ID.
+
+For example:
+
+```shell
+terraform import zia_traffic_forwarding_gre_tunnel.example <tunnel_id>
+```
+
+or
+
+```shell
+terraform import zia_traffic_forwarding_gre_tunnel.example <engine_name>
+```
diff --git a/docs/resources/zia_traffic_forwarding_static_ip.md b/docs/resources/zia_traffic_forwarding_static_ip.md
index a9af38ee..35a6d2e3 100644
--- a/docs/resources/zia_traffic_forwarding_static_ip.md
+++ b/docs/resources/zia_traffic_forwarding_static_ip.md
@@ -47,6 +47,9 @@ The following arguments are supported:
 
 ## Import
 
+Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language.
+[Visit](https://github.com/zscaler/zscaler-terraformer)
+
 Static IP resources can be imported by using `<STATIC IP ID>` or `<IP ADDRESS>`as the import ID.
 
 ```shell
diff --git a/docs/resources/zia_traffic_forwarding_vpn_credentials.md b/docs/resources/zia_traffic_forwarding_vpn_credentials.md
index cd7f3fe0..2847e226 100644
--- a/docs/resources/zia_traffic_forwarding_vpn_credentials.md
+++ b/docs/resources/zia_traffic_forwarding_vpn_credentials.md
@@ -66,14 +66,11 @@ The following arguments are supported:
 
 ## Import
 
-Static IP resources can be imported by using `<STATIC IP ID>` or `<IP ADDRESS>`as the import ID.
+Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language.
+[Visit](https://github.com/zscaler/zscaler-terraformer)
 
-```shell
-terraform import zia_traffic_forwarding_static_ip.example <static_ip_id>
-```
-
-or
+**zia_traffic_forwarding_vpn_credentials** can be imported by using `<VPN_ID>` as the import ID.
 
 ```shell
-terraform import zpa_app_connector_group.example <ip_address>
+terraform import zia_traffic_forwarding_vpn_credentials.example <vpn_id>
 ```
diff --git a/docs/resources/zia_url_categories.md b/docs/resources/zia_url_categories.md
index 3a356446..5a3247b1 100644
--- a/docs/resources/zia_url_categories.md
+++ b/docs/resources/zia_url_categories.md
@@ -60,6 +60,8 @@ The following arguments are supported:
 * `custom_urls_count` - (Optional) The number of custom URLs associated to the URL category.
 * `db_categorized_urls` - (Optional) URLs added to a custom URL category are also retained under the original parent URL category (i.e., the predefined category the URL previously belonged to).
 * `ip_ranges` - (Optional) Custom IP address ranges associated to a URL category. Up to 2000 custom IP address ranges and retaining parent custom IP address ranges can be added, per organization, across all categories.
+⚠️ **NOTE :**: This field is available only if the option to configure custom IP ranges is enabled for your organization. To enable this option, contact Zscaler Support.
+
 * `ip_ranges_retaining_parent_category` - (Optional) The retaining parent custom IP address ranges associated to a URL category. Up to 2000 custom IP ranges and retaining parent custom IP address ranges can be added, per organization, across all categories.
 * `ip_ranges_retaining_parent_category_count` - (Optional) The number of custom IP address ranges associated to the URL category, that also need to be retained under the original parent category.
 * `custom_ip_ranges_count` - (Optional) The number of custom IP address ranges associated to the URL category.
@@ -80,3 +82,24 @@ The following arguments are supported:
   * `retain_parent_url_count` - (Optional) Count of URLs with retain parent category.
   * `total_keyword_count` - (Optional) Total keyword count for the category.
   * `retain_parent_keyword_count` - (Optional) Count of total keywords with retain parent category.
+
+## Import
+
+Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language.
+[Visit](https://github.com/zscaler/zscaler-terraformer)
+
+**zia_url_categories** can be imported by using `<CATEGORY_ID>` or `<CATEGORY_NAME>` as the import ID.
+
+For example:
+
+```shell
+terraform import zia_url_categories.example <category_id>
+```
+
+or
+
+```shell
+terraform import zia_url_categories.example <category_name>
+```
+
+⚠️ **NOTE :**:  This provider only supports the importing of custom URL categories. The importing of built-in categories is not supported.
diff --git a/docs/resources/zia_url_filtering_rules.md b/docs/resources/zia_url_filtering_rules.md
index 86636e6f..940614fb 100644
--- a/docs/resources/zia_url_filtering_rules.md
+++ b/docs/resources/zia_url_filtering_rules.md
@@ -119,3 +119,22 @@ The following arguments are supported:
 * `workload_groups` (Optional) The list of preconfigured workload groups to which the policy must be applied
   * `id` - (Optional) A unique identifier assigned to the workload group
   * `name` - (Optional) The name of the workload group
+
+## Import
+
+Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language.
+[Visit](https://github.com/zscaler/zscaler-terraformer)
+
+**zia_url_filtering_rules** can be imported by using `<RULE_ID>` or `<RULE_NAME>` as the import ID.
+
+For example:
+
+```shell
+terraform import zia_url_filtering_rules.example <rule_id>
+```
+
+or
+
+```shell
+terraform import zia_url_filtering_rules.example <rule_name>
+```
diff --git a/docs/resources/zia_user_management.md b/docs/resources/zia_user_management.md
index 308cccec..85548246 100644
--- a/docs/resources/zia_user_management.md
+++ b/docs/resources/zia_user_management.md
@@ -60,3 +60,24 @@ The following attributes are supported:
 * `comments` - (Optional) Additional information about this user.
 * `temp_auth_email` - (Optional) Temporary Authentication Email. If you enabled one-time tokens or links, enter the email address to which the Zscaler service sends the tokens or links. If this is empty, the service will send the email to the User email.
 * `auth_methods` - (Optional) Type of authentication method to be enabled. Supported values are: ``BASIC`` and ``DIGEST``
+
+## Import
+
+Zscaler offers a dedicated tool called Zscaler-Terraformer to allow the automated import of ZIA configurations into Terraform-compliant HashiCorp Configuration Language.
+[Visit](https://github.com/zscaler/zscaler-terraformer)
+
+**zia_user_management** can be imported by using `<USER_ID>` or `<USERNAME>` as the import ID.
+
+For example:
+
+```shell
+terraform import zia_user_management.example <user_id>
+```
+
+or
+
+```shell
+terraform import zia_user_management.example <name>
+```
+
+⚠️ **NOTE :**:  This provider do not import the password attribute value during the importing process.
diff --git a/examples/zia_security_settings/basic.tf b/examples/zia_security_settings/basic.tf
new file mode 100644
index 00000000..b66a41a2
--- /dev/null
+++ b/examples/zia_security_settings/basic.tf
@@ -0,0 +1,35 @@
+# Add URLs to ZIA Whitelist and BlackList - Advanced Threat Protection & Malware Protection respectively
+resource "zia_security_settings" "this" {
+  whitelist_urls = [
+    "resource5.acme.net",
+    "resource6.acme.net",
+    "resource7.acme.net",
+    "resource8.acme.net",
+  ]
+  blacklist_urls = [
+    "resource1.acme.net",
+    "resource2.acme.net",
+    "resource3.acme.net",
+    "resource4.acme.net",
+  ]
+}
+
+# Add URLs to ZIA Blacklist - Advanced Threat Protection
+resource "zia_security_settings" "this" {
+  blacklist_urls = [
+    "resource1.acme.net",
+    "resource2.acme.net",
+    "resource3.acme.net",
+    "resource4.acme.net",
+  ]
+}
+
+# Add URLs to ZIA Whitelist - Malware Protection
+resource "zia_security_settings" "this" {
+  whitelist_urls = [
+    "resource5.acme.net",
+    "resource6.acme.net",
+    "resource7.acme.net",
+    "resource8.acme.net",
+  ]
+}
\ No newline at end of file
diff --git a/go.mod b/go.mod
index 46acf419..a86257cf 100644
--- a/go.mod
+++ b/go.mod
@@ -1,6 +1,8 @@
 module github.com/zscaler/terraform-provider-zia/v2
 
-go 1.20
+go 1.21
+
+toolchain go1.22.0
 
 require (
 	github.com/biter777/countries v1.7.3
diff --git a/go.sum b/go.sum
index 596f6224..a59806e5 100644
--- a/go.sum
+++ b/go.sum
@@ -31,6 +31,7 @@ cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohl
 cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs=
 cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0=
 dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk=
+dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk=
 dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
@@ -40,6 +41,7 @@ github.com/Masterminds/sprig v2.22.0+incompatible/go.mod h1:y6hNFY5UBTIWBxnzTeuN
 github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA=
 github.com/Microsoft/go-winio v0.4.16/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0=
 github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migciow=
+github.com/Microsoft/go-winio v0.6.1/go.mod h1:LRdKpFKfdobln8UmuiYcKPot9D2v6svN5+sAH+4kjUM=
 github.com/ProtonMail/go-crypto v1.1.0-alpha.0 h1:nHGfwXmFvJrSR9xu8qL7BkO4DqTHXE9N5vPhgY2I+j0=
 github.com/ProtonMail/go-crypto v1.1.0-alpha.0/go.mod h1:rA3QumHc/FZ8pAHreoekgiAbzpNsfQAosU5td4SnOrE=
 github.com/agext/levenshtein v1.2.1/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558=
@@ -71,6 +73,7 @@ github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kB
 github.com/biter777/countries v1.7.3 h1:9b3aVQTrr+eOt9iE4t012iP4HtH7asM+fnF0dpVWGns=
 github.com/biter777/countries v1.7.3/go.mod h1:1HSpZ526mYqKJcpT5Ti1kcGQ0L0SrXWIaptUWjFfv2E=
 github.com/bufbuild/protocompile v0.4.0 h1:LbFKd2XowZvQ/kajzguUp2DC9UEIQhIq77fZZlaQsNA=
+github.com/bufbuild/protocompile v0.4.0/go.mod h1:3v93+mbWn/v3xzN+31nwkJfrEpAUwp+BagBSZWx+TP8=
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
 github.com/cheggaaa/pb v1.0.27/go.mod h1:pQciLPpbU0oxA0h+VJYYLxO+XeDQb5pZijXscXHm81s=
 github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
@@ -82,11 +85,13 @@ github.com/cloudflare/circl v1.3.7/go.mod h1:sRTcRWXGLrKw6yIGJ+l7amYJFfAXbZG0kBS
 github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
 github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
 github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg=
+github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/emirpasic/gods v1.12.0/go.mod h1:YfzfFFoVP/catgzJb4IKIqXjX78Ha8FMSDh3ymbK86o=
 github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc=
+github.com/emirpasic/gods v1.18.1/go.mod h1:8tpGGwCnJ5H4r6BWwaV6OrWmMoPhUl5jm/FMNAnJvWQ=
 github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
@@ -101,12 +106,15 @@ github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI
 github.com/gliderlabs/ssh v0.2.2/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0=
 github.com/go-git/gcfg v1.5.0/go.mod h1:5m20vg6GwYabIxaOonVkTdrILxQMpEShl1xiMF4ua+E=
 github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 h1:+zs/tPmkDkHx3U66DAb0lQFJrpS6731Oaa12ikc+DiI=
+github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376/go.mod h1:an3vInlBmSxCcxctByoQdvwPiA7DTK7jaaFDBTtu0ic=
 github.com/go-git/go-billy/v5 v5.0.0/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0=
 github.com/go-git/go-billy/v5 v5.1.0/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0=
 github.com/go-git/go-billy/v5 v5.5.0 h1:yEY4yhzCDuMGSv83oGxiBotRzhwhNr8VZyphhiu+mTU=
+github.com/go-git/go-billy/v5 v5.5.0/go.mod h1:hmexnoNsr2SJU1Ju67OaNz5ASJY3+sHgFRpCtpDCKow=
 github.com/go-git/go-git-fixtures/v4 v4.0.2-0.20200613231340-f56387b50c12/go.mod h1:m+ICp2rF3jDhFgEZ/8yziagdT1C+ZpZcrJjappBCDSw=
 github.com/go-git/go-git/v5 v5.3.0/go.mod h1:xdX4bWJ48aOrdhnl2XqHYstHbbp6+LFS4r4X+lNVprw=
 github.com/go-git/go-git/v5 v5.11.0 h1:XIZc1p+8YzypNr34itUfSvYJcv+eYdTnTvOZ2vD3cA4=
+github.com/go-git/go-git/v5 v5.11.0/go.mod h1:6GFcX2P3NM7FPBfpePbpLd21XxsgdAt+lKqXmCUiUCY=
 github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
 github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
 github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
@@ -117,6 +125,7 @@ github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4er
 github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
+github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
 github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
 github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y=
@@ -157,6 +166,7 @@ github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
 github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
 github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8=
+github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
 github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
 github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0=
 github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
@@ -251,6 +261,7 @@ github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i
 github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4=
 github.com/jhump/protoreflect v1.6.0/go.mod h1:eaTn3RZAmMBcV0fifFvlm6VHNz3wSkYyXYWUh7ymB74=
 github.com/jhump/protoreflect v1.15.1 h1:HUMERORf3I3ZdX05WaQ6MIpd/NJ434hTp5YiKgfCL6c=
+github.com/jhump/protoreflect v1.15.1/go.mod h1:jD/2GMKKE6OqX8qTjhADU1e6DShO+gavG9e0Q693nKo=
 github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
 github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo=
 github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U=
@@ -258,6 +269,7 @@ github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1
 github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk=
 github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM=
 github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4gf13a4=
+github.com/kevinburke/ssh_config v1.2.0/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM=
 github.com/keybase/go-crypto v0.0.0-20161004153544-93f5b35093ba/go.mod h1:ghbZscTyKdM07+Fw3KSi0hcJm+AlEUWj8QLlPtijN/M=
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
 github.com/klauspost/compress v1.11.2/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs=
@@ -316,6 +328,7 @@ github.com/oklog/run v1.1.0 h1:GEenZ1cK0+q0+wsJew9qUg/DyD8k3JzYsZAi5gYi2mA=
 github.com/oklog/run v1.1.0/go.mod h1:sVPdnTZT1zYwAJeCMu2Th4T21pA3FPOQRfWjQlk7DVU=
 github.com/pierrec/lz4 v2.0.5+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY=
 github.com/pjbgf/sha1cd v0.3.0 h1:4D5XXmUUBUl/xQ6IjCkEAbqXskkq/4O7LmGn0AqMDs4=
+github.com/pjbgf/sha1cd v0.3.0/go.mod h1:nZ1rrWOcGJ5uZgEEVL1VUM9iRQiZvWdbZjkKyFzPPsI=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
@@ -330,6 +343,7 @@ github.com/sergi/go-diff v1.2.0 h1:XU+rvMAioB0UC3q1MFrIQy4Vo5/4VsRDQQXHsEya6xQ=
 github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM=
 github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q=
 github.com/skeema/knownhosts v1.2.1 h1:SHWdIUa82uGZz+F+47k8SY4QhhI291cXCpopT1lK2AQ=
+github.com/skeema/knownhosts v1.2.1/go.mod h1:xYbVRSPxqBZFrdmDyMmsOs+uX1UZC3nTN3ThzgDxUwo=
 github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk=
 github.com/spf13/pflag v1.0.2/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
 github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
@@ -342,6 +356,7 @@ github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals=
 github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
+github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
 github.com/ulikunitz/xz v0.5.8/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
 github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk=
 github.com/vmihailenco/msgpack v4.0.4+incompatible h1:dSLoQfGFAo3F6OoNhwUmLwVgaUXK79GlxNBwueZn0xI=
@@ -354,6 +369,7 @@ github.com/vmihailenco/tagparser/v2 v2.0.0 h1:y09buUbR+b5aycVFQs/g70pqKVZNBmxwAh
 github.com/vmihailenco/tagparser/v2 v2.0.0/go.mod h1:Wri+At7QHww0WTrCBeu4J6bNtoV6mEfg5OIWRZA9qds=
 github.com/xanzy/ssh-agent v0.3.0/go.mod h1:3s9xbODqPuuhK9JV1R321M/FlMZSBvE5aY6eAcqrDh0=
 github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM=
+github.com/xanzy/ssh-agent v0.3.3/go.mod h1:6dzNDKs0J9rVPHPhaGCukekBHKqfl+L3KghI1Bc68Uw=
 github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
@@ -520,6 +536,7 @@ golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.17.0 h1:mkTF7LCd6WGJNL3K1Ad7kwxNfYAW6a8a8QqtMblp/4U=
+golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -577,6 +594,7 @@ golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82u
 golang.org/x/tools v0.0.0-20201028111035-eafbe7b904eb/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
 golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
 golang.org/x/tools v0.13.0 h1:Iey4qkscZuv0VvIt8E0neZjtPVQFSc870HQ448QgEmQ=
+golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
diff --git a/zia/resource_zia_admin_users_test.go b/zia/resource_zia_admin_users_test.go
index 5047d7e2..bdbec5b0 100644
--- a/zia/resource_zia_admin_users_test.go
+++ b/zia/resource_zia_admin_users_test.go
@@ -54,6 +54,15 @@ func TestAccResourceAdminUsersBasic(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceTypeAndName, "admin_scope_entities.#", "1"),
 				),
 			},
+			// Import test
+			{
+				ResourceName:      resourceTypeAndName,
+				ImportState:       true,
+				ImportStateVerify: true,
+				ImportStateVerifyIgnore: []string{
+					"password",
+				},
+			},
 		},
 	})
 }
diff --git a/zia/resource_zia_auth_settings_urls.go b/zia/resource_zia_auth_settings_urls.go
index 985905bd..defa373e 100644
--- a/zia/resource_zia_auth_settings_urls.go
+++ b/zia/resource_zia_auth_settings_urls.go
@@ -1,6 +1,8 @@
 package zia
 
 import (
+	"fmt"
+
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/zscaler/zscaler-sdk-go/v2/zia/services/user_authentication_settings"
 )
@@ -11,6 +13,26 @@ func resourceAuthSettingsUrls() *schema.Resource {
 		Create: resourceAuthSettingsUrlsCreate,
 		Update: resourceAuthSettingsUrlsUpdate,
 		Delete: resourceAuthSettingsUrlsDelete,
+		Importer: &schema.ResourceImporter{
+			State: func(d *schema.ResourceData, m interface{}) ([]*schema.ResourceData, error) {
+				zClient := m.(*Client)
+
+				urls, err := zClient.user_authentication_settings.Get()
+				if err != nil {
+					return nil, fmt.Errorf("error fetching urls from exception list: %s", err)
+				}
+
+				if urls != nil {
+					if err := d.Set("urls", urls.URLs); err != nil {
+						return nil, fmt.Errorf("error setting urls: %s", err)
+					}
+				}
+
+				d.SetId("all_urls")
+
+				return []*schema.ResourceData{d}, nil
+			},
+		},
 		Schema: map[string]*schema.Schema{
 			"urls": {
 				Type:     schema.TypeSet,
diff --git a/zia/resource_zia_auth_settings_urls_test.go b/zia/resource_zia_auth_settings_urls_test.go
index 745fe18b..86649790 100644
--- a/zia/resource_zia_auth_settings_urls_test.go
+++ b/zia/resource_zia_auth_settings_urls_test.go
@@ -32,6 +32,12 @@ func TestAccResourceAuthSettingsUrls_basic(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceName, "urls.0", ".newexample.com"),
 				),
 			},
+			// Import test
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
 		},
 	})
 }
diff --git a/zia/resource_zia_forwarding_control_rule_test.go b/zia/resource_zia_forwarding_control_rule_test.go
index 5a81fd44..4826d465 100644
--- a/zia/resource_zia_forwarding_control_rule_test.go
+++ b/zia/resource_zia_forwarding_control_rule_test.go
@@ -72,6 +72,12 @@ func TestAccResourceForwardingControlRuleBasic(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceTypeAndName, "dest_ip_groups.0.id.#", "1"),
 				),
 			},
+			// Import test
+			{
+				ResourceName:      resourceTypeAndName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
 		},
 	})
 }
diff --git a/zia/resource_zia_fw_filtering_ip_destination_groups.go b/zia/resource_zia_fw_filtering_ip_destination_groups.go
index 5912f43e..5162f9a3 100644
--- a/zia/resource_zia_fw_filtering_ip_destination_groups.go
+++ b/zia/resource_zia_fw_filtering_ip_destination_groups.go
@@ -27,12 +27,12 @@ func resourceFWIPDestinationGroups() *schema.Resource {
 				id := d.Id()
 				idInt, parseIDErr := strconv.ParseInt(id, 10, 64)
 				if parseIDErr == nil {
-					_ = d.Set("ip_destination_id", idInt)
+					_ = d.Set("group_id", idInt)
 				} else {
 					resp, err := zClient.ipdestinationgroups.GetByName(id)
 					if err == nil {
 						d.SetId(strconv.Itoa(resp.ID))
-						_ = d.Set("ip_destination_id", resp.ID)
+						_ = d.Set("group_id", resp.ID)
 					} else {
 						return []*schema.ResourceData{d}, err
 					}
@@ -47,7 +47,7 @@ func resourceFWIPDestinationGroups() *schema.Resource {
 				Computed:    true,
 				Description: "Unique identifer for the destination IP group",
 			},
-			"ip_destination_id": {
+			"group_id": {
 				Type:        schema.TypeInt,
 				Computed:    true,
 				Description: "Unique identifer for the destination IP group",
@@ -111,14 +111,14 @@ func resourceFWIPDestinationGroupsCreate(d *schema.ResourceData, m interface{})
 
 	log.Printf("[INFO] Created zia ip destination groups request. ID: %v\n", resp)
 	d.SetId(strconv.Itoa(resp.ID))
-	_ = d.Set("ip_destination_id", resp.ID)
+	_ = d.Set("group_id", resp.ID)
 	return resourceFWIPDestinationGroupsRead(d, m)
 }
 
 func resourceFWIPDestinationGroupsRead(d *schema.ResourceData, m interface{}) error {
 	zClient := m.(*Client)
 
-	id, ok := getIntFromResourceData(d, "ip_destination_id")
+	id, ok := getIntFromResourceData(d, "group_id")
 	if !ok {
 		return fmt.Errorf("no ip destination groups id is set")
 	}
@@ -141,7 +141,7 @@ func resourceFWIPDestinationGroupsRead(d *schema.ResourceData, m interface{}) er
 	log.Printf("[INFO] Getting zia ip destination groups:\n%+v\n", resp)
 
 	d.SetId(fmt.Sprintf("%d", resp.ID))
-	_ = d.Set("ip_destination_id", resp.ID)
+	_ = d.Set("group_id", resp.ID)
 	_ = d.Set("name", resp.Name)
 	_ = d.Set("type", resp.Type)
 	_ = d.Set("addresses", resp.Addresses)
@@ -165,7 +165,7 @@ func resourceFWIPDestinationGroupsUpdate(d *schema.ResourceData, m interface{})
 	}
 
 	zClient := m.(*Client)
-	id, ok := getIntFromResourceData(d, "ip_destination_id")
+	id, ok := getIntFromResourceData(d, "group_id")
 	if !ok {
 		return fmt.Errorf("[ERROR] IP destination groups ID not set: %v", id)
 	}
@@ -184,7 +184,7 @@ func resourceFWIPDestinationGroupsUpdate(d *schema.ResourceData, m interface{})
 func resourceFWIPDestinationGroupsDelete(d *schema.ResourceData, m interface{}) error {
 	zClient := m.(*Client)
 
-	id, ok := getIntFromResourceData(d, "ip_destination_id")
+	id, ok := getIntFromResourceData(d, "group_id")
 	if !ok {
 		log.Printf("[ERROR] ip destination groups ID not set: %v\n", id)
 	}
diff --git a/zia/resource_zia_fw_filtering_ip_source_groups.go b/zia/resource_zia_fw_filtering_ip_source_groups.go
index fbeb70cb..1b4d4dcf 100644
--- a/zia/resource_zia_fw_filtering_ip_source_groups.go
+++ b/zia/resource_zia_fw_filtering_ip_source_groups.go
@@ -26,12 +26,12 @@ func resourceFWIPSourceGroups() *schema.Resource {
 				id := d.Id()
 				idInt, parseIDErr := strconv.ParseInt(id, 10, 64)
 				if parseIDErr == nil {
-					_ = d.Set("ip_source_group_id", idInt)
+					_ = d.Set("group_id", idInt)
 				} else {
 					resp, err := zClient.ipsourcegroups.GetByName(id)
 					if err == nil {
 						d.SetId(strconv.Itoa(resp.ID))
-						_ = d.Set("ip_source_group_id", resp.ID)
+						_ = d.Set("group_id", resp.ID)
 					} else {
 						return []*schema.ResourceData{d}, err
 					}
@@ -45,7 +45,7 @@ func resourceFWIPSourceGroups() *schema.Resource {
 				Type:     schema.TypeString,
 				Computed: true,
 			},
-			"ip_source_group_id": {
+			"group_id": {
 				Type:     schema.TypeInt,
 				Computed: true,
 			},
@@ -80,14 +80,14 @@ func resourceFWIPSourceGroupsCreate(d *schema.ResourceData, m interface{}) error
 	}
 	log.Printf("[INFO] Created zia ip source groups request. ID: %v\n", resp)
 	d.SetId(strconv.Itoa(resp.ID))
-	_ = d.Set("ip_source_group_id", resp.ID)
+	_ = d.Set("group_id", resp.ID)
 	return resourceFWIPSourceGroupsRead(d, m)
 }
 
 func resourceFWIPSourceGroupsRead(d *schema.ResourceData, m interface{}) error {
 	zClient := m.(*Client)
 
-	id, ok := getIntFromResourceData(d, "ip_source_group_id")
+	id, ok := getIntFromResourceData(d, "group_id")
 	if !ok {
 		return fmt.Errorf("no ip source groups id is set")
 	}
@@ -105,7 +105,7 @@ func resourceFWIPSourceGroupsRead(d *schema.ResourceData, m interface{}) error {
 	log.Printf("[INFO] Getting zia ip source groups:\n%+v\n", resp)
 
 	d.SetId(fmt.Sprintf("%d", resp.ID))
-	_ = d.Set("ip_source_group_id", resp.ID)
+	_ = d.Set("group_id", resp.ID)
 	_ = d.Set("name", resp.Name)
 	_ = d.Set("ip_addresses", resp.IPAddresses)
 	_ = d.Set("description", resp.Description)
@@ -116,7 +116,7 @@ func resourceFWIPSourceGroupsRead(d *schema.ResourceData, m interface{}) error {
 func resourceFWIPSourceGroupsUpdate(d *schema.ResourceData, m interface{}) error {
 	zClient := m.(*Client)
 
-	id, ok := getIntFromResourceData(d, "ip_source_group_id")
+	id, ok := getIntFromResourceData(d, "group_id")
 	if !ok {
 		log.Printf("[ERROR] ip source groups ID not set: %v\n", id)
 	}
@@ -138,7 +138,7 @@ func resourceFWIPSourceGroupsUpdate(d *schema.ResourceData, m interface{}) error
 func resourceFWIPSourceGroupsDelete(d *schema.ResourceData, m interface{}) error {
 	zClient := m.(*Client)
 
-	id, ok := getIntFromResourceData(d, "ip_source_group_id")
+	id, ok := getIntFromResourceData(d, "group_id")
 	if !ok {
 		log.Printf("[ERROR] ip source groups ID not set: %v\n", id)
 	}
diff --git a/zia/resource_zia_fw_filtering_network_application_groups.go b/zia/resource_zia_fw_filtering_network_application_groups.go
index f007c165..f786c81e 100644
--- a/zia/resource_zia_fw_filtering_network_application_groups.go
+++ b/zia/resource_zia_fw_filtering_network_application_groups.go
@@ -106,6 +106,7 @@ func resourceFWNetworkApplicationGroupsRead(d *schema.ResourceData, m interface{
 
 	d.SetId(fmt.Sprintf("%d", resp.ID))
 	_ = d.Set("app_id", resp.ID)
+	_ = d.Set("name", resp.Name)
 	_ = d.Set("network_applications", resp.NetworkApplications)
 	_ = d.Set("description", resp.Description)
 
diff --git a/zia/resource_zia_fw_filtering_network_application_groups_test.go b/zia/resource_zia_fw_filtering_network_application_groups_test.go
index f1a04f8d..a4f440c1 100644
--- a/zia/resource_zia_fw_filtering_network_application_groups_test.go
+++ b/zia/resource_zia_fw_filtering_network_application_groups_test.go
@@ -47,6 +47,12 @@ func TestAccResourceFWNetworkApplicationGroupsBasic(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceTypeAndName, "network_applications.#", "11"),
 				),
 			},
+			// Import test
+			{
+				ResourceName:      resourceTypeAndName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
 		},
 	})
 }
diff --git a/zia/resource_zia_fw_filtering_network_services_groups.go b/zia/resource_zia_fw_filtering_network_services_groups.go
index 24a19fb4..98a15963 100644
--- a/zia/resource_zia_fw_filtering_network_services_groups.go
+++ b/zia/resource_zia_fw_filtering_network_services_groups.go
@@ -26,12 +26,12 @@ func resourceFWNetworkServiceGroups() *schema.Resource {
 				id := d.Id()
 				idInt, parseIDErr := strconv.ParseInt(id, 10, 64)
 				if parseIDErr == nil {
-					_ = d.Set("network_service_group_id", idInt)
+					_ = d.Set("group_id", idInt)
 				} else {
 					resp, err := zClient.networkservicegroups.GetNetworkServiceGroupsByName(id)
 					if err == nil {
 						d.SetId(strconv.Itoa(resp.ID))
-						_ = d.Set("network_service_group_id", resp.ID)
+						_ = d.Set("group_id", resp.ID)
 					} else {
 						return []*schema.ResourceData{d}, err
 					}
@@ -45,7 +45,7 @@ func resourceFWNetworkServiceGroups() *schema.Resource {
 				Type:     schema.TypeString,
 				Computed: true,
 			},
-			"network_service_group_id": {
+			"group_id": {
 				Type:     schema.TypeInt,
 				Computed: true,
 			},
@@ -92,14 +92,14 @@ func resourceFWNetworkServiceGroupsCreate(d *schema.ResourceData, m interface{})
 	}
 	log.Printf("[INFO] Created zia network service groups request. ID: %v\n", resp)
 	d.SetId(strconv.Itoa(resp.ID))
-	_ = d.Set("network_service_group_id", resp.ID)
+	_ = d.Set("group_id", resp.ID)
 	return resourceFWNetworkServiceGroupsRead(d, m)
 }
 
 func resourceFWNetworkServiceGroupsRead(d *schema.ResourceData, m interface{}) error {
 	zClient := m.(*Client)
 
-	id, ok := getIntFromResourceData(d, "network_service_group_id")
+	id, ok := getIntFromResourceData(d, "group_id")
 	if !ok {
 		return fmt.Errorf("no network service groups id is set")
 	}
@@ -117,7 +117,7 @@ func resourceFWNetworkServiceGroupsRead(d *schema.ResourceData, m interface{}) e
 	log.Printf("[INFO] Getting network service groups :\n%+v\n", resp)
 
 	d.SetId(fmt.Sprintf("%d", resp.ID))
-	_ = d.Set("network_service_group_id", resp.ID)
+	_ = d.Set("group_id", resp.ID)
 	_ = d.Set("name", resp.Name)
 	_ = d.Set("description", resp.Description)
 
@@ -143,7 +143,7 @@ func flattenServicesSimple(list []networkservicegroups.Services) []interface{} {
 func resourceFWNetworkServiceGroupsUpdate(d *schema.ResourceData, m interface{}) error {
 	zClient := m.(*Client)
 
-	id, ok := getIntFromResourceData(d, "network_service_group_id")
+	id, ok := getIntFromResourceData(d, "group_id")
 	if !ok {
 		log.Printf("[ERROR] network service groups ID not set: %v\n", id)
 	}
@@ -165,7 +165,7 @@ func resourceFWNetworkServiceGroupsUpdate(d *schema.ResourceData, m interface{})
 func resourceFWNetworkServiceGroupsDelete(d *schema.ResourceData, m interface{}) error {
 	zClient := m.(*Client)
 
-	id, ok := getIntFromResourceData(d, "network_service_group_id")
+	id, ok := getIntFromResourceData(d, "group_id")
 	if !ok {
 		log.Printf("[ERROR] network service groups ID not set: %v\n", id)
 	}
@@ -193,7 +193,7 @@ func resourceFWNetworkServiceGroupsDelete(d *schema.ResourceData, m interface{})
 }
 
 func expandNetworkServiceGroups(d *schema.ResourceData) networkservicegroups.NetworkServiceGroups {
-	id, _ := getIntFromResourceData(d, "network_service_group_id")
+	id, _ := getIntFromResourceData(d, "group_id")
 	result := networkservicegroups.NetworkServiceGroups{
 		ID:          id,
 		Name:        d.Get("name").(string),
diff --git a/zia/resource_zia_fw_filtering_network_services_groups_test.go b/zia/resource_zia_fw_filtering_network_services_groups_test.go
index 7e872b87..3d74480b 100644
--- a/zia/resource_zia_fw_filtering_network_services_groups_test.go
+++ b/zia/resource_zia_fw_filtering_network_services_groups_test.go
@@ -47,6 +47,12 @@ func TestAccResourceFWNetworkServiceGroupsBasic(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceTypeAndName, "services.#", "1"),
 				),
 			},
+			// Import test
+			{
+				ResourceName:      resourceTypeAndName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
 		},
 	})
 }
diff --git a/zia/resource_zia_sandbox_behavioral_analysis_advanced_settings.go b/zia/resource_zia_sandbox_behavioral_analysis_advanced_settings.go
index 547f5c29..57327d66 100644
--- a/zia/resource_zia_sandbox_behavioral_analysis_advanced_settings.go
+++ b/zia/resource_zia_sandbox_behavioral_analysis_advanced_settings.go
@@ -15,6 +15,31 @@ func resourceSandboxSettings() *schema.Resource {
 		Read:   resourceSandboxSettingsRead,
 		Update: resourceSandboxSettingsUpdate,
 		Delete: resourceSandboxSettingsDelete,
+		Importer: &schema.ResourceImporter{
+			State: func(d *schema.ResourceData, m interface{}) ([]*schema.ResourceData, error) {
+				zClient := m.(*Client)
+
+				// Use the Get method from the SDK to fetch the MD5 file hashes
+				hashes, err := zClient.sandbox_settings.Get()
+				if err != nil {
+					return nil, fmt.Errorf("error fetching MD5 file hashes: %s", err)
+				}
+
+				// Assuming BaAdvancedSettings struct contains a slice of MD5 hashes under the attribute name "FileHashesToBeBlocked"
+				if hashes != nil {
+					if err := d.Set("file_hashes_to_be_blocked", hashes.FileHashesToBeBlocked); err != nil {
+						return nil, fmt.Errorf("error setting file_hashes_to_be_blocked: %s", err)
+					}
+				}
+
+				// Set an ID for the imported resource. Since this resource seems to encompass a global setting rather than individual items,
+				// a static ID like "sandbox_settings" could be used. Adjust if your use case requires.
+				d.SetId("sandbox_settings")
+
+				return []*schema.ResourceData{d}, nil
+			},
+		},
+
 		Schema: map[string]*schema.Schema{
 			"file_hashes_to_be_blocked": {
 				Type:        schema.TypeSet,
diff --git a/zia/resource_zia_sandbox_behavioral_analysis_advanced_settings_test.go b/zia/resource_zia_sandbox_behavioral_analysis_advanced_settings_test.go
index 82b3726f..c3f70edb 100644
--- a/zia/resource_zia_sandbox_behavioral_analysis_advanced_settings_test.go
+++ b/zia/resource_zia_sandbox_behavioral_analysis_advanced_settings_test.go
@@ -77,6 +77,12 @@ func TestResourceSandboxSettings_basic(t *testing.T) {
 					time.Sleep(10 * time.Second)
 				},
 			},
+			// Import test
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
 		},
 	})
 }
diff --git a/zia/resource_zia_security_policy_settings.go b/zia/resource_zia_security_policy_settings.go
index 161740c7..8e1d0c9b 100644
--- a/zia/resource_zia_security_policy_settings.go
+++ b/zia/resource_zia_security_policy_settings.go
@@ -13,6 +13,31 @@ func resourceSecurityPolicySettings() *schema.Resource {
 		Create: resourceSecurityPolicySettingsCreate,
 		Update: resourceSecurityPolicySettingsUpdate,
 		Delete: resourceSecurityPolicySettingsDelete,
+		Importer: &schema.ResourceImporter{
+			State: func(d *schema.ResourceData, m interface{}) ([]*schema.ResourceData, error) {
+				zClient := m.(*Client)
+
+				// Use the GetListUrls method to fetch both whitelist and blacklist URLs.
+				resp, err := zClient.security_policy_settings.GetListUrls()
+				if err != nil {
+					return []*schema.ResourceData{}, err
+				}
+
+				// Set the whitelist and blacklist URLs in the Terraform state.
+				if err := d.Set("whitelist_urls", resp.White); err != nil {
+					return []*schema.ResourceData{}, fmt.Errorf("error setting whitelist_urls: %s", err)
+				}
+				if err := d.Set("blacklist_urls", resp.Black); err != nil {
+					return []*schema.ResourceData{}, fmt.Errorf("error setting blacklist_urls: %s", err)
+				}
+
+				// Set a generic ID since we're not differentiating based on import type.
+				d.SetId("all_urls")
+
+				return []*schema.ResourceData{d}, nil
+			},
+		},
+
 		Schema: map[string]*schema.Schema{
 			"whitelist_urls": {
 				Type:        schema.TypeSet,
diff --git a/zia/resource_zia_security_policy_settings_test.go b/zia/resource_zia_security_policy_settings_test.go
index 6db6f21c..21434328 100644
--- a/zia/resource_zia_security_policy_settings_test.go
+++ b/zia/resource_zia_security_policy_settings_test.go
@@ -35,6 +35,12 @@ func TestAccResourceSecurityPolicySettings_basic(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceName, "blacklist_urls.0", ".blocknew.com"),
 				),
 			},
+			// Import test
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
 		},
 	})
 }
diff --git a/zia/resource_zia_traffic_forwarding_gre_tunnels_test.go b/zia/resource_zia_traffic_forwarding_gre_tunnels_test.go
index 52e752b6..a451757c 100644
--- a/zia/resource_zia_traffic_forwarding_gre_tunnels_test.go
+++ b/zia/resource_zia_traffic_forwarding_gre_tunnels_test.go
@@ -52,6 +52,12 @@ func TestAccResourceTrafficForwardingGRETunnelBasic(t *testing.T) {
 				),
 				ExpectNonEmptyPlan: true,
 			},
+			// Import test
+			{
+				ResourceName:      resourceTypeAndName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
 		},
 	})
 }
diff --git a/zia/resource_zia_traffic_forwarding_static_ips_test.go b/zia/resource_zia_traffic_forwarding_static_ips_test.go
index 3732aa85..55786527 100644
--- a/zia/resource_zia_traffic_forwarding_static_ips_test.go
+++ b/zia/resource_zia_traffic_forwarding_static_ips_test.go
@@ -51,6 +51,12 @@ func TestAccResourceTrafficForwardingStaticIPBasic(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceTypeAndName, "geo_override", strconv.FormatBool(variable.StaticGeoOverride)),
 				),
 			},
+			// Import test
+			{
+				ResourceName:      resourceTypeAndName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
 		},
 	})
 }
diff --git a/zia/resource_zia_traffic_forwarding_vpn_credentials.go b/zia/resource_zia_traffic_forwarding_vpn_credentials.go
index d94e361b..87ba314f 100644
--- a/zia/resource_zia_traffic_forwarding_vpn_credentials.go
+++ b/zia/resource_zia_traffic_forwarding_vpn_credentials.go
@@ -24,12 +24,12 @@ func resourceTrafficForwardingVPNCredentials() *schema.Resource {
 				id := d.Id()
 				idInt, parseIDErr := strconv.ParseInt(id, 10, 64)
 				if parseIDErr == nil {
-					_ = d.Set("vpn_credental_id", idInt)
+					_ = d.Set("vpn_id", idInt)
 				} else {
 					fqdn, err := zClient.vpncredentials.GetByFQDN(id)
 					if err == nil {
 						d.SetId(strconv.Itoa(fqdn.ID))
-						_ = d.Set("vpn_credental_id", fqdn.ID)
+						_ = d.Set("vpn_id", fqdn.ID)
 					} else {
 						return []*schema.ResourceData{d}, err
 					}
@@ -38,7 +38,7 @@ func resourceTrafficForwardingVPNCredentials() *schema.Resource {
 			},
 		},
 		Schema: map[string]*schema.Schema{
-			"vpn_credental_id": {
+			"vpn_id": {
 				Type:     schema.TypeInt,
 				Computed: true,
 				ForceNew: true,
@@ -95,7 +95,7 @@ func resourceTrafficForwardingVPNCredentialsCreate(d *schema.ResourceData, m int
 	}
 	log.Printf("[INFO] Created zia vpn credentials request. ID: %v\n", resp)
 	d.SetId(strconv.Itoa(resp.ID))
-	_ = d.Set("vpn_credental_id", resp.ID)
+	_ = d.Set("vpn_id", resp.ID)
 
 	return resourceTrafficForwardingVPNCredentialsRead(d, m)
 }
@@ -114,7 +114,7 @@ func validateVpnCredentialType(vpn vpncredentials.VPNCredentials) error {
 func resourceTrafficForwardingVPNCredentialsRead(d *schema.ResourceData, m interface{}) error {
 	zClient := m.(*Client)
 
-	id, ok := getIntFromResourceData(d, "vpn_credental_id")
+	id, ok := getIntFromResourceData(d, "vpn_id")
 	if !ok {
 		return fmt.Errorf("no Traffic Forwarding zia vpn credentials id is set")
 	}
@@ -132,7 +132,7 @@ func resourceTrafficForwardingVPNCredentialsRead(d *schema.ResourceData, m inter
 	log.Printf("[INFO] Getting vpn credentials:\n%+v\n", resp)
 
 	d.SetId(fmt.Sprintf("%d", resp.ID))
-	_ = d.Set("vpn_credental_id", resp.ID)
+	_ = d.Set("vpn_id", resp.ID)
 	_ = d.Set("type", resp.Type)
 	_ = d.Set("fqdn", resp.FQDN)
 	_ = d.Set("ip_address", resp.IPAddress)
@@ -144,7 +144,7 @@ func resourceTrafficForwardingVPNCredentialsRead(d *schema.ResourceData, m inter
 func resourceTrafficForwardingVPNCredentialsUpdate(d *schema.ResourceData, m interface{}) error {
 	zClient := m.(*Client)
 
-	id, ok := getIntFromResourceData(d, "vpn_credental_id")
+	id, ok := getIntFromResourceData(d, "vpn_id")
 	if !ok {
 		log.Printf("[ERROR] vpn credentials ID not set: %v\n", id)
 	}
@@ -166,7 +166,7 @@ func resourceTrafficForwardingVPNCredentialsUpdate(d *schema.ResourceData, m int
 func resourceTrafficForwardingVPNCredentialsDelete(d *schema.ResourceData, m interface{}) error {
 	zClient := m.(*Client)
 
-	id, ok := getIntFromResourceData(d, "vpn_credental_id")
+	id, ok := getIntFromResourceData(d, "vpn_id")
 	if !ok {
 		log.Printf("[ERROR] vpn credentials ID not set: %v\n", id)
 	}
@@ -181,7 +181,7 @@ func resourceTrafficForwardingVPNCredentialsDelete(d *schema.ResourceData, m int
 }
 
 func expandVPNCredentials(d *schema.ResourceData) vpncredentials.VPNCredentials {
-	id, _ := getIntFromResourceData(d, "vpn_credental_id")
+	id, _ := getIntFromResourceData(d, "vpn_id")
 	result := vpncredentials.VPNCredentials{
 		ID:           id,
 		Type:         d.Get("type").(string),
diff --git a/zia/resource_zia_traffic_forwarding_vpn_credentials_test.go b/zia/resource_zia_traffic_forwarding_vpn_credentials_test.go
index 758d8503..4eee1012 100644
--- a/zia/resource_zia_traffic_forwarding_vpn_credentials_test.go
+++ b/zia/resource_zia_traffic_forwarding_vpn_credentials_test.go
@@ -42,7 +42,6 @@ func TestAccResourceTrafficForwardingVPNCredentialsBasic(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceTypeAndName, "pre_shared_key", rSharedKey),
 				),
 			},
-
 			// update pre-shared-key and comments vpn credential type ufqdn
 			{
 				Config: testAccCheckTrafficForwardingVPNCredentialsUFQDNConfigure(resourceTypeAndName, generatedName, rEmail, rSharedKeyUpdate),
@@ -52,6 +51,15 @@ func TestAccResourceTrafficForwardingVPNCredentialsBasic(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceTypeAndName, "pre_shared_key", rSharedKeyUpdate),
 				),
 			},
+			// Import test
+			{
+				ResourceName:      resourceTypeAndName,
+				ImportState:       true,
+				ImportStateVerify: true,
+				ImportStateVerifyIgnore: []string{
+					"pre_shared_key",
+				},
+			},
 			{
 				// creation vpn credential type IP
 				Config: testAccCheckTrafficForwardingVPNCredentialsIPConfigure(resourceTypeAndName, generatedName, staticIPResourceHCL, staticIPTypeAndName, rSharedKey),
@@ -63,7 +71,6 @@ func TestAccResourceTrafficForwardingVPNCredentialsBasic(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceTypeAndName, "pre_shared_key", rSharedKey),
 				),
 			},
-
 			// update pre-shared-key and comments vpn credential type IP
 			{
 				Config: testAccCheckTrafficForwardingVPNCredentialsIPConfigure(resourceTypeAndName, generatedName, staticIPResourceHCL, staticIPTypeAndName, rSharedKeyUpdate),
@@ -73,6 +80,15 @@ func TestAccResourceTrafficForwardingVPNCredentialsBasic(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceTypeAndName, "pre_shared_key", rSharedKeyUpdate),
 				),
 			},
+			// Import test
+			{
+				ResourceName:      resourceTypeAndName,
+				ImportState:       true,
+				ImportStateVerify: true,
+				ImportStateVerifyIgnore: []string{
+					"pre_shared_key",
+				},
+			},
 		},
 	})
 }
diff --git a/zia/resource_zia_url_categories.go b/zia/resource_zia_url_categories.go
index 3e1fd0a6..84fb4dd7 100644
--- a/zia/resource_zia_url_categories.go
+++ b/zia/resource_zia_url_categories.go
@@ -24,12 +24,12 @@ func resourceURLCategories() *schema.Resource {
 				id := d.Id()
 				idInt, parseIDErr := strconv.ParseInt(id, 10, 64)
 				if parseIDErr == nil {
-					_ = d.Set("url_category_id", idInt)
+					_ = d.Set("category_id", idInt)
 				} else {
-					resp, err := zClient.urlcategories.GetCustomURLCategories(id)
+					resp, err := zClient.urlcategories.Get(id)
 					if err == nil {
 						d.SetId(resp.ID)
-						_ = d.Set("url_category_id", resp.ID)
+						_ = d.Set("category_id", resp.ID)
 					} else {
 						return []*schema.ResourceData{d}, err
 					}
@@ -39,7 +39,7 @@ func resourceURLCategories() *schema.Resource {
 		},
 
 		Schema: map[string]*schema.Schema{
-			"url_category_id": {
+			"category_id": {
 				Type:     schema.TypeString,
 				Computed: true,
 			},
@@ -197,14 +197,14 @@ func resourceURLCategoriesCreate(d *schema.ResourceData, m interface{}) error {
 	}
 	log.Printf("[INFO] Created zia url category request. ID: %v\n", resp)
 	d.SetId(resp.ID)
-	_ = d.Set("url_category_id", resp.ID)
+	_ = d.Set("category_id", resp.ID)
 	return resourceURLCategoriesRead(d, m)
 }
 
 func resourceURLCategoriesRead(d *schema.ResourceData, m interface{}) error {
 	zClient := m.(*Client)
 
-	id, ok := getStringFromResourceData(d, "url_category_id")
+	id, ok := getStringFromResourceData(d, "category_id")
 	if !ok {
 		return fmt.Errorf("no url category rule id is set")
 	}
@@ -223,7 +223,7 @@ func resourceURLCategoriesRead(d *schema.ResourceData, m interface{}) error {
 	log.Printf("[INFO] Getting url category :\n%+v\n", resp)
 
 	d.SetId(fmt.Sprintf(resp.ID))
-	_ = d.Set("url_category_id", resp.ID)
+	_ = d.Set("category_id", resp.ID)
 	_ = d.Set("configured_name", resp.ConfiguredName)
 	_ = d.Set("keywords", resp.Keywords)
 	_ = d.Set("keywords_retaining_parent_category", resp.KeywordsRetainingParentCategory)
@@ -268,7 +268,7 @@ func flattenScopesLite(scopes *urlcategories.URLCategory) []interface{} {
 func resourceURLCategoriesUpdate(d *schema.ResourceData, m interface{}) error {
 	zClient := m.(*Client)
 
-	id, ok := getStringFromResourceData(d, "url_category_id")
+	id, ok := getStringFromResourceData(d, "category_id")
 	if !ok {
 		log.Printf("[ERROR] custom url category ID not set: %v\n", id)
 	}
@@ -290,7 +290,7 @@ func resourceURLCategoriesUpdate(d *schema.ResourceData, m interface{}) error {
 func resourceURLCategoriesDelete(d *schema.ResourceData, m interface{}) error {
 	zClient := m.(*Client)
 
-	id, ok := getIntFromResourceData(d, "url_category_id")
+	id, ok := getIntFromResourceData(d, "category_id")
 	if !ok {
 		log.Printf("[ERROR] url category id ID not set: %v\n", id)
 	}
@@ -305,7 +305,7 @@ func resourceURLCategoriesDelete(d *schema.ResourceData, m interface{}) error {
 }
 
 func expandURLCategory(d *schema.ResourceData) urlcategories.URLCategory {
-	id, _ := getStringFromResourceData(d, "url_category_id")
+	id, _ := getStringFromResourceData(d, "category_id")
 	result := urlcategories.URLCategory{
 		ID:                                   id,
 		ConfiguredName:                       d.Get("configured_name").(string),
diff --git a/zia/resource_zia_url_categories_test.go b/zia/resource_zia_url_categories_test.go
index 9ec4ce10..68876f7b 100644
--- a/zia/resource_zia_url_categories_test.go
+++ b/zia/resource_zia_url_categories_test.go
@@ -48,6 +48,12 @@ func TestAccResourceURLCategoriesBasic(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceTypeAndName, "type", "URL_CATEGORY"),
 				),
 			},
+			// Import test
+			{
+				ResourceName:      resourceTypeAndName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
 		},
 	})
 }
diff --git a/zia/resource_zia_user_management_users_test.go b/zia/resource_zia_user_management_users_test.go
index 1769e830..b13f54f1 100644
--- a/zia/resource_zia_user_management_users_test.go
+++ b/zia/resource_zia_user_management_users_test.go
@@ -55,6 +55,15 @@ func TestAccResourceUserManagementBasic(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceTypeAndName, "department.#", "1"),
 				),
 			},
+			// Import test
+			{
+				ResourceName:      resourceTypeAndName,
+				ImportState:       true,
+				ImportStateVerify: true,
+				ImportStateVerifyIgnore: []string{
+					"password",
+				},
+			},
 		},
 	})
 }