ZPA access to AWS services

Hi Team,

I’m new to ZScaler technology. We wanted a calrificaiton on the Z-App. When Z-App is deployed on devices (PCs, or Mobiles) can we whitelist which apps requires to use this Z-App. For example accessing AWS private hosted apps. Rest of the traffic should not flow through this app. Example Internet or corporate traffic to data center etc.

Thanks & regards

Hi Gaj Anna,
Yes you can sent only internally hosted apps to ZAPP. A connector required to place near to the apps may be in AWS or DC or Azure wherever the app located. All other traffic can exempt and go direct to local gateway.

Ramesh M

1 Like


For ZPA you can also create an application segment that bypasses the ZPA routing and goes out ZIA. We have it set up as “ByPass Apps” where the applications listed there are hosted on the internet and we’d rather route them directly there vs going to our ZPA connector first. In the Zscaler App Access section of the application segment set Bypass to always.

We’re still early in our deployment so our apps are all either in an internal application group that is set to never bypass or the bypass group where it always will bypass and go out the internet.

1 Like