Skip to content

Commit

Permalink
Align Azure and GCP
Browse files Browse the repository at this point in the history
  • Loading branch information
chkp-natanelm authored Sep 30, 2024
1 parent f90f6c9 commit 1cb6f85
Show file tree
Hide file tree
Showing 39 changed files with 85 additions and 60 deletions.
2 changes: 1 addition & 1 deletion azure/templates/README.MD
Original file line number Diff line number Diff line change
Expand Up @@ -66,4 +66,4 @@ To deploy a specific Azure image, adjust the image version during the manual dep
template_name: management
template_version: 20231002
template_type: marketplace
</details>
</details>
Original file line number Diff line number Diff line change
Expand Up @@ -1120,7 +1120,7 @@
}
},
{
"visible": "[bool(basics('auth').sshPublicKey)]",
"visible": "[bool(basics('auth').sshPublicKey)]",
"name": "EnableSerialConsolePassword",
"type": "Microsoft.Common.OptionsGroup",
"label": "Enable Serial console password",
Expand Down Expand Up @@ -1508,9 +1508,9 @@
"deployNewNSG": "[steps('network').NSG]",
"ExistingNSG": "[steps('network').nsgSelector]",
"NewNsgName": "[steps('network').NSGName]",
"addStorageAccountIpRules":"[steps('network').addStorageAccountIpRules]",
"addStorageAccountIpRules": "[steps('network').addStorageAccountIpRules]",
"SerialConsolePasswordHash": "[steps('chkp').AdditionalPassword]",
"MaintenanceModePasswordHash": "[steps('chkp').MaintenanceModePassword]"
}
}
}
}
6 changes: 3 additions & 3 deletions azure/templates/marketplace-ha/createUiDefinition.json
Original file line number Diff line number Diff line change
Expand Up @@ -836,7 +836,7 @@
}
},
{
"visible": "[bool(basics('auth').sshPublicKey)]",
"visible": "[bool(basics('auth').sshPublicKey)]",
"name": "EnableSerialConsolePassword",
"type": "Microsoft.Common.OptionsGroup",
"label": "Enable Serial console password",
Expand Down Expand Up @@ -946,7 +946,7 @@
"label": "Availability options",
"defaultValue": "Availability Set",
"toolTip": "Use replicated Cluster VMs in Availability Set or Availability Zones. Note that the load balancers and their IP addresses will be zone redundant in any case.",
"visible": "[contains(' australiaeast brazilsouth canadacentral centralus eastasia eastus eastus2 francecentral germanywestcentral japaneast koreacentral northeurope norwayeast southafricanorth southcentralus southeastasia swedencentral uksouth usgovvirginia westeurope westus2 westus3 switzerlandnorth qatarcentral centralindia uaenorth italynorth \\ ', concat(' ', location(), ' '))]",
"visible": "[contains(' australiaeast brazilsouth canadacentral centralus eastasia eastus eastus2 francecentral germanywestcentral japaneast koreacentral northeurope norwayeast southafricanorth southcentralus southeastasia swedencentral uksouth usgovvirginia westeurope westus2 westus3 switzerlandnorth qatarcentral centralindia uaenorth italynorth ', concat(' ', location(), ' '))]",
"constraints": {
"allowedValues": [
{
Expand Down Expand Up @@ -1640,7 +1640,7 @@
"deployNewNSG": "[steps('network').NSG]",
"ExistingNSG": "[steps('network').nsgSelector]",
"NewNsgName": "[steps('network').NSGName]",
"addStorageAccountIpRules":"[steps('network').addStorageAccountIpRules]",
"addStorageAccountIpRules": "[steps('network').addStorageAccountIpRules]",
"VipsNumber": "[int(steps('network').Vips_Number)]",
"VipNames": "[concat(steps('network').VIP_Names.VIP2_Name, ',', steps('network').VIP_Names.VIP3_Name, ',', steps('network').VIP_Names.VIP4_Name, ',', steps('network').VIP_Names.VIP5_Name, ',', steps('network').VIP_Names.VIP6_Name, ',', steps('network').VIP_Names.VIP7_Name, ',', steps('network').VIP_Names.VIP8_Name, ',', steps('network').VIP_Names.VIP9_Name, ',', steps('network').VIP_Names.VIP10_Name)]",
"SerialConsolePasswordHash": "[steps('chkp').AdditionalPassword]",
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -422,7 +422,7 @@
}
]
}
},
},
{
"name": "enableApi",
"type": "Microsoft.Common.DropDown",
Expand Down Expand Up @@ -694,7 +694,7 @@
"deployNewNSG": "[steps('network').NSG]",
"ExistingNSG": "[steps('network').nsgSelector]",
"NewNsgName": "[steps('network').NSGName]",
"addStorageAccountIpRules":"[steps('network').addStorageAccountIpRules]",
"addStorageAccountIpRules": "[steps('network').addStorageAccountIpRules]",
"SerialConsolePasswordHash": "[steps('chkp').AdditionalPassword]",
"MaintenanceModePasswordHash": "[steps('chkp').MaintenanceModePassword]"
}
Expand Down
2 changes: 1 addition & 1 deletion azure/templates/marketplace-mds/createUiDefinition.json
Original file line number Diff line number Diff line change
Expand Up @@ -629,7 +629,7 @@
"deployNewNSG": "[steps('network').NSG]",
"ExistingNSG": "[steps('network').nsgSelector]",
"NewNsgName": "[steps('network').NSGName]",
"addStorageAccountIpRules":"[steps('network').addStorageAccountIpRules]",
"addStorageAccountIpRules": "[steps('network').addStorageAccountIpRules]",
"SerialConsolePasswordHash": "[steps('chkp').AdditionalPassword]",
"MaintenanceModePasswordHash": "[steps('chkp').MaintenanceModePassword]"
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -67,8 +67,8 @@
"toolTip": "Token can be obtained by logging in to [https://portal.checkpoint.com/](https://portal.checkpoint.com/) –> INFINITY POLICY -> CLOUD -> Profiles",
"constraints": {
"required": true,
"regex": "^cp-(([a-z0-9A-Z-]{72,72})|([a-z0-9A-Z-]{75,75}))$",
"validationMessage": "Token should begin with 'cp-' and must be 75 or 78 characters long"
"regex": "^cp-[a-z0-9A-Z-]{72,72}$",
"validationMessage": "Token should begin with 'cp-' and must be 75 characters long"
},
"options": {
"hideConfirmation": false
Expand Down
7 changes: 2 additions & 5 deletions azure/templates/marketplace-single-waap/mainTemplate.json
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@
"waapAgentToken": {
"type": "securestring",
"minLength": 75,
"maxLength": 78,
"maxLength": 75,
"metadata": {
"description": "Infinity Next Agent Token"
}
Expand Down Expand Up @@ -203,7 +203,7 @@
},
"variables": {
"templateName": "checkpoint_waap",
"templateVersion": "20211028",
"templateVersion": "20210922",
"location": "[parameters('location')]",
"osVersion": "R8040",
"installationType": "waap",
Expand Down Expand Up @@ -282,9 +282,6 @@
{
"type": "Microsoft.Storage/storageAccounts",
"name": "[variables('storageAccountName')]",
"properties": {
"minimalTlsVersion": "TLS1_2"
},
"apiVersion": "2021-04-01",
"location": "[variables('location')]",
"sku": {
Expand Down
4 changes: 2 additions & 2 deletions azure/templates/marketplace-vmss-waap/createUiDefinition.json
Original file line number Diff line number Diff line change
Expand Up @@ -67,8 +67,8 @@
"toolTip": "Token can be obtained by logging in to [https://portal.checkpoint.com/](https://portal.checkpoint.com/) –> INFINITY POLICY -> CLOUD -> Profiles",
"constraints": {
"required": true,
"regex": "^cp-(([a-z0-9A-Z-]{72,72})|([a-z0-9A-Z-]{75,75}))$",
"validationMessage": "Token should begin with 'cp-' and must be 75 or 78 characters long"
"regex": "^cp-[a-z0-9A-Z-]{72,72}$",
"validationMessage": "Token should begin with 'cp-' and must be 75 characters long"
},
"options": {
"hideConfirmation": false
Expand Down
5 changes: 2 additions & 3 deletions azure/templates/marketplace-vmss-waap/mainTemplate.json
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@
"waapAgentToken": {
"type": "securestring",
"minLength": 75,
"maxLength": 78,
"maxLength": 75,
"metadata": {
"description": "Infinity Next Agent Token"
}
Expand All @@ -73,7 +73,6 @@
"availabilityZonesNum": {
"type": "int",
"allowedValues": [
0,
1,
2,
3
Expand Down Expand Up @@ -388,7 +387,7 @@
},
"variables": {
"templateName": "waap_vmss",
"templateVersion": "20211028",
"templateVersion": "20210922",
"location": "[parameters('location')]",
"osVersion": "R8040",
"isBlink": true,
Expand Down
2 changes: 1 addition & 1 deletion azure/templates/marketplace-vmss/createUiDefinition.json
Original file line number Diff line number Diff line change
Expand Up @@ -1744,7 +1744,7 @@
"deployNewNSG": "[steps('network').NSG]",
"ExistingNSG": "[steps('network').nsgSelector]",
"NewNsgName": "[steps('network').NSGName]",
"addStorageAccountIpRules":"[steps('network').addStorageAccountIpRules]",
"addStorageAccountIpRules": "[steps('network').addStorageAccountIpRules]",
"SerialConsolePasswordHash": "[steps('chkp').AdditionalPassword]",
"MaintenanceModePasswordHash": "[steps('chkp').MaintenanceModePassword]"
}
Expand Down
4 changes: 2 additions & 2 deletions azure/templates/vwan-managed-app/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -64,8 +64,8 @@ https://management.azure.com/subscriptions/{subscription_id}/providers/Microsoft
}
],
"availableVersions": [
"8110.900335.1435",
"8120.900631.1433",
"8110.900335.1522",
"8120.900631.1522",
"latest"
],
"marketPlaceLink": "https://aka.ms/Checkpointmarketplace",
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,5 +25,5 @@ configuration_template_name = "PLEASE ENTER CONFIGURATION TEMPLATE NAME"
notification_email = "PLEASE ENTER NOTIFICATION MAIL OR LEAVE EMPTY DOUBLE QUOTES" # "[email protected]"
frontend_load_distribution = "PLEASE ENTER EXTERNAL LOAD BALANCER SESSION PERSISTENCE" # "Default"
backend_load_distribution = "PLEASE ENTER INTERNAL LOAD BALANCER SESSION PERSISTENCE" # "Default"
mgmt_vnet_name = "PLEASE ENTER MANAGEMENT VIRTUAL NETWORK NAME" # "mgmt-vnet"
mgmt_resource_group_name = "PLEASE ENTER MANAGEMENT RESOURCE GROUP NAME" # "management"
mgmt_vnet_name = "PLEASE ENTER MANAGEMENT VIRTUAL NETWORK NAME" # "mgmt-vnet"
mgmt_resource_group_name = "PLEASE ENTER MANAGEMENT RESOURCE GROUP NAME" # "management"
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
"R80.40 - Pay As You Go (NGTX)",
"R81 - Bring Your Own License",
"R81 - Pay As You Go (NGTP)",
"R81 - Pay As You Go (NGTX)",
"R81 - Pay As You Go (NGTX)"
],
"defaultValue": "R81 - Bring Your Own License",
"metadata": {
Expand Down Expand Up @@ -361,7 +361,7 @@
"R80.40 - Pay As You Go (NGTX)": "NGTX",
"R81 - Bring Your Own License": "BYOL",
"R81 - Pay As You Go (NGTP)": "NGTP",
"R81 - Pay As You Go (NGTX)": "NGTX",
"R81 - Pay As You Go (NGTX)": "NGTX"
},
"offer": "[variables('offers')[parameters('cloudGuardVersion')]]",
"osVersions": {
Expand All @@ -370,7 +370,7 @@
"R80.40 - Pay As You Go (NGTX)": "R8040",
"R81 - Bring Your Own License": "R81",
"R81 - Pay As You Go (NGTP)": "R81",
"R81 - Pay As You Go (NGTX)": "R81",
"R81 - Pay As You Go (NGTX)": "R81"
},
"osVersion": "[variables('osVersions')[parameters('cloudGuardVersion')]]",
"SerialConsoleGeographies": {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,9 @@
"type": "string",
"allowedValues": [
"R80.40 - Bring Your Own License",
"R81 - Bring Your Own License",
"R81 - Bring Your Own License"
],
"defaultValue": "R81.20 - Bring Your Own License",
"defaultValue": "R81 - Bring Your Own License",
"metadata": {
"description": "Version of Check Point CloudGuard"
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
"R81 - Bring Your Own License",
"R81 - Pay As You Go (MGMT25)"
],
"defaultValue": "R81.20 - Bring Your Own License",
"defaultValue": "R81 - Bring Your Own License",
"metadata": {
"description": "Version of Check Point CloudGuard"
}
Expand Down Expand Up @@ -319,7 +319,7 @@
"storageAccountType": "Standard_LRS",
"diskSize100GB": 100,
"diskSizeGB": "[add(parameters('additionalDiskSizeGB'), variables('diskSize100GB'))]",
"customData": "[concat('#!/usr/bin/python3 /etc/cloud_config.py\n', '\n', 'installationType=\"', parameters('installationType'), '\"', '\n', 'allowUploadDownload=\"', variables('allowUploadDownload'), '\"', '\n', 'osVersion=\"', variables('osVersion'), '\"', '\n', 'templateName=\"', variables('templateName'), '\"', '\n', 'isBlink=\"', variables('isBlink'), '\"', '\n', 'templateVersion=\"', variables('templateVersion'), '\"', '\n', 'bootstrapScript64=\"', variables('bootstrapScript64'), '\"', '\n', 'location=\"', variables('location'), '\"', '\n', 'managementGUIClientNetwork=\"', variables('managementGUIClientNetwork'), '\"', '\n', 'enableApi=\"', parameters('enableApi'), '\"', '\n', 'adminShell=\"', parameters('adminShell'), '\"', '\n', 'passwordHash=\"', parameters('SerialConsolePasswordHash'), '\"', '\n')]",
"customData": "[concat('#!/usr/bin/python3 /etc/cloud_config.py\n', '\n', 'installationType=\"', parameters('installationType'), '\"', '\n', 'allowUploadDownload=\"', variables('allowUploadDownload'), '\"', '\n', 'osVersion=\"', variables('osVersion'), '\"', '\n', 'templateName=\"', variables('templateName'), '\"', '\n', 'isBlink=\"', variables('isBlink'), '\"', '\n', 'templateVersion=\"', variables('templateVersion'), '\"', '\n', 'bootstrapScript64=\"', variables('bootstrapScript64'), '\"', '\n', 'location=\"', variables('location'), '\"', '\n', 'managementGUIClientNetwork=\"', variables('managementGUIClientNetwork'), '\"', '\n', 'adminShell=\"', parameters('adminShell'), '\"', '\n', 'passwordHash=\"', parameters('SerialConsolePasswordHash'), '\"', '\n')]",
"customData64": "[base64(variables('customData'))]",
"imageOffer": "[concat('check-point-cg-', toLower(variables('osVersion')))]",
"imagePublisher": "checkpoint",
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,9 +24,9 @@
"R80.40 - Pay As You Go (NGTX)",
"R81 - Bring Your Own License",
"R81 - Pay As You Go (NGTP)",
"R81 - Pay As You Go (NGTX)",
"R81 - Pay As You Go (NGTX)"
],
"defaultValue": "R81.20 - Bring Your Own License",
"defaultValue": "R81 - Bring Your Own License",
"metadata": {
"description": "Version of Check Point CloudGuard"
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -561,7 +561,7 @@
"additionalDiskSizeGB": "[if(contains('R8040 R81', variables('osVersion')), 0, parameters('additionalDiskSizeGB'))]",
"diskSizeGB": "[add(variables('additionalDiskSizeGB'), variables('diskSize100GB'))]",
"enableFloatingIP": "[equals(parameters('floatingIP'), 'yes')]",
"customData": "[concat('#!/usr/bin/python3 /etc/cloud_config.py\n', '\n', 'installationType=\"', variables('installationType'), '\"', '\n', 'allowUploadDownload=\"', variables('allowUploadDownload'), '\"', '\n', 'osVersion=\"', variables('osVersion'), '\"', '\n', 'templateName=\"', variables('templateName'), '\"', '\n', 'isBlink=\"', variables('isBlink'), '\"', '\n', 'templateVersion=\"', variables('templateVersion'), '\"', '\n', 'bootstrapScript64=\"', variables('bootstrapScript64'), '\"', '\n', 'location=\"', variables('location'), '\"', '\n', 'sicKey=\"', variables('sicKey'), '\"', '\n', 'customMetrics=\"', variables('customMetrics'), '\"', '\n', 'adminShell=\"', parameters('adminShell'), '\"', '\n', 'MaintenanceModePassword=\"', parameters('MaintenanceModePasswordHash'), '\"', '\n', 'passwordHash=\"', parameters('SerialConsolePasswordHash'), '\"', '\n')]",
"customData": "[concat('#!/usr/bin/python3 /etc/cloud_config.py\n', '\n', 'installationType=\"', variables('installationType'), '\"', '\n', 'allowUploadDownload=\"', variables('allowUploadDownload'), '\"', '\n', 'osVersion=\"', variables('osVersion'), '\"', '\n', 'templateName=\"', variables('templateName'), '\"', '\n', 'isBlink=\"', variables('isBlink'), '\"', '\n', 'templateVersion=\"', variables('templateVersion'), '\"', '\n', 'bootstrapScript64=\"', variables('bootstrapScript64'), '\"', '\n', 'location=\"', variables('location'), '\"', '\n', 'sicKey=\"', variables('sicKey'), '\"', '\n', 'customMetrics=\"', variables('customMetrics'), '\"', '\n', 'adminShell=\"', parameters('adminShell'), '\"', '\n', 'passwordHash=\"', parameters('SerialConsolePasswordHash'), '\"', '\n')]",
"imageOffer": "[concat('check-point-cg-', toLower(variables('osVersion')))]",
"imagePublisher": "checkpoint",
"imageReferenceBYOL": {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
"R80.40 - Pay As You Go (NGTX)",
"R81 - Bring Your Own License",
"R81 - Pay As You Go (NGTP)",
"R81 - Pay As You Go (NGTX)",
"R81 - Pay As You Go (NGTX)"
],
"defaultValue": "R81 - Bring Your Own License",
"metadata": {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
"R80.40 - Bring Your Own License",
"R80.40 - Pay As You Go (MGMT25)",
"R81 - Bring Your Own License",
"R81 - Pay As You Go (MGMT25)",
"R81 - Pay As You Go (MGMT25)"
],
"defaultValue": "R81 - Bring Your Own License",
"metadata": {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
"R80.40 - Pay As You Go (NGTX)",
"R81 - Bring Your Own License",
"R81 - Pay As You Go (NGTP)",
"R81 - Pay As You Go (NGTX)",
"R81 - Pay As You Go (NGTX)"
],
"defaultValue": "R81 - Bring Your Own License",
"metadata": {
Expand Down
4 changes: 3 additions & 1 deletion terraform/azure/high-availability-existing-vnet/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -215,7 +215,9 @@ availability_type = "Availability Zone"
In order to check the template version refer to the [sk116585](https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk116585)

| Template Version | Description |
| ---------------- | ------------- |
| ---------------- |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| 20240613 | - Updated Azure Terraform provider version <br> - Updated managed identity permissions <br> - Cosmetic fixes & default values <br> - Added option to limit storage account access by specify allowed sourcess <br> - Added validation for os_version & os_offer |
| | | |
| 20230910 | - R81.20 is the default version |
| | | |
| 20230212 | - Added Smart-1 Cloud support |
Expand Down
2 changes: 2 additions & 0 deletions terraform/azure/high-availability-new-vnet/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -215,6 +215,8 @@ In order to check the template version refer to the [sk116585](https://supportce

| Template Version | Description |
| ---------------- | ------------- |
| 20240613 | - Updated Azure Terraform provider version <br> - Updated managed identity permissions <br> - Cosmetic fixes & default values <br> - Added option to limit storage account access by specify allowed sourcess <br> - Added validation for os_version & os_offer |
| | | |
| 20230910 | - R81.20 is the default version |
| | | |
| 20230212 | - Added Smart-1 Cloud support |
Expand Down
2 changes: 2 additions & 0 deletions terraform/azure/management-existing-vnet/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -168,6 +168,8 @@ In order to check the template version refer to the [sk116585](https://supportce

| Template Version | Description |
| ---------------- | ------------- |
| 20240613 | - Updated Azure Terraform provider version <br> - Cosmetic fixes & default values <br> - Added option to limit storage account access by specify allowed sourcess <br> - Updated Public IP sku to Standard <br> - Added validation for os_version & os_offer |
| | | |
| 20230910 | - R81.20 is the default version |
| | | |
| 20221124 | - Added R81.20 support <br/> - Upgraded azurerm provider |
Expand Down
2 changes: 2 additions & 0 deletions terraform/azure/management-new-vnet/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -166,6 +166,8 @@ In order to check the template version refer to the [sk116585](https://supportce

| Template Version | Description |
| ---------------- | ------------- |
| 20240613 | - Updated Azure Terraform provider version <br> - Cosmetic fixes & default values <br> - Added option to limit storage account access by specify allowed sourcess <br> - Updated Public IP sku to Standard <br> - Added validation for os_version & os_offer |
| | | |
| 20230910 | - R81.20 is the default version |
| | | |
| 20221124 | - Added R81.20 support <br/> - Upgraded azurerm provider |
Expand Down
2 changes: 2 additions & 0 deletions terraform/azure/mds-existing-vnet/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -182,6 +182,8 @@ In order to check the template version refer to the [sk116585](https://supportce

| Template Version | Description |
|------------------|---------------------------------------------------------------------------------------------|
| 20240613 | - Updated Azure Terraform provider version <br> - Cosmetic fixes & default values <br> - Added option to limit storage account access by specify allowed sourcess <br> - Updated Public IP sku to Standard <br> - Added validation for os_version & os_offer |
| | | |
| 20230910 | - R81.20 is the default version |
| | | |
| 20230629 | First release of Check Point CloudGuard Network Security MDS Terraform deployment for Azure |
Expand Down
Loading

0 comments on commit 1cb6f85

Please sign in to comment.