Skip to content

Commit

Permalink
Azure-templates | Enhance UI
Browse files Browse the repository at this point in the history
  • Loading branch information
@chkp-rivkas
chkp-rivkas committed Dec 23, 2024
1 parent e129f50 commit 5705ab4
Show file tree
Hide file tree
Showing 8 changed files with 2,073 additions and 1,915 deletions.
736 changes: 381 additions & 355 deletions azure/templates/marketplace-gateway-load-balancer/createUiDefinition.json
View file

Large diffs are not rendered by default.

279 changes: 149 additions & 130 deletions azure/templates/marketplace-ha/createUiDefinition.json
View file

Large diffs are not rendered by default.

1 change: 1 addition & 0 deletions azure/templates/marketplace-ha/mainTemplate.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -135,6 +135,7 @@
},
"sicKey": {
"type": "securestring",
"defaultValue": "",
"metadata": {
"description": "One time key for Secure Internal Communication"
}
Expand Down
239 changes: 131 additions & 108 deletions azure/templates/marketplace-management/createUiDefinition.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,19 +53,28 @@
"steps": [
{
"name": "chkp",
"label": "Check Point Security Management Server settings",
"label": "CloudGuard Security Management Server settings",
"subLabel": {
"preValidation": "Configure additional settings",
"postValidation": "Done"
},
"bladeTitle": "Security Management settings",
"elements": [
{
"name": "InfoAzureAdminGuide",
"type": "Microsoft.Common.InfoBox",
"visible": "true",
"options": {
"icon": "Info",
"text": "See <a href='https://support.checkpoint.com/results/sk/sk109360' target='_blank'>CloudGuard Network for Azure administration guide</a> for detailed deployment and configuration steps "
}
},
{
"name": "cloudGuardVersion",
"type": "Microsoft.Common.DropDown",
"label": "Check Point CloudGuard version",
"label": "Version",
"defaultValue": "R81.20",
"toolTip": "The version of Check Point CloudGuard.",
"toolTip": "Check Point Recommended version for all deployments is R81.20",
"constraints": {
"allowedValues": [
{
Expand All @@ -88,7 +97,7 @@
"type": "Microsoft.Common.DropDown",
"label": "License type",
"toolTip": "The type of license.",
"defaultValue": "Bring Your Own License",
"defaultValue": "Pay As You Go (MGMT25)",
"visible": true,
"constraints": {
"allowedValues": [
Expand All @@ -103,6 +112,15 @@
]
}
},
{
"name": "InfoVMSize",
"type": "Microsoft.Common.InfoBox",
"visible": "true",
"options": {
"icon": "Info",
"text": "Check Point recommends a minimum of 4 vCores for optimal operation"
}
},
{
"name": "R8110vmSizeUiBYOL",
"type": "Microsoft.Compute.SizeSelector",
Expand Down Expand Up @@ -277,6 +295,84 @@
},
"count": 1
},
{
"name": "managementGUIClientNetwork",
"type": "Microsoft.Common.TextBox",
"label": "Allow SmartConsole connections from these networks",
"toolTip": "Allow SmartConsole connections from the following CIDR networks, for example: 192.168.1.0/26",
"constraints": {
"required": true,
"regex": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/([0-9]|[1-2][0-9]|3[0-2]))$",
"validationMessage": "Enter a valid IPv4 network CIDR"
},
"visible": "[equals(steps('chkp').installationType, 'management')]"
}
]
},
{
"name": "chkp-advanced",
"label": "CloudGuard Advanced settings",
"subLabel": {
"preValidation": "Configure additional settings",
"postValidation": "Done"
},
"bladeTitle": "Security Management settings",
"elements": [
{
"name": "InfoAdvanced",
"type": "Microsoft.Common.InfoBox",
"visible": "true",
"options": {
"icon": "Info",
"text": "This section includes OPTIONAL advanced configuration.\nTo proceed with Check Point default settings, click Next"
}
},
{
"name": "installationType",
"type": "Microsoft.Common.DropDown",
"label": "Installation type",
"defaultValue": "Management",
"toolTip": "Select the type of deployment",
"constraints": {
"allowedValues": [
{
"label": "Management",
"value": "management"
},
{
"label": "Configure manually",
"value": "custom"
}
]
}
},
{
"name": "adminShell",
"type": "Microsoft.Common.DropDown",
"label": "Default shell for the admin user",
"defaultValue": "/etc/cli.sh",
"toolTip": "The default shell for the admin user",
"constraints": {
"allowedValues": [
{
"label": "/etc/cli.sh",
"value": "/etc/cli.sh"
},
{
"label": "/bin/bash",
"value": "/bin/bash"
},
{
"label": "/bin/csh",
"value": "/bin/csh"
},
{
"label": "/bin/tcsh",
"value": "/bin/tcsh"
}
]
}
},
{
"name": "SerialPasswordInfoBox",
"type": "Microsoft.Common.InfoBox",
Expand All @@ -287,11 +383,11 @@
}
},
{
"visible": "[bool(basics('auth').sshPublicKey)]",
"visible": "[bool(basics('auth').sshPublicKey)]",
"name": "EnableSerialConsolePassword",
"type": "Microsoft.Common.OptionsGroup",
"label": "Enable Serial console password",
"defaultValue": "Yes",
"defaultValue": "No",
"toolTip": "A unique password hash to enable VM connection via serial console.",
"constraints": {
"allowedValues": [
Expand All @@ -310,7 +406,7 @@
"name": "AdditionalPassword",
"type": "Microsoft.Common.PasswordBox",
"toolTip": "Serial console password hash, used to enable password authentication (using serial console). To generate password hash use the command 'openssl passwd -6 PASSWORD'",
"visible": "[and(bool(basics('auth').sshPublicKey), steps('chkp').EnableSerialConsolePassword)]",
"visible": "[and(bool(basics('auth').sshPublicKey), steps('chkp-advanced').EnableSerialConsolePassword)]",
"label": {
"password": "Password hash",
"confirmPassword": "Confirm password"
Expand All @@ -335,26 +431,6 @@
},
{
"visible": "[not(contains('R81.10', steps('chkp').cloudGuardVersion))]",
"name": "EnableMaintenanceMode",
"type": "Microsoft.Common.OptionsGroup",
"label": "Enable Maintenance Mode",
"defaultValue": "Yes",
"toolTip": "A unique password hash to enable VM maintenance mode.",
"constraints": {
"allowedValues": [
{
"label": "Yes",
"value": true
},
{
"label": "No",
"value": false
}
]
}
},
{
"visible": "[and(not(contains('R81.10', steps('chkp').cloudGuardVersion)), steps('chkp').EnableMaintenanceMode)]",
"name": "MaintenanceModePassword",
"type": "Microsoft.Common.PasswordBox",
"defaultValue": "",
Expand All @@ -364,71 +440,12 @@
"confirmPassword": "Confirm Password"
},
"constraints": {
"required": true,
"validationMessage": "The value must be the output of the hash command."
},
"options": {
"hideConfirmation": false
}
},
{
"name": "installationType",
"type": "Microsoft.Common.DropDown",
"label": "Installation type",
"defaultValue": "Management",
"toolTip": "Select the type of deployment",
"constraints": {
"allowedValues": [
{
"label": "Management",
"value": "management"
},
{
"label": "Configure manually",
"value": "custom"
}
]
}
},
{
"name": "adminShell",
"type": "Microsoft.Common.DropDown",
"label": "Default shell for the admin user",
"defaultValue": "/etc/cli.sh",
"toolTip": "The default shell for the admin user",
"constraints": {
"allowedValues": [
{
"label": "/etc/cli.sh",
"value": "/etc/cli.sh"
},
{
"label": "/bin/bash",
"value": "/bin/bash"
},
{
"label": "/bin/csh",
"value": "/bin/csh"
},
{
"label": "/bin/tcsh",
"value": "/bin/tcsh"
}
]
}
},
{
"name": "managementGUIClientNetwork",
"type": "Microsoft.Common.TextBox",
"label": "Allowed GUI clients",
"toolTip": "GUI clients network CIDR",
"constraints": {
"required": true,
"regex": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/([0-9]|[1-2][0-9]|3[0-2]))$",
"validationMessage": "Enter a valid IPv4 network CIDR"
},
"visible": "[equals(steps('chkp').installationType, 'management')]"
},
{
"name": "bootstrapScript",
"type": "Microsoft.Common.FileUpload",
Expand Down Expand Up @@ -498,7 +515,7 @@
"value": "management_only"
},
{
"label": "All IP Addresses that can be used for GUI clients",
"label": "All IP addresses that are allowed for SmartConsole connections",
"value": "gui_clients"
},
{
Expand All @@ -510,7 +527,7 @@
"visible": true
},
{
"visible": "[equals(steps('chkp').installationType, 'management')]",
"visible": "[equals(steps('chkp-advanced').installationType, 'management')]",
"name": "allowUploadDownload",
"type": "Microsoft.Common.OptionsGroup",
"label": "Automatically download updates and share statistical data for product improvement purpose",
Expand All @@ -530,15 +547,12 @@
}
},
{
"name": "basics settings text block",
"type": "Microsoft.Common.TextBlock",
"visible": true,
"name": "InfoVMDiskSpace",
"type": "Microsoft.Common.InfoBox",
"visible": "true",
"options": {
"text": "Please follow the Check Point referenced guide for adding disk space.",
"link": {
"label": "Additional disk space in CloudGuard",
"uri": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk156552"
}
"icon": "Info",
"text": "See <a href='https://support.checkpoint.com/results/sk/sk156552' target='_blank'>Adding disk space in CloudGuard</a> for instructions on adding additional disk space "
}
},
{
Expand Down Expand Up @@ -579,11 +593,11 @@
"label": "Development Image URI",
"toolTip": "The URI of the blob containing the development image",
"constraints": {
"required": "[equals(steps('chkp').useCustomImageUri, 'Yes')]",
"required": "[equals(steps('chkp-advanced').useCustomImageUri, 'Yes')]",
"regex": "^[a-z0-9A-Z_\\-\\.\\:\\/]{1,500}.vhd$",
"validationMessage": "Only alphanumeric characters and '_','-','.',':','/' are allowed, the value must be 1-500 characters long and must end with .vhd. "
},
"visible": "[equals(steps('chkp').useCustomImageUri, 'Yes')]"
"visible": "[equals(steps('chkp-advanced').useCustomImageUri, 'Yes')]"
}
]
},
Expand Down Expand Up @@ -711,6 +725,15 @@
"name": "tags",
"label": "Tags",
"elements": [
{
"name": "InfoTags",
"type": "Microsoft.Common.InfoBox",
"visible": "true",
"options": {
"icon": "Info",
"text": "Check Point automatically configures all tags required by the solution\nOPTIONAL: Additional tags can be added below"
}
},
{
"name": "tagsByResource",
"type": "Microsoft.Common.TagsByResource",
Expand Down Expand Up @@ -744,21 +767,21 @@
"vnetNewOrExisting": "[steps('network').virtualNetwork.newOrExisting]",
"virtualNetworkExistingRGName": "[steps('network').virtualNetwork.resourceGroup]",
"managementGUIClientNetwork": "[steps('chkp').managementGUIClientNetwork]",
"installationType": "[steps('chkp').installationType]",
"bootstrapScript": "[steps('chkp').bootstrapScript]",
"allowDownloadFromUploadToCheckPoint": "[coalesce(steps('chkp').allowUploadDownload, 'true')]",
"additionalDiskSizeGB": "[int(steps('chkp').additionalDiskSizeGB)]",
"diskType": "[if(contains('R81.10' , steps('chkp').cloudGuardVersion) , steps('chkp').VMDiskTypeOldVersions , steps('chkp').VMDiskType)]",
"sourceImageVhdUri": "[coalesce(steps('chkp').sourceImageVhdUri, 'noCustomUri')]",
"enableApi": "[steps('chkp').enableApi]",
"adminShell": "[steps('chkp').adminShell]",
"installationType": "[steps('chkp-advanced').installationType]",
"bootstrapScript": "[steps('chkp-advanced').bootstrapScript]",
"allowDownloadFromUploadToCheckPoint": "[coalesce(steps('chkp-advanced').allowUploadDownload, 'true')]",
"additionalDiskSizeGB": "[int(steps('chkp-advanced').additionalDiskSizeGB)]",
"diskType": "[if(contains('R81.10' , steps('chkp-advanced').cloudGuardVersion) , steps('chkp-advanced').VMDiskTypeOldVersions , steps('chkp-advanced').VMDiskType)]",
"sourceImageVhdUri": "[coalesce(steps('chkp-advanced').sourceImageVhdUri, 'noCustomUri')]",
"enableApi": "[steps('chkp-advanced').enableApi]",
"adminShell": "[steps('chkp-advanced').adminShell]",
"tagsByResource": "[steps('tags').tagsByResource]",
"deployNewNSG": "[steps('network').NSG]",
"ExistingNSG": "[steps('network').nsgSelector]",
"NewNsgName": "[steps('network').NSGName]",
"addStorageAccountIpRules": "[steps('network').addStorageAccountIpRules]",
"SerialConsolePasswordHash": "[steps('chkp').AdditionalPassword]",
"MaintenanceModePasswordHash": "[steps('chkp').MaintenanceModePassword]"
"SerialConsolePasswordHash": "[steps('chkp-advanced').AdditionalPassword]",
"MaintenanceModePasswordHash": "[steps('chkp-advanced').MaintenanceModePassword]"
}
}
}
Loading

0 comments on commit 5705ab4

Please sign in to comment.