diff --git a/.github/workflows/zscaler-iac-scan.yml b/.github/workflows/zscaler-iac-scan.yml
new file mode 100644
index 000000000..83fac5e18
--- /dev/null
+++ b/.github/workflows/zscaler-iac-scan.yml
@@ -0,0 +1,56 @@
+#This workflow uses actions that are not certified by GitHub.
+#They are provided by a third party and are governed by
+#separate terms of service, privacy policy, and support
+#documentation.
+
+#This workflow runs the Zscaler Infrastructure as Code (IaC) Scan app,
+#which detects security misconfigurations in IaC templates and publishes the findings
+#under the code scanning alerts section within the repository.
+
+#Log into the Zscaler Posture Control(ZPC) Portal to begin the onboarding process.
+#Copy the client ID and client secret key generated during the onboarding process and configure.
+#GitHub secrets (ZSCANNER_CLIENT_ID, ZSCANNER_CLIENT_SECRET).
+
+#Refer https://github.com/marketplace/actions/zscaler-iac-scan for additional details on setting up this workflow.
+#Any issues with this workflow, please raise it on https://github.com/ZscalerCWP/Zscaler-IaC-Action/issues for further investigation.
+
+name: Zscaler IaC Scan
+on:
+  push:
+    branches: [ "master" ]
+  pull_request:
+    branches: [ "master" ]
+  schedule:
+    - cron: '26 13 * * 1'
+
+permissions:
+  contents: read
+
+jobs:
+  zscaler-iac-scan:
+    permissions:
+      contents: read # for actions/checkout to fetch code
+      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
+    runs-on: ubuntu-latest
+    steps:
+      - name : Code Checkout
+        uses: actions/checkout@v3
+      - name : Zscaler IAC Scan
+        uses : ZscalerCWP/Zscaler-IaC-Action@8d2afb33b10b4bd50e2dc2c932b37c6e70ac1087
+        id : zscaler-iac-scan
+        with:
+          client_id : ${{ secrets.ZSCANNER_CLIENT_ID }}
+          client_secret : ${{ secrets.ZSCANNER_CLIENT_SECRET }}
+          #This is the user region specified during the onboarding process within the ZPC Admin Portal.
+          region : 'US'
+          iac_dir : #Enter the IaC directory path from root.
+          iac_file : #Enter the IaC file path from root.
+          output_format : #(Optional) By default, the output is provided in a human readable format. However, if you require a different format, you can specify it here.
+          #To fail the build based on policy violations identified in the IaC templates, set the input value (fail_build) to true.
+          fail_build : #Enter true/false
+      #Ensure that the following step is included in order to post the scan results under the code scanning alerts section within the repository.
+      - name: Upload SARIF file
+        if: ${{ success() || failure() && (steps.zscaler-iac-scan.outputs.sarif_file_path != '') }}
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: ${{ steps.zscaler-iac-scan.sarif_file_path }}