From 3c6cf6393642cc8e126c6b52c7d95078d593f1c0 Mon Sep 17 00:00:00 2001 From: meravbe Date: Mon, 13 Nov 2023 16:37:45 +0200 Subject: [PATCH] TF| Add support for BYOL license type for Standalone --- terraform/aws/modules/amis/main.tf | 4 ++- .../modules/common/version_license/main.tf | 4 +++ terraform/aws/standalone-master/README.md | 5 ++-- .../aws/standalone-master/terraform.tfvars | 2 +- terraform/aws/standalone-master/variables.tf | 2 +- terraform/aws/standalone/README.md | 27 ++++++++++--------- terraform/aws/standalone/terraform.tfvars | 2 +- terraform/aws/standalone/variables.tf | 2 +- 8 files changed, 28 insertions(+), 20 deletions(-) diff --git a/terraform/aws/modules/amis/main.tf b/terraform/aws/modules/amis/main.tf index 814974f3..4e76baa3 100644 --- a/terraform/aws/modules/amis/main.tf +++ b/terraform/aws/modules/amis/main.tf @@ -9,7 +9,9 @@ locals { // version_license_key = "R80.40-PAYG-NGTX-GW" // version_license_value = "R8040PAYGNGTXGW" - version_license_key = format("%s%s", var.version_license, var.chkp_type == "gateway" ? "-GW" : var.chkp_type == "management" ? "-MGMT" : var.chkp_type == "mds" ? "-MGMT" : "") + version_license_key_mgmt_gw = format("%s%s", var.version_license, var.chkp_type == "gateway" ? "-GW" : var.chkp_type == "management" ? "-MGMT" : var.chkp_type == "mds" ? "-MGMT" : "") + version_license_key = var.chkp_type == "standalone" ? format("%s%s", var.version_license, element(split("-", var.version_license), 1) == "BYOL" ? "-MGMT" : "") : local.version_license_key_mgmt_gw + version_license_value = local.amis_yaml_converterMap[local.version_license_key]["Value"] // Variables example: diff --git a/terraform/aws/modules/common/version_license/main.tf b/terraform/aws/modules/common/version_license/main.tf index 23bc1d2b..43512f98 100755 --- a/terraform/aws/modules/common/version_license/main.tf +++ b/terraform/aws/modules/common/version_license/main.tf @@ -30,9 +30,13 @@ locals { "R81.20-BYOL" ] standalone_versions = [ + "R80.40-BYOL", "R80.40-PAYG-NGTP", + "R81-BYOL", "R81-PAYG-NGTP", + "R81.10-BYOL", "R81.10-PAYG-NGTP", + "R81.20-BYOL", "R81.20-PAYG-NGTP" ] gwlb_gw_versions = [ diff --git a/terraform/aws/standalone-master/README.md b/terraform/aws/standalone-master/README.md index 5bdad0d4..452fe366 100755 --- a/terraform/aws/standalone-master/README.md +++ b/terraform/aws/standalone-master/README.md @@ -106,7 +106,7 @@ secret_key = "my-secret-key" } // --- Check Point Settings --- - standalone_version = "R81.20-PAYG-NGTP" + standalone_version = "R81.20-BYOL" admin_shell = "/etc/cli.sh" standalone_password_hash = "" @@ -150,7 +150,7 @@ secret_key = "my-secret-key" | enable_instance_connect | Enable SSH connection over AWS web console. Supporting regions can be found [here](https://aws.amazon.com/about-aws/whats-new/2019/06/introducing-amazon-ec2-instance-connect/) | bool | true/false | false | no | | disable_instance_termination | Prevents an instance from accidental termination. Note: Once this attribute is true terraform destroy won't work properly | bool | true/false | false | no | | instance_tags | (Optional) A map of tags as key=value pairs. All tags will be added to the Standalone EC2 Instance | map(string) | n/a | {} | no | -| standalone_version | Security Gateway & Management (Standalone) version and license | string | - R80.40-PAYG-NGTP
- R81-PAYG-NGTP
- R81.10-PAYG-NGTP
- R81.20-PAYG-NGTP | R81.10-PAYG-NGTP | no | +| standalone_version | Security Gateway & Management (Standalone) version and license | string | - R80.40-BYOL
- R80.40-PAYG-NGTP
- R81-BYOL
- R81-PAYG-NGTP
- R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R82-BYOL
- R82-PAYG-NGTP | R81.20-BYOL | no | | admin_shell | Set the admin shell to enable advanced command line configuration | string | - /etc/cli.sh
- /bin/bash
- /bin/csh
- /bin/tcsh | /etc/cli.sh | no | | standalone_password_hash | (Optional) Admin user's password hash (use command 'openssl passwd -6 PASSWORD' to get the PASSWORD's hash) | string | n/a | "" | no | | resources_tag_name | (optional) | string | n/a | "" | no | @@ -189,6 +189,7 @@ In order to check the template version, please refer to [sk116585](https://suppo | 20230806 | Add support for c6in instance type | | 20230829 | Change default Check Point version to R81.20 | | 20231012 | Update AWS Terraform provider version to 5.20.1 | +| 20231113 | Add support for BYOL license type for Standalone | ## License diff --git a/terraform/aws/standalone-master/terraform.tfvars b/terraform/aws/standalone-master/terraform.tfvars index 04cac3df..9ec0508a 100755 --- a/terraform/aws/standalone-master/terraform.tfvars +++ b/terraform/aws/standalone-master/terraform.tfvars @@ -25,7 +25,7 @@ instance_tags = { } // --- Check Point Settings --- -standalone_version = "R81.20-PAYG-NGTP" +standalone_version = "R81.20-BYOL" admin_shell = "/etc/cli.sh" standalone_password_hash = "" diff --git a/terraform/aws/standalone-master/variables.tf b/terraform/aws/standalone-master/variables.tf index 65693d58..6705eb60 100755 --- a/terraform/aws/standalone-master/variables.tf +++ b/terraform/aws/standalone-master/variables.tf @@ -97,7 +97,7 @@ variable "instance_tags" { variable "standalone_version" { type = string description = "Gateway & Management (Standalone) version and license" - default = "R81.20-PAYG-NGTP" + default = "R81.20-BYOL" } module "validate_standalone_version" { source = "../modules/common/version_license" diff --git a/terraform/aws/standalone/README.md b/terraform/aws/standalone/README.md index 61e6ab3a..4fd9eb8b 100755 --- a/terraform/aws/standalone/README.md +++ b/terraform/aws/standalone/README.md @@ -81,7 +81,7 @@ secret_key = "my-secret-key" } // --- Check Point Settings --- - standalone_version = "R81.20-PAYG-NGTP" + standalone_version = "R81.20-BYOL" admin_shell = "/etc/cli.sh" standalone_password_hash = "" @@ -128,7 +128,7 @@ secret_key = "my-secret-key" | enable_instance_connect | Enable SSH connection over AWS web console. Supporting regions can be found [here](https://aws.amazon.com/about-aws/whats-new/2019/06/introducing-amazon-ec2-instance-connect/) | bool | true/false | false | no | | disable_instance_termination | Prevents an instance from accidental termination. Note: Once this attribute is true terraform destroy won't work properly | bool | true/false | false | no | | instance_tags | (Optional) A map of tags as key=value pairs. All tags will be added to the Standalone EC2 Instance | map(string) | n/a | {} | no | -| standalone_version | Security Gateway & Management (Standalone) version and license | string | - R80.40-PAYG-NGTP
- R81-PAYG-NGTP
- R81.10-PAYG-NGTP
- R81.20-PAYG-NGTP | R81.10-PAYG-NGTP | no | +| standalone_version | Security Gateway & Management (Standalone) version and license | string | - R80.40-BYOL
- R80.40-PAYG-NGTP
- R81-BYOL
- R81-PAYG-NGTP
- R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.20-BYOL
- R81.20-PAYG-NGTP | R81.20-BYOL | no | | admin_shell | Set the admin shell to enable advanced command line configuration | string | - /etc/cli.sh
- /bin/bash
- /bin/csh
- /bin/tcsh | /etc/cli.sh | no | | standalone_password_hash | (Optional) Admin user's password hash (use command 'openssl passwd -6 PASSWORD' to get the PASSWORD's hash) | string | n/a | "" | no | | resources_tag_name | (optional) | string | n/a | "" | no | @@ -154,17 +154,18 @@ secret_key = "my-secret-key" ## Revision History In order to check the template version, please refer to [sk116585](https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk116585) -| Template Version | Description | -|------------------|------------------------------------------------------------------------------------------------------------------| -| 20210309 | First release of Check Point Security Management Server & Security Gateway (Standalone) Terraform module for AWS | -| 20210329 | Stability fixes | -| 20220606 | New instance type support | -| 20221123 | R81.20 version support | -| 20230521 | - Change default shell for the admin user to /etc/cli.sh
- Add description for reserved words in hostname | -| 20230806 | Add support for c6in instance type | -| 20230829 | Change default Check Point version to R81.20 | -| 20230923 | Add support for C5d instance type | -| 20231012 | Update AWS Terraform provider version to 5.20.1 | +| Template Version | Description | +|--------------------|------------------------------------------------------------------------------------------------------------------| +| 20210309 | First release of Check Point Security Management Server & Security Gateway (Standalone) Terraform module for AWS | +| 20210329 | Stability fixes | +| 20220606 | New instance type support | +| 20221123 | R81.20 version support | +| 20230521 | - Change default shell for the admin user to /etc/cli.sh
- Add description for reserved words in hostname | +| 20230806 | Add support for c6in instance type | +| 20230829 | Change default Check Point version to R81.20 | +| 20230923 | Add support for C5d instance type | +| 20231012 | Update AWS Terraform provider version to 5.20.1 | +| 20231113 | Add support for BYOL license type for Standalone | ## License diff --git a/terraform/aws/standalone/terraform.tfvars b/terraform/aws/standalone/terraform.tfvars index 5f1e7658..b89f8dc1 100755 --- a/terraform/aws/standalone/terraform.tfvars +++ b/terraform/aws/standalone/terraform.tfvars @@ -21,7 +21,7 @@ instance_tags = { } // --- Check Point Settings --- -standalone_version = "R81.20-PAYG-NGTP" +standalone_version = "R81.20-BYOL" admin_shell = "/etc/cli.sh" standalone_password_hash = "" diff --git a/terraform/aws/standalone/variables.tf b/terraform/aws/standalone/variables.tf index 4af44741..29097671 100755 --- a/terraform/aws/standalone/variables.tf +++ b/terraform/aws/standalone/variables.tf @@ -95,7 +95,7 @@ variable "instance_tags" { variable "standalone_version" { type = string description = "Security Gateway & Management (Standalone) version and license" - default = "R81.20-PAYG-NGTP" + default = "R81.20-BYOL" } module "validate_standalone_version" { source = "../modules/common/version_license"