diff --git a/azure/templates/marketplace-ha/mainTemplate.json b/azure/templates/marketplace-ha/mainTemplate.json index 02d26faa..fa367280 100644 --- a/azure/templates/marketplace-ha/mainTemplate.json +++ b/azure/templates/marketplace-ha/mainTemplate.json @@ -395,7 +395,6 @@ "storageAccountType": "Standard_LRS", "diskSize100GB": 100, "diskSizeGB": "[add(parameters('additionalDiskSizeGB'), variables('diskSize100GB'))]", - "customData": "[concat('#!/usr/bin/python3 /etc/cloud_config.py\n', '\n', 'installationType=\"', variables('installationType'), '\"', '\n', 'allowUploadDownload=\"', variables('allowUploadDownload'), '\"', '\n', 'osVersion=\"', variables('osVersion'), '\"', '\n', 'templateName=\"', variables('templateName'), '\"', '\n', 'isBlink=\"', variables('isBlink'), '\"', '\n', 'templateVersion=\"', variables('templateVersion'), '\"', '\n', 'bootstrapScript64=\"', variables('bootstrapScript64'), '\"', '\n', 'location=\"', variables('location'), '\"', '\n', 'sicKey=\"', variables('sicKey'), '\"', '\n', 'location=\"', variables('location'), '\"', '\n', 'tenantId=\"', subscription().tenantId, '\"', '\n', 'virtualNetwork=\"', parameters('virtualNetworkName'), '\"', '\n', 'clusterName=\"', parameters('vmName'), '\"', '\n', 'customMetrics=\"', variables('customMetrics'), '\"', '\n', 'adminShell=\"', parameters('adminShell'), '\"', '\n', 'MaintenanceModePassword=\"', parameters('MaintenanceModePasswordHash'), '\"', '\n', 'passwordHash=\"', parameters('SerialConsolePasswordHash'), '\"', '\n')]", "imageOffer": "[concat('check-point-cg-', toLower(variables('osVersion')))]", "imagePublisher": "checkpoint", "imageReferenceBYOL": { @@ -628,6 +627,11 @@ "privateIPAddress": "[variables('externalPrivateAddresses')[add(copyIndex('VipsInformation'), 3)]]", "publicIPAddress": "[variables('Vip_Names')[copyIndex('VipsInformation')]]" } + }, + { + "name": "customData", + "count": "[variables('count')]", + "input": "[concat('#!/usr/bin/python3 /etc/cloud_config.py\n', '\n', 'installationType=\"', variables('installationType'), '\"', '\n', 'allowUploadDownload=\"', variables('allowUploadDownload'), '\"', '\n', 'osVersion=\"', variables('osVersion'), '\"', '\n', 'templateName=\"', variables('templateName'), '\"', '\n', 'isBlink=\"', variables('isBlink'), '\"', '\n', 'templateVersion=\"', variables('templateVersion'), '\"', '\n', 'bootstrapScript64=\"', variables('bootstrapScript64'), '\"', '\n', 'location=\"', variables('location'), '\"', '\n', 'sicKey=\"', variables('sicKey'), '\"', '\n', 'location=\"', variables('location'), '\"', '\n', 'tenantId=\"', subscription().tenantId, '\"', '\n', 'virtualNetwork=\"', parameters('virtualNetworkName'), '\"', '\n', 'clusterName=\"', parameters('vmName'), '\"', '\n', 'customMetrics=\"', variables('customMetrics'), '\"', '\n', 'adminShell=\"', parameters('adminShell'), '\"', '\n', '\n','smart1CloudToken=\"', variables('tokens')[copyIndex('customData')], '\"', '\n', 'Vips=\"', string(variables('VipsInformationForCloudConfig')), '\"', '\n','externalPrivateAddresses=\"', variables('externalPrivateAddresses')[2], '\"', '\n', 'MaintenanceModePassword=\"', parameters('MaintenanceModePasswordHash'), '\"', '\n', 'passwordHash=\"', parameters('SerialConsolePasswordHash'), '\"', '\n')]" } ], "DefaultVipInformation": [ @@ -987,7 +991,7 @@ }, { "type": "Microsoft.Compute/virtualMachines", - "apiVersion": "2021-07-01", + "apiVersion": "2022-11-01", "dependsOn": [ "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName'))]", "[resourceId('Microsoft.Compute/availabilitySets', variables('availabilitySetName'))]", @@ -1005,7 +1009,7 @@ "plan": "[if(equals(parameters('sourceImageVhdUri'),'noCustomUri'), variables('plan'), json('null'))]", "identity": "[if(equals(parameters('managedSystemAssigned'), 'yes'), variables('identity'), json('null'))]", "properties": { - "UserData": "[base64(concat(variables('customData'), '\n','smart1CloudToken=\"', variables('tokens')[copyIndex()], '\"', '\n', 'Vips=\"', string(variables('VipsInformationForCloudConfig')), '\"', '\n','externalPrivateAddresses=\"', variables('externalPrivateAddresses')[2], '\"', '\n', 'vnet=\"', if(equals(parameters('vnetNewOrExisting'), 'new'), reference('networkNewSetup').outputs.vnetAddressPrefixes.value[0], reference('networkExistingSetup').outputs.vnetAddressPrefixes.value[0]), '\"', '\n' ))]", + "UserData": "[base64(concat(variables('customData')[copyIndex()], 'vnet=\"', if(equals(parameters('vnetNewOrExisting'), 'new'), reference('networkNewSetup').outputs.vnetAddressPrefixes.value[0], reference('networkExistingSetup').outputs.vnetAddressPrefixes.value[0]), '\"', '\n'))]", "availabilitySet": "[if(not(variables('useAZ')), variables('availabilitySetProperty'), json('null'))]", "diagnosticsProfile": { "bootDiagnostics": { @@ -1036,7 +1040,7 @@ "adminPassword": "[parameters('adminPassword')]", "adminUsername": "[concat('not','used')]", "computername": "[concat(toLower(parameters('vmName')), copyIndex(1))]", - "customData": "[base64(concat(variables('customData'), '\n', 'smart1CloudToken=\"', variables('tokens')[copyIndex()], '\"', '\n','Vips=\"', string(variables('VipsInformationForCloudConfig')), '\"', '\n','externalPrivateAddresses=\"', variables('externalPrivateAddresses')[2], '\"', '\n', 'vnet=\"', if(equals(parameters('vnetNewOrExisting'), 'new'), reference('networkNewSetup').outputs.vnetAddressPrefixes.value[0], reference('networkExistingSetup').outputs.vnetAddressPrefixes.value[0]), '\"', '\n' ))]", + "customData": "[base64(concat(variables('customData')[copyIndex()], 'vnet=\"', if(equals(parameters('vnetNewOrExisting'), 'new'), reference('networkNewSetup').outputs.vnetAddressPrefixes.value[0], reference('networkExistingSetup').outputs.vnetAddressPrefixes.value[0]), '\"', '\n'))]", "linuxConfiguration": "[variables('linuxConfiguration')]" }, "storageProfile": { @@ -1113,7 +1117,7 @@ "properties": { "roleDefinitionId": "[variables('roleDefinitionId')]", "scope": "[resourceGroup().id]", - "principalId": "[reference(resourceId('Microsoft.Compute/virtualMachines/', concat(parameters('vmName'), copyIndex(1))), '2021-07-01', 'Full').identity.principalId]" + "principalId": "[reference(resourceId('Microsoft.Compute/virtualMachines/', concat(parameters('vmName'), copyIndex(1))), '2022-11-01', 'Full').identity.principalId]" }, "tags": "[ if(contains(parameters('tagsByResource'), 'Microsoft.Authorization/roleAssignments'), parameters('tagsByResource')['Microsoft.Authorization/roleAssignments'], json('{}')) ]" }, @@ -1142,10 +1146,10 @@ "value": "[variables('roleDefinitionId')]" }, "principalId1": { - "value": "[reference(resourceId('Microsoft.Compute/virtualMachines/', concat(parameters('vmName'), '1')), '2021-07-01', 'Full').identity.principalId]" + "value": "[reference(resourceId('Microsoft.Compute/virtualMachines/', concat(parameters('vmName'), '1')), '2022-11-01', 'Full').identity.principalId]" }, "principalId2": { - "value": "[reference(resourceId('Microsoft.Compute/virtualMachines/', concat(parameters('vmName'), '2')), '2021-07-01', 'Full').identity.principalId]" + "value": "[reference(resourceId('Microsoft.Compute/virtualMachines/', concat(parameters('vmName'), '2')), '2022-11-01', 'Full').identity.principalId]" } } } diff --git a/azure/templates/marketplace-mds/createUiDefinition.json b/azure/templates/marketplace-mds/createUiDefinition.json index 550dd1b6..617e60e9 100644 --- a/azure/templates/marketplace-mds/createUiDefinition.json +++ b/azure/templates/marketplace-mds/createUiDefinition.json @@ -242,63 +242,6 @@ ] } }, - { - "name": "adminShell", - "type": "Microsoft.Common.DropDown", - "label": "Default shell for the admin user", - "defaultValue": "/etc/cli.sh", - "toolTip": "The default shell for the admin user", - "constraints": { - "allowedValues": [ - { - "label": "/etc/cli.sh", - "value": "/etc/cli.sh" - }, - { - "label": "/bin/bash", - "value": "/bin/bash" - }, - { - "label": "/bin/csh", - "value": "/bin/csh" - }, - { - "label": "/bin/tcsh", - "value": "/bin/tcsh" - } - ] - } - }, - { - "name": "managementGUIClientNetwork", - "type": "Microsoft.Common.TextBox", - "label": "Allowed GUI clients", - "toolTip": "GUI clients network CIDR", - "constraints": { - "required": true, - "regex": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/([0-9]|[1-2][0-9]|3[0-2]))$", - "validationMessage": "Enter a valid IPv4 network CIDR" - }, - "visible": true - }, - { - "name": "sicKeyUi", - "type": "Microsoft.Common.PasswordBox", - "label": { - "password": "SIC key", - "confirmPassword": "Confirm SIC key" - }, - "toolTip": "Set the Secure Internal Communication one time secret used to set up trust between the primary and secondary servers. SIC key must be provided if installing a secondary Multi-Domain Server.", - "constraints": { - "required": true, - "regex": "^[a-z0-9A-Z]{12,30}$", - "validationMessage": "Only alphanumeric characters are allowed, and the value must be 12-30 characters long." - }, - "options": { - "hideConfirmation": false - }, - "visible": "[not(equals(steps('chkp').installationType, 'mds-primary'))]" - }, { "name": "SerialPasswordInfoBox", "type": "Microsoft.Common.InfoBox", @@ -393,6 +336,63 @@ "hideConfirmation": false } }, + { + "name": "adminShell", + "type": "Microsoft.Common.DropDown", + "label": "Default shell for the admin user", + "defaultValue": "/etc/cli.sh", + "toolTip": "The default shell for the admin user", + "constraints": { + "allowedValues": [ + { + "label": "/etc/cli.sh", + "value": "/etc/cli.sh" + }, + { + "label": "/bin/bash", + "value": "/bin/bash" + }, + { + "label": "/bin/csh", + "value": "/bin/csh" + }, + { + "label": "/bin/tcsh", + "value": "/bin/tcsh" + } + ] + } + }, + { + "name": "managementGUIClientNetwork", + "type": "Microsoft.Common.TextBox", + "label": "Allowed GUI clients", + "toolTip": "GUI clients network CIDR", + "constraints": { + "required": true, + "regex": "(^0\\.0\\.0\\.0\\/0$)|(^(?!0\\.0\\.0\\.0$)(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/32)?$)", + "validationMessage": "Enter a valid IPv4 network CIDR (only 0.0.0.0/0, X.X.X.X/32 or X.X.X.X are acceptable)" + }, + "visible": true + }, + { + "name": "sicKeyUi", + "type": "Microsoft.Common.PasswordBox", + "label": { + "password": "SIC key", + "confirmPassword": "Confirm SIC key" + }, + "toolTip": "Set the Secure Internal Communication one time secret used to set up trust between the primary and secondary servers. SIC key must be provided if installing a secondary Multi-Domain Server.", + "constraints": { + "required": true, + "regex": "^[a-z0-9A-Z]{12,30}$", + "validationMessage": "Only alphanumeric characters are allowed, and the value must be 12-30 characters long." + }, + "options": { + "hideConfirmation": false + }, + "visible": "[not(equals(steps('chkp').installationType, 'mds-primary'))]" + }, { "name": "bootstrapScript", "type": "Microsoft.Common.FileUpload", diff --git a/azure/templates/marketplace-single/createUiDefinition.json b/azure/templates/marketplace-single/createUiDefinition.json index 3dc92225..95dfa1a1 100644 --- a/azure/templates/marketplace-single/createUiDefinition.json +++ b/azure/templates/marketplace-single/createUiDefinition.json @@ -1825,6 +1825,8 @@ "location": "[location()]", "cloudGuardVersion": "[concat(steps('chkp').cloudGuardVersion, ' - ', coalesce(steps('chkp').R80Offer, 'Bring Your Own License'))]", "adminPassword": "[basics('auth').password]", + "SerialConsolePasswordHash": "[steps('chkp').AdditionalPassword]", + "MaintenanceModePasswordHash": "[steps('chkp').MaintenanceModePassword]", "authenticationType": "[basics('auth').authenticationType]", "sshPublicKey": "[basics('auth').sshPublicKey]", "vmName": "[basics('gatewayNameUi')]", @@ -1853,9 +1855,7 @@ "tagsByResource": "[steps('tags').tagsByResource]", "deployNewNSG": "[steps('network').NSG]", "ExistingNSG": "[steps('network').nsgSelector]", - "NewNsgName": "[steps('network').NSGName]", - "SerialConsolePasswordHash": "[steps('chkp').AdditionalPassword]", - "MaintenanceModePasswordHash": "[steps('chkp').MaintenanceModePassword]" + "NewNsgName": "[steps('network').NSGName]" } } } diff --git a/azure/templates/marketplace-vmss/createUiDefinition.json b/azure/templates/marketplace-vmss/createUiDefinition.json index 85659909..36fc6e39 100644 --- a/azure/templates/marketplace-vmss/createUiDefinition.json +++ b/azure/templates/marketplace-vmss/createUiDefinition.json @@ -548,7 +548,7 @@ "type": "Microsoft.Common.OptionsGroup", "label": "Use Remote Access VPN", "defaultValue": "No", - "toolTip": "Use Remote Access VPN functionality.", + "toolTip": "Use Remote Access VPN functionality. Remote Access VPN is supported from R80.40 Management Server or Multi-Domain Management Server until R81.10, and from R80.40 Gateway version until R81.10.", "constraints": { "allowedValues": [ {