diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100644
index 00000000..e69de29b
diff --git a/aws/templates/asg/autoscale.yaml b/aws/templates/asg/autoscale.yaml
index 04a1adbb..87720f66 100644
--- a/aws/templates/asg/autoscale.yaml
+++ b/aws/templates/asg/autoscale.yaml
@@ -1,5 +1,5 @@
AWSTemplateFormatVersion: 2010-09-09
-Description: Create an Auto Scaling group of Check Point gateways (20240417)
+Description: Create an Auto Scaling group of Check Point gateways (20241027)
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
@@ -303,6 +303,9 @@ Parameters:
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
+ - R82-BYOL
+ - R82-PAYG-NGTP
+ - R82-PAYG-NGTX
Shell:
Description: Change the admin shell to enable advanced command line configuration.
Type: String
diff --git a/aws/templates/cluster/cluster-master.yaml b/aws/templates/cluster/cluster-master.yaml
old mode 100755
new mode 100644
index 87d54b56..61ba3b5c
--- a/aws/templates/cluster/cluster-master.yaml
+++ b/aws/templates/cluster/cluster-master.yaml
@@ -1,5 +1,5 @@
AWSTemplateFormatVersion: 2010-09-09
-Description: Deploy a Check Point Cluster in a new VPC (20240204)
+Description: Deploy a Check Point Cluster in a new VPC (20241027)
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
@@ -310,6 +310,9 @@ Parameters:
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
+ - R82-BYOL
+ - R82-PAYG-NGTP
+ - R82-PAYG-NGTX
Shell:
Description: Change the admin shell to enable advanced command line configuration.
Type: String
diff --git a/aws/templates/cluster/cluster.yaml b/aws/templates/cluster/cluster.yaml
old mode 100755
new mode 100644
index 9bea983a..243234a7
--- a/aws/templates/cluster/cluster.yaml
+++ b/aws/templates/cluster/cluster.yaml
@@ -1,5 +1,5 @@
AWSTemplateFormatVersion: 2010-09-09
-Description: Deploys a Check Point Cluster into an existing VPC (20240204)
+Description: Deploys a Check Point Cluster into an existing VPC (20241027)
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
@@ -305,6 +305,9 @@ Parameters:
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
+ - R82-BYOL
+ - R82-PAYG-NGTP
+ - R82-PAYG-NGTX
Shell:
Description: Change the admin shell to enable advanced command line configuration.
Type: String
diff --git a/aws/templates/cross-az-cluster/cross-az-cluster-master.yaml b/aws/templates/cross-az-cluster/cross-az-cluster-master.yaml
index 9826d072..f53a0547 100644
--- a/aws/templates/cross-az-cluster/cross-az-cluster-master.yaml
+++ b/aws/templates/cross-az-cluster/cross-az-cluster-master.yaml
@@ -1,5 +1,5 @@
AWSTemplateFormatVersion: 2010-09-09
-Description: Deploy a Check Point Cluster in a new VPC (20240204)
+Description: Deploy a Check Point Cluster in a new VPC (20241027)
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
@@ -315,6 +315,9 @@ Parameters:
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
+ - R82-BYOL
+ - R82-PAYG-NGTP
+ - R82-PAYG-NGTX
Shell:
Description: Change the admin shell to enable advanced command line configuration.
Type: String
diff --git a/aws/templates/cross-az-cluster/cross-az-cluster.yaml b/aws/templates/cross-az-cluster/cross-az-cluster.yaml
index 3c5f6ad8..b616d331 100644
--- a/aws/templates/cross-az-cluster/cross-az-cluster.yaml
+++ b/aws/templates/cross-az-cluster/cross-az-cluster.yaml
@@ -1,5 +1,5 @@
AWSTemplateFormatVersion: 2010-09-09
-Description: Deploys a Check Point Cluster into an existing VPC (20240204)
+Description: Deploys a Check Point Cluster into an existing VPC (20241027)
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
@@ -320,6 +320,9 @@ Parameters:
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
+ - R82-BYOL
+ - R82-PAYG-NGTP
+ - R82-PAYG-NGTX
Shell:
Description: Change the admin shell to enable advanced command line configuration.
Type: String
diff --git a/aws/templates/geo-cluster/geo-cluster-master.yaml b/aws/templates/geo-cluster/geo-cluster-master.yaml
index b2d4e02f..61d20c0c 100644
--- a/aws/templates/geo-cluster/geo-cluster-master.yaml
+++ b/aws/templates/geo-cluster/geo-cluster-master.yaml
@@ -1,5 +1,5 @@
AWSTemplateFormatVersion: 2010-09-09
-Description: Deploy a Check Point cross AZ Cluster in a new VPC (20240204)
+Description: Deploy a Check Point cross AZ Cluster in a new VPC (20241027)
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
@@ -327,6 +327,9 @@ Parameters:
- R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.10-PAYG-NGTX
+ - R82-BYOL
+ - R82-PAYG-NGTP
+ - R82-PAYG-NGTX
Shell:
Description: Change the admin shell to enable advanced command line configuration.
Type: String
diff --git a/aws/templates/geo-cluster/geo-cluster.yaml b/aws/templates/geo-cluster/geo-cluster.yaml
index c358dfba..77ac4de2 100644
--- a/aws/templates/geo-cluster/geo-cluster.yaml
+++ b/aws/templates/geo-cluster/geo-cluster.yaml
@@ -1,5 +1,5 @@
AWSTemplateFormatVersion: 2010-09-09
-Description: Deploys a Check Point cross AZ Cluster into an existing VPC (20240204)
+Description: Deploys a Check Point cross AZ Cluster into an existing VPC (20241027)
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
@@ -321,6 +321,9 @@ Parameters:
- R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.10-PAYG-NGTX
+ - R82-BYOL
+ - R82-PAYG-NGTP
+ - R82-PAYG-NGTX
Shell:
Description: Change the admin shell to enable advanced command line configuration.
Type: String
diff --git a/aws/templates/gwlb-asg/gwlb-master.yaml b/aws/templates/gwlb-asg/gwlb-master.yaml
index 0e4eb4c7..3dd36c24 100644
--- a/aws/templates/gwlb-asg/gwlb-master.yaml
+++ b/aws/templates/gwlb-asg/gwlb-master.yaml
@@ -1,5 +1,5 @@
AWSTemplateFormatVersion: 2010-09-09
-Description: Deploy a Gateway Load Balancer, Check Point CloudGuard IaaS Security Gateway Auto Scaling Group, and optionally a Security Management Server, in a new VPC (20240204)
+Description: Deploy a Gateway Load Balancer, Check Point CloudGuard IaaS Security Gateway Auto Scaling Group, and optionally a Security Management Server, in a new VPC (20241027)
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
@@ -433,6 +433,9 @@ Parameters:
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
+ - R82-BYOL
+ - R82-PAYG-NGTP
+ - R82-PAYG-NGTX
GatewayPasswordHash:
Description: Admin user's password hash (use command "openssl passwd -6 PASSWORD" to get the PASSWORD's hash). (optional)
Type: String
@@ -607,6 +610,8 @@ Parameters:
- R81.10-PAYG
- R81.20-BYOL
- R81.20-PAYG
+ - R82-BYOL
+ - R82-PAYG
ManagementPasswordHash:
Description: Admin user's password hash (use command "openssl passwd -6 PASSWORD" to get the PASSWORD's hash). (optional)
Type: String
diff --git a/aws/templates/gwlb-asg/gwlb.yaml b/aws/templates/gwlb-asg/gwlb.yaml
index 50d8e335..bd6cdbbe 100644
--- a/aws/templates/gwlb-asg/gwlb.yaml
+++ b/aws/templates/gwlb-asg/gwlb.yaml
@@ -1,5 +1,5 @@
AWSTemplateFormatVersion: 2010-09-09
-Description: Deploy a Gateway Load Balancer, Check Point CloudGuard IaaS Security Gateway Auto Scaling Group, and optionally a Security Management Server, in a new VPC (20240204)
+Description: Deploy a Gateway Load Balancer, Check Point CloudGuard IaaS Security Gateway Auto Scaling Group, and optionally a Security Management Server, in a new VPC (20241027)
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
@@ -383,6 +383,9 @@ Parameters:
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
+ - R82-BYOL
+ - R82-PAYG-NGTP
+ - R82-PAYG-NGTX
GatewayPasswordHash:
Description: Admin user's password hash (use command "openssl passwd -6 PASSWORD" to get the PASSWORD's hash). (optional)
Type: String
@@ -557,6 +560,8 @@ Parameters:
- R81.10-PAYG
- R81.20-BYOL
- R81.20-PAYG
+ - R82-BYOL
+ - R82-PAYG
ManagementPasswordHash:
Description: Admin user's password hash (use command "openssl passwd -6 PASSWORD" to get the PASSWORD's hash). (optional)
Type: String
diff --git a/aws/templates/gwlb-asg/qs-gwlb-master.yaml b/aws/templates/gwlb-asg/qs-gwlb-master.yaml
index 4d7e56a7..942106cc 100644
--- a/aws/templates/gwlb-asg/qs-gwlb-master.yaml
+++ b/aws/templates/gwlb-asg/qs-gwlb-master.yaml
@@ -1,5 +1,5 @@
AWSTemplateFormatVersion: 2010-09-09
-Description: Deploy a Gateway Load Balancer, Check Point CloudGuard IaaS Security Gateway Auto Scaling Group, and optionally a Security Management Server, in a new VPC (05072024)
+Description: Deploy a Gateway Load Balancer, Check Point CloudGuard IaaS Security Gateway Auto Scaling Group, and optionally a Security Management Server, in a new VPC (20241027)
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
@@ -542,6 +542,9 @@ Parameters:
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
+ - R82-BYOL
+ - R82-PAYG-NGTP
+ - R82-PAYG-NGTX
GatewayPasswordHash:
Description: Admin user's password hash (use command "openssl passwd -6 PASSWORD" to get the PASSWORD's hash). (optional)
Type: String
@@ -711,6 +714,8 @@ Parameters:
- R81.10-PAYG
- R81.20-BYOL
- R81.20-PAYG
+ - R82-BYOL
+ - R82-PAYG
ManagementPasswordHash:
Description: Admin user's password hash (use command "openssl passwd -6 PASSWORD" to get the PASSWORD's hash). (optional)
Type: String
diff --git a/aws/templates/gwlb-asg/qs-gwlb.yaml b/aws/templates/gwlb-asg/qs-gwlb.yaml
index 1ff5555b..ebff2add 100644
--- a/aws/templates/gwlb-asg/qs-gwlb.yaml
+++ b/aws/templates/gwlb-asg/qs-gwlb.yaml
@@ -1,5 +1,5 @@
AWSTemplateFormatVersion: 2010-09-09
-Description: "Deploy a Quick-Start Gateway Load Balancer, Check Point CloudGuard IaaS Security Gateway Auto Scaling Group, optionally: Security Management Server and Application Server Autoscale in an existing VPC (05072024)"
+Description: "Deploy a Quick-Start Gateway Load Balancer, Check Point CloudGuard IaaS Security Gateway Auto Scaling Group, optionally: Security Management Server and Application Server Autoscale in an existing VPC (20241027)"
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
@@ -447,6 +447,9 @@ Parameters:
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
+ - R82-BYOL
+ - R82-PAYG-NGTP
+ - R82-PAYG-NGTX
GatewayPasswordHash:
Description: Admin user's password hash (use command "openssl passwd -6 PASSWORD" to get the PASSWORD's hash). (optional)
Type: String
@@ -616,6 +619,8 @@ Parameters:
- R81.10-PAYG
- R81.20-BYOL
- R81.20-PAYG
+ - R82-BYOL
+ - R82-PAYG
ManagementPasswordHash:
Description: Admin user's password hash (use command "openssl passwd -6 PASSWORD" to get the PASSWORD's hash). (optional)
Type: String
diff --git a/aws/templates/gwlb-asg/tgw-gwlb-master.yaml b/aws/templates/gwlb-asg/tgw-gwlb-master.yaml
index 7fe4c750..c0598bf5 100644
--- a/aws/templates/gwlb-asg/tgw-gwlb-master.yaml
+++ b/aws/templates/gwlb-asg/tgw-gwlb-master.yaml
@@ -1,5 +1,5 @@
AWSTemplateFormatVersion: 2010-09-09
-Description: Deploy a Gateway Load Balancer, Check Point CloudGuard IaaS Security Gateway Auto Scaling Group, and optionally a Security Management Server, Gateway Load Balancer Endpoints and NAT Gateways for each AZ, in a new VPC for Transit Gateway (20240204)
+Description: Deploy a Gateway Load Balancer, Check Point CloudGuard IaaS Security Gateway Auto Scaling Group, and optionally a Security Management Server, Gateway Load Balancer Endpoints and NAT Gateways for each AZ, in a new VPC for Transit Gateway (20241027)
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
@@ -526,6 +526,9 @@ Parameters:
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
+ - R82-BYOL
+ - R82-PAYG-NGTP
+ - R82-PAYG-NGTX
GatewayPasswordHash:
Description: Admin user's password hash (use command "openssl passwd -6 PASSWORD" to get the PASSWORD's hash). (optional)
Type: String
@@ -700,6 +703,8 @@ Parameters:
- R81.10-PAYG
- R81.20-BYOL
- R81.20-PAYG
+ - R82-BYOL
+ - R82-PAYG
ManagementPasswordHash:
Description: Admin user's password hash (use command "openssl passwd -6 PASSWORD" to get the PASSWORD's hash). (optional)
Type: String
diff --git a/aws/templates/gwlb-asg/tgw-gwlb.yaml b/aws/templates/gwlb-asg/tgw-gwlb.yaml
index 89fbbc8b..58601a0a 100644
--- a/aws/templates/gwlb-asg/tgw-gwlb.yaml
+++ b/aws/templates/gwlb-asg/tgw-gwlb.yaml
@@ -1,5 +1,5 @@
AWSTemplateFormatVersion: 2010-09-09
-Description: Deploy a Gateway Load Balancer, Check Point CloudGuard IaaS Security Gateway Auto Scaling Group, and optionally a Security Management Server, Gateway Load Balancer Endpoints and NAT Gateways for each AZ, in an existing VPC for Transit Gateway (20240204)
+Description: Deploy a Gateway Load Balancer, Check Point CloudGuard IaaS Security Gateway Auto Scaling Group, and optionally a Security Management Server, Gateway Load Balancer Endpoints and NAT Gateways for each AZ, in an existing VPC for Transit Gateway (20241027)
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
@@ -481,6 +481,9 @@ Parameters:
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
+ - R82-BYOL
+ - R82-PAYG-NGTP
+ - R82-PAYG-NGTX
GatewayPasswordHash:
Description: Admin user's password hash (use command "openssl passwd -6 PASSWORD" to get the PASSWORD's hash). (optional)
Type: String
@@ -672,6 +675,8 @@ Parameters:
- R81.10-PAYG
- R81.20-BYOL
- R81.20-PAYG
+ - R82-BYOL
+ - R82-PAYG
ManagementPasswordHash:
Description: Admin user's password hash (use command "openssl passwd -6 PASSWORD" to get the PASSWORD's hash). (optional)
Type: String
diff --git a/aws/templates/management/management.yaml b/aws/templates/management/management.yaml
old mode 100755
new mode 100644
index 04e3d00e..4ae6c52c
--- a/aws/templates/management/management.yaml
+++ b/aws/templates/management/management.yaml
@@ -1,5 +1,5 @@
AWSTemplateFormatVersion: 2010-09-09
-Description: Deploys a Check Point Management Server (20240417)
+Description: Deploys a Check Point Management Server (20241027)
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
@@ -313,6 +313,8 @@ Parameters:
- R81.10-PAYG
- R81.20-BYOL
- R81.20-PAYG
+ - R82-BYOL
+ - R82-PAYG
Shell:
Description: Change the admin shell to enable advanced command line configuration.
Type: String
diff --git a/aws/templates/mds/mds.yaml b/aws/templates/mds/mds.yaml
index ec7913b2..3d2eeb7a 100644
--- a/aws/templates/mds/mds.yaml
+++ b/aws/templates/mds/mds.yaml
@@ -1,5 +1,5 @@
AWSTemplateFormatVersion: '2010-09-09'
-Description: Deploys a Check Point Multi-Domain Server (20240417)
+Description: Deploys a Check Point Multi-Domain Server (20241027)
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
@@ -298,6 +298,7 @@ Parameters:
AllowedValues:
- R81.10-BYOL
- R81.20-BYOL
+ - R82-BYOL
Shell:
Description: Change the admin shell to enable advanced command line configuration.
Type: String
diff --git a/aws/templates/single-gw/gateway.yaml b/aws/templates/single-gw/gateway.yaml
index 645eab2f..26865610 100644
--- a/aws/templates/single-gw/gateway.yaml
+++ b/aws/templates/single-gw/gateway.yaml
@@ -1,5 +1,5 @@
AWSTemplateFormatVersion: 2010-09-09
-Description: Deploys a Check Point Security Gateway into an existing VPC (20240204)
+Description: Deploys a Check Point Security Gateway into an existing VPC (20241027)
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
@@ -305,6 +305,9 @@ Parameters:
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
+ - R82-BYOL
+ - R82-PAYG-NGTP
+ - R82-PAYG-NGTX
Shell:
Description: Change the admin shell to enable advanced command line configuration.
Type: String
diff --git a/aws/templates/standalone/standalone-master.yaml b/aws/templates/standalone/standalone-master.yaml
index 6c9847cc..28e8b447 100644
--- a/aws/templates/standalone/standalone-master.yaml
+++ b/aws/templates/standalone/standalone-master.yaml
@@ -1,6 +1,6 @@
AWSTemplateFormatVersion: 2010-09-09
Description: Deploys either a manually configurable or a Check Point CloudGuard IaaS
- Security Gateway & Management (Standalone) instance in a new VPC (20240204)
+ Security Gateway & Management (Standalone) instance in a new VPC (20241027)
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
@@ -180,6 +180,8 @@ Parameters:
- R81.10-BYOL
- R81.20-PAYG-NGTP
- R81.20-BYOL
+ - R82-PAYG-NGTP
+ - R82-BYOL
Shell:
Description: Change the admin shell to enable advanced command line configuration.
Type: String
diff --git a/aws/templates/standalone/standalone.yaml b/aws/templates/standalone/standalone.yaml
index a73e2d34..41876109 100644
--- a/aws/templates/standalone/standalone.yaml
+++ b/aws/templates/standalone/standalone.yaml
@@ -1,6 +1,6 @@
AWSTemplateFormatVersion: 2010-09-09
Description: Deploys either a manually configurable or a Check Point CloudGuard IaaS
- Security Gateway & Management (Standalone) instance into an existing VPC (20240204)
+ Security Gateway & Management (Standalone) instance into an existing VPC (20241027)
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
@@ -289,6 +289,8 @@ Parameters:
- R81.10-BYOL
- R81.20-PAYG-NGTP
- R81.20-BYOL
+ - R82-PAYG-NGTP
+ - R82-BYOL
Shell:
Description: Change the admin shell to enable advanced command line configuration.
Type: String
diff --git a/aws/templates/tgw-asg/tgw-asg-master.yaml b/aws/templates/tgw-asg/tgw-asg-master.yaml
index 4ddf23df..339da4e9 100644
--- a/aws/templates/tgw-asg/tgw-asg-master.yaml
+++ b/aws/templates/tgw-asg/tgw-asg-master.yaml
@@ -1,5 +1,5 @@
AWSTemplateFormatVersion: 2010-09-09
-Description: Deploy an Auto Scaling Group of CloudGuard Security Gateways for Transit Gateway with an optional Management Server in a new VPC (20240204)
+Description: Deploy an Auto Scaling Group of CloudGuard Security Gateways for Transit Gateway with an optional Management Server in a new VPC (20241027)
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
@@ -372,6 +372,9 @@ Parameters:
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
+ - R82-BYOL
+ - R82-PAYG-NGTP
+ - R82-PAYG-NGTX
GatewayPasswordHash:
Description: Admin user's password hash (use command "openssl passwd -6 PASSWORD" to get the PASSWORD's hash). (optional)
Type: String
@@ -538,6 +541,8 @@ Parameters:
- R81.10-PAYG
- R81.20-BYOL
- R81.20-PAYG
+ - R82-BYOL
+ - R82-PAYG
ManagementPasswordHash:
Description: Admin user's password hash (use command "openssl passwd -6 PASSWORD" to get the PASSWORD's hash). (optional)
Type: String
diff --git a/aws/templates/tgw-asg/tgw-asg.yaml b/aws/templates/tgw-asg/tgw-asg.yaml
index e1a5633f..bf7d2ab1 100644
--- a/aws/templates/tgw-asg/tgw-asg.yaml
+++ b/aws/templates/tgw-asg/tgw-asg.yaml
@@ -1,5 +1,5 @@
AWSTemplateFormatVersion: '2010-09-09'
-Description: Deploy an Auto Scaling Group of CloudGuard Security Gateways for Transit Gateway with an optional Management Server into an existing VPC (20240204)
+Description: Deploy an Auto Scaling Group of CloudGuard Security Gateways for Transit Gateway with an optional Management Server into an existing VPC (20241027)
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
@@ -326,6 +326,9 @@ Parameters:
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
+ - R82-BYOL
+ - R82-PAYG-NGTP
+ - R82-PAYG-NGTX
GatewayPasswordHash:
Description: Admin user's password hash (use command "openssl passwd -6 PASSWORD" to get the PASSWORD's hash). (optional)
Type: String
@@ -492,6 +495,8 @@ Parameters:
- R81.10-PAYG
- R81.20-BYOL
- R81.20-PAYG
+ - R82-BYOL
+ - R82-PAYG
ManagementPasswordHash:
Description: Admin user's password hash (use command "openssl passwd -6 PASSWORD" to get the PASSWORD's hash). (optional)
Type: String
diff --git a/aws/templates/tgw-cross-az-cluster/tgw-cross-az-cluster-master.yaml b/aws/templates/tgw-cross-az-cluster/tgw-cross-az-cluster-master.yaml
index 4ab74737..232ca1b5 100644
--- a/aws/templates/tgw-cross-az-cluster/tgw-cross-az-cluster-master.yaml
+++ b/aws/templates/tgw-cross-az-cluster/tgw-cross-az-cluster-master.yaml
@@ -1,5 +1,5 @@
AWSTemplateFormatVersion: 2010-09-09
-Description: Deploy a Check Point TGW Cross Availabilty Zone Cluster in a new VPC (20240204)
+Description: Deploy a Check Point TGW Cross Availabilty Zone Cluster in a new VPC (20241027)
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
@@ -342,6 +342,9 @@ Parameters:
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
+ - R82-BYOL
+ - R82-PAYG-NGTP
+ - R82-PAYG-NGTX
Shell:
Description: Change the admin shell to enable advanced command line configuration.
Type: String
diff --git a/aws/templates/tgw-cross-az-cluster/tgw-cross-az-cluster.yaml b/aws/templates/tgw-cross-az-cluster/tgw-cross-az-cluster.yaml
index 63062132..56d58083 100644
--- a/aws/templates/tgw-cross-az-cluster/tgw-cross-az-cluster.yaml
+++ b/aws/templates/tgw-cross-az-cluster/tgw-cross-az-cluster.yaml
@@ -1,5 +1,5 @@
AWSTemplateFormatVersion: 2010-09-09
-Description: Deploys a Check Point TGW Cross Availabilty Zone Cluster into an existing VPC (20240204)
+Description: Deploys a Check Point TGW Cross Availabilty Zone Cluster into an existing VPC (20241027)
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
@@ -338,6 +338,9 @@ Parameters:
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
+ - R82-BYOL
+ - R82-PAYG-NGTP
+ - R82-PAYG-NGTX
Shell:
Description: Change the admin shell to enable advanced command line configuration.
Type: String
diff --git a/aws/templates/tgw-ha/tgw-ha-master.yaml b/aws/templates/tgw-ha/tgw-ha-master.yaml
index 503a1b23..d8a734ea 100644
--- a/aws/templates/tgw-ha/tgw-ha-master.yaml
+++ b/aws/templates/tgw-ha/tgw-ha-master.yaml
@@ -1,5 +1,5 @@
AWSTemplateFormatVersion: 2010-09-09
-Description: Deploy a Check Point TGW HA cross AZ Cluster in a new VPC (20240204)
+Description: Deploy a Check Point TGW HA cross AZ Cluster in a new VPC (20241027)
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
@@ -343,6 +343,9 @@ Parameters:
- R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.10-PAYG-NGTX
+ - R82-BYOL
+ - R82-PAYG-NGTP
+ - R82-PAYG-NGTX
Shell:
Description: Change the admin shell to enable advanced command line configuration.
Type: String
diff --git a/aws/templates/tgw-ha/tgw-ha.yaml b/aws/templates/tgw-ha/tgw-ha.yaml
index 9a20ff99..c4f5426e 100644
--- a/aws/templates/tgw-ha/tgw-ha.yaml
+++ b/aws/templates/tgw-ha/tgw-ha.yaml
@@ -1,5 +1,5 @@
AWSTemplateFormatVersion: 2010-09-09
-Description: Deploys a Check Point TGW HA Cluster into an existing VPC (20240204)
+Description: Deploys a Check Point TGW HA Cluster into an existing VPC (20241027)
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
@@ -337,6 +337,9 @@ Parameters:
- R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.10-PAYG-NGTX
+ - R82-BYOL
+ - R82-PAYG-NGTP
+ - R82-PAYG-NGTX
Shell:
Description: Change the admin shell to enable advanced command line configuration.
Type: String
diff --git a/azure/templates/README.MD b/azure/templates/README.MD
index e5ef10fb..522ac7cb 100644
--- a/azure/templates/README.MD
+++ b/azure/templates/README.MD
@@ -66,4 +66,4 @@ To deploy a specific Azure image, adjust the image version during the manual dep
template_name: management
template_version: 20231002
template_type: marketplace
-
+
\ No newline at end of file
diff --git a/azure/templates/marketplace-gateway-load-balancer/createUiDefinition.json b/azure/templates/marketplace-gateway-load-balancer/createUiDefinition.json
index 54fd25cc..f4c53009 100644
--- a/azure/templates/marketplace-gateway-load-balancer/createUiDefinition.json
+++ b/azure/templates/marketplace-gateway-load-balancer/createUiDefinition.json
@@ -360,6 +360,10 @@
{
"label": "R81.20",
"value": "R81.20"
+ },
+ {
+ "label": "R82",
+ "value": "R82"
}
]
}
@@ -1066,6 +1070,345 @@
},
"count": "[steps('autoprovision').vmCount]"
},
+ {
+ "name": "R82vmSizeUiBYOL",
+ "type": "Microsoft.Compute.SizeSelector",
+ "visible": "[and(equals(steps('chkp').cloudGuardVersion, 'R82'), contains(steps('chkp').R80Offer, 'Bring Your Own License'))]",
+ "label": "Virtual machine size",
+ "toolTip": "The VM size of the Security Gateway",
+ "recommendedSizes": [
+ "Standard_D4ds_v5",
+ "Standard_D4d_v5"
+ ],
+ "constraints": {
+ "allowedSizes": [
+ "Standard_D4_v4",
+ "Standard_D8_v4",
+ "Standard_D16_v4",
+ "Standard_D32_v4",
+ "Standard_D48_v4",
+ "Standard_D64_v4",
+ "Standard_D4s_v4",
+ "Standard_D8s_v4",
+ "Standard_D16s_v4",
+ "Standard_D32s_v4",
+ "Standard_D48s_v4",
+ "Standard_D64s_v4",
+ "Standard_D2_v5",
+ "Standard_D4_v5",
+ "Standard_D8_v5",
+ "Standard_D16_v5",
+ "Standard_D32_v5",
+ "Standard_D2s_v5",
+ "Standard_D4s_v5",
+ "Standard_D8s_v5",
+ "Standard_D16s_v5",
+ "Standard_D2d_v5",
+ "Standard_D4d_v5",
+ "Standard_D8d_v5",
+ "Standard_D16d_v5",
+ "Standard_D32d_v5",
+ "Standard_D2ds_v5",
+ "Standard_D4ds_v5",
+ "Standard_D8ds_v5",
+ "Standard_D16ds_v5",
+ "Standard_D32ds_v5",
+ "Standard_DS2_v2",
+ "Standard_DS3_v2",
+ "Standard_DS4_v2",
+ "Standard_DS5_v2",
+ "Standard_F2s",
+ "Standard_F4s",
+ "Standard_F8s",
+ "Standard_F16s",
+ "Standard_D4s_v3",
+ "Standard_D8s_v3",
+ "Standard_D16s_v3",
+ "Standard_D32s_v3",
+ "Standard_D64s_v3",
+ "Standard_E4s_v3",
+ "Standard_E8s_v3",
+ "Standard_E16s_v3",
+ "Standard_E20s_v3",
+ "Standard_E32s_v3",
+ "Standard_E64s_v3",
+ "Standard_E64is_v3",
+ "Standard_F4s_v2",
+ "Standard_F8s_v2",
+ "Standard_F16s_v2",
+ "Standard_F32s_v2",
+ "Standard_F64s_v2",
+ "Standard_M8ms",
+ "Standard_M16ms",
+ "Standard_M32ms",
+ "Standard_M64ms",
+ "Standard_M64s",
+ "Standard_D2_v2",
+ "Standard_D3_v2",
+ "Standard_D4_v2",
+ "Standard_D5_v2",
+ "Standard_D11_v2",
+ "Standard_D12_v2",
+ "Standard_D13_v2",
+ "Standard_D14_v2",
+ "Standard_D15_v2",
+ "Standard_F2",
+ "Standard_F4",
+ "Standard_F8",
+ "Standard_F16",
+ "Standard_D4_v3",
+ "Standard_D8_v3",
+ "Standard_D16_v3",
+ "Standard_D32_v3",
+ "Standard_D64_v3",
+ "Standard_E4_v3",
+ "Standard_E8_v3",
+ "Standard_E16_v3",
+ "Standard_E20_v3",
+ "Standard_E32_v3",
+ "Standard_E64_v3",
+ "Standard_E64i_v3",
+ "Standard_DS11_v2",
+ "Standard_DS12_v2",
+ "Standard_DS13_v2",
+ "Standard_DS14_v2",
+ "Standard_DS15_v2"
+ ]
+ },
+ "osPlatform": "Linux",
+ "imageReference": {
+ "publisher": "checkpoint",
+ "offer": "check-point-cg-r82",
+ "sku": "sg-byol"
+ },
+ "count": "[steps('autoprovision').vmCount]"
+ },
+ {
+ "name": "R82vmSizeUiNGTP",
+ "type": "Microsoft.Compute.SizeSelector",
+ "visible": "[and(equals(steps('chkp').cloudGuardVersion, 'R82'), contains(steps('chkp').R80Offer, '(NGTP)'))]",
+ "label": "Virtual machine size",
+ "toolTip": "The VM size of the Security Gateway",
+ "recommendedSizes": [
+ "Standard_D4ds_v5",
+ "Standard_D4d_v5"
+ ],
+ "constraints": {
+ "allowedSizes": [
+ "Standard_D4_v4",
+ "Standard_D8_v4",
+ "Standard_D16_v4",
+ "Standard_D32_v4",
+ "Standard_D48_v4",
+ "Standard_D64_v4",
+ "Standard_D4s_v4",
+ "Standard_D8s_v4",
+ "Standard_D16s_v4",
+ "Standard_D32s_v4",
+ "Standard_D48s_v4",
+ "Standard_D64s_v4",
+ "Standard_D2_v5",
+ "Standard_D4_v5",
+ "Standard_D8_v5",
+ "Standard_D16_v5",
+ "Standard_D32_v5",
+ "Standard_D2s_v5",
+ "Standard_D4s_v5",
+ "Standard_D8s_v5",
+ "Standard_D16s_v5",
+ "Standard_D2d_v5",
+ "Standard_D4d_v5",
+ "Standard_D8d_v5",
+ "Standard_D16d_v5",
+ "Standard_D32d_v5",
+ "Standard_D2ds_v5",
+ "Standard_D4ds_v5",
+ "Standard_D8ds_v5",
+ "Standard_D16ds_v5",
+ "Standard_D32ds_v5",
+ "Standard_DS2_v2",
+ "Standard_DS3_v2",
+ "Standard_DS4_v2",
+ "Standard_DS5_v2",
+ "Standard_F2s",
+ "Standard_F4s",
+ "Standard_F8s",
+ "Standard_F16s",
+ "Standard_D4s_v3",
+ "Standard_D8s_v3",
+ "Standard_D16s_v3",
+ "Standard_D32s_v3",
+ "Standard_D64s_v3",
+ "Standard_E4s_v3",
+ "Standard_E8s_v3",
+ "Standard_E16s_v3",
+ "Standard_E20s_v3",
+ "Standard_E32s_v3",
+ "Standard_E64s_v3",
+ "Standard_E64is_v3",
+ "Standard_F4s_v2",
+ "Standard_F8s_v2",
+ "Standard_F16s_v2",
+ "Standard_F32s_v2",
+ "Standard_F64s_v2",
+ "Standard_M8ms",
+ "Standard_M16ms",
+ "Standard_M32ms",
+ "Standard_M64ms",
+ "Standard_M64s",
+ "Standard_D2_v2",
+ "Standard_D3_v2",
+ "Standard_D4_v2",
+ "Standard_D5_v2",
+ "Standard_D11_v2",
+ "Standard_D12_v2",
+ "Standard_D13_v2",
+ "Standard_D14_v2",
+ "Standard_D15_v2",
+ "Standard_F2",
+ "Standard_F4",
+ "Standard_F8",
+ "Standard_F16",
+ "Standard_D4_v3",
+ "Standard_D8_v3",
+ "Standard_D16_v3",
+ "Standard_D32_v3",
+ "Standard_D64_v3",
+ "Standard_E4_v3",
+ "Standard_E8_v3",
+ "Standard_E16_v3",
+ "Standard_E20_v3",
+ "Standard_E32_v3",
+ "Standard_E64_v3",
+ "Standard_E64i_v3",
+ "Standard_DS11_v2",
+ "Standard_DS12_v2",
+ "Standard_DS13_v2",
+ "Standard_DS14_v2",
+ "Standard_DS15_v2"
+ ]
+ },
+ "osPlatform": "Linux",
+ "imageReference": {
+ "publisher": "checkpoint",
+ "offer": "check-point-cg-r82",
+ "sku": "sg-ngtp"
+ },
+ "count": "[steps('autoprovision').vmCount]"
+ },
+ {
+ "name": "R82vmSizeUiNGTX",
+ "type": "Microsoft.Compute.SizeSelector",
+ "visible": "[and(equals(steps('chkp').cloudGuardVersion, 'R82'), contains(steps('chkp').R80Offer, '(NGTX)'))]",
+ "label": "Virtual machine size",
+ "toolTip": "The VM size of the Security Gateway",
+ "recommendedSizes": [
+ "Standard_D4ds_v5",
+ "Standard_D4d_v5"
+ ],
+ "constraints": {
+ "allowedSizes": [
+ "Standard_D4_v4",
+ "Standard_D8_v4",
+ "Standard_D16_v4",
+ "Standard_D32_v4",
+ "Standard_D48_v4",
+ "Standard_D64_v4",
+ "Standard_D4s_v4",
+ "Standard_D8s_v4",
+ "Standard_D16s_v4",
+ "Standard_D32s_v4",
+ "Standard_D48s_v4",
+ "Standard_D64s_v4",
+ "Standard_D2_v5",
+ "Standard_D4_v5",
+ "Standard_D8_v5",
+ "Standard_D16_v5",
+ "Standard_D32_v5",
+ "Standard_D2s_v5",
+ "Standard_D4s_v5",
+ "Standard_D8s_v5",
+ "Standard_D16s_v5",
+ "Standard_D2d_v5",
+ "Standard_D4d_v5",
+ "Standard_D8d_v5",
+ "Standard_D16d_v5",
+ "Standard_D32d_v5",
+ "Standard_D2ds_v5",
+ "Standard_D4ds_v5",
+ "Standard_D8ds_v5",
+ "Standard_D16ds_v5",
+ "Standard_D32ds_v5",
+ "Standard_DS2_v2",
+ "Standard_DS3_v2",
+ "Standard_DS4_v2",
+ "Standard_DS5_v2",
+ "Standard_F2s",
+ "Standard_F4s",
+ "Standard_F8s",
+ "Standard_F16s",
+ "Standard_D4s_v3",
+ "Standard_D8s_v3",
+ "Standard_D16s_v3",
+ "Standard_D32s_v3",
+ "Standard_D64s_v3",
+ "Standard_E4s_v3",
+ "Standard_E8s_v3",
+ "Standard_E16s_v3",
+ "Standard_E20s_v3",
+ "Standard_E32s_v3",
+ "Standard_E64s_v3",
+ "Standard_E64is_v3",
+ "Standard_F4s_v2",
+ "Standard_F8s_v2",
+ "Standard_F16s_v2",
+ "Standard_F32s_v2",
+ "Standard_F64s_v2",
+ "Standard_M8ms",
+ "Standard_M16ms",
+ "Standard_M32ms",
+ "Standard_M64ms",
+ "Standard_M64s",
+ "Standard_D2_v2",
+ "Standard_D3_v2",
+ "Standard_D4_v2",
+ "Standard_D5_v2",
+ "Standard_D11_v2",
+ "Standard_D12_v2",
+ "Standard_D13_v2",
+ "Standard_D14_v2",
+ "Standard_D15_v2",
+ "Standard_F2",
+ "Standard_F4",
+ "Standard_F8",
+ "Standard_F16",
+ "Standard_D4_v3",
+ "Standard_D8_v3",
+ "Standard_D16_v3",
+ "Standard_D32_v3",
+ "Standard_D64_v3",
+ "Standard_E4_v3",
+ "Standard_E8_v3",
+ "Standard_E16_v3",
+ "Standard_E20_v3",
+ "Standard_E32_v3",
+ "Standard_E64_v3",
+ "Standard_E64i_v3",
+ "Standard_DS11_v2",
+ "Standard_DS12_v2",
+ "Standard_DS13_v2",
+ "Standard_DS14_v2",
+ "Standard_DS15_v2"
+ ]
+ },
+ "osPlatform": "Linux",
+ "imageReference": {
+ "publisher": "checkpoint",
+ "offer": "check-point-cg-r82",
+ "sku": "sg-ngtx"
+ },
+ "count": "[steps('autoprovision').vmCount]"
+ },
{
"name": "adminShell",
"type": "Microsoft.Common.DropDown",
@@ -1489,7 +1832,7 @@
"availabilityZonesNum": "[coalesce(steps('autoprovision').availabilityZonesNum, int('0'))]",
"customMetrics": "[steps('autoprovision').customMetrics]",
"cloudGuardVersion": "[concat(steps('chkp').cloudGuardVersion, ' - ', coalesce(steps('chkp').R80Offer, 'Bring Your Own License'))]",
- "vmSize": "[coalesce(steps('chkp').R8110vmSizeUiBYOL, steps('chkp').R8110vmSizeUiNGTP, steps('chkp').R8110vmSizeUiNGTX, steps('chkp').R8120vmSizeUiBYOL, steps('chkp').R8120vmSizeUiNGTP, steps('chkp').R8120vmSizeUiNGTX)]",
+ "vmSize": "[coalesce(steps('chkp').R8110vmSizeUiBYOL, steps('chkp').R8110vmSizeUiNGTP, steps('chkp').R8110vmSizeUiNGTX, steps('chkp').R8120vmSizeUiBYOL, steps('chkp').R8120vmSizeUiNGTP, steps('chkp').R8120vmSizeUiNGTX, steps('chkp').R82vmSizeUiBYOL, steps('chkp').R82vmSizeUiNGTP, steps('chkp').R82vmSizeUiNGTX)]",
"sicKey": "[steps('chkp').sicKeyUi]",
"bootstrapScript": "[steps('chkp').bootstrapScript]",
"allowDownloadFromUploadToCheckPoint": "[coalesce(steps('chkp').allowUploadDownload, 'true')]",
diff --git a/azure/templates/marketplace-gateway-load-balancer/mainTemplate.json b/azure/templates/marketplace-gateway-load-balancer/mainTemplate.json
index 12d29edc..e2307459 100644
--- a/azure/templates/marketplace-gateway-load-balancer/mainTemplate.json
+++ b/azure/templates/marketplace-gateway-load-balancer/mainTemplate.json
@@ -24,7 +24,10 @@
"R81.10 - Pay As You Go (NGTX)",
"R81.20 - Bring Your Own License",
"R81.20 - Pay As You Go (NGTP)",
- "R81.20 - Pay As You Go (NGTX)"
+ "R81.20 - Pay As You Go (NGTX)",
+ "R82 - Bring Your Own License",
+ "R82 - Pay As You Go (NGTP)",
+ "R82 - Pay As You Go (NGTX)"
],
"defaultValue": "R81.20 - Bring Your Own License",
"metadata": {
@@ -422,7 +425,10 @@
"R81.10 - Pay As You Go (NGTX)": "NGTX",
"R81.20 - Bring Your Own License": "BYOL",
"R81.20 - Pay As You Go (NGTP)": "NGTP",
- "R81.20 - Pay As You Go (NGTX)": "NGTX"
+ "R81.20 - Pay As You Go (NGTX)": "NGTX",
+ "R82 - Bring Your Own License": "BYOL",
+ "R82 - Pay As You Go (NGTP)": "NGTP",
+ "R82 - Pay As You Go (NGTX)": "NGTX"
},
"offer": "[variables('offers')[parameters('cloudGuardVersion')]]",
"osVersions": {
@@ -431,7 +437,10 @@
"R81.10 - Pay As You Go (NGTX)": "R8110",
"R81.20 - Bring Your Own License": "R8120",
"R81.20 - Pay As You Go (NGTP)": "R8120",
- "R81.20 - Pay As You Go (NGTX)": "R8120"
+ "R81.20 - Pay As You Go (NGTX)": "R8120",
+ "R82 - Bring Your Own License": "R82",
+ "R82 - Pay As You Go (NGTP)": "R82",
+ "R82 - Pay As You Go (NGTX)": "R82"
},
"osVersion": "[variables('osVersions')[parameters('cloudGuardVersion')]]",
"SerialConsoleGeographies": {
diff --git a/azure/templates/marketplace-ha/createUiDefinition.json b/azure/templates/marketplace-ha/createUiDefinition.json
index a547363d..5061798d 100644
--- a/azure/templates/marketplace-ha/createUiDefinition.json
+++ b/azure/templates/marketplace-ha/createUiDefinition.json
@@ -75,6 +75,10 @@
{
"label": "R81.20",
"value": "R81.20"
+ },
+ {
+ "label": "R82",
+ "value": "R82"
}
]
}
@@ -781,6 +785,345 @@
},
"count": 2
},
+ {
+ "name": "R82vmSizeUiBYOL",
+ "type": "Microsoft.Compute.SizeSelector",
+ "visible": "[and(equals(steps('chkp').cloudGuardVersion, 'R82'), contains(steps('chkp').R80Offer, 'Bring Your Own License'))]",
+ "label": "Virtual machine size",
+ "toolTip": "The VM size of the Security Gateway",
+ "recommendedSizes": [
+ "Standard_D4ds_v5",
+ "Standard_D4d_v5"
+ ],
+ "constraints": {
+ "allowedSizes": [
+ "Standard_D4_v4",
+ "Standard_D8_v4",
+ "Standard_D16_v4",
+ "Standard_D32_v4",
+ "Standard_D48_v4",
+ "Standard_D64_v4",
+ "Standard_D4s_v4",
+ "Standard_D8s_v4",
+ "Standard_D16s_v4",
+ "Standard_D32s_v4",
+ "Standard_D48s_v4",
+ "Standard_D64s_v4",
+ "Standard_D2_v5",
+ "Standard_D4_v5",
+ "Standard_D8_v5",
+ "Standard_D16_v5",
+ "Standard_D32_v5",
+ "Standard_D2s_v5",
+ "Standard_D4s_v5",
+ "Standard_D8s_v5",
+ "Standard_D16s_v5",
+ "Standard_D2d_v5",
+ "Standard_D4d_v5",
+ "Standard_D8d_v5",
+ "Standard_D16d_v5",
+ "Standard_D32d_v5",
+ "Standard_D2ds_v5",
+ "Standard_D4ds_v5",
+ "Standard_D8ds_v5",
+ "Standard_D16ds_v5",
+ "Standard_D32ds_v5",
+ "Standard_DS2_v2",
+ "Standard_DS3_v2",
+ "Standard_DS4_v2",
+ "Standard_DS5_v2",
+ "Standard_F2s",
+ "Standard_F4s",
+ "Standard_F8s",
+ "Standard_F16s",
+ "Standard_D4s_v3",
+ "Standard_D8s_v3",
+ "Standard_D16s_v3",
+ "Standard_D32s_v3",
+ "Standard_D64s_v3",
+ "Standard_E4s_v3",
+ "Standard_E8s_v3",
+ "Standard_E16s_v3",
+ "Standard_E20s_v3",
+ "Standard_E32s_v3",
+ "Standard_E64s_v3",
+ "Standard_E64is_v3",
+ "Standard_F4s_v2",
+ "Standard_F8s_v2",
+ "Standard_F16s_v2",
+ "Standard_F32s_v2",
+ "Standard_F64s_v2",
+ "Standard_M8ms",
+ "Standard_M16ms",
+ "Standard_M32ms",
+ "Standard_M64ms",
+ "Standard_M64s",
+ "Standard_D2_v2",
+ "Standard_D3_v2",
+ "Standard_D4_v2",
+ "Standard_D5_v2",
+ "Standard_D11_v2",
+ "Standard_D12_v2",
+ "Standard_D13_v2",
+ "Standard_D14_v2",
+ "Standard_D15_v2",
+ "Standard_F2",
+ "Standard_F4",
+ "Standard_F8",
+ "Standard_F16",
+ "Standard_D4_v3",
+ "Standard_D8_v3",
+ "Standard_D16_v3",
+ "Standard_D32_v3",
+ "Standard_D64_v3",
+ "Standard_E4_v3",
+ "Standard_E8_v3",
+ "Standard_E16_v3",
+ "Standard_E20_v3",
+ "Standard_E32_v3",
+ "Standard_E64_v3",
+ "Standard_E64i_v3",
+ "Standard_DS11_v2",
+ "Standard_DS12_v2",
+ "Standard_DS13_v2",
+ "Standard_DS14_v2",
+ "Standard_DS15_v2"
+ ]
+ },
+ "osPlatform": "Linux",
+ "imageReference": {
+ "publisher": "checkpoint",
+ "offer": "check-point-cg-r82",
+ "sku": "sg-byol"
+ },
+ "count": 2
+ },
+ {
+ "name": "R82vmSizeUiNGTP",
+ "type": "Microsoft.Compute.SizeSelector",
+ "visible": "[and(equals(steps('chkp').cloudGuardVersion, 'R82'), contains(steps('chkp').R80Offer, '(NGTP)'))]",
+ "label": "Virtual machine size",
+ "toolTip": "The VM size of the Security Gateway",
+ "recommendedSizes": [
+ "Standard_D4ds_v5",
+ "Standard_D4d_v5"
+ ],
+ "constraints": {
+ "allowedSizes": [
+ "Standard_D4_v4",
+ "Standard_D8_v4",
+ "Standard_D16_v4",
+ "Standard_D32_v4",
+ "Standard_D48_v4",
+ "Standard_D64_v4",
+ "Standard_D4s_v4",
+ "Standard_D8s_v4",
+ "Standard_D16s_v4",
+ "Standard_D32s_v4",
+ "Standard_D48s_v4",
+ "Standard_D64s_v4",
+ "Standard_D2_v5",
+ "Standard_D4_v5",
+ "Standard_D8_v5",
+ "Standard_D16_v5",
+ "Standard_D32_v5",
+ "Standard_D2s_v5",
+ "Standard_D4s_v5",
+ "Standard_D8s_v5",
+ "Standard_D16s_v5",
+ "Standard_D2d_v5",
+ "Standard_D4d_v5",
+ "Standard_D8d_v5",
+ "Standard_D16d_v5",
+ "Standard_D32d_v5",
+ "Standard_D2ds_v5",
+ "Standard_D4ds_v5",
+ "Standard_D8ds_v5",
+ "Standard_D16ds_v5",
+ "Standard_D32ds_v5",
+ "Standard_DS2_v2",
+ "Standard_DS3_v2",
+ "Standard_DS4_v2",
+ "Standard_DS5_v2",
+ "Standard_F2s",
+ "Standard_F4s",
+ "Standard_F8s",
+ "Standard_F16s",
+ "Standard_D4s_v3",
+ "Standard_D8s_v3",
+ "Standard_D16s_v3",
+ "Standard_D32s_v3",
+ "Standard_D64s_v3",
+ "Standard_E4s_v3",
+ "Standard_E8s_v3",
+ "Standard_E16s_v3",
+ "Standard_E20s_v3",
+ "Standard_E32s_v3",
+ "Standard_E64s_v3",
+ "Standard_E64is_v3",
+ "Standard_F4s_v2",
+ "Standard_F8s_v2",
+ "Standard_F16s_v2",
+ "Standard_F32s_v2",
+ "Standard_F64s_v2",
+ "Standard_M8ms",
+ "Standard_M16ms",
+ "Standard_M32ms",
+ "Standard_M64ms",
+ "Standard_M64s",
+ "Standard_D2_v2",
+ "Standard_D3_v2",
+ "Standard_D4_v2",
+ "Standard_D5_v2",
+ "Standard_D11_v2",
+ "Standard_D12_v2",
+ "Standard_D13_v2",
+ "Standard_D14_v2",
+ "Standard_D15_v2",
+ "Standard_F2",
+ "Standard_F4",
+ "Standard_F8",
+ "Standard_F16",
+ "Standard_D4_v3",
+ "Standard_D8_v3",
+ "Standard_D16_v3",
+ "Standard_D32_v3",
+ "Standard_D64_v3",
+ "Standard_E4_v3",
+ "Standard_E8_v3",
+ "Standard_E16_v3",
+ "Standard_E20_v3",
+ "Standard_E32_v3",
+ "Standard_E64_v3",
+ "Standard_E64i_v3",
+ "Standard_DS11_v2",
+ "Standard_DS12_v2",
+ "Standard_DS13_v2",
+ "Standard_DS14_v2",
+ "Standard_DS15_v2"
+ ]
+ },
+ "osPlatform": "Linux",
+ "imageReference": {
+ "publisher": "checkpoint",
+ "offer": "check-point-cg-r82",
+ "sku": "sg-ngtp"
+ },
+ "count": 2
+ },
+ {
+ "name": "R82vmSizeUiNGTX",
+ "type": "Microsoft.Compute.SizeSelector",
+ "visible": "[and(equals(steps('chkp').cloudGuardVersion, 'R82'), contains(steps('chkp').R80Offer, '(NGTX)'))]",
+ "label": "Virtual machine size",
+ "toolTip": "The VM size of the Security Gateway",
+ "recommendedSizes": [
+ "Standard_D4ds_v5",
+ "Standard_D4d_v5"
+ ],
+ "constraints": {
+ "allowedSizes": [
+ "Standard_D4_v4",
+ "Standard_D8_v4",
+ "Standard_D16_v4",
+ "Standard_D32_v4",
+ "Standard_D48_v4",
+ "Standard_D64_v4",
+ "Standard_D4s_v4",
+ "Standard_D8s_v4",
+ "Standard_D16s_v4",
+ "Standard_D32s_v4",
+ "Standard_D48s_v4",
+ "Standard_D64s_v4",
+ "Standard_D2_v5",
+ "Standard_D4_v5",
+ "Standard_D8_v5",
+ "Standard_D16_v5",
+ "Standard_D32_v5",
+ "Standard_D2s_v5",
+ "Standard_D4s_v5",
+ "Standard_D8s_v5",
+ "Standard_D16s_v5",
+ "Standard_D2d_v5",
+ "Standard_D4d_v5",
+ "Standard_D8d_v5",
+ "Standard_D16d_v5",
+ "Standard_D32d_v5",
+ "Standard_D2ds_v5",
+ "Standard_D4ds_v5",
+ "Standard_D8ds_v5",
+ "Standard_D16ds_v5",
+ "Standard_D32ds_v5",
+ "Standard_DS2_v2",
+ "Standard_DS3_v2",
+ "Standard_DS4_v2",
+ "Standard_DS5_v2",
+ "Standard_F2s",
+ "Standard_F4s",
+ "Standard_F8s",
+ "Standard_F16s",
+ "Standard_D4s_v3",
+ "Standard_D8s_v3",
+ "Standard_D16s_v3",
+ "Standard_D32s_v3",
+ "Standard_D64s_v3",
+ "Standard_E4s_v3",
+ "Standard_E8s_v3",
+ "Standard_E16s_v3",
+ "Standard_E20s_v3",
+ "Standard_E32s_v3",
+ "Standard_E64s_v3",
+ "Standard_E64is_v3",
+ "Standard_F4s_v2",
+ "Standard_F8s_v2",
+ "Standard_F16s_v2",
+ "Standard_F32s_v2",
+ "Standard_F64s_v2",
+ "Standard_M8ms",
+ "Standard_M16ms",
+ "Standard_M32ms",
+ "Standard_M64ms",
+ "Standard_M64s",
+ "Standard_D2_v2",
+ "Standard_D3_v2",
+ "Standard_D4_v2",
+ "Standard_D5_v2",
+ "Standard_D11_v2",
+ "Standard_D12_v2",
+ "Standard_D13_v2",
+ "Standard_D14_v2",
+ "Standard_D15_v2",
+ "Standard_F2",
+ "Standard_F4",
+ "Standard_F8",
+ "Standard_F16",
+ "Standard_D4_v3",
+ "Standard_D8_v3",
+ "Standard_D16_v3",
+ "Standard_D32_v3",
+ "Standard_D64_v3",
+ "Standard_E4_v3",
+ "Standard_E8_v3",
+ "Standard_E16_v3",
+ "Standard_E20_v3",
+ "Standard_E32_v3",
+ "Standard_E64_v3",
+ "Standard_E64i_v3",
+ "Standard_DS11_v2",
+ "Standard_DS12_v2",
+ "Standard_DS13_v2",
+ "Standard_DS14_v2",
+ "Standard_DS15_v2"
+ ]
+ },
+ "osPlatform": "Linux",
+ "imageReference": {
+ "publisher": "checkpoint",
+ "offer": "check-point-cg-r82",
+ "sku": "sg-ngtx"
+ },
+ "count": 2
+ },
{
"name": "adminShell",
"type": "Microsoft.Common.DropDown",
@@ -1199,7 +1542,7 @@
"label": "Quick connect to Smart-1 Cloud",
"defaultValue": "Yes",
"toolTip": "Automatically connect this Cluster to Smart-1 Cloud - Check Point's Security Management as a Service",
- "constraints": {
+ "constraints": {
"allowedValues": [
{
"label": "Yes",
@@ -1238,16 +1581,16 @@
"visible": "[equals(steps('chkp').allowSmart1CloudConnection, 'yes')]"
},
{
- "name": "Smart1CloudTokenB",
- "type": "Microsoft.Common.TextBox",
- "label": "Smart-1 Cloud Token Member B",
- "toolTip": "Paste here the token copied from the Connect Gateway (Member B) screen in Smart-1 Cloud portal",
- "constraints": {
- "required": true,
- "regex": "[\\S\\s]{5,}",
- "validationMessage": "Smart1Cloud Token Should contain at lease 5 characters"
- },
- "visible": "[equals(steps('chkp').allowSmart1CloudConnection, 'yes')]"
+ "name": "Smart1CloudTokenB",
+ "type": "Microsoft.Common.TextBox",
+ "label": "Smart-1 Cloud Token Member B",
+ "toolTip": "Paste here the token copied from the Connect Gateway (Member B) screen in Smart-1 Cloud portal",
+ "constraints": {
+ "required": true,
+ "regex": "[\\S\\s]{5,}",
+ "validationMessage": "Smart1Cloud Token Should contain at lease 5 characters"
+ },
+ "visible": "[equals(steps('chkp').allowSmart1CloudConnection, 'yes')]"
}
]
},
@@ -1609,7 +1952,7 @@
"authenticationType": "[basics('auth').authenticationType]",
"sshPublicKey": "[basics('auth').sshPublicKey]",
"vmName": "[basics('clusterObjectNameUi')]",
- "vmSize": "[coalesce(steps('chkp').R8110vmSizeUiBYOL, steps('chkp').R8110vmSizeUiNGTP, steps('chkp').R8110vmSizeUiNGTX, steps('chkp').R8120vmSizeUiBYOL, steps('chkp').R8120vmSizeUiNGTP, steps('chkp').R8120vmSizeUiNGTX)]",
+ "vmSize": "[coalesce(steps('chkp').R8110vmSizeUiBYOL, steps('chkp').R8110vmSizeUiNGTP, steps('chkp').R8110vmSizeUiNGTX, steps('chkp').R8120vmSizeUiBYOL, steps('chkp').R8120vmSizeUiNGTP, steps('chkp').R8120vmSizeUiNGTX, steps('chkp').R82vmSizeUiBYOL, steps('chkp').R82vmSizeUiNGTP, steps('chkp').R82vmSizeUiNGTX)]",
"sicKey": "[steps('chkp').sicKeyUi]",
"virtualNetworkName": "[steps('network').virtualNetwork.name]",
"virtualNetworkAddressPrefixes": "[steps('network').virtualNetwork.addressPrefixes]",
diff --git a/azure/templates/marketplace-ha/mainTemplate.json b/azure/templates/marketplace-ha/mainTemplate.json
index 92ebdc45..cebd2dfb 100644
--- a/azure/templates/marketplace-ha/mainTemplate.json
+++ b/azure/templates/marketplace-ha/mainTemplate.json
@@ -17,7 +17,10 @@
"R81.10 - Pay As You Go (NGTX)",
"R81.20 - Bring Your Own License",
"R81.20 - Pay As You Go (NGTP)",
- "R81.20 - Pay As You Go (NGTX)"
+ "R81.20 - Pay As You Go (NGTX)",
+ "R82 - Bring Your Own License",
+ "R82 - Pay As You Go (NGTP)",
+ "R82 - Pay As You Go (NGTX)"
],
"defaultValue": "R81.20 - Bring Your Own License",
"metadata": {
@@ -367,7 +370,10 @@
"R81.10 - Pay As You Go (NGTX)": "NGTX",
"R81.20 - Bring Your Own License": "BYOL",
"R81.20 - Pay As You Go (NGTP)": "NGTP",
- "R81.20 - Pay As You Go (NGTX)": "NGTX"
+ "R81.20 - Pay As You Go (NGTX)": "NGTX",
+ "R82 - Bring Your Own License": "BYOL",
+ "R82 - Pay As You Go (NGTP)": "NGTP",
+ "R82 - Pay As You Go (NGTX)": "NGTX"
},
"offer": "[variables('offers')[parameters('cloudGuardVersion')]]",
"osVersions": {
@@ -376,7 +382,10 @@
"R81.10 - Pay As You Go (NGTX)": "R8110",
"R81.20 - Bring Your Own License": "R8120",
"R81.20 - Pay As You Go (NGTP)": "R8120",
- "R81.20 - Pay As You Go (NGTX)": "R8120"
+ "R81.20 - Pay As You Go (NGTX)": "R8120",
+ "R82 - Bring Your Own License": "R82",
+ "R82 - Pay As You Go (NGTP)": "R82",
+ "R82 - Pay As You Go (NGTX)": "R82"
},
"osVersion": "[variables('osVersions')[parameters('cloudGuardVersion')]]",
"SerialConsoleGeographies": {
diff --git a/azure/templates/marketplace-management/createUiDefinition.json b/azure/templates/marketplace-management/createUiDefinition.json
index 83dcc85d..f35c7c0f 100644
--- a/azure/templates/marketplace-management/createUiDefinition.json
+++ b/azure/templates/marketplace-management/createUiDefinition.json
@@ -75,6 +75,10 @@
{
"label": "R81.20",
"value": "R81.20"
+ },
+ {
+ "label": "R82",
+ "value": "R82"
}
]
}
@@ -215,6 +219,64 @@
},
"count": 1
},
+ {
+ "name": "R82vmSizeUiBYOL",
+ "type": "Microsoft.Compute.SizeSelector",
+ "visible": "[and(equals(steps('chkp').cloudGuardVersion, 'R82'), contains(steps('chkp').R80Offer, 'Bring Your Own License'))]",
+ "label": "Virtual machine size",
+ "toolTip": "The VM size of the Management",
+ "recommendedSizes": [
+ "Standard_DS3_v2",
+ "Standard_D3_v2"
+ ],
+ "constraints": {
+ "excludedSizes": [
+ "Standard_A1_v2",
+ "Standard_D1_v2",
+ "Standard_DS1_v2",
+ "Standard_F1",
+ "Standard_F1s",
+ "Standard_G1",
+ "Standard_GS1"
+ ]
+ },
+ "osPlatform": "Linux",
+ "imageReference": {
+ "publisher": "checkpoint",
+ "offer": "check-point-cg-r82",
+ "sku": "mgmt-byol"
+ },
+ "count": 1
+ },
+ {
+ "name": "R82vmSizeUiMGMT25",
+ "type": "Microsoft.Compute.SizeSelector",
+ "visible": "[and(equals(steps('chkp').cloudGuardVersion, 'R82'), contains(steps('chkp').R80Offer, '(MGMT25)'))]",
+ "label": "Virtual machine size",
+ "toolTip": "The VM size of the Management",
+ "recommendedSizes": [
+ "Standard_DS3_v2",
+ "Standard_D3_v2"
+ ],
+ "constraints": {
+ "excludedSizes": [
+ "Standard_A1_v2",
+ "Standard_D1_v2",
+ "Standard_DS1_v2",
+ "Standard_F1",
+ "Standard_F1s",
+ "Standard_G1",
+ "Standard_GS1"
+ ]
+ },
+ "osPlatform": "Linux",
+ "imageReference": {
+ "publisher": "checkpoint",
+ "offer": "check-point-cg-r82",
+ "sku": "mgmt-25"
+ },
+ "count": 1
+ },
{
"name": "SerialPasswordInfoBox",
"type": "Microsoft.Common.InfoBox",
@@ -225,7 +287,7 @@
}
},
{
- "visible": "[bool(basics('auth').sshPublicKey)]",
+ "visible": "[bool(basics('auth').sshPublicKey)]",
"name": "EnableSerialConsolePassword",
"type": "Microsoft.Common.OptionsGroup",
"label": "Enable Serial console password",
@@ -673,7 +735,7 @@
"authenticationType": "[basics('auth').authenticationType]",
"sshPublicKey": "[basics('auth').sshPublicKey]",
"vmName": "[basics('gatewayNameUi')]",
- "vmSize": "[coalesce(steps('chkp').R8110vmSizeUiBYOL, steps('chkp').R8110vmSizeUiMGMT25, steps('chkp').R8120vmSizeUiBYOL, steps('chkp').R8120vmSizeUiMGMT25)]",
+ "vmSize": "[coalesce(steps('chkp').R8110vmSizeUiBYOL, steps('chkp').R8110vmSizeUiMGMT25, steps('chkp').R8120vmSizeUiBYOL, steps('chkp').R8120vmSizeUiMGMT25, steps('chkp').R82vmSizeUiBYOL, steps('chkp').R82vmSizeUiMGMT25)]",
"virtualNetworkName": "[steps('network').virtualNetwork.name]",
"virtualNetworkAddressPrefix": "[steps('network').virtualNetwork.addressPrefix]",
"Subnet1Name": "[steps('network').virtualNetwork.subnets.subnet1.name]",
diff --git a/azure/templates/marketplace-management/mainTemplate.json b/azure/templates/marketplace-management/mainTemplate.json
index eb3153c8..7c7d26cd 100644
--- a/azure/templates/marketplace-management/mainTemplate.json
+++ b/azure/templates/marketplace-management/mainTemplate.json
@@ -15,7 +15,9 @@
"R81.10 - Bring Your Own License",
"R81.10 - Pay As You Go (MGMT25)",
"R81.20 - Bring Your Own License",
- "R81.20 - Pay As You Go (MGMT25)"
+ "R81.20 - Pay As You Go (MGMT25)",
+ "R82 - Bring Your Own License",
+ "R82 - Pay As You Go (MGMT25)"
],
"defaultValue": "R81.20 - Bring Your Own License",
"metadata": {
@@ -275,14 +277,18 @@
"R81.10 - Bring Your Own License": "BYOL",
"R81.10 - Pay As You Go (MGMT25)": "MGMT25",
"R81.20 - Bring Your Own License": "BYOL",
- "R81.20 - Pay As You Go (MGMT25)": "MGMT25"
+ "R81.20 - Pay As You Go (MGMT25)": "MGMT25",
+ "R82 - Bring Your Own License": "BYOL",
+ "R82 - Pay As You Go (MGMT25)": "MGMT25"
},
"offer": "[variables('offers')[parameters('cloudGuardVersion')]]",
"osVersions": {
"R81.10 - Bring Your Own License": "R8110",
"R81.10 - Pay As You Go (MGMT25)": "R8110",
"R81.20 - Bring Your Own License": "R8120",
- "R81.20 - Pay As You Go (MGMT25)": "R8120"
+ "R81.20 - Pay As You Go (MGMT25)": "R8120",
+ "R82 - Bring Your Own License": "R82",
+ "R82 - Pay As You Go (MGMT25)": "R82"
},
"osVersion": "[variables('osVersions')[parameters('cloudGuardVersion')]]",
"SerialConsoleGeographies": {
diff --git a/azure/templates/marketplace-mds/createUiDefinition.json b/azure/templates/marketplace-mds/createUiDefinition.json
index 52056087..87e4004f 100644
--- a/azure/templates/marketplace-mds/createUiDefinition.json
+++ b/azure/templates/marketplace-mds/createUiDefinition.json
@@ -75,6 +75,10 @@
{
"label": "R81.20",
"value": "R81.20"
+ },
+ {
+ "label": "R82",
+ "value": "R82"
}
]
}
@@ -153,6 +157,35 @@
},
"count": 1
},
+ {
+ "name": "R82vmSizeUiBYOL",
+ "type": "Microsoft.Compute.SizeSelector",
+ "visible": "[and(equals(steps('chkp').cloudGuardVersion, 'R82'), contains(steps('chkp').R80Offer, 'Bring Your Own License'))]",
+ "label": "Virtual machine size",
+ "toolTip": "The VM size. Minimum of 16 cores and 64 GB RAM is required.",
+ "recommendedSizes": [
+ "Standard_DS15_v2",
+ "Standard_DS5_v2"
+ ],
+ "constraints": {
+ "excludedSizes": [
+ "Standard_A1_v2",
+ "Standard_D1_v2",
+ "Standard_DS1_v2",
+ "Standard_F1",
+ "Standard_F1s",
+ "Standard_G1",
+ "Standard_GS1"
+ ]
+ },
+ "osPlatform": "Linux",
+ "imageReference": {
+ "publisher": "checkpoint",
+ "offer": "check-point-cg-r82",
+ "sku": "mgmt-byol"
+ },
+ "count": 1
+ },
{
"name": "installationType",
"type": "Microsoft.Common.DropDown",
@@ -186,7 +219,7 @@
}
},
{
- "visible": "[bool(basics('auth').sshPublicKey)]",
+ "visible": "[bool(basics('auth').sshPublicKey)]",
"name": "EnableSerialConsolePassword",
"type": "Microsoft.Common.OptionsGroup",
"label": "Enable Serial console password",
@@ -608,7 +641,7 @@
"authenticationType": "[basics('auth').authenticationType]",
"sshPublicKey": "[basics('auth').sshPublicKey]",
"vmName": "[basics('gatewayNameUi')]",
- "vmSize": "[coalesce(steps('chkp').R8110vmSizeUiBYOL, steps('chkp').R8120vmSizeUiBYOL)]",
+ "vmSize": "[coalesce(steps('chkp').R8110vmSizeUiBYOL, steps('chkp').R8120vmSizeUiBYOL, steps('chkp').R82vmSizeUiBYOL)]",
"virtualNetworkName": "[steps('network').virtualNetwork.name]",
"virtualNetworkAddressPrefix": "[steps('network').virtualNetwork.addressPrefix]",
"Subnet1Name": "[steps('network').virtualNetwork.subnets.subnet1.name]",
diff --git a/azure/templates/marketplace-mds/mainTemplate.json b/azure/templates/marketplace-mds/mainTemplate.json
index 98e056c2..7c1dca78 100644
--- a/azure/templates/marketplace-mds/mainTemplate.json
+++ b/azure/templates/marketplace-mds/mainTemplate.json
@@ -13,7 +13,8 @@
"type": "string",
"allowedValues": [
"R81.10 - Bring Your Own License",
- "R81.20 - Bring Your Own License"
+ "R81.20 - Bring Your Own License",
+ "R82 - Bring Your Own License"
],
"defaultValue": "R81.20 - Bring Your Own License",
"metadata": {
@@ -266,12 +267,14 @@
"location": "[parameters('location')]",
"offers": {
"R81.10 - Bring Your Own License": "BYOL",
- "R81.20 - Bring Your Own License": "BYOL"
+ "R81.20 - Bring Your Own License": "BYOL",
+ "R82 - Bring Your Own License": "BYOL"
},
"offer": "[variables('offers')[parameters('cloudGuardVersion')]]",
"osVersions": {
"R81.10 - Bring Your Own License": "R8110",
- "R81.20 - Bring Your Own License": "R8120"
+ "R81.20 - Bring Your Own License": "R8120",
+ "R82 - Bring Your Own License": "R82"
},
"osVersion": "[variables('osVersions')[parameters('cloudGuardVersion')]]",
"serialConsoleGeographies": {
diff --git a/azure/templates/marketplace-single/createUiDefinition.json b/azure/templates/marketplace-single/createUiDefinition.json
index 01c4b041..77059428 100644
--- a/azure/templates/marketplace-single/createUiDefinition.json
+++ b/azure/templates/marketplace-single/createUiDefinition.json
@@ -75,6 +75,10 @@
{
"label": "R81.20",
"value": "R81.20"
+ },
+ {
+ "label": "R82",
+ "value": "R82"
}
]
}
@@ -781,11 +785,350 @@
},
"count": 1
},
+ {
+ "name": "R82vmSizeUiBYOL",
+ "type": "Microsoft.Compute.SizeSelector",
+ "visible": "[and(equals(steps('chkp').cloudGuardVersion, 'R82'), contains(steps('chkp').R80Offer, 'Bring Your Own License'))]",
+ "label": "Virtual machine size",
+ "toolTip": "The VM size of the Security Gateway",
+ "recommendedSizes": [
+ "Standard_D4ds_v5",
+ "Standard_D4d_v5"
+ ],
+ "constraints": {
+ "allowedSizes": [
+ "Standard_D4_v4",
+ "Standard_D8_v4",
+ "Standard_D16_v4",
+ "Standard_D32_v4",
+ "Standard_D48_v4",
+ "Standard_D64_v4",
+ "Standard_D4s_v4",
+ "Standard_D8s_v4",
+ "Standard_D16s_v4",
+ "Standard_D32s_v4",
+ "Standard_D48s_v4",
+ "Standard_D64s_v4",
+ "Standard_D2_v5",
+ "Standard_D4_v5",
+ "Standard_D8_v5",
+ "Standard_D16_v5",
+ "Standard_D32_v5",
+ "Standard_D2s_v5",
+ "Standard_D4s_v5",
+ "Standard_D8s_v5",
+ "Standard_D16s_v5",
+ "Standard_D2d_v5",
+ "Standard_D4d_v5",
+ "Standard_D8d_v5",
+ "Standard_D16d_v5",
+ "Standard_D32d_v5",
+ "Standard_D2ds_v5",
+ "Standard_D4ds_v5",
+ "Standard_D8ds_v5",
+ "Standard_D16ds_v5",
+ "Standard_D32ds_v5",
+ "Standard_DS2_v2",
+ "Standard_DS3_v2",
+ "Standard_DS4_v2",
+ "Standard_DS5_v2",
+ "Standard_F2s",
+ "Standard_F4s",
+ "Standard_F8s",
+ "Standard_F16s",
+ "Standard_D4s_v3",
+ "Standard_D8s_v3",
+ "Standard_D16s_v3",
+ "Standard_D32s_v3",
+ "Standard_D64s_v3",
+ "Standard_E4s_v3",
+ "Standard_E8s_v3",
+ "Standard_E16s_v3",
+ "Standard_E20s_v3",
+ "Standard_E32s_v3",
+ "Standard_E64s_v3",
+ "Standard_E64is_v3",
+ "Standard_F4s_v2",
+ "Standard_F8s_v2",
+ "Standard_F16s_v2",
+ "Standard_F32s_v2",
+ "Standard_F64s_v2",
+ "Standard_M8ms",
+ "Standard_M16ms",
+ "Standard_M32ms",
+ "Standard_M64ms",
+ "Standard_M64s",
+ "Standard_D2_v2",
+ "Standard_D3_v2",
+ "Standard_D4_v2",
+ "Standard_D5_v2",
+ "Standard_D11_v2",
+ "Standard_D12_v2",
+ "Standard_D13_v2",
+ "Standard_D14_v2",
+ "Standard_D15_v2",
+ "Standard_F2",
+ "Standard_F4",
+ "Standard_F8",
+ "Standard_F16",
+ "Standard_D4_v3",
+ "Standard_D8_v3",
+ "Standard_D16_v3",
+ "Standard_D32_v3",
+ "Standard_D64_v3",
+ "Standard_E4_v3",
+ "Standard_E8_v3",
+ "Standard_E16_v3",
+ "Standard_E20_v3",
+ "Standard_E32_v3",
+ "Standard_E64_v3",
+ "Standard_E64i_v3",
+ "Standard_DS11_v2",
+ "Standard_DS12_v2",
+ "Standard_DS13_v2",
+ "Standard_DS14_v2",
+ "Standard_DS15_v2"
+ ]
+ },
+ "osPlatform": "Linux",
+ "imageReference": {
+ "publisher": "checkpoint",
+ "offer": "check-point-cg-r82",
+ "sku": "sg-byol"
+ },
+ "count": 1
+ },
+ {
+ "name": "R82vmSizeUiNGTP",
+ "type": "Microsoft.Compute.SizeSelector",
+ "visible": "[and(equals(steps('chkp').cloudGuardVersion, 'R82'), contains(steps('chkp').R80Offer, '(NGTP)'))]",
+ "label": "Virtual machine size",
+ "toolTip": "The VM size of the Security Gateway",
+ "recommendedSizes": [
+ "Standard_D4ds_v5",
+ "Standard_D4d_v5"
+ ],
+ "constraints": {
+ "allowedSizes": [
+ "Standard_D4_v4",
+ "Standard_D8_v4",
+ "Standard_D16_v4",
+ "Standard_D32_v4",
+ "Standard_D48_v4",
+ "Standard_D64_v4",
+ "Standard_D4s_v4",
+ "Standard_D8s_v4",
+ "Standard_D16s_v4",
+ "Standard_D32s_v4",
+ "Standard_D48s_v4",
+ "Standard_D64s_v4",
+ "Standard_D2_v5",
+ "Standard_D4_v5",
+ "Standard_D8_v5",
+ "Standard_D16_v5",
+ "Standard_D32_v5",
+ "Standard_D2s_v5",
+ "Standard_D4s_v5",
+ "Standard_D8s_v5",
+ "Standard_D16s_v5",
+ "Standard_D2d_v5",
+ "Standard_D4d_v5",
+ "Standard_D8d_v5",
+ "Standard_D16d_v5",
+ "Standard_D32d_v5",
+ "Standard_D2ds_v5",
+ "Standard_D4ds_v5",
+ "Standard_D8ds_v5",
+ "Standard_D16ds_v5",
+ "Standard_D32ds_v5",
+ "Standard_DS2_v2",
+ "Standard_DS3_v2",
+ "Standard_DS4_v2",
+ "Standard_DS5_v2",
+ "Standard_F2s",
+ "Standard_F4s",
+ "Standard_F8s",
+ "Standard_F16s",
+ "Standard_D4s_v3",
+ "Standard_D8s_v3",
+ "Standard_D16s_v3",
+ "Standard_D32s_v3",
+ "Standard_D64s_v3",
+ "Standard_E4s_v3",
+ "Standard_E8s_v3",
+ "Standard_E16s_v3",
+ "Standard_E20s_v3",
+ "Standard_E32s_v3",
+ "Standard_E64s_v3",
+ "Standard_E64is_v3",
+ "Standard_F4s_v2",
+ "Standard_F8s_v2",
+ "Standard_F16s_v2",
+ "Standard_F32s_v2",
+ "Standard_F64s_v2",
+ "Standard_M8ms",
+ "Standard_M16ms",
+ "Standard_M32ms",
+ "Standard_M64ms",
+ "Standard_M64s",
+ "Standard_D2_v2",
+ "Standard_D3_v2",
+ "Standard_D4_v2",
+ "Standard_D5_v2",
+ "Standard_D11_v2",
+ "Standard_D12_v2",
+ "Standard_D13_v2",
+ "Standard_D14_v2",
+ "Standard_D15_v2",
+ "Standard_F2",
+ "Standard_F4",
+ "Standard_F8",
+ "Standard_F16",
+ "Standard_D4_v3",
+ "Standard_D8_v3",
+ "Standard_D16_v3",
+ "Standard_D32_v3",
+ "Standard_D64_v3",
+ "Standard_E4_v3",
+ "Standard_E8_v3",
+ "Standard_E16_v3",
+ "Standard_E20_v3",
+ "Standard_E32_v3",
+ "Standard_E64_v3",
+ "Standard_E64i_v3",
+ "Standard_DS11_v2",
+ "Standard_DS12_v2",
+ "Standard_DS13_v2",
+ "Standard_DS14_v2",
+ "Standard_DS15_v2"
+ ]
+ },
+ "osPlatform": "Linux",
+ "imageReference": {
+ "publisher": "checkpoint",
+ "offer": "check-point-cg-r82",
+ "sku": "sg-ngtp"
+ },
+ "count": 1
+ },
+ {
+ "name": "R82vmSizeUiNGTX",
+ "type": "Microsoft.Compute.SizeSelector",
+ "visible": "[and(equals(steps('chkp').cloudGuardVersion, 'R82'), contains(steps('chkp').R80Offer, '(NGTX)'))]",
+ "label": "Virtual machine size",
+ "toolTip": "The VM size of the Security Gateway",
+ "recommendedSizes": [
+ "Standard_D4ds_v5",
+ "Standard_D4d_v5"
+ ],
+ "constraints": {
+ "allowedSizes": [
+ "Standard_D4_v4",
+ "Standard_D8_v4",
+ "Standard_D16_v4",
+ "Standard_D32_v4",
+ "Standard_D48_v4",
+ "Standard_D64_v4",
+ "Standard_D4s_v4",
+ "Standard_D8s_v4",
+ "Standard_D16s_v4",
+ "Standard_D32s_v4",
+ "Standard_D48s_v4",
+ "Standard_D64s_v4",
+ "Standard_D2_v5",
+ "Standard_D4_v5",
+ "Standard_D8_v5",
+ "Standard_D16_v5",
+ "Standard_D32_v5",
+ "Standard_D2s_v5",
+ "Standard_D4s_v5",
+ "Standard_D8s_v5",
+ "Standard_D16s_v5",
+ "Standard_D2d_v5",
+ "Standard_D4d_v5",
+ "Standard_D8d_v5",
+ "Standard_D16d_v5",
+ "Standard_D32d_v5",
+ "Standard_D2ds_v5",
+ "Standard_D4ds_v5",
+ "Standard_D8ds_v5",
+ "Standard_D16ds_v5",
+ "Standard_D32ds_v5",
+ "Standard_DS2_v2",
+ "Standard_DS3_v2",
+ "Standard_DS4_v2",
+ "Standard_DS5_v2",
+ "Standard_F2s",
+ "Standard_F4s",
+ "Standard_F8s",
+ "Standard_F16s",
+ "Standard_D4s_v3",
+ "Standard_D8s_v3",
+ "Standard_D16s_v3",
+ "Standard_D32s_v3",
+ "Standard_D64s_v3",
+ "Standard_E4s_v3",
+ "Standard_E8s_v3",
+ "Standard_E16s_v3",
+ "Standard_E20s_v3",
+ "Standard_E32s_v3",
+ "Standard_E64s_v3",
+ "Standard_E64is_v3",
+ "Standard_F4s_v2",
+ "Standard_F8s_v2",
+ "Standard_F16s_v2",
+ "Standard_F32s_v2",
+ "Standard_F64s_v2",
+ "Standard_M8ms",
+ "Standard_M16ms",
+ "Standard_M32ms",
+ "Standard_M64ms",
+ "Standard_M64s",
+ "Standard_D2_v2",
+ "Standard_D3_v2",
+ "Standard_D4_v2",
+ "Standard_D5_v2",
+ "Standard_D11_v2",
+ "Standard_D12_v2",
+ "Standard_D13_v2",
+ "Standard_D14_v2",
+ "Standard_D15_v2",
+ "Standard_F2",
+ "Standard_F4",
+ "Standard_F8",
+ "Standard_F16",
+ "Standard_D4_v3",
+ "Standard_D8_v3",
+ "Standard_D16_v3",
+ "Standard_D32_v3",
+ "Standard_D64_v3",
+ "Standard_E4_v3",
+ "Standard_E8_v3",
+ "Standard_E16_v3",
+ "Standard_E20_v3",
+ "Standard_E32_v3",
+ "Standard_E64_v3",
+ "Standard_E64i_v3",
+ "Standard_DS11_v2",
+ "Standard_DS12_v2",
+ "Standard_DS13_v2",
+ "Standard_DS14_v2",
+ "Standard_DS15_v2"
+ ]
+ },
+ "osPlatform": "Linux",
+ "imageReference": {
+ "publisher": "checkpoint",
+ "offer": "check-point-cg-r82",
+ "sku": "sg-ngtx"
+ },
+ "count": 1
+ },
{
"name": "installationType",
"type": "Microsoft.Common.DropDown",
"label": "Installation type",
- "visible": "[or(equals(steps('chkp').cloudGuardVersion, 'R81.10'), equals(steps('chkp').cloudGuardVersion, 'R81.20'))]",
+ "visible": "[or(equals(steps('chkp').cloudGuardVersion, 'R81.10'), equals(steps('chkp').cloudGuardVersion, 'R81.20'), equals(steps('chkp').cloudGuardVersion, 'R82'))]",
"defaultValue": "Gateway only",
"toolTip": "Select the type of deployment",
"constraints": {
@@ -831,10 +1174,10 @@
{
"name": "standaloneValidation",
"type": "Microsoft.Common.InfoBox",
- "visible": "[and(equals(steps('chkp').installationType, 'standalone'), not(and(equals(steps('chkp').R80Offer, 'Bring Your Own License'),or(equals(steps('chkp').cloudGuardVersion, 'R81.10'), equals(steps('chkp').cloudGuardVersion, 'R81.20')))))]",
+ "visible": "[and(equals(steps('chkp').installationType, 'standalone'), not(and(equals(steps('chkp').R80Offer, 'Bring Your Own License'),or(equals(steps('chkp').cloudGuardVersion, 'R81.10'), equals(steps('chkp').cloudGuardVersion, 'R81.20'), equals(steps('chkp').cloudGuardVersion, 'R82')))))]",
"options": {
"icon": "Error",
- "text": "Standalone deployment is ONLY supported for CloudGuard versions R81.10 and R81.20 Bring Your Own License."
+ "text": "Standalone deployment is ONLY supported for CloudGuard versions R81.10, R81.20 and R82 Bring Your Own License."
}
},
{
@@ -847,7 +1190,7 @@
"regex": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/([0-9]|[1-2][0-9]|3[0-2]))$",
"validationMessage": "Enter a valid IPv4 network CIDR"
},
- "visible": "[and(or(equals(steps('chkp').cloudGuardVersion, 'R81.10'), equals(steps('chkp').cloudGuardVersion, 'R81.20')), equals(steps('chkp').installationType, 'standalone'))]"
+ "visible": "[and(or(equals(steps('chkp').cloudGuardVersion, 'R81.10'), equals(steps('chkp').cloudGuardVersion, 'R81.20'), equals(steps('chkp').cloudGuardVersion, 'R82')), equals(steps('chkp').installationType, 'standalone'))]"
},
{
"name": "sicKeyUi",
@@ -877,7 +1220,7 @@
}
},
{
- "visible": "[bool(basics('auth').sshPublicKey)]",
+ "visible": "[bool(basics('auth').sshPublicKey)]",
"name": "EnableSerialConsolePassword",
"type": "Microsoft.Common.OptionsGroup",
"label": "Enable Serial console password",
@@ -1120,7 +1463,7 @@
"label": "Quick connect to Smart-1 Cloud",
"defaultValue": "Yes",
"toolTip": "Automatically connect this single gateway to Smart-1 Cloud - Check Point's Security Management as a Service",
- "constraints": {
+ "constraints": {
"allowedValues": [
{
"label": "Yes",
@@ -1157,7 +1500,7 @@
"validationMessage": "Smart1Cloud Token Should contain at lease 5 characters"
},
"visible": "[equals(steps('chkp').allowSmart1CloudConnection, 'yes')]"
- }
+ }
]
},
{
@@ -1321,7 +1664,7 @@
"authenticationType": "[basics('auth').authenticationType]",
"sshPublicKey": "[basics('auth').sshPublicKey]",
"vmName": "[basics('gatewayNameUi')]",
- "vmSize": "[coalesce(steps('chkp').R8110vmSizeUiBYOL, steps('chkp').R8110vmSizeUiNGTP, steps('chkp').R8110vmSizeUiNGTX, steps('chkp').R8120vmSizeUiBYOL, steps('chkp').R8120vmSizeUiNGTP, steps('chkp').R8120vmSizeUiNGTX )]",
+ "vmSize": "[coalesce(steps('chkp').R8110vmSizeUiBYOL, steps('chkp').R8110vmSizeUiNGTP, steps('chkp').R8110vmSizeUiNGTX, steps('chkp').R8120vmSizeUiBYOL, steps('chkp').R8120vmSizeUiNGTP, steps('chkp').R8120vmSizeUiNGTX, steps('chkp').R82vmSizeUiBYOL, steps('chkp').R82vmSizeUiNGTP, steps('chkp').R82vmSizeUiNGTX )]",
"sicKey": "[coalesce(steps('chkp').sicKeyUi, 'notused')]",
"virtualNetworkName": "[steps('network').virtualNetwork.name]",
"virtualNetworkAddressPrefix": "[steps('network').virtualNetwork.addressPrefix]",
@@ -1347,7 +1690,7 @@
"deployNewNSG": "[steps('network').NSG]",
"ExistingNSG": "[steps('network').nsgSelector]",
"NewNsgName": "[steps('network').NSGName]",
- "addStorageAccountIpRules": "[steps('network').addStorageAccountIpRules]"
+ "addStorageAccountIpRules":"[steps('network').addStorageAccountIpRules]"
}
}
-}
\ No newline at end of file
+}
diff --git a/azure/templates/marketplace-single/mainTemplate.json b/azure/templates/marketplace-single/mainTemplate.json
index 6085d845..d3216bf3 100644
--- a/azure/templates/marketplace-single/mainTemplate.json
+++ b/azure/templates/marketplace-single/mainTemplate.json
@@ -24,7 +24,10 @@
"R81.10 - Pay As You Go (NGTX)",
"R81.20 - Bring Your Own License",
"R81.20 - Pay As You Go (NGTP)",
- "R81.20 - Pay As You Go (NGTX)"
+ "R81.20 - Pay As You Go (NGTX)",
+ "R82 - Bring Your Own License",
+ "R82 - Pay As You Go (NGTP)",
+ "R82 - Pay As You Go (NGTX)"
],
"defaultValue": "R81.20 - Bring Your Own License",
"metadata": {
@@ -314,7 +317,10 @@
"R81.10 - Pay As You Go (NGTX)": "NGTX",
"R81.20 - Bring Your Own License": "BYOL",
"R81.20 - Pay As You Go (NGTP)": "NGTP",
- "R81.20 - Pay As You Go (NGTX)": "NGTX"
+ "R81.20 - Pay As You Go (NGTX)": "NGTX",
+ "R82 - Bring Your Own License": "BYOL",
+ "R82 - Pay As You Go (NGTP)": "NGTP",
+ "R82 - Pay As You Go (NGTX)": "NGTX"
},
"offer": "[variables('offers')[parameters('cloudGuardVersion')]]",
"osVersions": {
@@ -323,7 +329,10 @@
"R81.10 - Pay As You Go (NGTX)": "R8110",
"R81.20 - Bring Your Own License": "R8120",
"R81.20 - Pay As You Go (NGTP)": "R8120",
- "R81.20 - Pay As You Go (NGTX)": "R8120"
+ "R81.20 - Pay As You Go (NGTX)": "R8120",
+ "R82 - Bring Your Own License": "R82",
+ "R82 - Pay As You Go (NGTP)": "R82",
+ "R82 - Pay As You Go (NGTX)": "R82"
},
"osVersion": "[variables('osVersions')[parameters('cloudGuardVersion')]]",
"serialConsoleGeographies": {
@@ -541,7 +550,7 @@
"customData": "[concat('#!/usr/bin/python3 /etc/cloud_config.py\n', '\n', 'installationType=\"', variables('installationType'), '\"', '\n', 'allowUploadDownload=\"', variables('allowUploadDownload'), '\"', '\n', 'osVersion=\"', variables('osVersion'), '\"', '\n', 'templateName=\"', variables('templateName'), '\"', '\n', 'isBlink=\"', variables('isBlink'), '\"', '\n', 'templateVersion=\"', variables('templateVersion'), '\"', '\n', 'bootstrapScript64=\"', variables('bootstrapScript64'), '\"', '\n', 'location=\"', variables('location'), '\"', '\n', 'sicKey=\"', variables('sicKey'), '\"', '\n', 'managementGUIClientNetwork=\"', variables('managementGUIClientNetwork'), '\"', '\n', 'customMetrics=\"', variables('customMetrics'), '\"', '\n', 'adminShell=\"', parameters('adminShell'), '\"', '\n', 'smart1CloudToken=\"', parameters('smart1CloudToken'), '\"', '\n', 'MaintenanceModePassword=\"', parameters('MaintenanceModePasswordHash'), '\"', '\n', 'passwordHash=\"', parameters('SerialConsolePasswordHash'), '\"', '\n')]",
"imageOffer": "[concat('check-point-cg-', toLower(variables('osVersion')))]",
"imagePublisher": "checkpoint",
- "imageSku": "[if(and(equals(parameters('installationType'), 'standalone'), or(equals(variables('osVersion'),'R8110'), equals(variables('osVersion'),'R8120'))), 'mgmt-byol', 'sg-byol')]",
+ "imageSku": "[if(and(equals(parameters('installationType'), 'standalone'), or(equals(variables('osVersion'),'R8110'), equals(variables('osVersion'),'R8120'), equals(variables('osVersion'),'R82'))), 'mgmt-byol', 'sg-byol')]",
"imageReferenceBYOL": {
"offer": "[variables('imageOffer')]",
"publisher": "[variables('imagePublisher')]",
diff --git a/azure/templates/marketplace-vmss-waap/mainTemplate.json b/azure/templates/marketplace-vmss-waap/mainTemplate.json
old mode 100755
new mode 100644
index bd80fffb..df1bc1cf
--- a/azure/templates/marketplace-vmss-waap/mainTemplate.json
+++ b/azure/templates/marketplace-vmss-waap/mainTemplate.json
@@ -661,6 +661,9 @@
{
"type": "Microsoft.Storage/storageAccounts",
"name": "[variables('storageAccountName')]",
+ "properties": {
+ "minimalTlsVersion": "TLS1_2"
+ },
"apiVersion": "2021-04-01",
"location": "[variables('location')]",
"sku": {
diff --git a/azure/templates/marketplace-vmss/createUiDefinition.json b/azure/templates/marketplace-vmss/createUiDefinition.json
index 6b3ebbce..3228cb59 100644
--- a/azure/templates/marketplace-vmss/createUiDefinition.json
+++ b/azure/templates/marketplace-vmss/createUiDefinition.json
@@ -571,6 +571,10 @@
{
"label": "R81.20",
"value": "R81.20"
+ },
+ {
+ "label": "R82",
+ "value": "R82"
}
]
}
@@ -1277,6 +1281,345 @@
},
"count": "[steps('autoprovision').vmCount]"
},
+ {
+ "name": "R82vmSizeUiBYOL",
+ "type": "Microsoft.Compute.SizeSelector",
+ "visible": "[and(equals(steps('chkp').cloudGuardVersion, 'R82'), contains(steps('chkp').R80Offer, 'Bring Your Own License'))]",
+ "label": "Virtual machine size",
+ "toolTip": "The VM size of the Security Gateway",
+ "recommendedSizes": [
+ "Standard_D4ds_v5",
+ "Standard_D4d_v5"
+ ],
+ "constraints": {
+ "allowedSizes": [
+ "Standard_D4_v4",
+ "Standard_D8_v4",
+ "Standard_D16_v4",
+ "Standard_D32_v4",
+ "Standard_D48_v4",
+ "Standard_D64_v4",
+ "Standard_D4s_v4",
+ "Standard_D8s_v4",
+ "Standard_D16s_v4",
+ "Standard_D32s_v4",
+ "Standard_D48s_v4",
+ "Standard_D64s_v4",
+ "Standard_D2_v5",
+ "Standard_D4_v5",
+ "Standard_D8_v5",
+ "Standard_D16_v5",
+ "Standard_D32_v5",
+ "Standard_D2s_v5",
+ "Standard_D4s_v5",
+ "Standard_D8s_v5",
+ "Standard_D16s_v5",
+ "Standard_D2d_v5",
+ "Standard_D4d_v5",
+ "Standard_D8d_v5",
+ "Standard_D16d_v5",
+ "Standard_D32d_v5",
+ "Standard_D2ds_v5",
+ "Standard_D4ds_v5",
+ "Standard_D8ds_v5",
+ "Standard_D16ds_v5",
+ "Standard_D32ds_v5",
+ "Standard_DS2_v2",
+ "Standard_DS3_v2",
+ "Standard_DS4_v2",
+ "Standard_DS5_v2",
+ "Standard_F2s",
+ "Standard_F4s",
+ "Standard_F8s",
+ "Standard_F16s",
+ "Standard_D4s_v3",
+ "Standard_D8s_v3",
+ "Standard_D16s_v3",
+ "Standard_D32s_v3",
+ "Standard_D64s_v3",
+ "Standard_E4s_v3",
+ "Standard_E8s_v3",
+ "Standard_E16s_v3",
+ "Standard_E20s_v3",
+ "Standard_E32s_v3",
+ "Standard_E64s_v3",
+ "Standard_E64is_v3",
+ "Standard_F4s_v2",
+ "Standard_F8s_v2",
+ "Standard_F16s_v2",
+ "Standard_F32s_v2",
+ "Standard_F64s_v2",
+ "Standard_M8ms",
+ "Standard_M16ms",
+ "Standard_M32ms",
+ "Standard_M64ms",
+ "Standard_M64s",
+ "Standard_D2_v2",
+ "Standard_D3_v2",
+ "Standard_D4_v2",
+ "Standard_D5_v2",
+ "Standard_D11_v2",
+ "Standard_D12_v2",
+ "Standard_D13_v2",
+ "Standard_D14_v2",
+ "Standard_D15_v2",
+ "Standard_F2",
+ "Standard_F4",
+ "Standard_F8",
+ "Standard_F16",
+ "Standard_D4_v3",
+ "Standard_D8_v3",
+ "Standard_D16_v3",
+ "Standard_D32_v3",
+ "Standard_D64_v3",
+ "Standard_E4_v3",
+ "Standard_E8_v3",
+ "Standard_E16_v3",
+ "Standard_E20_v3",
+ "Standard_E32_v3",
+ "Standard_E64_v3",
+ "Standard_E64i_v3",
+ "Standard_DS11_v2",
+ "Standard_DS12_v2",
+ "Standard_DS13_v2",
+ "Standard_DS14_v2",
+ "Standard_DS15_v2"
+ ]
+ },
+ "osPlatform": "Linux",
+ "imageReference": {
+ "publisher": "checkpoint",
+ "offer": "check-point-cg-r82",
+ "sku": "sg-byol"
+ },
+ "count": "[steps('autoprovision').vmCount]"
+ },
+ {
+ "name": "R82vmSizeUiNGTP",
+ "type": "Microsoft.Compute.SizeSelector",
+ "visible": "[and(equals(steps('chkp').cloudGuardVersion, 'R82'), contains(steps('chkp').R80Offer, '(NGTP)'))]",
+ "label": "Virtual machine size",
+ "toolTip": "The VM size of the Security Gateway",
+ "recommendedSizes": [
+ "Standard_D4ds_v5",
+ "Standard_D4d_v5"
+ ],
+ "constraints": {
+ "allowedSizes": [
+ "Standard_D4_v4",
+ "Standard_D8_v4",
+ "Standard_D16_v4",
+ "Standard_D32_v4",
+ "Standard_D48_v4",
+ "Standard_D64_v4",
+ "Standard_D4s_v4",
+ "Standard_D8s_v4",
+ "Standard_D16s_v4",
+ "Standard_D32s_v4",
+ "Standard_D48s_v4",
+ "Standard_D64s_v4",
+ "Standard_D2_v5",
+ "Standard_D4_v5",
+ "Standard_D8_v5",
+ "Standard_D16_v5",
+ "Standard_D32_v5",
+ "Standard_D2s_v5",
+ "Standard_D4s_v5",
+ "Standard_D8s_v5",
+ "Standard_D16s_v5",
+ "Standard_D2d_v5",
+ "Standard_D4d_v5",
+ "Standard_D8d_v5",
+ "Standard_D16d_v5",
+ "Standard_D32d_v5",
+ "Standard_D2ds_v5",
+ "Standard_D4ds_v5",
+ "Standard_D8ds_v5",
+ "Standard_D16ds_v5",
+ "Standard_D32ds_v5",
+ "Standard_DS2_v2",
+ "Standard_DS3_v2",
+ "Standard_DS4_v2",
+ "Standard_DS5_v2",
+ "Standard_F2s",
+ "Standard_F4s",
+ "Standard_F8s",
+ "Standard_F16s",
+ "Standard_D4s_v3",
+ "Standard_D8s_v3",
+ "Standard_D16s_v3",
+ "Standard_D32s_v3",
+ "Standard_D64s_v3",
+ "Standard_E4s_v3",
+ "Standard_E8s_v3",
+ "Standard_E16s_v3",
+ "Standard_E20s_v3",
+ "Standard_E32s_v3",
+ "Standard_E64s_v3",
+ "Standard_E64is_v3",
+ "Standard_F4s_v2",
+ "Standard_F8s_v2",
+ "Standard_F16s_v2",
+ "Standard_F32s_v2",
+ "Standard_F64s_v2",
+ "Standard_M8ms",
+ "Standard_M16ms",
+ "Standard_M32ms",
+ "Standard_M64ms",
+ "Standard_M64s",
+ "Standard_D2_v2",
+ "Standard_D3_v2",
+ "Standard_D4_v2",
+ "Standard_D5_v2",
+ "Standard_D11_v2",
+ "Standard_D12_v2",
+ "Standard_D13_v2",
+ "Standard_D14_v2",
+ "Standard_D15_v2",
+ "Standard_F2",
+ "Standard_F4",
+ "Standard_F8",
+ "Standard_F16",
+ "Standard_D4_v3",
+ "Standard_D8_v3",
+ "Standard_D16_v3",
+ "Standard_D32_v3",
+ "Standard_D64_v3",
+ "Standard_E4_v3",
+ "Standard_E8_v3",
+ "Standard_E16_v3",
+ "Standard_E20_v3",
+ "Standard_E32_v3",
+ "Standard_E64_v3",
+ "Standard_E64i_v3",
+ "Standard_DS11_v2",
+ "Standard_DS12_v2",
+ "Standard_DS13_v2",
+ "Standard_DS14_v2",
+ "Standard_DS15_v2"
+ ]
+ },
+ "osPlatform": "Linux",
+ "imageReference": {
+ "publisher": "checkpoint",
+ "offer": "check-point-cg-r82",
+ "sku": "sg-ngtp"
+ },
+ "count": "[steps('autoprovision').vmCount]"
+ },
+ {
+ "name": "R82vmSizeUiNGTX",
+ "type": "Microsoft.Compute.SizeSelector",
+ "visible": "[and(equals(steps('chkp').cloudGuardVersion, 'R82'), contains(steps('chkp').R80Offer, '(NGTX)'))]",
+ "label": "Virtual machine size",
+ "toolTip": "The VM size of the Security Gateway",
+ "recommendedSizes": [
+ "Standard_D4ds_v5",
+ "Standard_D4d_v5"
+ ],
+ "constraints": {
+ "allowedSizes": [
+ "Standard_D4_v4",
+ "Standard_D8_v4",
+ "Standard_D16_v4",
+ "Standard_D32_v4",
+ "Standard_D48_v4",
+ "Standard_D64_v4",
+ "Standard_D4s_v4",
+ "Standard_D8s_v4",
+ "Standard_D16s_v4",
+ "Standard_D32s_v4",
+ "Standard_D48s_v4",
+ "Standard_D64s_v4",
+ "Standard_D2_v5",
+ "Standard_D4_v5",
+ "Standard_D8_v5",
+ "Standard_D16_v5",
+ "Standard_D32_v5",
+ "Standard_D2s_v5",
+ "Standard_D4s_v5",
+ "Standard_D8s_v5",
+ "Standard_D16s_v5",
+ "Standard_D2d_v5",
+ "Standard_D4d_v5",
+ "Standard_D8d_v5",
+ "Standard_D16d_v5",
+ "Standard_D32d_v5",
+ "Standard_D2ds_v5",
+ "Standard_D4ds_v5",
+ "Standard_D8ds_v5",
+ "Standard_D16ds_v5",
+ "Standard_D32ds_v5",
+ "Standard_DS2_v2",
+ "Standard_DS3_v2",
+ "Standard_DS4_v2",
+ "Standard_DS5_v2",
+ "Standard_F2s",
+ "Standard_F4s",
+ "Standard_F8s",
+ "Standard_F16s",
+ "Standard_D4s_v3",
+ "Standard_D8s_v3",
+ "Standard_D16s_v3",
+ "Standard_D32s_v3",
+ "Standard_D64s_v3",
+ "Standard_E4s_v3",
+ "Standard_E8s_v3",
+ "Standard_E16s_v3",
+ "Standard_E20s_v3",
+ "Standard_E32s_v3",
+ "Standard_E64s_v3",
+ "Standard_E64is_v3",
+ "Standard_F4s_v2",
+ "Standard_F8s_v2",
+ "Standard_F16s_v2",
+ "Standard_F32s_v2",
+ "Standard_F64s_v2",
+ "Standard_M8ms",
+ "Standard_M16ms",
+ "Standard_M32ms",
+ "Standard_M64ms",
+ "Standard_M64s",
+ "Standard_D2_v2",
+ "Standard_D3_v2",
+ "Standard_D4_v2",
+ "Standard_D5_v2",
+ "Standard_D11_v2",
+ "Standard_D12_v2",
+ "Standard_D13_v2",
+ "Standard_D14_v2",
+ "Standard_D15_v2",
+ "Standard_F2",
+ "Standard_F4",
+ "Standard_F8",
+ "Standard_F16",
+ "Standard_D4_v3",
+ "Standard_D8_v3",
+ "Standard_D16_v3",
+ "Standard_D32_v3",
+ "Standard_D64_v3",
+ "Standard_E4_v3",
+ "Standard_E8_v3",
+ "Standard_E16_v3",
+ "Standard_E20_v3",
+ "Standard_E32_v3",
+ "Standard_E64_v3",
+ "Standard_E64i_v3",
+ "Standard_DS11_v2",
+ "Standard_DS12_v2",
+ "Standard_DS13_v2",
+ "Standard_DS14_v2",
+ "Standard_DS15_v2"
+ ]
+ },
+ "osPlatform": "Linux",
+ "imageReference": {
+ "publisher": "checkpoint",
+ "offer": "check-point-cg-r82",
+ "sku": "sg-ngtx"
+ },
+ "count": "[steps('autoprovision').vmCount]"
+ },
{
"name": "adminShell",
"type": "Microsoft.Common.DropDown",
@@ -1331,7 +1674,7 @@
}
},
{
- "visible": "[bool(basics('auth').sshPublicKey)]",
+ "visible": "[bool(basics('auth').sshPublicKey)]",
"name": "EnableSerialConsolePassword",
"type": "Microsoft.Common.OptionsGroup",
"label": "Enable Serial console password",
@@ -1718,7 +2061,7 @@
"availabilityZonesNum": "[coalesce(steps('autoprovision').availabilityZonesNum, int('0'))]",
"customMetrics": "[steps('autoprovision').customMetrics]",
"cloudGuardVersion": "[concat(steps('chkp').cloudGuardVersion, ' - ', coalesce(steps('chkp').R80Offer, 'Bring Your Own License'))]",
- "vmSize": "[coalesce(steps('chkp').R8110vmSizeUiBYOL, steps('chkp').R8110vmSizeUiNGTP, steps('chkp').R8110vmSizeUiNGTX, steps('chkp').R8120vmSizeUiBYOL, steps('chkp').R8120vmSizeUiNGTP, steps('chkp').R8120vmSizeUiNGTX)]",
+ "vmSize": "[coalesce(steps('chkp').R8110vmSizeUiBYOL, steps('chkp').R8110vmSizeUiNGTP, steps('chkp').R8110vmSizeUiNGTX, steps('chkp').R8120vmSizeUiBYOL, steps('chkp').R8120vmSizeUiNGTP, steps('chkp').R8120vmSizeUiNGTX, steps('chkp').R82vmSizeUiBYOL, steps('chkp').R82vmSizeUiNGTP, steps('chkp').R82vmSizeUiNGTX)]",
"sicKey": "[steps('chkp').sicKeyUi]",
"bootstrapScript": "[steps('chkp').bootstrapScript]",
"allowDownloadFromUploadToCheckPoint": "[coalesce(steps('chkp').allowUploadDownload, 'true')]",
@@ -1749,4 +2092,4 @@
"MaintenanceModePasswordHash": "[steps('chkp').MaintenanceModePassword]"
}
}
-}
\ No newline at end of file
+}
diff --git a/azure/templates/marketplace-vmss/mainTemplate.json b/azure/templates/marketplace-vmss/mainTemplate.json
index 077e926c..d0159464 100644
--- a/azure/templates/marketplace-vmss/mainTemplate.json
+++ b/azure/templates/marketplace-vmss/mainTemplate.json
@@ -24,7 +24,10 @@
"R81.10 - Pay As You Go (NGTX)",
"R81.20 - Bring Your Own License",
"R81.20 - Pay As You Go (NGTP)",
- "R81.20 - Pay As You Go (NGTX)"
+ "R81.20 - Pay As You Go (NGTX)",
+ "R82 - Bring Your Own License",
+ "R82 - Pay As You Go (NGTP)",
+ "R82 - Pay As You Go (NGTX)"
],
"defaultValue": "R81.20 - Bring Your Own License",
"metadata": {
@@ -510,7 +513,10 @@
"R81.10 - Pay As You Go (NGTX)": "NGTX",
"R81.20 - Bring Your Own License": "BYOL",
"R81.20 - Pay As You Go (NGTP)": "NGTP",
- "R81.20 - Pay As You Go (NGTX)": "NGTX"
+ "R81.20 - Pay As You Go (NGTX)": "NGTX",
+ "R82 - Bring Your Own License": "BYOL",
+ "R82 - Pay As You Go (NGTP)": "NGTP",
+ "R82 - Pay As You Go (NGTX)": "NGTX"
},
"offer": "[variables('offers')[parameters('cloudGuardVersion')]]",
"osVersions": {
@@ -519,7 +525,10 @@
"R81.10 - Pay As You Go (NGTX)": "R8110",
"R81.20 - Bring Your Own License": "R8120",
"R81.20 - Pay As You Go (NGTP)": "R8120",
- "R81.20 - Pay As You Go (NGTX)": "R8120"
+ "R81.20 - Pay As You Go (NGTX)": "R8120",
+ "R82 - Bring Your Own License": "R82",
+ "R82 - Pay As You Go (NGTP)": "R82",
+ "R82 - Pay As You Go (NGTX)": "R82"
},
"osVersion": "[variables('osVersions')[parameters('cloudGuardVersion')]]",
"SerialConsoleGeographies": {
diff --git a/azure/templates/nestedtemplates/storageAccount-new.json b/azure/templates/nestedtemplates/storageAccount-new.json
index cbce4700..b08a25a7 100644
--- a/azure/templates/nestedtemplates/storageAccount-new.json
+++ b/azure/templates/nestedtemplates/storageAccount-new.json
@@ -42,4 +42,4 @@
"tags": "[ if(contains(parameters('tagsByResource'), 'Microsoft.Storage/storageAccounts'), parameters('tagsByResource')['Microsoft.Storage/storageAccounts'], json('{}')) ]"
}
]
-}
+}
\ No newline at end of file
diff --git a/azure/templates/nestedtemplates/vnet-1-subnet-existing.json b/azure/templates/nestedtemplates/vnet-1-subnet-existing.json
index 81fc0d5a..cb335d9a 100644
--- a/azure/templates/nestedtemplates/vnet-1-subnet-existing.json
+++ b/azure/templates/nestedtemplates/vnet-1-subnet-existing.json
@@ -84,4 +84,4 @@
"type": "object"
}
}
-}
+}
\ No newline at end of file
diff --git a/azure/templates/nestedtemplates/vnet-2-subnet-ha2-existing.json b/azure/templates/nestedtemplates/vnet-2-subnet-ha2-existing.json
index 17781d8c..04e3694c 100644
--- a/azure/templates/nestedtemplates/vnet-2-subnet-ha2-existing.json
+++ b/azure/templates/nestedtemplates/vnet-2-subnet-ha2-existing.json
@@ -73,4 +73,4 @@
"type": "array"
}
}
-}
+}
\ No newline at end of file
diff --git a/azure/templates/nestedtemplates/vnet-2-subnet-ha2-new.json b/azure/templates/nestedtemplates/vnet-2-subnet-ha2-new.json
index be5ae374..d9ca08ba 100644
--- a/azure/templates/nestedtemplates/vnet-2-subnet-ha2-new.json
+++ b/azure/templates/nestedtemplates/vnet-2-subnet-ha2-new.json
@@ -189,4 +189,4 @@
"type": "array"
}
}
-}
+}
\ No newline at end of file
diff --git a/azure/templates/nestedtemplates/vnet-existing-stack-ha.json b/azure/templates/nestedtemplates/vnet-existing-stack-ha.json
index 6d7eaf7f..2f99a6f4 100644
--- a/azure/templates/nestedtemplates/vnet-existing-stack-ha.json
+++ b/azure/templates/nestedtemplates/vnet-existing-stack-ha.json
@@ -90,4 +90,4 @@
"type": "string"
}
}
-}
+}
\ No newline at end of file
diff --git a/azure/templates/nestedtemplates/vnet-existing.json b/azure/templates/nestedtemplates/vnet-existing.json
index 415f5361..64533665 100644
--- a/azure/templates/nestedtemplates/vnet-existing.json
+++ b/azure/templates/nestedtemplates/vnet-existing.json
@@ -73,4 +73,4 @@
"type": "string"
}
}
-}
+}
\ No newline at end of file
diff --git a/azure/templates/nestedtemplates/vnet-new-stack-ha.json b/azure/templates/nestedtemplates/vnet-new-stack-ha.json
index f941bb4c..c7e9b1ad 100644
--- a/azure/templates/nestedtemplates/vnet-new-stack-ha.json
+++ b/azure/templates/nestedtemplates/vnet-new-stack-ha.json
@@ -138,4 +138,4 @@
"type": "string"
}
}
-}
+}
\ No newline at end of file
diff --git a/azure/templates/vwan-managed-app/mainTemplate.json b/azure/templates/vwan-managed-app/mainTemplate.json
index a5dde8d7..eb3efcdc 100644
--- a/azure/templates/vwan-managed-app/mainTemplate.json
+++ b/azure/templates/vwan-managed-app/mainTemplate.json
@@ -35,7 +35,8 @@
"defaultValue": "R8120",
"allowedValues": [
"R8110",
- "R8120"
+ "R8120",
+ "R82"
],
"type": "String",
"metadata": {
@@ -200,7 +201,7 @@
"name": "vwan-app",
"product": "cp-vwan-managed-app",
"publisher": "checkpoint",
- "version": "1.0.14"
+ "version": "1.0.15"
},
"properties": {
"managedResourceGroupId": "[variables('managedResourceGroupId')]",
@@ -281,4 +282,4 @@
}
}
]
-}
+ }
\ No newline at end of file
diff --git a/deprecated/azure/templates/R8040-R81/single-ipv6-r8040-r81/mainTemplate.json b/deprecated/azure/templates/R8040-R81/single-ipv6-r8040-r81/mainTemplate.json
index 76cc5768..2a322a31 100644
--- a/deprecated/azure/templates/R8040-R81/single-ipv6-r8040-r81/mainTemplate.json
+++ b/deprecated/azure/templates/R8040-R81/single-ipv6-r8040-r81/mainTemplate.json
@@ -19,7 +19,7 @@
"R81 - Pay As You Go (NGTP)",
"R81 - Pay As You Go (NGTX)"
],
- "defaultValue": "R81 - Bring Your Own License",
+ "defaultValue": "R81.20 - Bring Your Own License",
"metadata": {
"description": "Version of Check Point CloudGuard"
}
diff --git a/deprecated/azure/templates/stack-R8040-R81/stack-single-r8040-r81/mainTemplate.json b/deprecated/azure/templates/stack-R8040-R81/stack-single-r8040-r81/mainTemplate.json
index 9155f14b..a6d5f888 100644
--- a/deprecated/azure/templates/stack-R8040-R81/stack-single-r8040-r81/mainTemplate.json
+++ b/deprecated/azure/templates/stack-R8040-R81/stack-single-r8040-r81/mainTemplate.json
@@ -238,7 +238,7 @@
"R80.40 - Pay As You Go (NGTX)": "NGTX",
"R81 - Bring Your Own License": "BYOL",
"R81 - Pay As You Go (NGTP)": "NGTP",
- "R81 - Pay As You Go (NGTX)": "NGTX"
+ "R81 - Pay As You Go (NGTX)": "NGTX",
},
"offer": "[variables('offers')[parameters('cloudGuardVersion')]]",
"osVersions": {
diff --git a/gcp/deployment-packages/autoscale-byol/README.md b/gcp/deployment-packages/autoscale-byol/README.md
index d11c9a1b..b9f8aec7 100644
--- a/gcp/deployment-packages/autoscale-byol/README.md
+++ b/gcp/deployment-packages/autoscale-byol/README.md
@@ -35,7 +35,7 @@ To deploy the Deployment Manager's package manually, without using the GCP Marke
## config.yaml variables
| Name | Description | Type | Allowed values |
| ------------- | ------------- | ------------- | ------------- |
-| **autoscalingVersion** | Autoscaling Version | string | R80.40 Autoscaling;
R81.00 Autoscaling;
R81.10 Autoscaling;
R81.20 Autoscaling;|
+| **autoscalingVersion** | Autoscaling Version | string | R80.40 Autoscaling;
R81.00 Autoscaling;
R81.10 Autoscaling;
R81.20 Autoscaling;
R82 Autoscaling;|
| | | | | |
| **managementName** | Security Management Server name | string | The name of the Security Management Server as appears in autoprovisioning configuration |
| | | | | |
diff --git a/gcp/deployment-packages/autoscale-byol/check-point-autoscale--byol.py b/gcp/deployment-packages/autoscale-byol/check-point-autoscale--byol.py
old mode 100755
new mode 100644
index 226e09ea..06748f67
--- a/gcp/deployment-packages/autoscale-byol/check-point-autoscale--byol.py
+++ b/gcp/deployment-packages/autoscale-byol/check-point-autoscale--byol.py
@@ -12,7 +12,8 @@
VERSIONS = {
'R81.10-GW': 'r8110-gw',
- 'R81.20-GW': 'r8120-gw'
+ 'R81.20-GW': 'r8120-gw',
+ 'R82-GW': 'r82-gw'
}
TEMPLATE_NAME = 'autoscale'
diff --git a/gcp/deployment-packages/autoscale-byol/check-point-autoscale--byol.py.schema b/gcp/deployment-packages/autoscale-byol/check-point-autoscale--byol.py.schema
old mode 100755
new mode 100644
index 65b41f3d..219adc72
--- a/gcp/deployment-packages/autoscale-byol/check-point-autoscale--byol.py.schema
+++ b/gcp/deployment-packages/autoscale-byol/check-point-autoscale--byol.py.schema
@@ -171,6 +171,7 @@ properties:
enum:
- R81.10 Autoscaling
- R81.20 Autoscaling
+ - R82 Autoscaling
managementName:
type: string
default: 'checkpoint-management'
diff --git a/gcp/deployment-packages/autoscale-byol/images.py b/gcp/deployment-packages/autoscale-byol/images.py
old mode 100755
new mode 100644
index 7b04bee0..46c40abd
--- a/gcp/deployment-packages/autoscale-byol/images.py
+++ b/gcp/deployment-packages/autoscale-byol/images.py
@@ -1,34 +1,34 @@
IMAGES = {
- "check-point-r8120-payg": "check-point-r8120-payg-631-991001560-v20240425",
- "check-point-r8120-gw-payg-single": "check-point-r8120-gw-payg-single-631-991001560-v20240425",
- "check-point-r8120-gw-payg-mig": "check-point-r8120-gw-payg-mig-631-991001560-v20240425",
- "check-point-r8120-gw-payg-cluster": "check-point-r8120-gw-payg-cluster-631-991001560-v20240425",
- "check-point-r8120-gw-byol-single": "check-point-r8120-gw-byol-single-631-991001560-v20240425",
- "check-point-r8120-gw-byol-mig": "check-point-r8120-gw-byol-mig-631-991001560-v20240425",
- "check-point-r8120-gw-byol-cluster": "check-point-r8120-gw-byol-cluster-631-991001560-v20240425",
- "check-point-r8120-byol": "check-point-r8120-byol-631-991001560-v20240425",
- "check-point-r8110-payg": "check-point-r8110-payg-335-991001560-v20240425",
- "check-point-r8110-gw-payg-single": "check-point-r8110-gw-payg-single-335-991001560-v20240425",
- "check-point-r8110-gw-payg-mig": "check-point-r8110-gw-payg-mig-335-991001560-v20240425",
- "check-point-r8110-gw-payg-cluster": "check-point-r8110-gw-payg-cluster-335-991001560-v20240425",
- "check-point-r8110-gw-byol-single": "check-point-r8110-gw-byol-single-335-991001560-v20240425",
- "check-point-r8110-gw-byol-mig": "check-point-r8110-gw-byol-mig-335-991001560-v20240425",
- "check-point-r8110-gw-byol-cluster": "check-point-r8110-gw-byol-cluster-335-991001560-v20240425",
- "check-point-r8110-byol": "check-point-r8110-byol-335-991001560-v20240425",
- "check-point-r81-payg": "check-point-r81-payg-392-991001560-v20240425",
- "check-point-r81-gw-payg-single": "check-point-r81-gw-payg-single-392-991001560-v20240425",
- "check-point-r81-gw-payg-mig": "check-point-r81-gw-payg-mig-392-991001560-v20240425",
- "check-point-r81-gw-payg-cluster": "check-point-r81-gw-payg-cluster-392-991001560-v20240425",
- "check-point-r81-gw-byol-single": "check-point-r81-gw-byol-single-392-991001560-v20240425",
- "check-point-r81-gw-byol-mig": "check-point-r81-gw-byol-mig-392-991001560-v20240425",
- "check-point-r81-gw-byol-cluster": "check-point-r81-gw-byol-cluster-392-991001560-v20240425",
- "check-point-r81-byol": "check-point-r81-byol-392-991001560-v20240425",
- "check-point-r8040-payg": "check-point-r8040-payg-294-991001560-v20240425",
- "check-point-r8040-gw-payg-single": "check-point-r8040-gw-payg-single-294-991001564-v20240505",
- "check-point-r8040-gw-payg-mig": "check-point-r8040-gw-payg-mig-294-991001564-v20240505",
- "check-point-r8040-gw-payg-cluster": "check-point-r8040-gw-payg-cluster-294-991001564-v20240505",
- "check-point-r8040-gw-byol-single": "check-point-r8040-gw-byol-single-294-991001564-v20240505",
- "check-point-r8040-gw-byol-mig": "check-point-r8040-gw-byol-mig-294-991001564-v20240505",
- "check-point-r8040-gw-byol-cluster": "check-point-r8040-gw-byol-cluster-294-991001564-v20240505",
- "check-point-r8040-byol": "check-point-r8040-byol-294-991001560-v20240425"
+ "check-point-r82-payg": "check-point-r82-payg-777-991001695-v20241021",
+ "check-point-r82-gw-payg-single": "check-point-r82-gw-payg-single-777-991001695-v20241021",
+ "check-point-r82-gw-payg-mig": "check-point-r82-gw-payg-mig-777-991001695-v20241021",
+ "check-point-r82-gw-payg-cluster": "check-point-r82-gw-payg-cluster-777-991001695-v20241021",
+ "check-point-r82-gw-byol-single": "check-point-r82-gw-byol-single-777-991001695-v20241021",
+ "check-point-r82-gw-byol-mig": "check-point-r82-gw-byol-mig-777-991001695-v20241021",
+ "check-point-r82-gw-byol-cluster": "check-point-r82-gw-byol-cluster-777-991001695-v20241021",
+ "check-point-r82-byol": "check-point-r82-byol-777-991001695-v20241021",
+ "check-point-r8120-payg": "check-point-r8120-payg-634-991001641-v20240807",
+ "check-point-r8120-gw-payg-single": "check-point-r8120-gw-payg-single-631-991001669-v20240923",
+ "check-point-r8120-gw-payg-mig": "check-point-r8120-gw-payg-mig-631-991001669-v20240923",
+ "check-point-r8120-gw-payg-cluster": "check-point-r8120-gw-payg-cluster-631-991001669-v20240923",
+ "check-point-r8120-gw-byol-single": "check-point-r8120-gw-byol-single-631-991001669-v20240923",
+ "check-point-r8120-gw-byol-mig": "check-point-r8120-gw-byol-mig-631-991001669-v20240923",
+ "check-point-r8120-gw-byol-cluster": "check-point-r8120-gw-byol-cluster-631-991001669-v20240923",
+ "check-point-r8120-byol": "check-point-r8120-byol-634-991001641-v20240807",
+ "check-point-r8110-payg": "check-point-r8110-payg-335-991001681-v20241009",
+ "check-point-r8110-gw-payg-single": "check-point-r8110-gw-payg-single-335-991001681-v20241009",
+ "check-point-r8110-gw-payg-mig": "check-point-r8110-gw-payg-mig-335-991001681-v20241009",
+ "check-point-r8110-gw-payg-cluster": "check-point-r8110-gw-payg-cluster-335-991001681-v20241009",
+ "check-point-r8110-gw-byol-single": "check-point-r8110-gw-byol-single-335-991001681-v20241009",
+ "check-point-r8110-gw-byol-mig": "check-point-r8110-gw-byol-mig-335-991001681-v20241009",
+ "check-point-r8110-gw-byol-cluster": "check-point-r8110-gw-byol-cluster-335-991001681-v20241009",
+ "check-point-r8110-byol": "check-point-r8110-byol-335-991001681-v20241009",
+ "check-point-r81-payg": "check-point-r81-payg-392-991001616-v20240619",
+ "check-point-r81-gw-payg-single": "check-point-r81-gw-payg-single-392-991001616-v20240619",
+ "check-point-r81-gw-payg-mig": "check-point-r81-gw-payg-mig-392-991001616-v20240619",
+ "check-point-r81-gw-payg-cluster": "check-point-r81-gw-payg-cluster-392-991001616-v20240619",
+ "check-point-r81-gw-byol-single": "check-point-r81-gw-byol-single-392-991001616-v20240619",
+ "check-point-r81-gw-byol-mig": "check-point-r81-gw-byol-mig-392-991001616-v20240619",
+ "check-point-r81-gw-byol-cluster": "check-point-r81-gw-byol-cluster-392-991001616-v20240619",
+ "check-point-r81-byol": "check-point-r81-byol-392-991001616-v20240619"
}
\ No newline at end of file
diff --git a/gcp/deployment-packages/autoscale-payg/README.md b/gcp/deployment-packages/autoscale-payg/README.md
index 9dfa6b83..bef206ee 100644
--- a/gcp/deployment-packages/autoscale-payg/README.md
+++ b/gcp/deployment-packages/autoscale-payg/README.md
@@ -35,7 +35,7 @@ To deploy the Deployment Manager's package manually, without using the GCP Marke
## config.yaml variables
| Name | Description | Type | Allowed values |
| ------------- | ------------- | ------------- | ------------- |
-| **autoscalingVersion** | Autoscaling Version | string | R80.40 Autoscaling;
R81.00 Autoscaling;
R81.10 Autoscaling;
R81.20 Autoscaling;|
+| **autoscalingVersion** | Autoscaling Version | string | R80.40 Autoscaling;
R81.00 Autoscaling;
R81.10 Autoscaling;
R81.20 Autoscaling;
R82 Autoscaling;|
| | | | | |
| **managementName** | Security Management Server name | string | The name of the Security Management Server as appears in autoprovisioning configuration |
| | | | | |
diff --git a/gcp/deployment-packages/autoscale-payg/check-point-autoscale--payg.py b/gcp/deployment-packages/autoscale-payg/check-point-autoscale--payg.py
old mode 100755
new mode 100644
index b13af6da..8dd5e401
--- a/gcp/deployment-packages/autoscale-payg/check-point-autoscale--payg.py
+++ b/gcp/deployment-packages/autoscale-payg/check-point-autoscale--payg.py
@@ -12,7 +12,8 @@
VERSIONS = {
'R81.10-GW': 'r8110-gw',
- 'R81.20-GW': 'r8120-gw'
+ 'R81.20-GW': 'r8120-gw',
+ 'R82-GW': 'r82-gw'
}
TEMPLATE_NAME = 'autoscale'
diff --git a/gcp/deployment-packages/autoscale-payg/check-point-autoscale--payg.py.schema b/gcp/deployment-packages/autoscale-payg/check-point-autoscale--payg.py.schema
old mode 100755
new mode 100644
index b9341dfa..e8dbbe5d
--- a/gcp/deployment-packages/autoscale-payg/check-point-autoscale--payg.py.schema
+++ b/gcp/deployment-packages/autoscale-payg/check-point-autoscale--payg.py.schema
@@ -171,6 +171,7 @@ properties:
enum:
- R81.10 Autoscaling
- R81.20 Autoscaling
+ - R82 Autoscaling
managementName:
type: string
default: 'checkpoint-management'
diff --git a/gcp/deployment-packages/autoscale-payg/images.py b/gcp/deployment-packages/autoscale-payg/images.py
old mode 100755
new mode 100644
index 7b04bee0..46c40abd
--- a/gcp/deployment-packages/autoscale-payg/images.py
+++ b/gcp/deployment-packages/autoscale-payg/images.py
@@ -1,34 +1,34 @@
IMAGES = {
- "check-point-r8120-payg": "check-point-r8120-payg-631-991001560-v20240425",
- "check-point-r8120-gw-payg-single": "check-point-r8120-gw-payg-single-631-991001560-v20240425",
- "check-point-r8120-gw-payg-mig": "check-point-r8120-gw-payg-mig-631-991001560-v20240425",
- "check-point-r8120-gw-payg-cluster": "check-point-r8120-gw-payg-cluster-631-991001560-v20240425",
- "check-point-r8120-gw-byol-single": "check-point-r8120-gw-byol-single-631-991001560-v20240425",
- "check-point-r8120-gw-byol-mig": "check-point-r8120-gw-byol-mig-631-991001560-v20240425",
- "check-point-r8120-gw-byol-cluster": "check-point-r8120-gw-byol-cluster-631-991001560-v20240425",
- "check-point-r8120-byol": "check-point-r8120-byol-631-991001560-v20240425",
- "check-point-r8110-payg": "check-point-r8110-payg-335-991001560-v20240425",
- "check-point-r8110-gw-payg-single": "check-point-r8110-gw-payg-single-335-991001560-v20240425",
- "check-point-r8110-gw-payg-mig": "check-point-r8110-gw-payg-mig-335-991001560-v20240425",
- "check-point-r8110-gw-payg-cluster": "check-point-r8110-gw-payg-cluster-335-991001560-v20240425",
- "check-point-r8110-gw-byol-single": "check-point-r8110-gw-byol-single-335-991001560-v20240425",
- "check-point-r8110-gw-byol-mig": "check-point-r8110-gw-byol-mig-335-991001560-v20240425",
- "check-point-r8110-gw-byol-cluster": "check-point-r8110-gw-byol-cluster-335-991001560-v20240425",
- "check-point-r8110-byol": "check-point-r8110-byol-335-991001560-v20240425",
- "check-point-r81-payg": "check-point-r81-payg-392-991001560-v20240425",
- "check-point-r81-gw-payg-single": "check-point-r81-gw-payg-single-392-991001560-v20240425",
- "check-point-r81-gw-payg-mig": "check-point-r81-gw-payg-mig-392-991001560-v20240425",
- "check-point-r81-gw-payg-cluster": "check-point-r81-gw-payg-cluster-392-991001560-v20240425",
- "check-point-r81-gw-byol-single": "check-point-r81-gw-byol-single-392-991001560-v20240425",
- "check-point-r81-gw-byol-mig": "check-point-r81-gw-byol-mig-392-991001560-v20240425",
- "check-point-r81-gw-byol-cluster": "check-point-r81-gw-byol-cluster-392-991001560-v20240425",
- "check-point-r81-byol": "check-point-r81-byol-392-991001560-v20240425",
- "check-point-r8040-payg": "check-point-r8040-payg-294-991001560-v20240425",
- "check-point-r8040-gw-payg-single": "check-point-r8040-gw-payg-single-294-991001564-v20240505",
- "check-point-r8040-gw-payg-mig": "check-point-r8040-gw-payg-mig-294-991001564-v20240505",
- "check-point-r8040-gw-payg-cluster": "check-point-r8040-gw-payg-cluster-294-991001564-v20240505",
- "check-point-r8040-gw-byol-single": "check-point-r8040-gw-byol-single-294-991001564-v20240505",
- "check-point-r8040-gw-byol-mig": "check-point-r8040-gw-byol-mig-294-991001564-v20240505",
- "check-point-r8040-gw-byol-cluster": "check-point-r8040-gw-byol-cluster-294-991001564-v20240505",
- "check-point-r8040-byol": "check-point-r8040-byol-294-991001560-v20240425"
+ "check-point-r82-payg": "check-point-r82-payg-777-991001695-v20241021",
+ "check-point-r82-gw-payg-single": "check-point-r82-gw-payg-single-777-991001695-v20241021",
+ "check-point-r82-gw-payg-mig": "check-point-r82-gw-payg-mig-777-991001695-v20241021",
+ "check-point-r82-gw-payg-cluster": "check-point-r82-gw-payg-cluster-777-991001695-v20241021",
+ "check-point-r82-gw-byol-single": "check-point-r82-gw-byol-single-777-991001695-v20241021",
+ "check-point-r82-gw-byol-mig": "check-point-r82-gw-byol-mig-777-991001695-v20241021",
+ "check-point-r82-gw-byol-cluster": "check-point-r82-gw-byol-cluster-777-991001695-v20241021",
+ "check-point-r82-byol": "check-point-r82-byol-777-991001695-v20241021",
+ "check-point-r8120-payg": "check-point-r8120-payg-634-991001641-v20240807",
+ "check-point-r8120-gw-payg-single": "check-point-r8120-gw-payg-single-631-991001669-v20240923",
+ "check-point-r8120-gw-payg-mig": "check-point-r8120-gw-payg-mig-631-991001669-v20240923",
+ "check-point-r8120-gw-payg-cluster": "check-point-r8120-gw-payg-cluster-631-991001669-v20240923",
+ "check-point-r8120-gw-byol-single": "check-point-r8120-gw-byol-single-631-991001669-v20240923",
+ "check-point-r8120-gw-byol-mig": "check-point-r8120-gw-byol-mig-631-991001669-v20240923",
+ "check-point-r8120-gw-byol-cluster": "check-point-r8120-gw-byol-cluster-631-991001669-v20240923",
+ "check-point-r8120-byol": "check-point-r8120-byol-634-991001641-v20240807",
+ "check-point-r8110-payg": "check-point-r8110-payg-335-991001681-v20241009",
+ "check-point-r8110-gw-payg-single": "check-point-r8110-gw-payg-single-335-991001681-v20241009",
+ "check-point-r8110-gw-payg-mig": "check-point-r8110-gw-payg-mig-335-991001681-v20241009",
+ "check-point-r8110-gw-payg-cluster": "check-point-r8110-gw-payg-cluster-335-991001681-v20241009",
+ "check-point-r8110-gw-byol-single": "check-point-r8110-gw-byol-single-335-991001681-v20241009",
+ "check-point-r8110-gw-byol-mig": "check-point-r8110-gw-byol-mig-335-991001681-v20241009",
+ "check-point-r8110-gw-byol-cluster": "check-point-r8110-gw-byol-cluster-335-991001681-v20241009",
+ "check-point-r8110-byol": "check-point-r8110-byol-335-991001681-v20241009",
+ "check-point-r81-payg": "check-point-r81-payg-392-991001616-v20240619",
+ "check-point-r81-gw-payg-single": "check-point-r81-gw-payg-single-392-991001616-v20240619",
+ "check-point-r81-gw-payg-mig": "check-point-r81-gw-payg-mig-392-991001616-v20240619",
+ "check-point-r81-gw-payg-cluster": "check-point-r81-gw-payg-cluster-392-991001616-v20240619",
+ "check-point-r81-gw-byol-single": "check-point-r81-gw-byol-single-392-991001616-v20240619",
+ "check-point-r81-gw-byol-mig": "check-point-r81-gw-byol-mig-392-991001616-v20240619",
+ "check-point-r81-gw-byol-cluster": "check-point-r81-gw-byol-cluster-392-991001616-v20240619",
+ "check-point-r81-byol": "check-point-r81-byol-392-991001616-v20240619"
}
\ No newline at end of file
diff --git a/gcp/deployment-packages/ha-byol/README.md b/gcp/deployment-packages/ha-byol/README.md
index f915c4b4..660afa73 100644
--- a/gcp/deployment-packages/ha-byol/README.md
+++ b/gcp/deployment-packages/ha-byol/README.md
@@ -43,7 +43,7 @@ To deploy the Deployment Manager's package manually, without using the GCP Marke
## config.yaml variables
| Name | Description | Type | Allowed values |
| ------------- | ------------- | ------------- | ------------- |
-| **ha_version** | High Availability Version | string | R80.40 Cluster;
R81.00 Cluster;
R81.10 Cluster;
R81.20 Cluster; |
+| **ha_version** | High Availability Version | string | R80.40 Cluster;
R81.00 Cluster;
R81.10 Cluster;
R81.20 Cluster;
R82 Cluster;|
| | | | | |
| **zoneA** | Member A Zone. The zone determines what computing resources are available and where your data is stored and used | string | List of allowed [Regions and Zones](https://cloud.google.com/compute/docs/regions-zones?_ga=2.31926582.-962483654.1585043745) |
| | | | | |
diff --git a/gcp/deployment-packages/ha-byol/check-point-cluster--byol.py b/gcp/deployment-packages/ha-byol/check-point-cluster--byol.py
old mode 100755
new mode 100644
index 4a66ea50..9a7ad76e
--- a/gcp/deployment-packages/ha-byol/check-point-cluster--byol.py
+++ b/gcp/deployment-packages/ha-byol/check-point-cluster--byol.py
@@ -17,7 +17,8 @@
VERSIONS = {
'R81.10': 'r8110-gw',
- 'R81.20': 'r8120-gw'
+ 'R81.20': 'r8120-gw',
+ 'R82': 'r82-gw'
}
TEMPLATE_NAME = 'cluster'
diff --git a/gcp/deployment-packages/ha-byol/check-point-cluster--byol.py.schema b/gcp/deployment-packages/ha-byol/check-point-cluster--byol.py.schema
old mode 100755
new mode 100644
index d01c7887..eddbcbf4
--- a/gcp/deployment-packages/ha-byol/check-point-cluster--byol.py.schema
+++ b/gcp/deployment-packages/ha-byol/check-point-cluster--byol.py.schema
@@ -73,6 +73,7 @@ properties:
enum:
- R81.10 Cluster
- R81.20 Cluster
+ - R82 Cluster
enableMonitoring:
type: boolean
default: False
diff --git a/gcp/deployment-packages/ha-byol/images.py b/gcp/deployment-packages/ha-byol/images.py
old mode 100755
new mode 100644
index 7b04bee0..46c40abd
--- a/gcp/deployment-packages/ha-byol/images.py
+++ b/gcp/deployment-packages/ha-byol/images.py
@@ -1,34 +1,34 @@
IMAGES = {
- "check-point-r8120-payg": "check-point-r8120-payg-631-991001560-v20240425",
- "check-point-r8120-gw-payg-single": "check-point-r8120-gw-payg-single-631-991001560-v20240425",
- "check-point-r8120-gw-payg-mig": "check-point-r8120-gw-payg-mig-631-991001560-v20240425",
- "check-point-r8120-gw-payg-cluster": "check-point-r8120-gw-payg-cluster-631-991001560-v20240425",
- "check-point-r8120-gw-byol-single": "check-point-r8120-gw-byol-single-631-991001560-v20240425",
- "check-point-r8120-gw-byol-mig": "check-point-r8120-gw-byol-mig-631-991001560-v20240425",
- "check-point-r8120-gw-byol-cluster": "check-point-r8120-gw-byol-cluster-631-991001560-v20240425",
- "check-point-r8120-byol": "check-point-r8120-byol-631-991001560-v20240425",
- "check-point-r8110-payg": "check-point-r8110-payg-335-991001560-v20240425",
- "check-point-r8110-gw-payg-single": "check-point-r8110-gw-payg-single-335-991001560-v20240425",
- "check-point-r8110-gw-payg-mig": "check-point-r8110-gw-payg-mig-335-991001560-v20240425",
- "check-point-r8110-gw-payg-cluster": "check-point-r8110-gw-payg-cluster-335-991001560-v20240425",
- "check-point-r8110-gw-byol-single": "check-point-r8110-gw-byol-single-335-991001560-v20240425",
- "check-point-r8110-gw-byol-mig": "check-point-r8110-gw-byol-mig-335-991001560-v20240425",
- "check-point-r8110-gw-byol-cluster": "check-point-r8110-gw-byol-cluster-335-991001560-v20240425",
- "check-point-r8110-byol": "check-point-r8110-byol-335-991001560-v20240425",
- "check-point-r81-payg": "check-point-r81-payg-392-991001560-v20240425",
- "check-point-r81-gw-payg-single": "check-point-r81-gw-payg-single-392-991001560-v20240425",
- "check-point-r81-gw-payg-mig": "check-point-r81-gw-payg-mig-392-991001560-v20240425",
- "check-point-r81-gw-payg-cluster": "check-point-r81-gw-payg-cluster-392-991001560-v20240425",
- "check-point-r81-gw-byol-single": "check-point-r81-gw-byol-single-392-991001560-v20240425",
- "check-point-r81-gw-byol-mig": "check-point-r81-gw-byol-mig-392-991001560-v20240425",
- "check-point-r81-gw-byol-cluster": "check-point-r81-gw-byol-cluster-392-991001560-v20240425",
- "check-point-r81-byol": "check-point-r81-byol-392-991001560-v20240425",
- "check-point-r8040-payg": "check-point-r8040-payg-294-991001560-v20240425",
- "check-point-r8040-gw-payg-single": "check-point-r8040-gw-payg-single-294-991001564-v20240505",
- "check-point-r8040-gw-payg-mig": "check-point-r8040-gw-payg-mig-294-991001564-v20240505",
- "check-point-r8040-gw-payg-cluster": "check-point-r8040-gw-payg-cluster-294-991001564-v20240505",
- "check-point-r8040-gw-byol-single": "check-point-r8040-gw-byol-single-294-991001564-v20240505",
- "check-point-r8040-gw-byol-mig": "check-point-r8040-gw-byol-mig-294-991001564-v20240505",
- "check-point-r8040-gw-byol-cluster": "check-point-r8040-gw-byol-cluster-294-991001564-v20240505",
- "check-point-r8040-byol": "check-point-r8040-byol-294-991001560-v20240425"
+ "check-point-r82-payg": "check-point-r82-payg-777-991001695-v20241021",
+ "check-point-r82-gw-payg-single": "check-point-r82-gw-payg-single-777-991001695-v20241021",
+ "check-point-r82-gw-payg-mig": "check-point-r82-gw-payg-mig-777-991001695-v20241021",
+ "check-point-r82-gw-payg-cluster": "check-point-r82-gw-payg-cluster-777-991001695-v20241021",
+ "check-point-r82-gw-byol-single": "check-point-r82-gw-byol-single-777-991001695-v20241021",
+ "check-point-r82-gw-byol-mig": "check-point-r82-gw-byol-mig-777-991001695-v20241021",
+ "check-point-r82-gw-byol-cluster": "check-point-r82-gw-byol-cluster-777-991001695-v20241021",
+ "check-point-r82-byol": "check-point-r82-byol-777-991001695-v20241021",
+ "check-point-r8120-payg": "check-point-r8120-payg-634-991001641-v20240807",
+ "check-point-r8120-gw-payg-single": "check-point-r8120-gw-payg-single-631-991001669-v20240923",
+ "check-point-r8120-gw-payg-mig": "check-point-r8120-gw-payg-mig-631-991001669-v20240923",
+ "check-point-r8120-gw-payg-cluster": "check-point-r8120-gw-payg-cluster-631-991001669-v20240923",
+ "check-point-r8120-gw-byol-single": "check-point-r8120-gw-byol-single-631-991001669-v20240923",
+ "check-point-r8120-gw-byol-mig": "check-point-r8120-gw-byol-mig-631-991001669-v20240923",
+ "check-point-r8120-gw-byol-cluster": "check-point-r8120-gw-byol-cluster-631-991001669-v20240923",
+ "check-point-r8120-byol": "check-point-r8120-byol-634-991001641-v20240807",
+ "check-point-r8110-payg": "check-point-r8110-payg-335-991001681-v20241009",
+ "check-point-r8110-gw-payg-single": "check-point-r8110-gw-payg-single-335-991001681-v20241009",
+ "check-point-r8110-gw-payg-mig": "check-point-r8110-gw-payg-mig-335-991001681-v20241009",
+ "check-point-r8110-gw-payg-cluster": "check-point-r8110-gw-payg-cluster-335-991001681-v20241009",
+ "check-point-r8110-gw-byol-single": "check-point-r8110-gw-byol-single-335-991001681-v20241009",
+ "check-point-r8110-gw-byol-mig": "check-point-r8110-gw-byol-mig-335-991001681-v20241009",
+ "check-point-r8110-gw-byol-cluster": "check-point-r8110-gw-byol-cluster-335-991001681-v20241009",
+ "check-point-r8110-byol": "check-point-r8110-byol-335-991001681-v20241009",
+ "check-point-r81-payg": "check-point-r81-payg-392-991001616-v20240619",
+ "check-point-r81-gw-payg-single": "check-point-r81-gw-payg-single-392-991001616-v20240619",
+ "check-point-r81-gw-payg-mig": "check-point-r81-gw-payg-mig-392-991001616-v20240619",
+ "check-point-r81-gw-payg-cluster": "check-point-r81-gw-payg-cluster-392-991001616-v20240619",
+ "check-point-r81-gw-byol-single": "check-point-r81-gw-byol-single-392-991001616-v20240619",
+ "check-point-r81-gw-byol-mig": "check-point-r81-gw-byol-mig-392-991001616-v20240619",
+ "check-point-r81-gw-byol-cluster": "check-point-r81-gw-byol-cluster-392-991001616-v20240619",
+ "check-point-r81-byol": "check-point-r81-byol-392-991001616-v20240619"
}
\ No newline at end of file
diff --git a/gcp/deployment-packages/ha-payg/README.md b/gcp/deployment-packages/ha-payg/README.md
index 4f8405cd..fa12d90c 100644
--- a/gcp/deployment-packages/ha-payg/README.md
+++ b/gcp/deployment-packages/ha-payg/README.md
@@ -43,7 +43,7 @@ To deploy the Deployment Manager's package manually, without using the GCP Marke
## config.yaml variables
| Name | Description | Type | Allowed values |
| ------------- | ------------- | ------------- | ------------- |
-| **ha_version** | High Availability Version | string | R80.40 Cluster;
R81.00 Cluster;
R81.10 Cluster;
R81.20 Cluster; |
+| **ha_version** | High Availability Version | string | R80.40 Cluster;
R81.00 Cluster;
R81.10 Cluster;
R81.20 Cluster;
R82 Cluster;|
| | | | | |
| **zoneA** | Member A Zone. The zone determines what computing resources are available and where your data is stored and used | string | List of allowed [Regions and Zones](https://cloud.google.com/compute/docs/regions-zones?_ga=2.31926582.-962483654.1585043745) |
| | | | | |
diff --git a/gcp/deployment-packages/ha-payg/check-point-cluster--payg.py b/gcp/deployment-packages/ha-payg/check-point-cluster--payg.py
old mode 100755
new mode 100644
index d65178a6..0bc5dc6c
--- a/gcp/deployment-packages/ha-payg/check-point-cluster--payg.py
+++ b/gcp/deployment-packages/ha-payg/check-point-cluster--payg.py
@@ -17,7 +17,8 @@
VERSIONS = {
'R81.10': 'r8110-gw',
- 'R81.20': 'r8120-gw'
+ 'R81.20': 'r8120-gw',
+ 'R82': 'r82-gw'
}
TEMPLATE_NAME = 'cluster'
diff --git a/gcp/deployment-packages/ha-payg/check-point-cluster--payg.py.schema b/gcp/deployment-packages/ha-payg/check-point-cluster--payg.py.schema
old mode 100755
new mode 100644
index b3b513b6..d257e117
--- a/gcp/deployment-packages/ha-payg/check-point-cluster--payg.py.schema
+++ b/gcp/deployment-packages/ha-payg/check-point-cluster--payg.py.schema
@@ -73,6 +73,7 @@ properties:
enum:
- R81.10 Cluster
- R81.20 Cluster
+ - R82 Cluster
enableMonitoring:
type: boolean
default: False
diff --git a/gcp/deployment-packages/ha-payg/images.py b/gcp/deployment-packages/ha-payg/images.py
old mode 100755
new mode 100644
index 7b04bee0..46c40abd
--- a/gcp/deployment-packages/ha-payg/images.py
+++ b/gcp/deployment-packages/ha-payg/images.py
@@ -1,34 +1,34 @@
IMAGES = {
- "check-point-r8120-payg": "check-point-r8120-payg-631-991001560-v20240425",
- "check-point-r8120-gw-payg-single": "check-point-r8120-gw-payg-single-631-991001560-v20240425",
- "check-point-r8120-gw-payg-mig": "check-point-r8120-gw-payg-mig-631-991001560-v20240425",
- "check-point-r8120-gw-payg-cluster": "check-point-r8120-gw-payg-cluster-631-991001560-v20240425",
- "check-point-r8120-gw-byol-single": "check-point-r8120-gw-byol-single-631-991001560-v20240425",
- "check-point-r8120-gw-byol-mig": "check-point-r8120-gw-byol-mig-631-991001560-v20240425",
- "check-point-r8120-gw-byol-cluster": "check-point-r8120-gw-byol-cluster-631-991001560-v20240425",
- "check-point-r8120-byol": "check-point-r8120-byol-631-991001560-v20240425",
- "check-point-r8110-payg": "check-point-r8110-payg-335-991001560-v20240425",
- "check-point-r8110-gw-payg-single": "check-point-r8110-gw-payg-single-335-991001560-v20240425",
- "check-point-r8110-gw-payg-mig": "check-point-r8110-gw-payg-mig-335-991001560-v20240425",
- "check-point-r8110-gw-payg-cluster": "check-point-r8110-gw-payg-cluster-335-991001560-v20240425",
- "check-point-r8110-gw-byol-single": "check-point-r8110-gw-byol-single-335-991001560-v20240425",
- "check-point-r8110-gw-byol-mig": "check-point-r8110-gw-byol-mig-335-991001560-v20240425",
- "check-point-r8110-gw-byol-cluster": "check-point-r8110-gw-byol-cluster-335-991001560-v20240425",
- "check-point-r8110-byol": "check-point-r8110-byol-335-991001560-v20240425",
- "check-point-r81-payg": "check-point-r81-payg-392-991001560-v20240425",
- "check-point-r81-gw-payg-single": "check-point-r81-gw-payg-single-392-991001560-v20240425",
- "check-point-r81-gw-payg-mig": "check-point-r81-gw-payg-mig-392-991001560-v20240425",
- "check-point-r81-gw-payg-cluster": "check-point-r81-gw-payg-cluster-392-991001560-v20240425",
- "check-point-r81-gw-byol-single": "check-point-r81-gw-byol-single-392-991001560-v20240425",
- "check-point-r81-gw-byol-mig": "check-point-r81-gw-byol-mig-392-991001560-v20240425",
- "check-point-r81-gw-byol-cluster": "check-point-r81-gw-byol-cluster-392-991001560-v20240425",
- "check-point-r81-byol": "check-point-r81-byol-392-991001560-v20240425",
- "check-point-r8040-payg": "check-point-r8040-payg-294-991001560-v20240425",
- "check-point-r8040-gw-payg-single": "check-point-r8040-gw-payg-single-294-991001564-v20240505",
- "check-point-r8040-gw-payg-mig": "check-point-r8040-gw-payg-mig-294-991001564-v20240505",
- "check-point-r8040-gw-payg-cluster": "check-point-r8040-gw-payg-cluster-294-991001564-v20240505",
- "check-point-r8040-gw-byol-single": "check-point-r8040-gw-byol-single-294-991001564-v20240505",
- "check-point-r8040-gw-byol-mig": "check-point-r8040-gw-byol-mig-294-991001564-v20240505",
- "check-point-r8040-gw-byol-cluster": "check-point-r8040-gw-byol-cluster-294-991001564-v20240505",
- "check-point-r8040-byol": "check-point-r8040-byol-294-991001560-v20240425"
+ "check-point-r82-payg": "check-point-r82-payg-777-991001695-v20241021",
+ "check-point-r82-gw-payg-single": "check-point-r82-gw-payg-single-777-991001695-v20241021",
+ "check-point-r82-gw-payg-mig": "check-point-r82-gw-payg-mig-777-991001695-v20241021",
+ "check-point-r82-gw-payg-cluster": "check-point-r82-gw-payg-cluster-777-991001695-v20241021",
+ "check-point-r82-gw-byol-single": "check-point-r82-gw-byol-single-777-991001695-v20241021",
+ "check-point-r82-gw-byol-mig": "check-point-r82-gw-byol-mig-777-991001695-v20241021",
+ "check-point-r82-gw-byol-cluster": "check-point-r82-gw-byol-cluster-777-991001695-v20241021",
+ "check-point-r82-byol": "check-point-r82-byol-777-991001695-v20241021",
+ "check-point-r8120-payg": "check-point-r8120-payg-634-991001641-v20240807",
+ "check-point-r8120-gw-payg-single": "check-point-r8120-gw-payg-single-631-991001669-v20240923",
+ "check-point-r8120-gw-payg-mig": "check-point-r8120-gw-payg-mig-631-991001669-v20240923",
+ "check-point-r8120-gw-payg-cluster": "check-point-r8120-gw-payg-cluster-631-991001669-v20240923",
+ "check-point-r8120-gw-byol-single": "check-point-r8120-gw-byol-single-631-991001669-v20240923",
+ "check-point-r8120-gw-byol-mig": "check-point-r8120-gw-byol-mig-631-991001669-v20240923",
+ "check-point-r8120-gw-byol-cluster": "check-point-r8120-gw-byol-cluster-631-991001669-v20240923",
+ "check-point-r8120-byol": "check-point-r8120-byol-634-991001641-v20240807",
+ "check-point-r8110-payg": "check-point-r8110-payg-335-991001681-v20241009",
+ "check-point-r8110-gw-payg-single": "check-point-r8110-gw-payg-single-335-991001681-v20241009",
+ "check-point-r8110-gw-payg-mig": "check-point-r8110-gw-payg-mig-335-991001681-v20241009",
+ "check-point-r8110-gw-payg-cluster": "check-point-r8110-gw-payg-cluster-335-991001681-v20241009",
+ "check-point-r8110-gw-byol-single": "check-point-r8110-gw-byol-single-335-991001681-v20241009",
+ "check-point-r8110-gw-byol-mig": "check-point-r8110-gw-byol-mig-335-991001681-v20241009",
+ "check-point-r8110-gw-byol-cluster": "check-point-r8110-gw-byol-cluster-335-991001681-v20241009",
+ "check-point-r8110-byol": "check-point-r8110-byol-335-991001681-v20241009",
+ "check-point-r81-payg": "check-point-r81-payg-392-991001616-v20240619",
+ "check-point-r81-gw-payg-single": "check-point-r81-gw-payg-single-392-991001616-v20240619",
+ "check-point-r81-gw-payg-mig": "check-point-r81-gw-payg-mig-392-991001616-v20240619",
+ "check-point-r81-gw-payg-cluster": "check-point-r81-gw-payg-cluster-392-991001616-v20240619",
+ "check-point-r81-gw-byol-single": "check-point-r81-gw-byol-single-392-991001616-v20240619",
+ "check-point-r81-gw-byol-mig": "check-point-r81-gw-byol-mig-392-991001616-v20240619",
+ "check-point-r81-gw-byol-cluster": "check-point-r81-gw-byol-cluster-392-991001616-v20240619",
+ "check-point-r81-byol": "check-point-r81-byol-392-991001616-v20240619"
}
\ No newline at end of file
diff --git a/gcp/deployment-packages/single-byol/README.md b/gcp/deployment-packages/single-byol/README.md
index 4c14d447..5e589c22 100644
--- a/gcp/deployment-packages/single-byol/README.md
+++ b/gcp/deployment-packages/single-byol/README.md
@@ -65,7 +65,7 @@ To deploy the Deployment Manager's package manually, without using the GCP Marke
| | | | | |
| **externalIP** | External IP address type | string | Static;
Ephemeral;
None;
An external IP address associated with this instance. Selecting "None" will result in the instance having no external internet access. [Learn more](https://cloud.google.com/compute/docs/ip-addresses/reserve-static-external-ip-address?_ga=2.259654658.-962483654.1585043745) |
| | | | | |
-| **installationType** | Installation type and version | string | R80.40 Gateway only
R80.40 Management only
R80.40 Manual Configuration
R80.40 Gateway and Management (Standalone)
R81.00 Gateway only
R81.00 Management only
R81.00 Manual Configuration
R81.00 Gateway and Management (Standalone)
R81.10 Gateway only
R81.10 Management only
R81.10 Manual Configuration
R81.10 Gateway and Management (Standalone)
R81.20 Gateway only
R81.20 Management only
R81.20 Manual Configuration
R81.20 Gateway and Management (Standalone) |
+| **installationType** | Installation type and version | string | R81.10 Gateway only
R81.10 Management only
R81.10 Manual Configuration
R81.10 Gateway and Management (Standalone)
R81.20 Gateway only
R81.20 Management only
R81.20 Manual Configuration
R81.20 Gateway and Management (Standalone)
R82 Gateway only
R82 Management only
R82 Manual Configuration
R82 Gateway and Management (Standalone) |
| | | | | |
| **smart1CloudToken** | Smart-1 Cloud token to connect this gateway to Check Point's Security Management as a Service.
Follow these instructions to quickly connect this member to Smart-1 Cloud - [SK180501](https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk180501) | string | A valid token copied from the Connect Gateway screen in Smart-1 Cloud portal.|
| | | | | |
diff --git a/gcp/deployment-packages/single-byol/check-point-vsec--byol.py b/gcp/deployment-packages/single-byol/check-point-vsec--byol.py
old mode 100755
new mode 100644
index 3cef893f..2916b92d
--- a/gcp/deployment-packages/single-byol/check-point-vsec--byol.py
+++ b/gcp/deployment-packages/single-byol/check-point-vsec--byol.py
@@ -15,7 +15,9 @@
'R81.10': 'r8110',
'R81.10-GW': 'r8110-gw',
'R81.20': 'r8120',
- 'R81.20-GW': 'r8120-gw'
+ 'R81.20-GW': 'r8120-gw',
+ 'R82': 'r82',
+ 'R82-GW': 'r82-gw'
}
ADDITIONAL_NETWORK = 'additionalNetwork{}'
diff --git a/gcp/deployment-packages/single-byol/check-point-vsec--byol.py.schema b/gcp/deployment-packages/single-byol/check-point-vsec--byol.py.schema
old mode 100755
new mode 100644
index 2a3c922a..4ca0f5a2
--- a/gcp/deployment-packages/single-byol/check-point-vsec--byol.py.schema
+++ b/gcp/deployment-packages/single-byol/check-point-vsec--byol.py.schema
@@ -154,6 +154,10 @@ properties:
- R81.20 Management only
- R81.20 Manual Configuration
- R81.20 Gateway and Management (Standalone)
+ - R82 Gateway only
+ - R82 Management only
+ - R82 Manual Configuration
+ - R82 Gateway and Management (Standalone)
maintenanceMode:
type: string
pattern: ^([a-z0-9A-Z.]{12,300}|)$
diff --git a/gcp/deployment-packages/single-byol/images.py b/gcp/deployment-packages/single-byol/images.py
old mode 100755
new mode 100644
index 7b04bee0..46c40abd
--- a/gcp/deployment-packages/single-byol/images.py
+++ b/gcp/deployment-packages/single-byol/images.py
@@ -1,34 +1,34 @@
IMAGES = {
- "check-point-r8120-payg": "check-point-r8120-payg-631-991001560-v20240425",
- "check-point-r8120-gw-payg-single": "check-point-r8120-gw-payg-single-631-991001560-v20240425",
- "check-point-r8120-gw-payg-mig": "check-point-r8120-gw-payg-mig-631-991001560-v20240425",
- "check-point-r8120-gw-payg-cluster": "check-point-r8120-gw-payg-cluster-631-991001560-v20240425",
- "check-point-r8120-gw-byol-single": "check-point-r8120-gw-byol-single-631-991001560-v20240425",
- "check-point-r8120-gw-byol-mig": "check-point-r8120-gw-byol-mig-631-991001560-v20240425",
- "check-point-r8120-gw-byol-cluster": "check-point-r8120-gw-byol-cluster-631-991001560-v20240425",
- "check-point-r8120-byol": "check-point-r8120-byol-631-991001560-v20240425",
- "check-point-r8110-payg": "check-point-r8110-payg-335-991001560-v20240425",
- "check-point-r8110-gw-payg-single": "check-point-r8110-gw-payg-single-335-991001560-v20240425",
- "check-point-r8110-gw-payg-mig": "check-point-r8110-gw-payg-mig-335-991001560-v20240425",
- "check-point-r8110-gw-payg-cluster": "check-point-r8110-gw-payg-cluster-335-991001560-v20240425",
- "check-point-r8110-gw-byol-single": "check-point-r8110-gw-byol-single-335-991001560-v20240425",
- "check-point-r8110-gw-byol-mig": "check-point-r8110-gw-byol-mig-335-991001560-v20240425",
- "check-point-r8110-gw-byol-cluster": "check-point-r8110-gw-byol-cluster-335-991001560-v20240425",
- "check-point-r8110-byol": "check-point-r8110-byol-335-991001560-v20240425",
- "check-point-r81-payg": "check-point-r81-payg-392-991001560-v20240425",
- "check-point-r81-gw-payg-single": "check-point-r81-gw-payg-single-392-991001560-v20240425",
- "check-point-r81-gw-payg-mig": "check-point-r81-gw-payg-mig-392-991001560-v20240425",
- "check-point-r81-gw-payg-cluster": "check-point-r81-gw-payg-cluster-392-991001560-v20240425",
- "check-point-r81-gw-byol-single": "check-point-r81-gw-byol-single-392-991001560-v20240425",
- "check-point-r81-gw-byol-mig": "check-point-r81-gw-byol-mig-392-991001560-v20240425",
- "check-point-r81-gw-byol-cluster": "check-point-r81-gw-byol-cluster-392-991001560-v20240425",
- "check-point-r81-byol": "check-point-r81-byol-392-991001560-v20240425",
- "check-point-r8040-payg": "check-point-r8040-payg-294-991001560-v20240425",
- "check-point-r8040-gw-payg-single": "check-point-r8040-gw-payg-single-294-991001564-v20240505",
- "check-point-r8040-gw-payg-mig": "check-point-r8040-gw-payg-mig-294-991001564-v20240505",
- "check-point-r8040-gw-payg-cluster": "check-point-r8040-gw-payg-cluster-294-991001564-v20240505",
- "check-point-r8040-gw-byol-single": "check-point-r8040-gw-byol-single-294-991001564-v20240505",
- "check-point-r8040-gw-byol-mig": "check-point-r8040-gw-byol-mig-294-991001564-v20240505",
- "check-point-r8040-gw-byol-cluster": "check-point-r8040-gw-byol-cluster-294-991001564-v20240505",
- "check-point-r8040-byol": "check-point-r8040-byol-294-991001560-v20240425"
+ "check-point-r82-payg": "check-point-r82-payg-777-991001695-v20241021",
+ "check-point-r82-gw-payg-single": "check-point-r82-gw-payg-single-777-991001695-v20241021",
+ "check-point-r82-gw-payg-mig": "check-point-r82-gw-payg-mig-777-991001695-v20241021",
+ "check-point-r82-gw-payg-cluster": "check-point-r82-gw-payg-cluster-777-991001695-v20241021",
+ "check-point-r82-gw-byol-single": "check-point-r82-gw-byol-single-777-991001695-v20241021",
+ "check-point-r82-gw-byol-mig": "check-point-r82-gw-byol-mig-777-991001695-v20241021",
+ "check-point-r82-gw-byol-cluster": "check-point-r82-gw-byol-cluster-777-991001695-v20241021",
+ "check-point-r82-byol": "check-point-r82-byol-777-991001695-v20241021",
+ "check-point-r8120-payg": "check-point-r8120-payg-634-991001641-v20240807",
+ "check-point-r8120-gw-payg-single": "check-point-r8120-gw-payg-single-631-991001669-v20240923",
+ "check-point-r8120-gw-payg-mig": "check-point-r8120-gw-payg-mig-631-991001669-v20240923",
+ "check-point-r8120-gw-payg-cluster": "check-point-r8120-gw-payg-cluster-631-991001669-v20240923",
+ "check-point-r8120-gw-byol-single": "check-point-r8120-gw-byol-single-631-991001669-v20240923",
+ "check-point-r8120-gw-byol-mig": "check-point-r8120-gw-byol-mig-631-991001669-v20240923",
+ "check-point-r8120-gw-byol-cluster": "check-point-r8120-gw-byol-cluster-631-991001669-v20240923",
+ "check-point-r8120-byol": "check-point-r8120-byol-634-991001641-v20240807",
+ "check-point-r8110-payg": "check-point-r8110-payg-335-991001681-v20241009",
+ "check-point-r8110-gw-payg-single": "check-point-r8110-gw-payg-single-335-991001681-v20241009",
+ "check-point-r8110-gw-payg-mig": "check-point-r8110-gw-payg-mig-335-991001681-v20241009",
+ "check-point-r8110-gw-payg-cluster": "check-point-r8110-gw-payg-cluster-335-991001681-v20241009",
+ "check-point-r8110-gw-byol-single": "check-point-r8110-gw-byol-single-335-991001681-v20241009",
+ "check-point-r8110-gw-byol-mig": "check-point-r8110-gw-byol-mig-335-991001681-v20241009",
+ "check-point-r8110-gw-byol-cluster": "check-point-r8110-gw-byol-cluster-335-991001681-v20241009",
+ "check-point-r8110-byol": "check-point-r8110-byol-335-991001681-v20241009",
+ "check-point-r81-payg": "check-point-r81-payg-392-991001616-v20240619",
+ "check-point-r81-gw-payg-single": "check-point-r81-gw-payg-single-392-991001616-v20240619",
+ "check-point-r81-gw-payg-mig": "check-point-r81-gw-payg-mig-392-991001616-v20240619",
+ "check-point-r81-gw-payg-cluster": "check-point-r81-gw-payg-cluster-392-991001616-v20240619",
+ "check-point-r81-gw-byol-single": "check-point-r81-gw-byol-single-392-991001616-v20240619",
+ "check-point-r81-gw-byol-mig": "check-point-r81-gw-byol-mig-392-991001616-v20240619",
+ "check-point-r81-gw-byol-cluster": "check-point-r81-gw-byol-cluster-392-991001616-v20240619",
+ "check-point-r81-byol": "check-point-r81-byol-392-991001616-v20240619"
}
\ No newline at end of file
diff --git a/gcp/deployment-packages/single-payg/README.md b/gcp/deployment-packages/single-payg/README.md
index c3f9443a..18b4bf04 100644
--- a/gcp/deployment-packages/single-payg/README.md
+++ b/gcp/deployment-packages/single-payg/README.md
@@ -65,7 +65,7 @@ To deploy the Deployment Manager's package manually, without using the GCP Marke
| | | | | |
| **externalIP** | External IP address type | string | Static;
Ephemeral;
None;
An external IP address associated with this instance. Selecting "None" will result in the instance having no external internet access. [Learn more](https://cloud.google.com/compute/docs/ip-addresses/reserve-static-external-ip-address?_ga=2.259654658.-962483654.1585043745) |
| | | | | |
-| **installationType** | Installation type and version | string | R80.40 Gateway only
R80.40 Management only
R80.40 Manual Configuration
R80.40 Gateway and Management (Standalone)
R81.00 Gateway only
R81.00 Management only
R81.00 Manual Configuration
R81.00 Gateway and Management (Standalone)
R81.10 Gateway only
R81.10 Management only
R81.10 Manual Configuration
R81.10 Gateway and Management (Standalone)
R81.20 Gateway only
R81.20 Management only
R81.20 Manual Configuration
R81.20 Gateway and Management (Standalone) |
+| **installationType** | Installation type and version | string | R81.10 Gateway only
R81.10 Management only
R81.10 Manual Configuration
R81.10 Gateway and Management (Standalone)
R81.20 Gateway only
R81.20 Management only
R81.20 Manual Configuration
R81.20 Gateway and Management (Standalone)
R82 Gateway only
R82 Management only
R82 Manual Configuration
R82 Gateway and Management (Standalone) |
| **smart1CloudToken** | Smart-1 Cloud token to connect this gateway to Check Point's Security Management as a Service.
Follow these instructions to quickly connect this member to Smart-1 Cloud - [SK180501](https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk180501) | string | A valid token copied from the Connect Gateway screen in Smart-1 Cloud portal.|
| | | | | |
| **diskType** | Disk type | string | pd-ssd;
pd-standard;
Storage space is much less expensive for a standard persistent disk. An SSD persistent disk is better for random IOPS or streaming throughput with low latency. [Learn more](https://cloud.google.com/compute/docs/disks/?hl=en_US&_ga=2.66020774.-962483654.1585043745#overview_of_disk_types)|
diff --git a/gcp/deployment-packages/single-payg/check-point-vsec--payg.py b/gcp/deployment-packages/single-payg/check-point-vsec--payg.py
old mode 100755
new mode 100644
index a5dfbedf..100134ae
--- a/gcp/deployment-packages/single-payg/check-point-vsec--payg.py
+++ b/gcp/deployment-packages/single-payg/check-point-vsec--payg.py
@@ -15,7 +15,9 @@
'R81.10': 'r8110',
'R81.10-GW': 'r8110-gw',
'R81.20': 'r8120',
- 'R81.20-GW': 'r8120-gw'
+ 'R81.20-GW': 'r8120-gw',
+ 'R82': 'r82',
+ 'R82-GW': 'r82-gw'
}
ADDITIONAL_NETWORK = 'additionalNetwork{}'
diff --git a/gcp/deployment-packages/single-payg/check-point-vsec--payg.py.schema b/gcp/deployment-packages/single-payg/check-point-vsec--payg.py.schema
old mode 100755
new mode 100644
index 50f3e9bb..988c88f7
--- a/gcp/deployment-packages/single-payg/check-point-vsec--payg.py.schema
+++ b/gcp/deployment-packages/single-payg/check-point-vsec--payg.py.schema
@@ -152,6 +152,10 @@ properties:
- R81.20 Gateway only
- R81.20 Manual Configuration
- R81.20 Gateway and Management (Standalone)
+ - R82 Gateway only
+ - R82 Management only
+ - R82 Manual Configuration
+ - R82 Gateway and Management (Standalone)
maintenanceMode:
type: string
pattern: ^([a-z0-9A-Z.]{12,300}|)$
diff --git a/gcp/deployment-packages/single-payg/images.py b/gcp/deployment-packages/single-payg/images.py
old mode 100755
new mode 100644
index 7b04bee0..46c40abd
--- a/gcp/deployment-packages/single-payg/images.py
+++ b/gcp/deployment-packages/single-payg/images.py
@@ -1,34 +1,34 @@
IMAGES = {
- "check-point-r8120-payg": "check-point-r8120-payg-631-991001560-v20240425",
- "check-point-r8120-gw-payg-single": "check-point-r8120-gw-payg-single-631-991001560-v20240425",
- "check-point-r8120-gw-payg-mig": "check-point-r8120-gw-payg-mig-631-991001560-v20240425",
- "check-point-r8120-gw-payg-cluster": "check-point-r8120-gw-payg-cluster-631-991001560-v20240425",
- "check-point-r8120-gw-byol-single": "check-point-r8120-gw-byol-single-631-991001560-v20240425",
- "check-point-r8120-gw-byol-mig": "check-point-r8120-gw-byol-mig-631-991001560-v20240425",
- "check-point-r8120-gw-byol-cluster": "check-point-r8120-gw-byol-cluster-631-991001560-v20240425",
- "check-point-r8120-byol": "check-point-r8120-byol-631-991001560-v20240425",
- "check-point-r8110-payg": "check-point-r8110-payg-335-991001560-v20240425",
- "check-point-r8110-gw-payg-single": "check-point-r8110-gw-payg-single-335-991001560-v20240425",
- "check-point-r8110-gw-payg-mig": "check-point-r8110-gw-payg-mig-335-991001560-v20240425",
- "check-point-r8110-gw-payg-cluster": "check-point-r8110-gw-payg-cluster-335-991001560-v20240425",
- "check-point-r8110-gw-byol-single": "check-point-r8110-gw-byol-single-335-991001560-v20240425",
- "check-point-r8110-gw-byol-mig": "check-point-r8110-gw-byol-mig-335-991001560-v20240425",
- "check-point-r8110-gw-byol-cluster": "check-point-r8110-gw-byol-cluster-335-991001560-v20240425",
- "check-point-r8110-byol": "check-point-r8110-byol-335-991001560-v20240425",
- "check-point-r81-payg": "check-point-r81-payg-392-991001560-v20240425",
- "check-point-r81-gw-payg-single": "check-point-r81-gw-payg-single-392-991001560-v20240425",
- "check-point-r81-gw-payg-mig": "check-point-r81-gw-payg-mig-392-991001560-v20240425",
- "check-point-r81-gw-payg-cluster": "check-point-r81-gw-payg-cluster-392-991001560-v20240425",
- "check-point-r81-gw-byol-single": "check-point-r81-gw-byol-single-392-991001560-v20240425",
- "check-point-r81-gw-byol-mig": "check-point-r81-gw-byol-mig-392-991001560-v20240425",
- "check-point-r81-gw-byol-cluster": "check-point-r81-gw-byol-cluster-392-991001560-v20240425",
- "check-point-r81-byol": "check-point-r81-byol-392-991001560-v20240425",
- "check-point-r8040-payg": "check-point-r8040-payg-294-991001560-v20240425",
- "check-point-r8040-gw-payg-single": "check-point-r8040-gw-payg-single-294-991001564-v20240505",
- "check-point-r8040-gw-payg-mig": "check-point-r8040-gw-payg-mig-294-991001564-v20240505",
- "check-point-r8040-gw-payg-cluster": "check-point-r8040-gw-payg-cluster-294-991001564-v20240505",
- "check-point-r8040-gw-byol-single": "check-point-r8040-gw-byol-single-294-991001564-v20240505",
- "check-point-r8040-gw-byol-mig": "check-point-r8040-gw-byol-mig-294-991001564-v20240505",
- "check-point-r8040-gw-byol-cluster": "check-point-r8040-gw-byol-cluster-294-991001564-v20240505",
- "check-point-r8040-byol": "check-point-r8040-byol-294-991001560-v20240425"
+ "check-point-r82-payg": "check-point-r82-payg-777-991001695-v20241021",
+ "check-point-r82-gw-payg-single": "check-point-r82-gw-payg-single-777-991001695-v20241021",
+ "check-point-r82-gw-payg-mig": "check-point-r82-gw-payg-mig-777-991001695-v20241021",
+ "check-point-r82-gw-payg-cluster": "check-point-r82-gw-payg-cluster-777-991001695-v20241021",
+ "check-point-r82-gw-byol-single": "check-point-r82-gw-byol-single-777-991001695-v20241021",
+ "check-point-r82-gw-byol-mig": "check-point-r82-gw-byol-mig-777-991001695-v20241021",
+ "check-point-r82-gw-byol-cluster": "check-point-r82-gw-byol-cluster-777-991001695-v20241021",
+ "check-point-r82-byol": "check-point-r82-byol-777-991001695-v20241021",
+ "check-point-r8120-payg": "check-point-r8120-payg-634-991001641-v20240807",
+ "check-point-r8120-gw-payg-single": "check-point-r8120-gw-payg-single-631-991001669-v20240923",
+ "check-point-r8120-gw-payg-mig": "check-point-r8120-gw-payg-mig-631-991001669-v20240923",
+ "check-point-r8120-gw-payg-cluster": "check-point-r8120-gw-payg-cluster-631-991001669-v20240923",
+ "check-point-r8120-gw-byol-single": "check-point-r8120-gw-byol-single-631-991001669-v20240923",
+ "check-point-r8120-gw-byol-mig": "check-point-r8120-gw-byol-mig-631-991001669-v20240923",
+ "check-point-r8120-gw-byol-cluster": "check-point-r8120-gw-byol-cluster-631-991001669-v20240923",
+ "check-point-r8120-byol": "check-point-r8120-byol-634-991001641-v20240807",
+ "check-point-r8110-payg": "check-point-r8110-payg-335-991001681-v20241009",
+ "check-point-r8110-gw-payg-single": "check-point-r8110-gw-payg-single-335-991001681-v20241009",
+ "check-point-r8110-gw-payg-mig": "check-point-r8110-gw-payg-mig-335-991001681-v20241009",
+ "check-point-r8110-gw-payg-cluster": "check-point-r8110-gw-payg-cluster-335-991001681-v20241009",
+ "check-point-r8110-gw-byol-single": "check-point-r8110-gw-byol-single-335-991001681-v20241009",
+ "check-point-r8110-gw-byol-mig": "check-point-r8110-gw-byol-mig-335-991001681-v20241009",
+ "check-point-r8110-gw-byol-cluster": "check-point-r8110-gw-byol-cluster-335-991001681-v20241009",
+ "check-point-r8110-byol": "check-point-r8110-byol-335-991001681-v20241009",
+ "check-point-r81-payg": "check-point-r81-payg-392-991001616-v20240619",
+ "check-point-r81-gw-payg-single": "check-point-r81-gw-payg-single-392-991001616-v20240619",
+ "check-point-r81-gw-payg-mig": "check-point-r81-gw-payg-mig-392-991001616-v20240619",
+ "check-point-r81-gw-payg-cluster": "check-point-r81-gw-payg-cluster-392-991001616-v20240619",
+ "check-point-r81-gw-byol-single": "check-point-r81-gw-byol-single-392-991001616-v20240619",
+ "check-point-r81-gw-byol-mig": "check-point-r81-gw-byol-mig-392-991001616-v20240619",
+ "check-point-r81-gw-byol-cluster": "check-point-r81-gw-byol-cluster-392-991001616-v20240619",
+ "check-point-r81-byol": "check-point-r81-byol-392-991001616-v20240619"
}
\ No newline at end of file
diff --git a/terraform/aws/autoscale-gwlb/README.md b/terraform/aws/autoscale-gwlb/README.md
old mode 100755
new mode 100644
index b6c58219..4d4115db
--- a/terraform/aws/autoscale-gwlb/README.md
+++ b/terraform/aws/autoscale-gwlb/README.md
@@ -116,36 +116,36 @@ secret_key = "my-secret-key"
## Inputs
-| Name | Description | Type | Allowed values | Default | Required |
-|----------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------|----------|
-| prefix | (Optional) Instances name prefix | string | n/a | "" | no |
-| asg_name | Autoscaling Group name | string | n/a | Check-Point-ASG-tf | no |
-| vpc_id | The VPC id in which to deploy | string | n/a | n/a | yes |
-| subnet_ids | List of public subnet IDs to launch resources into. Recommended at least 2 | list(string) | n/a | n/a | yes |
-| gateways_provision_address_type | Determines if the gateways are provisioned using their private or public address. | string | - private
- public | private | no |
-| allocate_public_IP | Allocate a Public IP for gateway members. | bool | true/false | false | no |
-| management_server | The name that represents the Security Management Server in the CME configuration | string | n/a | n/a | yes |
-| configuration_template | Name of the provisioning template in the CME configuration | string | n/a | n/a | yes |
-| gateway_name | The name tag of the Security Gateways instances | string | n/a | Check-Point-ASG-gateway-tf | no |
-| gateway_instance_type | The instance type of the Security Gateways | string | - c4.large
- c4.xlarge
- c5.large
- c5.xlarge
- c5.2xlarge
- c5.4xlarge
- c5.9xlarge
- c5.12xlarge
- c5.18xlarge
- c5.24xlarge
- c5n.large
- c5n.xlarge
- c5n.2xlarge
- c5n.4xlarge
- c5n.9xlarge
- c5n.18xlarge
- c5d.large
- c5d.xlarge
- c5d.2xlarge
- c5d.4xlarge
- c5d.9xlarge
- c5d.12xlarge
- c5d.18xlarge
- c5d.24xlarge
- m5.large
- m5.xlarge
- m5.2xlarge
- m5.4xlarge
- m5.8xlarge
- m5.12xlarge
- m5.16xlarge
- m5.24xlarge
- m6i.large
- m6i.xlarge
- m6i.2xlarge
- m6i.4xlarge
- m6i.8xlarge
- m6i.12xlarge
- m6i.16xlarge
- m6i.24xlarge
- m6i.32xlarge
- c6i.large
- c6i.xlarge
- c6i.2xlarge
- c6i.4xlarge
- c6i.8xlarge
- c6i.12xlarge
- c6i.16xlarge
- c6i.24xlarge
- c6i.32xlarge
- c6in.large
- c6in.xlarge
- c6in.2xlarge
- c6in.4xlarge
- c6in.8xlarge
- c6in.12xlarge
- c6in.16xlarge
- c6in.24xlarge
- c6in.32xlarge
- r5.large
- r5.xlarge
- r5.2xlarge
- r5.4xlarge
- r5.8xlarge
- r5.12xlarge
- r5.16xlarge
- r5.24xlarge
- r5a.large
- r5a.xlarge
- r5a.2xlarge
- r5a.4xlarge
- r5a.8xlarge
- r5a.12xlarge
- r5a.16xlarge
- r5a.24xlarge
- r5b.large
- r5b.xlarge
- r5b.2xlarge
- r5b.4xlarge
- r5b.8xlarge
- r5b.12xlarge
- r5b.16xlarge
- r5b.24xlarge
- r5n.large
- r5n.xlarge
- r5n.2xlarge
- r5n.4xlarge
- r5n.8xlarge
- r5n.12xlarge
- r5n.16xlarge
- r5n.24xlarge
- r6i.large
- r6i.xlarge
- r6i.2xlarge
- r6i.4xlarge
- r6i.8xlarge
- r6i.12xlarge
- r6i.16xlarge
- r6i.24xlarge
- r6i.32xlarge
- m6a.large
- m6a.xlarge
- m6a.2xlarge
- m6a.4xlarge
- m6a.8xlarge
- m6a.12xlarge
- m6a.16xlarge
- m6a.24xlarge - m6a.32xlarge
- m6a.48xlarge
| c5.xlarge | no |
-| key_name | The EC2 Key Pair name to allow SSH access to the instances | string | n/a | n/a | yes |
-| volume_size | Root volume size (GB) - minimum 100 | number | n/a | 100 | no |
-| enable_volume_encryption | Encrypt Environment instances volume with default AWS KMS key | bool | true/false | true | no |
-| instances_tags | (Optional) A map of tags as key=value pairs. All tags will be added on all AutoScaling Group instances | map(string) | n/a | {} | no |
-| metadata_imdsv2_required | Set true to deploy the instance with metadata v2 token required | bool | true/false | true | yes |
-| minimum_group_size | The minimum number of instances in the Auto Scaling group | number | n/a | 2 | no |
-| maximum_group_size | The maximum number of instances in the Auto Scaling group | number | n/a | 10 | no |
-| target_groups | (Optional) List of Target Group ARNs to associate with the Auto Scaling group | list(string) | n/a | [] | no |
-| gateway_version | Gateway version and license | string | - R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
- R81.20-PAYG-NGTX | R81.20-BYOL | no |
-| admin_shell | Set the admin shell to enable advanced command line configuration | string | - /etc/cli.sh
- /bin/bash
- /bin/csh
- /bin/tcsh | /etc/cli.sh | no |
-| gateway_password_hash | Check Point recommends setting Admin user's password and maintenance-mode password for recovery purposes. For R81.10 and below the Admin user's password is used also as maintenance-mode password. (To generate a password hash use the command "grub2-mkpasswd-pbkdf2" on Linux and paste it here). (optional) | string | n/a | "" | no |
-| gateway_SICKey | The Secure Internal Communication key for trusted connection between Check Point components (at least 8 alphanumeric characters) | string | n/a | "12345678" | yes |
-| enable_instance_connect | Enable SSH connection over AWS web console. Supporting regions can be found [here](https://aws.amazon.com/about-aws/whats-new/2019/06/introducing-amazon-ec2-instance-connect/) | bool | true/false | false | no |
-| allow_upload_download | Automatically download Blade Contracts and other important data. Improve product experience by sending data to Check Point | bool | true/false | true | no |
-| enable_cloudwatch | Report Check Point specific CloudWatch metrics | bool | true/false | false | no |
-| gateway_bootstrap_script | (Optional) Semicolon (;) separated commands to run on the initial boot | string | n/a | "" | no |
-| volume_type | General Purpose SSD Volume Type | string | - gp3
- gp2 | gp3 | no |
-| gateway_maintenance_mode_password_hash | (optional) Check Point recommends setting Admin user's password and maintenance-mode password for recovery purposes. For R81.10 and below the Admin user's password is used also as maintenance-mode password. (To generate a password hash use the command 'grub2-mkpasswd-pbkdf2' on Linux and paste it here). | string | n/a | "" | no |
+| Name | Description | Type | Allowed values | Default | Required |
+|----------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------|-------------|
+| prefix | (Optional) Instances name prefix | string | n/a | "" | no |
+| asg_name | Autoscaling Group name | string | n/a | Check-Point-ASG-tf | no |
+| vpc_id | The VPC id in which to deploy | string | n/a | n/a | yes |
+| subnet_ids | List of public subnet IDs to launch resources into. Recommended at least 2 | list(string) | n/a | n/a | yes |
+| gateways_provision_address_type | Determines if the gateways are provisioned using their private or public address. | string | - private
- public | private | no |
+| allocate_public_IP | Allocate a Public IP for gateway members. | bool | true/false | false | no |
+| management_server | The name that represents the Security Management Server in the CME configuration | string | n/a | n/a | yes |
+| configuration_template | Name of the provisioning template in the CME configuration | string | n/a | n/a | yes |
+| gateway_name | The name tag of the Security Gateways instances | string | n/a | Check-Point-ASG-gateway-tf | no |
+| gateway_instance_type | The instance type of the Security Gateways | string | - c4.large
- c4.xlarge
- c5.large
- c5.xlarge
- c5.2xlarge
- c5.4xlarge
- c5.9xlarge
- c5.12xlarge
- c5.18xlarge
- c5.24xlarge
- c5n.large
- c5n.xlarge
- c5n.2xlarge
- c5n.4xlarge
- c5n.9xlarge
- c5n.18xlarge
- c5d.large
- c5d.xlarge
- c5d.2xlarge
- c5d.4xlarge
- c5d.9xlarge
- c5d.12xlarge
- c5d.18xlarge
- c5d.24xlarge
- m5.large
- m5.xlarge
- m5.2xlarge
- m5.4xlarge
- m5.8xlarge
- m5.12xlarge
- m5.16xlarge
- m5.24xlarge
- m6i.large
- m6i.xlarge
- m6i.2xlarge
- m6i.4xlarge
- m6i.8xlarge
- m6i.12xlarge
- m6i.16xlarge
- m6i.24xlarge
- m6i.32xlarge
- c6i.large
- c6i.xlarge
- c6i.2xlarge
- c6i.4xlarge
- c6i.8xlarge
- c6i.12xlarge
- c6i.16xlarge
- c6i.24xlarge
- c6i.32xlarge
- c6in.large
- c6in.xlarge
- c6in.2xlarge
- c6in.4xlarge
- c6in.8xlarge
- c6in.12xlarge
- c6in.16xlarge
- c6in.24xlarge
- c6in.32xlarge
- r5.large
- r5.xlarge
- r5.2xlarge
- r5.4xlarge
- r5.8xlarge
- r5.12xlarge
- r5.16xlarge
- r5.24xlarge
- r5a.large
- r5a.xlarge
- r5a.2xlarge
- r5a.4xlarge
- r5a.8xlarge
- r5a.12xlarge
- r5a.16xlarge
- r5a.24xlarge
- r5b.large
- r5b.xlarge
- r5b.2xlarge
- r5b.4xlarge
- r5b.8xlarge
- r5b.12xlarge
- r5b.16xlarge
- r5b.24xlarge
- r5n.large
- r5n.xlarge
- r5n.2xlarge
- r5n.4xlarge
- r5n.8xlarge
- r5n.12xlarge
- r5n.16xlarge
- r5n.24xlarge
- r6i.large
- r6i.xlarge
- r6i.2xlarge
- r6i.4xlarge
- r6i.8xlarge
- r6i.12xlarge
- r6i.16xlarge
- r6i.24xlarge
- r6i.32xlarge
- m6a.large
- m6a.xlarge
- m6a.2xlarge
- m6a.4xlarge
- m6a.8xlarge
- m6a.12xlarge
- m6a.16xlarge
- m6a.24xlarge - m6a.32xlarge
- m6a.48xlarge
| c5.xlarge | no |
+| key_name | The EC2 Key Pair name to allow SSH access to the instances | string | n/a | n/a | yes |
+| volume_size | Root volume size (GB) - minimum 100 | number | n/a | 100 | no |
+| enable_volume_encryption | Encrypt Environment instances volume with default AWS KMS key | bool | true/false | true | no |
+| instances_tags | (Optional) A map of tags as key=value pairs. All tags will be added on all AutoScaling Group instances | map(string) | n/a | {} | no |
+| metadata_imdsv2_required | Set true to deploy the instance with metadata v2 token required | bool | true/false | true | yes |
+| minimum_group_size | The minimum number of instances in the Auto Scaling group | number | n/a | 2 | no |
+| maximum_group_size | The maximum number of instances in the Auto Scaling group | number | n/a | 10 | no |
+| target_groups | (Optional) List of Target Group ARNs to associate with the Auto Scaling group | list(string) | n/a | [] | no |
+| gateway_version | Gateway version and license | string | - R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
- R81.20-PAYG-NGTX
- R82-BYOL
- R82-PAYG-NGTP
- R82-PAYG-NGTX | R81.20-BYOL | no |
+| admin_shell | Set the admin shell to enable advanced command line configuration | string | - /etc/cli.sh
- /bin/bash
- /bin/csh
- /bin/tcsh | /etc/cli.sh | no |
+| gateway_password_hash | Check Point recommends setting Admin user's password and maintenance-mode password for recovery purposes. For R81.10 and below the Admin user's password is used also as maintenance-mode password. (To generate a password hash use the command "grub2-mkpasswd-pbkdf2" on Linux and paste it here). (optional) | string | n/a | "" | no |
+| gateway_SICKey | The Secure Internal Communication key for trusted connection between Check Point components (at least 8 alphanumeric characters) | string | n/a | "12345678" | yes |
+| enable_instance_connect | Enable SSH connection over AWS web console. Supporting regions can be found [here](https://aws.amazon.com/about-aws/whats-new/2019/06/introducing-amazon-ec2-instance-connect/) | bool | true/false | false | no |
+| allow_upload_download | Automatically download Blade Contracts and other important data. Improve product experience by sending data to Check Point | bool | true/false | true | no |
+| enable_cloudwatch | Report Check Point specific CloudWatch metrics | bool | true/false | false | no |
+| gateway_bootstrap_script | (Optional) Semicolon (;) separated commands to run on the initial boot | string | n/a | "" | no |
+| volume_type | General Purpose SSD Volume Type | string | - gp3
- gp2 | gp3 | no |
+| gateway_maintenance_mode_password_hash | (optional) Check Point recommends setting Admin user's password and maintenance-mode password for recovery purposes. For R81.10 and below the Admin user's password is used also as maintenance-mode password. (To generate a password hash use the command 'grub2-mkpasswd-pbkdf2' on Linux and paste it here). | string | n/a | "" | no |
## Outputs
| Name | Description |
@@ -167,6 +167,7 @@ In order to check the template version, please refer to [sk116585](https://suppo
| Template Version | Description |
|------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| 20241027 | R82 version support |
| 20240704 | - R80.40 version deprecation.
- R81 version deprecation |
| 20240515 | Add support for requiring use instance metadata service version 2 (IMDSv2) only |
| 20240417 | - Add support for Elastic Load Balancer Health Checks.
- EC2 Auto Scaling will start to detect and act on health checks performed by Elastic Load Balancing. |
diff --git a/terraform/aws/autoscale-gwlb/asg_userdata.yaml b/terraform/aws/autoscale-gwlb/asg_userdata.yaml
old mode 100755
new mode 100644
index bb095c01..8cc2a7a5
--- a/terraform/aws/autoscale-gwlb/asg_userdata.yaml
+++ b/terraform/aws/autoscale-gwlb/asg_userdata.yaml
@@ -26,4 +26,4 @@ bootcmd:
- echo "cpprod_util CPPROD_SetValue \"fw1\" \"AwsGwlb\" 4 1 1" >> /etc/rc.local
runcmd:
- |
- python3 /etc/cloud_config.py enableCloudWatch=\"${EnableCloudWatch}\" sicKey=\"${SICKey}\" installationType=\"autoscale\" osVersion=\"${OsVersion}\" allowUploadDownload=\"${AllowUploadDownload}\" templateVersion=\"20231012\" templateName=\"autoscale_gwlb\" templateType=\"terraform\" shell=\"${Shell}\" enableInstanceConnect=\"${EnableInstanceConnect}\" passwordHash=\"${PasswordHash}\" MaintenanceModePassword=\"${MaintenanceModePassword}\" bootstrapScript64=\"${BootstrapScript}\"
\ No newline at end of file
+ python3 /etc/cloud_config.py enableCloudWatch=\"${EnableCloudWatch}\" sicKey=\"${SICKey}\" installationType=\"autoscale\" osVersion=\"${OsVersion}\" allowUploadDownload=\"${AllowUploadDownload}\" templateVersion=\"20241027\" templateName=\"autoscale_gwlb\" templateType=\"terraform\" shell=\"${Shell}\" enableInstanceConnect=\"${EnableInstanceConnect}\" passwordHash=\"${PasswordHash}\" MaintenanceModePassword=\"${MaintenanceModePassword}\" bootstrapScript64=\"${BootstrapScript}\"
\ No newline at end of file
diff --git a/terraform/aws/autoscale/README.md b/terraform/aws/autoscale/README.md
old mode 100755
new mode 100644
index a46954ae..834e4618
--- a/terraform/aws/autoscale/README.md
+++ b/terraform/aws/autoscale/README.md
@@ -126,7 +126,7 @@ secret_key = "my-secret-key"
## Inputs
| Name | Description | Type | Allowed values | Default | Required |
-|----------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------|----------|
+|----------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------|----------|
| prefix | (Optional) Instances name prefix | string | n/a | "" | no |
| asg_name | Autoscaling Group name | string | n/a | Check-Point-ASG-tf | no |
| vpc_id | The VPC id in which to deploy | string | n/a | n/a | yes |
@@ -144,7 +144,7 @@ secret_key = "my-secret-key"
| minimum_group_size | The minimum number of instances in the Auto Scaling group | number | n/a | 2 | no |
| maximum_group_size | The maximum number of instances in the Auto Scaling group | number | n/a | 10 | no |
| target_groups | (Optional) List of Target Group ARNs to associate with the Auto Scaling group | list(string) | n/a | [] | no |
-| gateway_version | Gateway version and license | string | - R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.10-PAYG-NGTX
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX | R81.20-BYOL | no |
+| gateway_version | Gateway version and license | string | - R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.10-PAYG-NGTX
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
- R82-BYOL
- R82-PAYG-NGTP
- R82-PAYG-NGTX | R81.20-BYOL | no |
| admin_shell | Set the admin shell to enable advanced command line configuration | string | - /etc/cli.sh
- /bin/bash
- /bin/csh
- /bin/tcsh | /etc/cli.sh | no |
| gateway_password_hash | Check Point recommends setting Admin user's password and maintenance-mode password for recovery purposes. For R81.10 and below the Admin user's password is used also as maintenance-mode password. (To generate a password hash use the command "grub2-mkpasswd-pbkdf2" on Linux and paste it here). (optional) | string | n/a | "" | no |
| gateway_SICKey | The Secure Internal Communication key for trusted connection between Check Point components (at least 8 alphanumeric characters) | string | n/a | "12345678" | yes |
@@ -179,6 +179,7 @@ In order to check the template version, please refer to [sk116585](https://suppo
| Template Version | Description |
|------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| 20241027 | R82 version support |
| 20240704 | - R80.40 version deprecation.
- R81 version deprecation. |
| 20240515 | Add support for requiring use instance metadata service version 2 (IMDSv2) only |
| 20240417 | - Add support for Elastic Load Balancer Health Checks.
- EC2 Auto Scaling will start to detect and act on health checks performed by Elastic Load Balancing. |
diff --git a/terraform/aws/autoscale/asg_userdata.yaml b/terraform/aws/autoscale/asg_userdata.yaml
old mode 100755
new mode 100644
index 4c6633c3..140f2d8d
--- a/terraform/aws/autoscale/asg_userdata.yaml
+++ b/terraform/aws/autoscale/asg_userdata.yaml
@@ -1,4 +1,4 @@
#cloud-config
runcmd:
- |
- python3 /etc/cloud_config.py enableCloudWatch=\"${EnableCloudWatch}\" sicKey=\"${SICKey}\" installationType=\"autoscale\" osVersion=\"${OsVersion}\" allowUploadDownload=\"${AllowUploadDownload}\" templateVersion=\"20240704\" templateName=\"autoscale\" templateType=\"terraform\" shell=\"${Shell}\" enableInstanceConnect=\"${EnableInstanceConnect}\" passwordHash=\"${PasswordHash}\" MaintenanceModePassword=\"${MaintenanceModePassword}\" bootstrapScript64=\"${BootstrapScript}\"
+ python3 /etc/cloud_config.py enableCloudWatch=\"${EnableCloudWatch}\" sicKey=\"${SICKey}\" installationType=\"autoscale\" osVersion=\"${OsVersion}\" allowUploadDownload=\"${AllowUploadDownload}\" templateVersion=\"20241027\" templateName=\"autoscale\" templateType=\"terraform\" shell=\"${Shell}\" enableInstanceConnect=\"${EnableInstanceConnect}\" passwordHash=\"${PasswordHash}\" MaintenanceModePassword=\"${MaintenanceModePassword}\" bootstrapScript64=\"${BootstrapScript}\"
diff --git a/terraform/aws/cluster-master/README.md b/terraform/aws/cluster-master/README.md
old mode 100755
new mode 100644
index 7354af59..680c3dfc
--- a/terraform/aws/cluster-master/README.md
+++ b/terraform/aws/cluster-master/README.md
@@ -171,7 +171,7 @@ secret_key = "my-secret-key"
| metadata_imdsv2_required | Set true to deploy the instance with metadata v2 token required | bool | true/false | true | yes |
| instance_tags | (Optional) A map of tags as key=value pairs. All tags will be added to the Gateway EC2 Instances | map(string) | n/a | {} | no |
| predefined_role | (Optional) A predefined IAM role to attach to the cluster profile | string | n/a | "" | no |
-| gateway_version | Gateway version and license | string | - R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.10-PAYG-NGTX
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
- R81.20-PAYG-NGTX | R81.20-BYOL | no |
+| gateway_version | Gateway version and license | string | - R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.10-PAYG-NGTX
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
- R82-BYOL
- R82-PAYG-NGTP
- R82-PAYG-NGTX | R81.20-BYOL | no |
| admin_shell | Set the admin shell to enable advanced command line configuration | string | - /etc/cli.sh
- /bin/bash
- /bin/csh
- /bin/tcsh | /etc/cli.sh | no |
| gateway_SICKey | The Secure Internal Communication key for trusted connection between Check Point components. Choose a random string consisting of at least 8 alphanumeric characters | string | n/a | "12345678" | yes |
| gateway_password_hash | (Optional) Admin user's password hash (use command 'openssl passwd -6 PASSWORD' to get the PASSWORD's hash) | string | n/a | "" | no |
@@ -203,6 +203,7 @@ In order to check the template version, please refer to [sk116585](https://suppo
| Template Version | Description |
|------------------|---------------------------------------------------------------------------------------------------------------|
+| 20241027 | R82 version support |
| 20240704 | - R80.40 version deprecation.
- R81 version deprecation. |
| 20240515 | Add support for requiring use instance metadata service version 2 (IMDSv2) only |
| 20231012 | Update AWS Terraform provider version to 5.20.1 |
diff --git a/terraform/aws/cluster/README.md b/terraform/aws/cluster/README.md
old mode 100755
new mode 100644
index e1b48f4f..cbe60b62
--- a/terraform/aws/cluster/README.md
+++ b/terraform/aws/cluster/README.md
@@ -133,7 +133,7 @@ secret_key = "my-secret-key"
## Inputs
| Name | Description | Type | Allowed values | Default | Required |
-|----------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------|----------|
+|----------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------|-----------|
| vpc_id | The VPC id in which to deploy | string | n/a | n/a | yes |
| public_subnet_id | The public subnet of the cluster. The cluster's public IPs will be generated from this subnet | string | n/a | n/a | yes |
| private_subnet_id | The private subnet of the cluster. The cluster's private IPs will be generated from this subnet | string | n/a | n/a | yes |
@@ -149,7 +149,7 @@ secret_key = "my-secret-key"
| metadata_imdsv2_required | Set true to deploy the instance with metadata v2 token required | bool | true/false | true | yes |
| instance_tags | (Optional) A map of tags as key=value pairs. All tags will be added to the Gateway EC2 Instances | map(string) | n/a | {} | no |
| predefined_role | (Optional) A predefined IAM role to attach to the cluster profile | string | n/a | "" | no |
-| gateway_version | Gateway version and license | string | - R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.10-PAYG-NGTX
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
- R81.20-PAYG-NGTX | R81.20-BYOL | no |
+| gateway_version | Gateway version and license | string | - R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.10-PAYG-NGTX
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
- R81.20-PAYG-NGTX
- R82-BYOL
- R82-PAYG-NGTP
- R82-PAYG-NGTX | R81.20-BYOL | no |
| admin_shell | Set the admin shell to enable advanced command line configuration | string | - /etc/cli.sh
- /bin/bash
- /bin/csh
- /bin/tcsh | /etc/cli.sh | no |
| gateway_SICKey | The Secure Internal Communication key for trusted connection between Check Point components. Choose a random string consisting of at least 8 alphanumeric characters | string | n/a | "12345678" | no |
| gateway_password_hash | (Optional) Admin user's password hash (use command 'openssl passwd -6 PASSWORD' to get the PASSWORD's hash) | string | n/a | "" | no |
@@ -181,6 +181,7 @@ In order to check the template version, please refer to [sk116585](https://suppo
| Template Version | Description |
|------------------|---------------------------------------------------------------------------------------------------------------|
+| 20241027 | R82 version support |
| 20240704 | - R80.40 version deprecation.
- R81 version deprecation. |
| 20240515 | Add support for requiring use instance metadata service version 2 (IMDSv2) only |
| 20240304 | Add x-chkp-cluster-ips, x-chkp-member-ips tags to cluster members |
diff --git a/terraform/aws/cluster/cluster_member_a_userdata.yaml b/terraform/aws/cluster/cluster_member_a_userdata.yaml
old mode 100755
new mode 100644
index 1fa105c0..da66a948
--- a/terraform/aws/cluster/cluster_member_a_userdata.yaml
+++ b/terraform/aws/cluster/cluster_member_a_userdata.yaml
@@ -1,4 +1,4 @@
#cloud-config
runcmd:
- |
- python3 /etc/cloud_config.py enableCloudWatch=\"${EnableCloudWatch}\" sicKey=\"${SICKey}\" "smart1CloudToken=\"${TokenA}\"" installationType=\"cluster\" osVersion=\"${OsVersion}\" allowUploadDownload=\"${AllowUploadDownload}\" elasticIp=\"${MemberAPublicAddress}\" templateVersion=\"20240704\" templateName=\"cluster\" templateType=\"terraform\" shell=\"${Shell}\" enableInstanceConnect=\"${EnableInstanceConnect}\" hostName=\"${Hostname}\" ntpPrimary=\"${NTPPrimary}\" ntpSecondary=\"${NTPSecondary}\" passwordHash=\"${PasswordHash}\" MaintenanceModePassword=\"${MaintenanceModePassword}\" allocatePublicAddress=\"${AllocateAddress}\" bootstrapScript64=\"${GatewayBootstrapScript}\"
\ No newline at end of file
+ python3 /etc/cloud_config.py enableCloudWatch=\"${EnableCloudWatch}\" sicKey=\"${SICKey}\" "smart1CloudToken=\"${TokenA}\"" installationType=\"cluster\" osVersion=\"${OsVersion}\" allowUploadDownload=\"${AllowUploadDownload}\" elasticIp=\"${MemberAPublicAddress}\" templateVersion=\"20241027\" templateName=\"cluster\" templateType=\"terraform\" shell=\"${Shell}\" enableInstanceConnect=\"${EnableInstanceConnect}\" hostName=\"${Hostname}\" ntpPrimary=\"${NTPPrimary}\" ntpSecondary=\"${NTPSecondary}\" passwordHash=\"${PasswordHash}\" MaintenanceModePassword=\"${MaintenanceModePassword}\" allocatePublicAddress=\"${AllocateAddress}\" bootstrapScript64=\"${GatewayBootstrapScript}\"
\ No newline at end of file
diff --git a/terraform/aws/cluster/cluster_member_b_userdata.yaml b/terraform/aws/cluster/cluster_member_b_userdata.yaml
old mode 100755
new mode 100644
index 36d29dc5..9109013c
--- a/terraform/aws/cluster/cluster_member_b_userdata.yaml
+++ b/terraform/aws/cluster/cluster_member_b_userdata.yaml
@@ -1,4 +1,4 @@
#cloud-config
runcmd:
- |
- python3 /etc/cloud_config.py enableCloudWatch=\"${EnableCloudWatch}\" sicKey=\"${SICKey}\" "smart1CloudToken=\"${TokenB}\"" installationType=\"cluster\" osVersion=\"${OsVersion}\" allowUploadDownload=\"${AllowUploadDownload}\" elasticIp=\"${MemberBPublicAddress}\" templateVersion=\"20231012\" templateName=\"cluster\" templateType=\"terraform\" shell=\"${Shell}\" enableInstanceConnect=\"${EnableInstanceConnect}\" hostName=\"${Hostname }\" ntpPrimary=\"${NTPPrimary}\" ntpSecondary=\"${NTPSecondary}\" passwordHash=\"${PasswordHash}\" MaintenanceModePassword=\"${MaintenanceModePassword}\" allocatePublicAddress=\"${AllocateAddress}\" bootstrapScript64=\"${GatewayBootstrapScript}\"
\ No newline at end of file
+ python3 /etc/cloud_config.py enableCloudWatch=\"${EnableCloudWatch}\" sicKey=\"${SICKey}\" "smart1CloudToken=\"${TokenB}\"" installationType=\"cluster\" osVersion=\"${OsVersion}\" allowUploadDownload=\"${AllowUploadDownload}\" elasticIp=\"${MemberBPublicAddress}\" templateVersion=\"20241027\" templateName=\"cluster\" templateType=\"terraform\" shell=\"${Shell}\" enableInstanceConnect=\"${EnableInstanceConnect}\" hostName=\"${Hostname }\" ntpPrimary=\"${NTPPrimary}\" ntpSecondary=\"${NTPSecondary}\" passwordHash=\"${PasswordHash}\" MaintenanceModePassword=\"${MaintenanceModePassword}\" allocatePublicAddress=\"${AllocateAddress}\" bootstrapScript64=\"${GatewayBootstrapScript}\"
\ No newline at end of file
diff --git a/terraform/aws/cross-az-cluster-master/README.md b/terraform/aws/cross-az-cluster-master/README.md
old mode 100755
new mode 100644
index ce475b0d..f3d5ebb1
--- a/terraform/aws/cross-az-cluster-master/README.md
+++ b/terraform/aws/cross-az-cluster-master/README.md
@@ -170,7 +170,7 @@ secret_key = "my-secret-key"
| metadata_imdsv2_required | Set true to deploy the instance with metadata v2 token required | bool | true/false | true | yes |
| instance_tags | (Optional) A map of tags as key=value pairs. All tags will be added to the Gateway EC2 Instances | map(string) | n/a | {} | no |
| predefined_role | (Optional) A predefined IAM role to attach to the cluster profile | string | n/a | "" | no |
-| gateway_version | Gateway version and license | string | - R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX | R81.20-BYOL | no |
+| gateway_version | Gateway version and license | string | - R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
- R82-BYOL
- R82-PAYG-NGTP
- R82-PAYG-NGTX | R81.20-BYOL | no |
| admin_shell | Set the admin shell to enable advanced command line configuration | string | - /etc/cli.sh
- /bin/bash
- /bin/csh
- /bin/tcsh | /etc/cli.sh | no |
| gateway_SICKey | The Secure Internal Communication key for trusted connection between Check Point components. Choose a random string consisting of at least 8 alphanumeric characters | string | n/a | "12345678" | yes |
| gateway_password_hash | (Optional) Admin user's password hash (use command 'openssl passwd -6 PASSWORD' to get the PASSWORD's hash) | string | n/a | "" | no |
@@ -202,6 +202,7 @@ In order to check the template version, please refer to [sk116585](https://suppo
| Template Version | Description |
|------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| 20241027 | R82 version support |
| 20240515 | Add support for requiring use instance metadata service version 2 (IMDSv2) only |
| 20231012 | Update AWS Terraform provider version to 5.20.1 |
| 20230923 | Add support for C5d instance type |
diff --git a/terraform/aws/cross-az-cluster/README.md b/terraform/aws/cross-az-cluster/README.md
old mode 100755
new mode 100644
index ed0737da..34d9b77f
--- a/terraform/aws/cross-az-cluster/README.md
+++ b/terraform/aws/cross-az-cluster/README.md
@@ -145,7 +145,7 @@ secret_key = "my-secret-key"
| metadata_imdsv2_required | Set true to deploy the instance with metadata v2 token required | bool | true/false | true | yes |
| instance_tags | (Optional) A map of tags as key=value pairs. All tags will be added to the Gateway EC2 Instances | map(string) | n/a | {} | no |
| predefined_role | (Optional) A predefined IAM role to attach to the cluster profile | string | n/a | "" | no |
-| gateway_version | Gateway version and license | string | - R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX | R81.20-BYOL | no |
+| gateway_version | Gateway version and license | string | - R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
- R82-BYOL
- R82-PAYG-NGTP
- R82-PAYG-NGTX | R81.20-BYOL | no |
| admin_shell | Set the admin shell to enable advanced command line configuration | string | - /etc/cli.sh
- /bin/bash
- /bin/csh
- /bin/tcsh | /etc/cli.sh | no |
| gateway_SICKey | The Secure Internal Communication key for trusted connection between Check Point components. Choose a random string consisting of at least 8 alphanumeric characters | string | n/a | "12345678" | yes |
| gateway_password_hash | (Optional) Admin user's password hash (use command 'openssl passwd -6 PASSWORD' to get the PASSWORD's hash) | string | n/a | "" | no |
@@ -178,6 +178,7 @@ In order to check the template version, please refer to [sk116585](https://suppo
| Template Version | Description |
|------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| 20241027 | R82 version support |
| 20240515 | Add support for requiring use instance metadata service version 2 (IMDSv2) only |
| 20240304 | Add x-chkp-cluster-ips, x-chkp-member-ips tags to cluster members |
| 20231012 | Update AWS Terraform provider version to 5.20.1 |
diff --git a/terraform/aws/cross-az-cluster/cluster_member_a_userdata.yaml b/terraform/aws/cross-az-cluster/cluster_member_a_userdata.yaml
old mode 100755
new mode 100644
index f9a926c5..2d8ab4a0
--- a/terraform/aws/cross-az-cluster/cluster_member_a_userdata.yaml
+++ b/terraform/aws/cross-az-cluster/cluster_member_a_userdata.yaml
@@ -1,4 +1,4 @@
#cloud-config
runcmd:
- |
- python3 /etc/cloud_config.py enableCloudWatch=\"${EnableCloudWatch}\" sicKey=\"${SICKey}\" "smart1CloudToken=\"${TokenA}\"" installationType=\"cross-az-cluster\" osVersion=\"${OsVersion}\" allowUploadDownload=\"${AllowUploadDownload}\" templateVersion=\"20240310\" templateName=\"cross_az_cluster\" templateType=\"terraform\" shell=\"${Shell}\" enableInstanceConnect=\"${EnableInstanceConnect}\" hostName=\"${Hostname}\" ntpPrimary=\"${NTPPrimary}\" ntpSecondary=\"${NTPSecondary}\" passwordHash=\"${PasswordHash}\" MaintenanceModePassword=\"${MaintenanceModePassword}\" elasticIp=\"${MemberAPublicAddress}\" otherMemberIp=\"${MemberBPrivateAddressCluster}\" clusterIp=\"${PublicAddressCluster}\" secondaryIp=\"${MemberAPrivateAddressSecondary}\" otherMemberPrivateClusterIp=\"${MemberBPrivateAddressSecondary}\" bootstrapScript64=\"${GatewayBootstrapScript}\"
\ No newline at end of file
+ python3 /etc/cloud_config.py enableCloudWatch=\"${EnableCloudWatch}\" sicKey=\"${SICKey}\" "smart1CloudToken=\"${TokenA}\"" installationType=\"cross-az-cluster\" osVersion=\"${OsVersion}\" allowUploadDownload=\"${AllowUploadDownload}\" templateVersion=\"20241027\" templateName=\"cross_az_cluster\" templateType=\"terraform\" shell=\"${Shell}\" enableInstanceConnect=\"${EnableInstanceConnect}\" hostName=\"${Hostname}\" ntpPrimary=\"${NTPPrimary}\" ntpSecondary=\"${NTPSecondary}\" passwordHash=\"${PasswordHash}\" MaintenanceModePassword=\"${MaintenanceModePassword}\" elasticIp=\"${MemberAPublicAddress}\" otherMemberIp=\"${MemberBPrivateAddressCluster}\" clusterIp=\"${PublicAddressCluster}\" secondaryIp=\"${MemberAPrivateAddressSecondary}\" otherMemberPrivateClusterIp=\"${MemberBPrivateAddressSecondary}\" bootstrapScript64=\"${GatewayBootstrapScript}\"
\ No newline at end of file
diff --git a/terraform/aws/cross-az-cluster/cluster_member_b_userdata.yaml b/terraform/aws/cross-az-cluster/cluster_member_b_userdata.yaml
old mode 100755
new mode 100644
index a374aaa6..44e2eb70
--- a/terraform/aws/cross-az-cluster/cluster_member_b_userdata.yaml
+++ b/terraform/aws/cross-az-cluster/cluster_member_b_userdata.yaml
@@ -1,4 +1,4 @@
#cloud-config
runcmd:
- |
- python3 /etc/cloud_config.py enableCloudWatch=\"${EnableCloudWatch}\" sicKey=\"${SICKey}\" "smart1CloudToken=\"${TokenB}\"" installationType=\"cross-az-cluster\" osVersion=\"${OsVersion}\" allowUploadDownload=\"${AllowUploadDownload}\" templateVersion=\"20240310\" templateName=\"cross_az_cluster\" templateType=\"terraform\" shell=\"${Shell}\" enableInstanceConnect=\"${EnableInstanceConnect}\" hostName=\"${Hostname}\" ntpPrimary=\"${NTPPrimary}\" ntpSecondary=\"${NTPSecondary}\" passwordHash=\"${PasswordHash}\" MaintenanceModePassword=\"${MaintenanceModePassword}\" elasticIp=\"${MemberBPublicAddress}\" otherMemberIp=\"${MemberAPrivateAddressCluster}\" clusterIp=\"${PublicAddressCluster}\" secondaryIp=\"${MemberBPrivateAddressSecondary}\" otherMemberPrivateClusterIp=\"${MemberAPrivateAddressSecondary}\" bootstrapScript64=\"${GatewayBootstrapScript}\"
\ No newline at end of file
+ python3 /etc/cloud_config.py enableCloudWatch=\"${EnableCloudWatch}\" sicKey=\"${SICKey}\" "smart1CloudToken=\"${TokenB}\"" installationType=\"cross-az-cluster\" osVersion=\"${OsVersion}\" allowUploadDownload=\"${AllowUploadDownload}\" templateVersion=\"20241027\" templateName=\"cross_az_cluster\" templateType=\"terraform\" shell=\"${Shell}\" enableInstanceConnect=\"${EnableInstanceConnect}\" hostName=\"${Hostname}\" ntpPrimary=\"${NTPPrimary}\" ntpSecondary=\"${NTPSecondary}\" passwordHash=\"${PasswordHash}\" MaintenanceModePassword=\"${MaintenanceModePassword}\" elasticIp=\"${MemberBPublicAddress}\" otherMemberIp=\"${MemberAPrivateAddressCluster}\" clusterIp=\"${PublicAddressCluster}\" secondaryIp=\"${MemberBPrivateAddressSecondary}\" otherMemberPrivateClusterIp=\"${MemberAPrivateAddressSecondary}\" bootstrapScript64=\"${GatewayBootstrapScript}\"
\ No newline at end of file
diff --git a/terraform/aws/gateway-master/README.md b/terraform/aws/gateway-master/README.md
old mode 100755
new mode 100644
index 00594f44..15fd6892
--- a/terraform/aws/gateway-master/README.md
+++ b/terraform/aws/gateway-master/README.md
@@ -161,7 +161,7 @@ secret_key = "my-secret-key"
| disable_instance_termination | Prevents an instance from accidental termination. Note: Once this attribute is true terraform destroy won't work properly | bool | true/false | false | no |
| metadata_imdsv2_required | Set true to deploy the instance with metadata v2 token required | bool | true/false | true | yes |
| instance_tags | (Optional) A map of tags as key=value pairs. All tags will be added to the Security Gateway EC2 Instance | map(string) | n/a | {} | no |
-| gateway_version | Gateway version and license | string | - R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.10-PAYG-NGTX
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
- R81.20-PAYG-NGTX | R81.20-BYOL | no |
+| gateway_version | Gateway version and license | string | - R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.10-PAYG-NGTX
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
- R81.20-PAYG-NGTX
- R82-BYOL
- R82-PAYG-NGTP
- R82-PAYG-NGTX | R81.20-BYOL | no |
| admin_shell | Set the admin shell to enable advanced command line configuration | string | - /etc/cli.sh
- /bin/bash
- /bin/csh
- /bin/tcsh | /etc/cli.sh | no |
| gateway_SIC_Key | The Secure Internal Communication key for trusted connection between Check Point components. Choose a random string consisting of at least 8 alphanumeric characters | string | n/a | "12345678" | yes |
| gateway_password_hash | (Optional) Admin user's password hash (use command 'openssl passwd -6 PASSWORD' to get the PASSWORD's hash) | string | n/a | "" | no |
@@ -198,6 +198,7 @@ In order to check the template version, please refer to [sk116585](https://suppo
| Template Version | Description |
|------------------|---------------------------------------------------------------------------------------------------------------|
+| 20241027 | R82 version support |
| 20240704 | - R80.40 version deprecation.
- R81 version deprecation. |
| 20240515 | Add support for requiring use instance metadata service version 2 (IMDSv2) only |
| 20231012 | Update AWS Terraform provider version to 5.20.1 |
diff --git a/terraform/aws/gateway/README.md b/terraform/aws/gateway/README.md
old mode 100755
new mode 100644
index 52c8ff8a..ea58cb3b
--- a/terraform/aws/gateway/README.md
+++ b/terraform/aws/gateway/README.md
@@ -124,7 +124,7 @@ secret_key = "my-secret-key"
## Inputs
| Name | Description | Type | Allowed values | Default | Required |
-|------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------|----------|
+|------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------|----------|
| vpc_id | The VPC id in which to deploy | string | n/a | n/a | yes |
| public_subnet_id | The public subnet of the security gateway | string | n/a | n/a | yes |
| private_subnet_id | The private subnet of the security gateway | string | n/a | n/a | yes |
@@ -139,7 +139,7 @@ secret_key = "my-secret-key"
| disable_instance_termination | Prevents an instance from accidental termination. Note: Once this attribute is true terraform destroy won't work properly | bool | true/false | false | no |
| metadata_imdsv2_required | Set true to deploy the instance with metadata v2 token required | bool | true/false | true | yes |
| instance_tags | (Optional) A map of tags as key=value pairs. All tags will be added to the Security Gateway EC2 Instance | map(string) | n/a | {} | no |
-| gateway_version | Gateway version and license | string | - R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.10-PAYG-NGTX
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX | R81.20-BYOL | no |
+| gateway_version | Gateway version and license | string | - R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.10-PAYG-NGTX
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
- R82-BYOL
- R82-PAYG-NGTP
- R82-PAYG-NGTX
| R81.20-BYOL | no |
| admin_shell | Set the admin shell to enable advanced command line configuration | string | - /etc/cli.sh
- /bin/bash
- /bin/csh
- /bin/tcsh | /etc/cli.sh | no |
| gateway_SIC_Key | The Secure Internal Communication key for trusted connection between Check Point components. Choose a random string consisting of at least 8 alphanumeric characters | string | n/a | "12345678" | yes |
| gateway_password_hash | (Optional) Admin user's password hash (use command 'openssl passwd -6 PASSWORD' to get the PASSWORD's hash) | string | n/a | "" | no |
@@ -173,6 +173,7 @@ In order to check the template version, please refer to [sk116585](https://suppo
| Template Version | Description |
|------------------|---------------------------------------------------------------------------------------------------------------|
+| 20241027 | R82 version support |
| 20240704 | - R80.40 version deprecation.
- R81 version deprecation. |
| 20240515 | Add support for requiring use instance metadata service version 2 (IMDSv2) only |
| 20231012 | Update AWS Terraform provider version to 5.20.1 |
diff --git a/terraform/aws/gwlb-master/README.md b/terraform/aws/gwlb-master/README.md
old mode 100755
new mode 100644
index 2adb1f59..9bb7568c
--- a/terraform/aws/gwlb-master/README.md
+++ b/terraform/aws/gwlb-master/README.md
@@ -157,47 +157,47 @@ secret_key = "my-secret-key"
```
## Inputs
-| Name | Description | Type | Allowed values | Default | Required |
-|-------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------|----------|
-| vpc_cidr | The CIDR block of the VPC | string | n/a | n/a | yes |
-| public_subnets_map | A map of pairs {availability-zone = subnet-suffix-number}. Each entry creates a subnet. Minimum 1 pair. (e.g. {\"us-east-1a\" = 1} ) | map | n/a | n/a | yes |
-| subnets_bit_length | Number of additional bits with which to extend the vpc cidr. For example, if given a vpc_cidr ending in /16 and a subnets_bit_length value of 4, the resulting subnet address will have length /20 | number | n/a | n/a | yes |
-| key_name | The EC2 Key Pair name to allow SSH access to the instances | string | n/a | n/a | yes |
-| enable_volume_encryption | Encrypt Environment instances volume with default AWS KMS key | bool | true/false | true | no |
-| enable_instance_connect | Enable SSH connection over AWS web console. Supporting regions can be found [here](https://aws.amazon.com/about-aws/whats-new/2019/06/introducing-amazon-ec2-instance-connect/) | bool | true/false | false | no |
-| disable_instance_termination | Prevents an instance from accidental termination. Note: Once this attribute is true terraform destroy won't work properly | bool | true/false | false | no |
-| metadata_imdsv2_required | Set true to deploy the instance with metadata v2 token required | bool | true/false | true | yes |
-| volume_size | Instances volume size | number | n/a | 100 | no |
-| allow_upload_download | Automatically download Blade Contracts and other important data. Improve product experience by sending data to Check Point | bool | true/false | true | no |
-| management_server | The name that represents the Security Management Server in the automatic provisioning configuration. | string | n/a | CP-Management-gwlb-tf | yes |
-| configuration_template | The tag is used by the Security Management Server to automatically provision the Security Gateways. Must be up to 12 alphanumeric characters and unique for each Quick Start deployment | string | n/a | gwlb-configuration | no |
-| admin_shell | Set the admin shell to enable advanced command line configuration | string | - /etc/cli.sh
- /bin/bash
- /bin/csh
- /bin/tcsh | /etc/cli.sh | no |
-| gateway_load_balancer_name | Load Balancer name in AWS | string | n/a | gwlb1 | yes |
-| target_group_name | Target Group Name. This name must be unique within your AWS account and can have a maximum of 32 alphanumeric characters and hyphens. | string | n/a | tg1 | yes |
-| connection_acceptance_required | Indicate whether requests from service consumers to create an endpoint to your service must be accepted. Default is set to false(acceptance not required). | bool | true/false | false | yes |
-| enable_cross_zone_load_balancing | Select 'true' to enable cross-az load balancing. NOTE! this may cause a spike in cross-az charges. | bool | true/false | true | yes |
-| gateway_name | The name tag of the Security Gateway instances. (optional) | string | n/a | Check-Point-GW-tf | yes |
-| gateway_instance_type | The instance type of the Security Gateways | string | - c4.large
- c4.xlarge
- c5.large
- c5.xlarge
- c5.2xlarge
- c5.4xlarge
- c5.9xlarge
- c5.12xlarge
- c5.18xlarge
- c5.24xlarge
- c5n.large
- c5n.xlarge
- c5n.2xlarge
- c5n.4xlarge
- c5n.9xlarge
- c5n.18xlarge
- c5d.large
- c5d.xlarge
- c5d.2xlarge
- c5d.4xlarge
- c5d.9xlarge
- c5d.12xlarge
- c5d.18xlarge
- c5d.24xlarge
- m5.large
- m5.xlarge
- m5.2xlarge
- m5.4xlarge
- m5.8xlarge
- m5.12xlarge
- m5.16xlarge
- m5.24xlarge
- m6i.large
- m6i.xlarge
- m6i.2xlarge
- m6i.4xlarge
- m6i.8xlarge
- m6i.12xlarge
- m6i.16xlarge
- m6i.24xlarge
- m6i.32xlarge
- c6i.large
- c6i.xlarge
- c6i.2xlarge
- c6i.4xlarge
- c6i.8xlarge
- c6i.12xlarge
- c6i.16xlarge
- c6i.24xlarge
- c6i.32xlarge
- c6in.large
- c6in.xlarge
- c6in.2xlarge
- c6in.4xlarge
- c6in.8xlarge
- c6in.12xlarge
- c6in.16xlarge
- c6in.24xlarge
- c6in.32xlarge
- r5.large
- r5.xlarge
- r5.2xlarge
- r5.4xlarge
- r5.8xlarge
- r5.12xlarge
- r5.16xlarge
- r5.24xlarge
- r5a.large
- r5a.xlarge
- r5a.2xlarge
- r5a.4xlarge
- r5a.8xlarge
- r5a.12xlarge
- r5a.16xlarge
- r5a.24xlarge
- r5b.large
- r5b.xlarge
- r5b.2xlarge
- r5b.4xlarge
- r5b.8xlarge
- r5b.12xlarge
- r5b.16xlarge
- r5b.24xlarge
- r5n.large
- r5n.xlarge
- r5n.2xlarge
- r5n.4xlarge
- r5n.8xlarge
- r5n.12xlarge
- r5n.16xlarge
- r5n.24xlarge
- r6i.large
- r6i.xlarge
- r6i.2xlarge
- r6i.4xlarge
- r6i.8xlarge
- r6i.12xlarge
- r6i.16xlarge
- r6i.24xlarge
- r6i.32xlarge
- m6a.large
- m6a.xlarge
- m6a.2xlarge
- m6a.4xlarge
- m6a.8xlarge
- m6a.12xlarge
- m6a.16xlarge
- m6a.24xlarge - m6a.32xlarge
- m6a.48xlarge
| c5.xlarge | no |
-| gateways_min_group_size | The minimal number of Security Gateways | number | n/a | 2 | no |
-| gateways_max_group_size | The maximal number of Security Gateways | number | n/a | 10 | no |
-| gateway_version | Gateway version and license | string | - R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
- R81.20-PAYG-NGTX | R81.20-BYOL | no |
-| gateway_password_hash | (Optional) Admin user's password hash (use command 'openssl passwd -6 PASSWORD' to get the PASSWORD's hash) | string | n/a | "" | no |
-| gateway_SICKey | The Secure Internal Communication key for trusted connection between Check Point components. Choose a random string consisting of at least 8 alphanumeric characters | string | n/a | "12345678" | yes |
-| enable_cloudwatch | Report Check Point specific CloudWatch metrics | bool | true/false | false | no |
-| gateway_bootstrap_script | (Optional) An optional script with semicolon (;) separated commands to run on the initial boot | string | n/a | "" | no |
-| gateways_provision_address_type | Determines if the gateways are provisioned using their private or public address. | string | - private
- public | private | no |
-| allocate_public_IP | Allocate a Public IP for gateway members. | bool | true/false | false | no |
-| management_deploy | Select 'false' to use an existing Security Management Server or to deploy one later and to ignore the other parameters of this section | bool | true/false | true | no |
-| management_instance_type | The EC2 instance type of the Security Management Server | string | - c5.large
- c5.xlarge
- c5.2xlarge
- c5.4xlarge
- c5.9xlarge
- c5.12xlarge
- c5.18xlarge
- c5.24xlarge
- c5n.large
- c5n.xlarge
- c5n.2xlarge
- c5n.4xlarge
- c5n.9xlarge
- c5n.18xlarge
- c5d.large
- c5d.xlarge
- c5d.2xlarge
- c5d.4xlarge
- c5d.9xlarge
- c5d.12xlarge
- c5d.18xlarge
- c5d.24xlarge
- m5.large
- m5.xlarge
- m5.2xlarge
- m5.4xlarge
- m5.8xlarge
- m5.12xlarge
- m5.16xlarge
- m5.24xlarge
- m6i.large
- m6i.xlarge
- m6i.2xlarge
- m6i.4xlarge
- m6i.8xlarge
- m6i.12xlarge
- m6i.16xlarge
- m6i.24xlarge
- m6i.32xlarge
- c6i.large
- c6i.xlarge
- c6i.2xlarge
- c6i.4xlarge
- c6i.8xlarge
- c6i.12xlarge
- c6i.16xlarge
- c6i.24xlarge
- c6i.32xlarge
- c6in.large
- c6in.xlarge
- c6in.2xlarge
- c6in.4xlarge
- c6in.8xlarge
- c6in.12xlarge
- c6in.16xlarge
- c6in.24xlarge
- c6in.32xlarge
- r5.large
- r5.xlarge
- r5.2xlarge
- r5.4xlarge
- r5.8xlarge
- r5.12xlarge
- r5.16xlarge
- r5.24xlarge
- r5a.large
- r5a.xlarge
- r5a.2xlarge
- r5a.4xlarge
- r5a.8xlarge
- r5a.12xlarge
- r5a.16xlarge
- r5a.24xlarge
- r5b.large
- r5b.xlarge
- r5b.2xlarge
- r5b.4xlarge
- r5b.8xlarge
- r5b.12xlarge
- r5b.16xlarge
- r5b.24xlarge
- r5n.large
- r5n.xlarge
- r5n.2xlarge
- r5n.4xlarge
- r5n.8xlarge
- r5n.12xlarge
- r5n.16xlarge
- r5n.24xlarge
- r6i.large
- r6i.xlarge
- r6i.2xlarge
- r6i.4xlarge
- r6i.8xlarge
- r6i.12xlarge
- r6i.16xlarge
- r6i.24xlarge
- r6i.32xlarge
- m6a.large
- m6a.xlarge
- m6a.2xlarge
- m6a.4xlarge
- m6a.8xlarge
- m6a.12xlarge
- m6a.16xlarge
- m6a.24xlarge - m6a.32xlarge
- m6a.48xlarge
| m5.xlarge | no |
-| management_version | The license to install on the Security Management Server | string | - R81.10-BYOL
- R81.10-PAYG
- R81.20-BYOL
- R81.20-PAYG | R81.20-BYOL | no |
-| management_password_hash | Check Point recommends setting Admin user's password and maintenance-mode password for recovery purposes. For R81.10 and below the Admin user's password is used also as maintenance-mode password. (To generate a password hash use the command "grub2-mkpasswd-pbkdf2" on Linux and paste it here). (optional) | string | n/a | "" | no |
-| gateways_policy | The name of the Security Policy package to be installed on the gateways in the Security Gateways Auto Scaling group | string | n/a | Standard | no |
-| gateway_management | Select 'Over the internet' if any of the gateways you wish to manage are not directly accessed via their private IP address. | string | - Locally managed
- Over the internet | Locally managed | no |
-| admin_cidr | (CIDR) Allow web, ssh, and graphical clients only from this network to communicate with the Management Server | string | valid CIDR | n/a | no |
-| gateway_addresses | (CIDR) Allow gateways only from this network to communicate with the Management Server | string | valid CIDR | n/a | no |
-| volume_type | General Purpose SSD Volume Type | string | - gp3
- gp2 | gp3 | no |
-| gateway_maintenance_mode_password_hash | Check Point recommends setting Admin user's password and maintenance-mode password for recovery purposes. For R81.10 and below the Admin user's password is used also as maintenance-mode password. (To generate a password hash use the command "grub2-mkpasswd-pbkdf2" on Linux and paste it here). (optional) | string | n/a | "" | no |
-| management_maintenance_mode_password_hash | Check Point recommends setting Admin user's password and maintenance-mode password for recovery purposes. For R81.10 and below the Admin user's password is used also as maintenance-mode password. (To generate a password hash use the command "grub2-mkpasswd-pbkdf2" on Linux and paste it here). (optional) | string | n/a | "" | no |
+| Name | Description | Type | Allowed values | Default | Required |
+|-------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------|----------|
+| vpc_cidr | The CIDR block of the VPC | string | n/a | n/a | yes |
+| public_subnets_map | A map of pairs {availability-zone = subnet-suffix-number}. Each entry creates a subnet. Minimum 1 pair. (e.g. {\"us-east-1a\" = 1} ) | map | n/a | n/a | yes |
+| subnets_bit_length | Number of additional bits with which to extend the vpc cidr. For example, if given a vpc_cidr ending in /16 and a subnets_bit_length value of 4, the resulting subnet address will have length /20 | number | n/a | n/a | yes |
+| key_name | The EC2 Key Pair name to allow SSH access to the instances | string | n/a | n/a | yes |
+| enable_volume_encryption | Encrypt Environment instances volume with default AWS KMS key | bool | true/false | true | no |
+| enable_instance_connect | Enable SSH connection over AWS web console. Supporting regions can be found [here](https://aws.amazon.com/about-aws/whats-new/2019/06/introducing-amazon-ec2-instance-connect/) | bool | true/false | false | no |
+| disable_instance_termination | Prevents an instance from accidental termination. Note: Once this attribute is true terraform destroy won't work properly | bool | true/false | false | no |
+| metadata_imdsv2_required | Set true to deploy the instance with metadata v2 token required | bool | true/false | true | yes |
+| volume_size | Instances volume size | number | n/a | 100 | no |
+| allow_upload_download | Automatically download Blade Contracts and other important data. Improve product experience by sending data to Check Point | bool | true/false | true | no |
+| management_server | The name that represents the Security Management Server in the automatic provisioning configuration. | string | n/a | CP-Management-gwlb-tf | yes |
+| configuration_template | The tag is used by the Security Management Server to automatically provision the Security Gateways. Must be up to 12 alphanumeric characters and unique for each Quick Start deployment | string | n/a | gwlb-configuration | no |
+| admin_shell | Set the admin shell to enable advanced command line configuration | string | - /etc/cli.sh
- /bin/bash
- /bin/csh
- /bin/tcsh | /etc/cli.sh | no |
+| gateway_load_balancer_name | Load Balancer name in AWS | string | n/a | gwlb1 | yes |
+| target_group_name | Target Group Name. This name must be unique within your AWS account and can have a maximum of 32 alphanumeric characters and hyphens. | string | n/a | tg1 | yes |
+| connection_acceptance_required | Indicate whether requests from service consumers to create an endpoint to your service must be accepted. Default is set to false(acceptance not required). | bool | true/false | false | yes |
+| enable_cross_zone_load_balancing | Select 'true' to enable cross-az load balancing. NOTE! this may cause a spike in cross-az charges. | bool | true/false | true | yes |
+| gateway_name | The name tag of the Security Gateway instances. (optional) | string | n/a | Check-Point-GW-tf | yes |
+| gateway_instance_type | The instance type of the Security Gateways | string | - c4.large
- c4.xlarge
- c5.large
- c5.xlarge
- c5.2xlarge
- c5.4xlarge
- c5.9xlarge
- c5.12xlarge
- c5.18xlarge
- c5.24xlarge
- c5n.large
- c5n.xlarge
- c5n.2xlarge
- c5n.4xlarge
- c5n.9xlarge
- c5n.18xlarge
- c5d.large
- c5d.xlarge
- c5d.2xlarge
- c5d.4xlarge
- c5d.9xlarge
- c5d.12xlarge
- c5d.18xlarge
- c5d.24xlarge
- m5.large
- m5.xlarge
- m5.2xlarge
- m5.4xlarge
- m5.8xlarge
- m5.12xlarge
- m5.16xlarge
- m5.24xlarge
- m6i.large
- m6i.xlarge
- m6i.2xlarge
- m6i.4xlarge
- m6i.8xlarge
- m6i.12xlarge
- m6i.16xlarge
- m6i.24xlarge
- m6i.32xlarge
- c6i.large
- c6i.xlarge
- c6i.2xlarge
- c6i.4xlarge
- c6i.8xlarge
- c6i.12xlarge
- c6i.16xlarge
- c6i.24xlarge
- c6i.32xlarge
- c6in.large
- c6in.xlarge
- c6in.2xlarge
- c6in.4xlarge
- c6in.8xlarge
- c6in.12xlarge
- c6in.16xlarge
- c6in.24xlarge
- c6in.32xlarge
- r5.large
- r5.xlarge
- r5.2xlarge
- r5.4xlarge
- r5.8xlarge
- r5.12xlarge
- r5.16xlarge
- r5.24xlarge
- r5a.large
- r5a.xlarge
- r5a.2xlarge
- r5a.4xlarge
- r5a.8xlarge
- r5a.12xlarge
- r5a.16xlarge
- r5a.24xlarge
- r5b.large
- r5b.xlarge
- r5b.2xlarge
- r5b.4xlarge
- r5b.8xlarge
- r5b.12xlarge
- r5b.16xlarge
- r5b.24xlarge
- r5n.large
- r5n.xlarge
- r5n.2xlarge
- r5n.4xlarge
- r5n.8xlarge
- r5n.12xlarge
- r5n.16xlarge
- r5n.24xlarge
- r6i.large
- r6i.xlarge
- r6i.2xlarge
- r6i.4xlarge
- r6i.8xlarge
- r6i.12xlarge
- r6i.16xlarge
- r6i.24xlarge
- r6i.32xlarge
- m6a.large
- m6a.xlarge
- m6a.2xlarge
- m6a.4xlarge
- m6a.8xlarge
- m6a.12xlarge
- m6a.16xlarge
- m6a.24xlarge - m6a.32xlarge
- m6a.48xlarge
| c5.xlarge | no |
+| gateways_min_group_size | The minimal number of Security Gateways | number | n/a | 2 | no |
+| gateways_max_group_size | The maximal number of Security Gateways | number | n/a | 10 | no |
+| gateway_version | Gateway version and license | string | - R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
- R81.20-PAYG-NGTX
- R82-BYOL
- R82-PAYG-NGTP
- R82-PAYG-NGTX | R81.20-BYOL | no |
+| gateway_password_hash | (Optional) Admin user's password hash (use command 'openssl passwd -6 PASSWORD' to get the PASSWORD's hash) | string | n/a | "" | no |
+| gateway_SICKey | The Secure Internal Communication key for trusted connection between Check Point components. Choose a random string consisting of at least 8 alphanumeric characters | string | n/a | "12345678" | yes |
+| enable_cloudwatch | Report Check Point specific CloudWatch metrics | bool | true/false | false | no |
+| gateway_bootstrap_script | (Optional) An optional script with semicolon (;) separated commands to run on the initial boot | string | n/a | "" | no |
+| gateways_provision_address_type | Determines if the gateways are provisioned using their private or public address. | string | - private
- public | private | no |
+| allocate_public_IP | Allocate a Public IP for gateway members. | bool | true/false | false | no |
+| management_deploy | Select 'false' to use an existing Security Management Server or to deploy one later and to ignore the other parameters of this section | bool | true/false | true | no |
+| management_instance_type | The EC2 instance type of the Security Management Server | string | - c5.large
- c5.xlarge
- c5.2xlarge
- c5.4xlarge
- c5.9xlarge
- c5.12xlarge
- c5.18xlarge
- c5.24xlarge
- c5n.large
- c5n.xlarge
- c5n.2xlarge
- c5n.4xlarge
- c5n.9xlarge
- c5n.18xlarge
- c5d.large
- c5d.xlarge
- c5d.2xlarge
- c5d.4xlarge
- c5d.9xlarge
- c5d.12xlarge
- c5d.18xlarge
- c5d.24xlarge
- m5.large
- m5.xlarge
- m5.2xlarge
- m5.4xlarge
- m5.8xlarge
- m5.12xlarge
- m5.16xlarge
- m5.24xlarge
- m6i.large
- m6i.xlarge
- m6i.2xlarge
- m6i.4xlarge
- m6i.8xlarge
- m6i.12xlarge
- m6i.16xlarge
- m6i.24xlarge
- m6i.32xlarge
- c6i.large
- c6i.xlarge
- c6i.2xlarge
- c6i.4xlarge
- c6i.8xlarge
- c6i.12xlarge
- c6i.16xlarge
- c6i.24xlarge
- c6i.32xlarge
- c6in.large
- c6in.xlarge
- c6in.2xlarge
- c6in.4xlarge
- c6in.8xlarge
- c6in.12xlarge
- c6in.16xlarge
- c6in.24xlarge
- c6in.32xlarge
- r5.large
- r5.xlarge
- r5.2xlarge
- r5.4xlarge
- r5.8xlarge
- r5.12xlarge
- r5.16xlarge
- r5.24xlarge
- r5a.large
- r5a.xlarge
- r5a.2xlarge
- r5a.4xlarge
- r5a.8xlarge
- r5a.12xlarge
- r5a.16xlarge
- r5a.24xlarge
- r5b.large
- r5b.xlarge
- r5b.2xlarge
- r5b.4xlarge
- r5b.8xlarge
- r5b.12xlarge
- r5b.16xlarge
- r5b.24xlarge
- r5n.large
- r5n.xlarge
- r5n.2xlarge
- r5n.4xlarge
- r5n.8xlarge
- r5n.12xlarge
- r5n.16xlarge
- r5n.24xlarge
- r6i.large
- r6i.xlarge
- r6i.2xlarge
- r6i.4xlarge
- r6i.8xlarge
- r6i.12xlarge
- r6i.16xlarge
- r6i.24xlarge
- r6i.32xlarge
- m6a.large
- m6a.xlarge
- m6a.2xlarge
- m6a.4xlarge
- m6a.8xlarge
- m6a.12xlarge
- m6a.16xlarge
- m6a.24xlarge - m6a.32xlarge
- m6a.48xlarge
| m5.xlarge | no |
+| management_version | The license to install on the Security Management Server | string | - R81.10-BYOL
- R81.10-PAYG
- R81.20-BYOL
- R81.20-PAYG | R81.20-BYOL | no |
+| management_password_hash | Check Point recommends setting Admin user's password and maintenance-mode password for recovery purposes. For R81.10 and below the Admin user's password is used also as maintenance-mode password. (To generate a password hash use the command "grub2-mkpasswd-pbkdf2" on Linux and paste it here). (optional) | string | n/a | "" | no |
+| gateways_policy | The name of the Security Policy package to be installed on the gateways in the Security Gateways Auto Scaling group | string | n/a | Standard | no |
+| gateway_management | Select 'Over the internet' if any of the gateways you wish to manage are not directly accessed via their private IP address. | string | - Locally managed
- Over the internet | Locally managed | no |
+| admin_cidr | (CIDR) Allow web, ssh, and graphical clients only from this network to communicate with the Management Server | string | valid CIDR | n/a | no |
+| gateway_addresses | (CIDR) Allow gateways only from this network to communicate with the Management Server | string | valid CIDR | n/a | no |
+| volume_type | General Purpose SSD Volume Type | string | - gp3
- gp2 | gp3 | no |
+| gateway_maintenance_mode_password_hash | Check Point recommends setting Admin user's password and maintenance-mode password for recovery purposes. For R81.10 and below the Admin user's password is used also as maintenance-mode password. (To generate a password hash use the command "grub2-mkpasswd-pbkdf2" on Linux and paste it here). (optional) | string | n/a | "" | no |
+| management_maintenance_mode_password_hash | Check Point recommends setting Admin user's password and maintenance-mode password for recovery purposes. For R81.10 and below the Admin user's password is used also as maintenance-mode password. (To generate a password hash use the command "grub2-mkpasswd-pbkdf2" on Linux and paste it here). (optional) | string | n/a | "" | no |
## Outputs
@@ -217,6 +217,7 @@ In order to check the template version, please refer to [sk116585](https://suppo
| Template Version | Description |
|------------------|---------------------------------------------------------------------------------------------|
+| 20241027 | R82 version support |
| 20240704 | R80.40 version deprecation |
| 20240515 | Add support for requiring use instance metadata service version 2 (IMDSv2) only |
| 20231012 | Update AWS Terraform provider version to 5.20.1 |
diff --git a/terraform/aws/gwlb/README.md b/terraform/aws/gwlb/README.md
old mode 100755
new mode 100644
index 46a142c0..465eef86
--- a/terraform/aws/gwlb/README.md
+++ b/terraform/aws/gwlb/README.md
@@ -172,7 +172,7 @@ secret_key = "my-secret-key"
| gateway_instance_type | The instance type of the Security Gateways | string | - c4.large
- c4.xlarge
- c5.large
- c5.xlarge
- c5.2xlarge
- c5.4xlarge
- c5.9xlarge
- c5.12xlarge
- c5.18xlarge
- c5.24xlarge
- c5n.large
- c5n.xlarge
- c5n.2xlarge
- c5n.4xlarge
- c5n.9xlarge
- c5n.18xlarge
- c5d.large
- c5d.xlarge
- c5d.2xlarge
- c5d.4xlarge
- c5d.9xlarge
- c5d.12xlarge
- c5d.18xlarge
- c5d.24xlarge
- m5.large
- m5.xlarge
- m5.2xlarge
- m5.4xlarge
- m5.8xlarge
- m5.12xlarge
- m5.16xlarge
- m5.24xlarge
- m6i.large
- m6i.xlarge
- m6i.2xlarge
- m6i.4xlarge
- m6i.8xlarge
- m6i.12xlarge
- m6i.16xlarge
- m6i.24xlarge
- m6i.32xlarge
- c6i.large
- c6i.xlarge
- c6i.2xlarge
- c6i.4xlarge
- c6i.8xlarge
- c6i.12xlarge
- c6i.16xlarge
- c6i.24xlarge
- c6i.32xlarge
- c6in.large
- c6in.xlarge
- c6in.2xlarge
- c6in.4xlarge
- c6in.8xlarge
- c6in.12xlarge
- c6in.16xlarge
- c6in.24xlarge
- c6in.32xlarge
- r5.large
- r5.xlarge
- r5.2xlarge
- r5.4xlarge
- r5.8xlarge
- r5.12xlarge
- r5.16xlarge
- r5.24xlarge
- r5a.large
- r5a.xlarge
- r5a.2xlarge
- r5a.4xlarge
- r5a.8xlarge
- r5a.12xlarge
- r5a.16xlarge
- r5a.24xlarge
- r5b.large
- r5b.xlarge
- r5b.2xlarge
- r5b.4xlarge
- r5b.8xlarge
- r5b.12xlarge
- r5b.16xlarge
- r5b.24xlarge
- r5n.large
- r5n.xlarge
- r5n.2xlarge
- r5n.4xlarge
- r5n.8xlarge
- r5n.12xlarge
- r5n.16xlarge
- r5n.24xlarge
- r6i.large
- r6i.xlarge
- r6i.2xlarge
- r6i.4xlarge
- r6i.8xlarge
- r6i.12xlarge
- r6i.16xlarge
- r6i.24xlarge
- r6i.32xlarge
- m6a.large
- m6a.xlarge
- m6a.2xlarge
- m6a.4xlarge
- m6a.8xlarge
- m6a.12xlarge
- m6a.16xlarge
- m6a.24xlarge - m6a.32xlarge
- m6a.48xlarge
| c5.xlarge | no |
| gateways_min_group_size | The minimal number of Security Gateways | number | n/a | 2 | no |
| gateways_max_group_size | The maximal number of Security Gateways | number | n/a | 10 | no |
-| gateway_version | Gateway version and license | string | - R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
- R81.20-PAYG-NGTX | R81.20-BYOL | no |
+| gateway_version | Gateway version and license | string | - R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
- R81.20-PAYG-NGTX
- R82-BYOL
- R82-PAYG-NGTP
- R82-PAYG-NGTX | R81.20-BYOL | no |
| gateway_password_hash | (Optional) Admin user's password hash (use command 'openssl passwd -6 PASSWORD' to get the PASSWORD's hash) | string | n/a | "" | no |
| gateway_SICKey | The Secure Internal Communication key for trusted connection between Check Point components. Choose a random string consisting of at least 8 alphanumeric characters | string | n/a | "12345678" | yes |
| enable_cloudwatch | Report Check Point specific CloudWatch metrics | bool | true/false | false | no |
@@ -208,6 +208,7 @@ In order to check the template version, please refer to [sk116585](https://suppo
| Template Version | Description |
|------------------|---------------------------------------------------------------------------------------|
+| 20241027 | R82 version support |
| 20240704 | R80.40 version deprecation |
| 20240515 | Add support for requiring use instance metadata service version 2 (IMDSv2) only |
| 20240310 | Add support for requiring use instance metadata service version 2 (IMDSv2) only |
diff --git a/terraform/aws/management/README.md b/terraform/aws/management/README.md
old mode 100755
new mode 100644
index 8545ff85..9c3a0a2b
--- a/terraform/aws/management/README.md
+++ b/terraform/aws/management/README.md
@@ -152,7 +152,7 @@ secret_key = "my-secret-key"
| iam_permissions | IAM role to attach to the instance profile | string | - None (configure later)
- Use existing (specify an existing IAM role name)
- Create with assume role permissions (specify an STS role ARN)
- Create with read permissions
- Create with read-write permissions | Create with read permissions | no |
| predefined_role | (Optional) A predefined IAM role to attach to the instance profile. Ignored if var.iam_permissions is not set to 'Use existing' | string | n/a | "" | no |
| sts_roles | (Optional) The IAM role will be able to assume these STS Roles (list of ARNs). Ignored if var.iam_permissions is set to 'None' or 'Use existing' | list(string) | n/a | [] | no |
-| management_version | Management version and license | string | - R81.10-BYOL
- R81.10-PAYG
- R81.20-BYOL
- R81.20-PAYG | R81.20-BYOL | no |
+| management_version | Management version and license | string | - R81.10-BYOL
- R81.10-PAYG
- R81.20-BYOL
- R81.20-PAYG
- R82-BYOL
- R82-PAYG | R81.20-BYOL | no |
| admin_shell | Set the admin shell to enable advanced command line configuration | string | - /etc/cli.sh
- /bin/bash
- /bin/csh
- /bin/tcsh | /etc/cli.sh | no |
| management_password_hash | (Optional) Admin user's password hash (use command "openssl passwd -6 PASSWORD" to get the PASSWORD's hash) | string | n/a | "" | no |
| management_hostname | (Optional) Security Management Server prompt hostname. The name must not contain reserved words. For details, refer to sk40179. | string | n/a | "" | no |
@@ -180,21 +180,22 @@ secret_key = "my-secret-key"
## Revision History
In order to check the template version, please refer to [sk116585](https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk116585)
-| Template Version | Description |
-|------------------|---------------------------------------------------------------------------------------------------------------|
-| 20240704 | - R80.40 version deprecation.
- R81 version deprecation. |
-| 20240515 | Add support for requiring use instance metadata service version 2 (IMDSv2) only |
-| 20240207 | Added Log Server installation support |
-| 20231012 | Update AWS Terraform provider version to 5.20.1 |
-| 20230923 | Add support for C5d instance type |
-| 20230914 | Add support for maintenance mode password |
-| 20230829 | Change default Check Point version to R81.20 |
-| 20230806 | Add support for c6in instance type |
-| 20230521 | - Change default shell for the admin user to /etc/cli.sh
- Add description for reserved words in hostname |
-| 20221123 | R81.20 version support |
-| 20220606 | New instance type support |
-| 20210329 | Stability fixes |
-| 20210309 | First release of Check Point Security Management Server Terraform module for AWS |
+| Template Version | Description |
+|-------------------|---------------------------------------------------------------------------------------------------------------|
+| 20241027 | R82 version support |
+| 20240704 | - R80.40 version deprecation.
- R81 version deprecation. |
+| 20240515 | Add support for requiring use instance metadata service version 2 (IMDSv2) only |
+| 20240207 | Added Log Server installation support |
+| 20231012 | Update AWS Terraform provider version to 5.20.1 |
+| 20230923 | Add support for C5d instance type |
+| 20230914 | Add support for maintenance mode password |
+| 20230829 | Change default Check Point version to R81.20 |
+| 20230806 | Add support for c6in instance type |
+| 20230521 | - Change default shell for the admin user to /etc/cli.sh
- Add description for reserved words in hostname |
+| 20221123 | R81.20 version support |
+| 20220606 | New instance type support |
+| 20210329 | Stability fixes |
+| 20210309 | First release of Check Point Security Management Server Terraform module for AWS |
## License
diff --git a/terraform/aws/management/management_userdata.yaml b/terraform/aws/management/management_userdata.yaml
old mode 100755
new mode 100644
index cfd9e5dc..1b87042a
--- a/terraform/aws/management/management_userdata.yaml
+++ b/terraform/aws/management/management_userdata.yaml
@@ -1,4 +1,4 @@
#cloud-config
runcmd:
- |
- python3 /etc/cloud_config.py sicKey=\"${SICKey}\" installationType=\"management\" osVersion=\"${OsVersion}\" allowUploadDownload=\"${AllowUploadDownload}\" templateVersion=\"20240704\" templateName=\"management\" templateType=\"terraform\" shell=\"${Shell}\" enableInstanceConnect=\"${EnableInstanceConnect}\" hostName=\"${Hostname }\" ntpPrimary=\"${NTPPrimary}\" ntpSecondary=\"${NTPSecondary}\" passwordHash=\"${PasswordHash}\" MaintenanceModePassword=\"${MaintenanceModePassword}\" "management_installation_type=\"${ManagementInstallationType}\"" adminSubnet=\"${AdminSubnet}\" allocatePublicAddress=\"${AllocateElasticIP}\" overTheInternet=\"${PubMgmt}\" bootstrapScript64=\"${BootstrapScript}\"
\ No newline at end of file
+ python3 /etc/cloud_config.py sicKey=\"${SICKey}\" installationType=\"management\" osVersion=\"${OsVersion}\" allowUploadDownload=\"${AllowUploadDownload}\" templateVersion=\"20241027\" templateName=\"management\" templateType=\"terraform\" shell=\"${Shell}\" enableInstanceConnect=\"${EnableInstanceConnect}\" hostName=\"${Hostname }\" ntpPrimary=\"${NTPPrimary}\" ntpSecondary=\"${NTPSecondary}\" passwordHash=\"${PasswordHash}\" MaintenanceModePassword=\"${MaintenanceModePassword}\" "management_installation_type=\"${ManagementInstallationType}\"" adminSubnet=\"${AdminSubnet}\" allocatePublicAddress=\"${AllocateElasticIP}\" overTheInternet=\"${PubMgmt}\" bootstrapScript64=\"${BootstrapScript}\"
\ No newline at end of file
diff --git a/terraform/aws/mds/README.md b/terraform/aws/mds/README.md
old mode 100755
new mode 100644
index 156aad68..92186771
--- a/terraform/aws/mds/README.md
+++ b/terraform/aws/mds/README.md
@@ -147,7 +147,7 @@ secret_key = "my-secret-key"
| iam_permissions | IAM role to attach to the instance profile | string | - None (configure later)
- Use existing (specify an existing IAM role name)
- Create with assume role permissions (specify an STS role ARN)
- Create with read permissions
- Create with read-write permissions | Create with read permissions | no |
| predefined_role | (Optional) A predefined IAM role to attach to the instance profile. Ignored if var.iam_permissions is not set to 'Use existing' | string | n/a | "" | no |
| sts_roles | (Optional) The IAM role will be able to assume these STS Roles (list of ARNs). Ignored if var.iam_permissions is set to 'None' or 'Use existing' | list(string) | n/a | [] | no |
-| mds_version | Multi-Domain Server version and license | string | - R81.10-BYOL
- R81.20-BYOL | R81.20-BYOL | no |
+| mds_version | Multi-Domain Server version and license | string | - R81.10-BYOL
- R81.20-BYOL
- R82-BYOL | R81.20-BYOL | no |
| mds_admin_shell | Set the admin shell to enable advanced command line configuration | string | - /etc/cli.sh
- /bin/bash
- /bin/csh
- /bin/tcsh | /etc/cli.sh | no |
| mds_password_hash | (Optional) Admin user's password hash (use command "openssl passwd -6 PASSWORD" to get the PASSWORD's hash) | string | n/a | "" | no |
| mds_hostname | (Optional) Multi-Domain Server prompt hostname. The name must not contain reserved words. For details, refer to sk40179. | string | n/a | "" | no |
@@ -174,6 +174,7 @@ In order to check the template version, please refer to [sk116585](https://suppo
| Template Version | Description |
|------------------|---------------------------------------------------------------------------------------------------------------|
+| 20241027 | R82 version support |
| 20240704 | - R80.40 version deprecation.
- R81 version deprecation. |
| 20240515 | Add support for requiring use instance metadata service version 2 (IMDSv2) only |
| 20240310 | Add support for requiring use instance metadata service version 2 (IMDSv2) only |
diff --git a/terraform/aws/mds/mds_userdata.yaml b/terraform/aws/mds/mds_userdata.yaml
old mode 100755
new mode 100644
index cd0085c6..bf30aa1b
--- a/terraform/aws/mds/mds_userdata.yaml
+++ b/terraform/aws/mds/mds_userdata.yaml
@@ -1,4 +1,4 @@
#cloud-config
runcmd:
- |
- python3 /etc/cloud_config.py sicKey=\"${SICKey}\" installationType=\"mds\" osVersion=\"${OsVersion}\" allowUploadDownload=\"${AllowUploadDownload}\" templateVersion=\"20240704\" templateName=\"mds\" templateType=\"terraform\" shell=\"${Shell}\" enableInstanceConnect=\"${EnableInstanceConnect}\" hostName=\"${Hostname }\" ntpPrimary=\"${NTPPrimary}\" ntpSecondary=\"${NTPSecondary}\" passwordHash=\"${PasswordHash}\" MaintenanceModePassword=\"${MaintenanceModePassword}\" primary=\"${IsPrimary}\" secondary=\"${IsSecondary}\" adminSubnet=\"${AdminSubnet}\" bootstrapScript64=\"${BootstrapScript}\"
\ No newline at end of file
+ python3 /etc/cloud_config.py sicKey=\"${SICKey}\" installationType=\"mds\" osVersion=\"${OsVersion}\" allowUploadDownload=\"${AllowUploadDownload}\" templateVersion=\"20241027\" templateName=\"mds\" templateType=\"terraform\" shell=\"${Shell}\" enableInstanceConnect=\"${EnableInstanceConnect}\" hostName=\"${Hostname }\" ntpPrimary=\"${NTPPrimary}\" ntpSecondary=\"${NTPSecondary}\" passwordHash=\"${PasswordHash}\" MaintenanceModePassword=\"${MaintenanceModePassword}\" primary=\"${IsPrimary}\" secondary=\"${IsSecondary}\" adminSubnet=\"${AdminSubnet}\" bootstrapScript64=\"${BootstrapScript}\"
\ No newline at end of file
diff --git a/terraform/aws/modules/common/version_license/main.tf b/terraform/aws/modules/common/version_license/main.tf
old mode 100755
new mode 100644
index c0aaca14..93515298
--- a/terraform/aws/modules/common/version_license/main.tf
+++ b/terraform/aws/modules/common/version_license/main.tf
@@ -4,29 +4,40 @@ locals {
"R81.10-PAYG-NGTP",
"R81.10-PAYG-NGTX",
"R81.20-BYOL",
- "R81.20-PAYG-NGTP",
- "R81.20-PAYG-NGTX"
+ "R81.20-PAYG-NGTP",
+ "R81.20-PAYG-NGTX",
+ "R82-BYOL",
+ "R82-PAYG-NGTP",
+ "R82-PAYG-NGTX"
]
mgmt_versions = [
"R81.10-BYOL",
"R81.10-PAYG",
"R81.20-BYOL",
- "R81.20-PAYG"
+ "R81.20-PAYG",
+ "R82-BYOL",
+ "R82-PAYG"
]
mds_versions = [
"R81.10-BYOL",
- "R81.20-BYOL"
+ "R81.20-BYOL",
+ "R82-BYOL"
]
standalone_versions = [
"R81.10-BYOL",
"R81.10-PAYG-NGTP",
"R81.20-BYOL",
- "R81.20-PAYG-NGTP"
+ "R81.20-PAYG-NGTP",
+ "R82-BYOL",
+ "R82-PAYG-NGTP"
]
gwlb_gw_versions = [
- "R81.20-BYOL",
- "R81.20-PAYG-NGTP",
- "R81.20-PAYG-NGTX"
+ "R81.20-BYOL",
+ "R81.20-PAYG-NGTP",
+ "R81.20-PAYG-NGTX",
+ "R82-BYOL",
+ "R82-PAYG-NGTP",
+ "R82-PAYG-NGTX"
]
}
diff --git a/terraform/aws/modules/custom-autoscale/vpc/main.tf b/terraform/aws/modules/custom-autoscale/vpc/main.tf
old mode 100755
new mode 100644
diff --git a/terraform/aws/modules/custom-autoscale/vpc/output.tf b/terraform/aws/modules/custom-autoscale/vpc/output.tf
old mode 100755
new mode 100644
diff --git a/terraform/aws/modules/custom-autoscale/vpc/variables.tf b/terraform/aws/modules/custom-autoscale/vpc/variables.tf
old mode 100755
new mode 100644
diff --git a/terraform/aws/qs-autoscale-master/README.md b/terraform/aws/qs-autoscale-master/README.md
old mode 100755
new mode 100644
index 0c998024..d42f1fa2
--- a/terraform/aws/qs-autoscale-master/README.md
+++ b/terraform/aws/qs-autoscale-master/README.md
@@ -192,13 +192,13 @@ secret_key = "my-secret-key"
| gateway_instance_type | The instance type of the Security Gateways | string | - c4.large
- c4.xlarge
- c5.large
- c5.xlarge
- c5.2xlarge
- c5.4xlarge
- c5.9xlarge
- c5.12xlarge
- c5.18xlarge
- c5.24xlarge
- c5n.large
- c5n.xlarge
- c5n.2xlarge
- c5n.4xlarge
- c5n.9xlarge
- c5n.18xlarge
- c5d.large
- c5d.xlarge
- c5d.2xlarge
- c5d.4xlarge
- c5d.9xlarge
- c5d.12xlarge
- c5d.18xlarge
- c5d.24xlarge
- m5.large
- m5.xlarge
- m5.2xlarge
- m5.4xlarge
- m5.8xlarge
- m5.12xlarge
- m5.16xlarge
- m5.24xlarge
- m6i.large
- m6i.xlarge
- m6i.2xlarge
- m6i.4xlarge
- m6i.8xlarge
- m6i.12xlarge
- m6i.16xlarge
- m6i.24xlarge
- m6i.32xlarge
- c6i.large
- c6i.xlarge
- c6i.2xlarge
- c6i.4xlarge
- c6i.8xlarge
- c6i.12xlarge
- c6i.16xlarge
- c6i.24xlarge
- c6i.32xlarge
- c6in.large
- c6in.xlarge
- c6in.2xlarge
- c6in.4xlarge
- c6in.8xlarge
- c6in.12xlarge
- c6in.16xlarge
- c6in.24xlarge
- c6in.32xlarge
- r5.large
- r5.xlarge
- r5.2xlarge
- r5.4xlarge
- r5.8xlarge
- r5.12xlarge
- r5.16xlarge
- r5.24xlarge
- r5a.large
- r5a.xlarge
- r5a.2xlarge
- r5a.4xlarge
- r5a.8xlarge
- r5a.12xlarge
- r5a.16xlarge
- r5a.24xlarge
- r5b.large
- r5b.xlarge
- r5b.2xlarge
- r5b.4xlarge
- r5b.8xlarge
- r5b.12xlarge
- r5b.16xlarge
- r5b.24xlarge
- r5n.large
- r5n.xlarge
- r5n.2xlarge
- r5n.4xlarge
- r5n.8xlarge
- r5n.12xlarge
- r5n.16xlarge
- r5n.24xlarge
- r6i.large
- r6i.xlarge
- r6i.2xlarge
- r6i.4xlarge
- r6i.8xlarge
- r6i.12xlarge
- r6i.16xlarge
- r6i.24xlarge
- r6i.32xlarge
- m6a.large
- m6a.xlarge
- m6a.2xlarge
- m6a.4xlarge
- m6a.8xlarge
- m6a.12xlarge
- m6a.16xlarge
- m6a.24xlarge - m6a.32xlarge
- m6a.48xlarge
| c5.xlarge | no |
| gateways_min_group_size | The minimal number of Security Gateways | number | n/a | 2 | no |
| gateways_max_group_size | The maximal number of Security Gateways | number | n/a | 10 | no |
-| gateway_version | Gateway version and license | string | - R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.10-PAYG-NGTX
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX | R81.20-BYOL | no |
+| gateway_version | Gateway version and license | string | - R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.10-PAYG-NGTX
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
- R82-BYOL
- R82-PAYG-NGTP
- R82-PAYG-NGTX | R81.20-BYOL | no |
| gateway_password_hash | (Optional) Admin user's password hash (use command 'openssl passwd -6 PASSWORD' to get the PASSWORD's hash) | string | n/a | "" | no |
| gateway_SIC_Key | The Secure Internal Communication key for trusted connection between Check Point components. Choose a random string consisting of at least 8 alphanumeric characters | string | n/a | "12345678" | yes |
| enable_cloudwatch | Report Check Point specific CloudWatch metrics | bool | true/false | false | no |
| management_deploy | Select 'false' to use an existing Security Management Server or to deploy one later and to ignore the other parameters of this section | bool | true/false | true | no |
| management_instance_type | The EC2 instance type of the Security Management Server | string | - c5.large
- c5.xlarge
- c5.2xlarge
- c5.4xlarge
- c5.9xlarge
- c5.12xlarge
- c5.18xlarge
- c5.24xlarge
- c5n.large
- c5n.xlarge
- c5n.2xlarge
- c5n.4xlarge
- c5n.9xlarge
- c5n.18xlarge
- c5d.large
- c5d.xlarge
- c5d.2xlarge
- c5d.4xlarge
- c5d.9xlarge
- c5d.12xlarge
- c5d.18xlarge
- c5d.24xlarge
- m5.large
- m5.xlarge
- m5.2xlarge
- m5.4xlarge
- m5.8xlarge
- m5.12xlarge
- m5.16xlarge
- m5.24xlarge
- m6i.large
- m6i.xlarge
- m6i.2xlarge
- m6i.4xlarge
- m6i.8xlarge
- m6i.12xlarge
- m6i.16xlarge
- m6i.24xlarge
- m6i.32xlarge
- c6i.large
- c6i.xlarge
- c6i.2xlarge
- c6i.4xlarge
- c6i.8xlarge
- c6i.12xlarge
- c6i.16xlarge
- c6i.24xlarge
- c6i.32xlarge
- c6in.large
- c6in.xlarge
- c6in.2xlarge
- c6in.4xlarge
- c6in.8xlarge
- c6in.12xlarge
- c6in.16xlarge
- c6in.24xlarge
- c6in.32xlarge
- r5.large
- r5.xlarge
- r5.2xlarge
- r5.4xlarge
- r5.8xlarge
- r5.12xlarge
- r5.16xlarge
- r5.24xlarge
- r5a.large
- r5a.xlarge
- r5a.2xlarge
- r5a.4xlarge
- r5a.8xlarge
- r5a.12xlarge
- r5a.16xlarge
- r5a.24xlarge
- r5b.large
- r5b.xlarge
- r5b.2xlarge
- r5b.4xlarge
- r5b.8xlarge
- r5b.12xlarge
- r5b.16xlarge
- r5b.24xlarge
- r5n.large
- r5n.xlarge
- r5n.2xlarge
- r5n.4xlarge
- r5n.8xlarge
- r5n.12xlarge
- r5n.16xlarge
- r5n.24xlarge
- r6i.large
- r6i.xlarge
- r6i.2xlarge
- r6i.4xlarge
- r6i.8xlarge
- r6i.12xlarge
- r6i.16xlarge
- r6i.24xlarge
- r6i.32xlarge
- m6a.large
- m6a.xlarge
- m6a.2xlarge
- m6a.4xlarge
- m6a.8xlarge
- m6a.12xlarge
- m6a.16xlarge
- m6a.24xlarge - m6a.32xlarge
- m6a.48xlarge
| m5.xlarge | no |
-| management_version | The license to install on the Security Management Server | string | - R81.10-BYOL
- R81.10-PAYG
- R81.20-BYOL
- R81.20-PAYG | R81.20-BYOL | no |
+| management_version | The license to install on the Security Management Server | string | - R81.10-BYOL
- R81.10-PAYG
- R81.20-BYOL
- R81.20-PAYG
- R82-BYOL
- R82-PAYG | R81.20-BYOL | no |
| management_password_hash | (Optional) Admin user's password hash (use command 'openssl passwd -6 PASSWORD' to get the PASSWORD's hash) | string | n/a | "" | no |
| gateways_policy | The name of the Security Policy package to be installed on the gateways in the Security Gateways Auto Scaling group | string | n/a | Standard | no |
| gateways_blades | Turn on the Intrusion Prevention System, Application Control, Anti-Virus and Anti-Bot Blades (additional Blades can be manually turned on later) | bool | true/false | true | no |
@@ -238,20 +238,21 @@ secret_key = "my-secret-key"
In order to check the template version, please refer to [sk116585](https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk116585)
-| Template Version | Description |
-|------------------|---------------------------------------------------------------------------------------|
-| 20240425 | Remove support for R81 and lower versions |
-| 20240515 | Add support for requiring use instance metadata service version 2 (IMDSv2) only |
-| 20231127 | Add support for parameter admin shell |
-| 20231012 | Update AWS Terraform provider version to 5.20.1 |
-| 20230923 | Add support for C5d instance type |
-| 20230914 | Add support for maintenance mode password |
-| 20230829 | Change default Check Point version to R81.20 |
-| 20230806 | Add support for c6in instance type |
-| 20221226 | Support ASG Launch Template instead of Launch Configuration |
-| 20221123 | R81.20 version support |
-| 20220606 | New instance type support |
-| 20210309 | First release of Check Point Quick Start Auto Scaling Master Terraform module for AWS |
+| Template Version | Description |
+|------------------|-----------------------------------------------------------------------------------------------|
+| 20241027 | R82 version support |
+| 20240425 | Remove support for R81 and lower versions |
+| 20240515 | Add support for requiring use instance metadata service version 2 (IMDSv2) only |
+| 20231127 | Add support for parameter admin shell |
+| 20231012 | Update AWS Terraform provider version to 5.20.1 |
+| 20230923 | Add support for C5d instance type |
+| 20230914 | Add support for maintenance mode password |
+| 20230829 | Change default Check Point version to R81.20 |
+| 20230806 | Add support for c6in instance type |
+| 20221226 | Support ASG Launch Template instead of Launch Configuration |
+| 20221123 | R81.20 version support |
+| 20220606 | New instance type support |
+| 20210309 | First release of Check Point Quick Start Auto Scaling Master Terraform module for AWS |
## License
diff --git a/terraform/aws/qs-autoscale/README.md b/terraform/aws/qs-autoscale/README.md
old mode 100755
new mode 100644
index ee559913..fe0398e9
--- a/terraform/aws/qs-autoscale/README.md
+++ b/terraform/aws/qs-autoscale/README.md
@@ -156,7 +156,7 @@ secret_key = "my-secret-key"
## Inputs
| Name | Description | Type | Allowed values | Default | Required |
-|-------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------|----------|
+|-------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------|----------|
| prefix | (Optional) Instances name prefix | string | n/a | "" | no |
| asg_name | Autoscaling Group name | string | n/a | Check-Point-ASG-tf | no |
| vpc_id | Select an existing VPC | string | n/a | n/a | yes |
@@ -176,13 +176,13 @@ secret_key = "my-secret-key"
| gateway_instance_type | The instance type of the Security Gateways | string | - c4.large
- c4.xlarge
- c5.large
- c5.xlarge
- c5.2xlarge
- c5.4xlarge
- c5.9xlarge
- c5.12xlarge
- c5.18xlarge
- c5.24xlarge
- c5n.large
- c5n.xlarge
- c5n.2xlarge
- c5n.4xlarge
- c5n.9xlarge
- c5n.18xlarge
- c5d.large
- c5d.xlarge
- c5d.2xlarge
- c5d.4xlarge
- c5d.9xlarge
- c5d.12xlarge
- c5d.18xlarge
- c5d.24xlarge
- m5.large
- m5.xlarge
- m5.2xlarge
- m5.4xlarge
- m5.8xlarge
- m5.12xlarge
- m5.16xlarge
- m5.24xlarge
- m6i.large
- m6i.xlarge
- m6i.2xlarge
- m6i.4xlarge
- m6i.8xlarge
- m6i.12xlarge
- m6i.16xlarge
- m6i.24xlarge
- m6i.32xlarge
- c6i.large
- c6i.xlarge
- c6i.2xlarge
- c6i.4xlarge
- c6i.8xlarge
- c6i.12xlarge
- c6i.16xlarge
- c6i.24xlarge
- c6i.32xlarge
- c6in.large
- c6in.xlarge
- c6in.2xlarge
- c6in.4xlarge
- c6in.8xlarge
- c6in.12xlarge
- c6in.16xlarge
- c6in.24xlarge
- c6in.32xlarge
- r5.large
- r5.xlarge
- r5.2xlarge
- r5.4xlarge
- r5.8xlarge
- r5.12xlarge
- r5.16xlarge
- r5.24xlarge
- r5a.large
- r5a.xlarge
- r5a.2xlarge
- r5a.4xlarge
- r5a.8xlarge
- r5a.12xlarge
- r5a.16xlarge
- r5a.24xlarge
- r5b.large
- r5b.xlarge
- r5b.2xlarge
- r5b.4xlarge
- r5b.8xlarge
- r5b.12xlarge
- r5b.16xlarge
- r5b.24xlarge
- r5n.large
- r5n.xlarge
- r5n.2xlarge
- r5n.4xlarge
- r5n.8xlarge
- r5n.12xlarge
- r5n.16xlarge
- r5n.24xlarge
- r6i.large
- r6i.xlarge
- r6i.2xlarge
- r6i.4xlarge
- r6i.8xlarge
- r6i.12xlarge
- r6i.16xlarge
- r6i.24xlarge
- r6i.32xlarge
- m6a.large
- m6a.xlarge
- m6a.2xlarge
- m6a.4xlarge
- m6a.8xlarge
- m6a.12xlarge
- m6a.16xlarge
- m6a.24xlarge - m6a.32xlarge
- m6a.48xlarge
| c5.xlarge | no |
| gateways_min_group_size | The minimal number of Security Gateways | number | n/a | 2 | no |
| gateways_max_group_size | The maximal number of Security Gateways | number | n/a | 10 | no |
-| gateway_version | Gateway version and license | string | - R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.10-PAYG-NGTX
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX | R81.20-BYOL | no |
+| gateway_version | Gateway version and license | string | - R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.10-PAYG-NGTX
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
- R82-BYOL
- R82-PAYG-NGTP
- R82-PAYG-NGTX | R81.20-BYOL | no |
| gateway_password_hash | (Optional) Admin user's password hash (use command 'openssl passwd -6 PASSWORD' to get the PASSWORD's hash) | string | n/a | "" | no |
| gateway_SIC_Key | The Secure Internal Communication key for trusted connection between Check Point components. Choose a random string consisting of at least 8 alphanumeric characters | string | n/a | "12345678" | yes |
| enable_cloudwatch | Report Check Point specific CloudWatch metrics | bool | true/false | false | no |
| management_deploy | Select 'false' to use an existing Security Management Server or to deploy one later and to ignore the other parameters of this section | bool | true/false | true | no |
| management_instance_type | The EC2 instance type of the Security Management Server | string | - c5.large
- c5.xlarge
- c5.2xlarge
- c5.4xlarge
- c5.9xlarge
- c5.12xlarge
- c5.18xlarge
- c5.24xlarge
- c5n.large
- c5n.xlarge
- c5n.2xlarge
- c5n.4xlarge
- c5n.9xlarge
- c5n.18xlarge
- c5d.large
- c5d.xlarge
- c5d.2xlarge
- c5d.4xlarge
- c5d.9xlarge
- c5d.12xlarge
- c5d.18xlarge
- c5d.24xlarge
- m5.large
- m5.xlarge
- m5.2xlarge
- m5.4xlarge
- m5.8xlarge
- m5.12xlarge
- m5.16xlarge
- m5.24xlarge
- m6i.large
- m6i.xlarge
- m6i.2xlarge
- m6i.4xlarge
- m6i.8xlarge
- m6i.12xlarge
- m6i.16xlarge
- m6i.24xlarge
- m6i.32xlarge
- c6i.large
- c6i.xlarge
- c6i.2xlarge
- c6i.4xlarge
- c6i.8xlarge
- c6i.12xlarge
- c6i.16xlarge
- c6i.24xlarge
- c6i.32xlarge
- c6in.large
- c6in.xlarge
- c6in.2xlarge
- c6in.4xlarge
- c6in.8xlarge
- c6in.12xlarge
- c6in.16xlarge
- c6in.24xlarge
- c6in.32xlarge
- r5.large
- r5.xlarge
- r5.2xlarge
- r5.4xlarge
- r5.8xlarge
- r5.12xlarge
- r5.16xlarge
- r5.24xlarge
- r5a.large
- r5a.xlarge
- r5a.2xlarge
- r5a.4xlarge
- r5a.8xlarge
- r5a.12xlarge
- r5a.16xlarge
- r5a.24xlarge
- r5b.large
- r5b.xlarge
- r5b.2xlarge
- r5b.4xlarge
- r5b.8xlarge
- r5b.12xlarge
- r5b.16xlarge
- r5b.24xlarge
- r5n.large
- r5n.xlarge
- r5n.2xlarge
- r5n.4xlarge
- r5n.8xlarge
- r5n.12xlarge
- r5n.16xlarge
- r5n.24xlarge
- r6i.large
- r6i.xlarge
- r6i.2xlarge
- r6i.4xlarge
- r6i.8xlarge
- r6i.12xlarge
- r6i.16xlarge
- r6i.24xlarge
- r6i.32xlarge
- m6a.large
- m6a.xlarge
- m6a.2xlarge
- m6a.4xlarge
- m6a.8xlarge
- m6a.12xlarge
- m6a.16xlarge
- m6a.24xlarge - m6a.32xlarge
- m6a.48xlarge
| m5.xlarge | no |
-| management_version | The license to install on the Security Management Server | string | - R81.10-BYOL
- R81.10-PAYG
- R81.20-BYOL
- R81.20-PAYG | R81.20-BYOL | no |
+| management_version | The license to install on the Security Management Server | string | - R81.10-BYOL
- R81.10-PAYG
- R81.20-BYOL
- R81.20-PAYG
- R82-BYOL
- R82-PAYG | R81.20-BYOL | no |
| management_password_hash | (Optional) Admin user's password hash (use command 'openssl passwd -6 PASSWORD' to get the PASSWORD's hash) | string | n/a | "" | no |
| gateways_policy | The name of the Security Policy package to be installed on the gateways in the Security Gateways Auto Scaling group | string | n/a | Standard | no |
| gateways_blades | Turn on the Intrusion Prevention System, Application Control, Anti-Virus and Anti-Bot Blades (additional Blades can be manually turned on later) | bool | true/false | true | no |
@@ -218,6 +218,7 @@ In order to check the template version, please refer to [sk116585](https://suppo
| Template Version | Description |
|------------------|-------------------------------------------------------------------------------------------------------------------------------------|
+| 20241027 | R82 version support |
| 20240515 | Add support for requiring use instance metadata service version 2 (IMDSv2) only |
| 20240425 | Remove support for R81 and lower versions |
| 20240310 | Add support for requiring use instance metadata service version 2 (IMDSv2) only |
diff --git a/terraform/aws/standalone-master/README.md b/terraform/aws/standalone-master/README.md
old mode 100755
new mode 100644
index ef5219d9..78d42f12
--- a/terraform/aws/standalone-master/README.md
+++ b/terraform/aws/standalone-master/README.md
@@ -152,7 +152,7 @@ secret_key = "my-secret-key"
| disable_instance_termination | Prevents an instance from accidental termination. Note: Once this attribute is true terraform destroy won't work properly | bool | true/false | false | no |
| metadata_imdsv2_required | Set true to deploy the instance with metadata v2 token required | bool | true/false | true | yes |
| instance_tags | (Optional) A map of tags as key=value pairs. All tags will be added to the Standalone EC2 Instance | map(string) | n/a | {} | no |
-| standalone_version | Security Gateway & Management (Standalone) version and license | string | - R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.20-BYOL
- R81.20-PAYG-NGTP | R81.20-BYOL | no |
+| standalone_version | Security Gateway & Management (Standalone) version and license | string | - R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R82-BYOL
- R82-PAYG-NGTP | R81.20-BYOL | no |
| admin_shell | Set the admin shell to enable advanced command line configuration | string | - /etc/cli.sh
- /bin/bash
- /bin/csh
- /bin/tcsh | /etc/cli.sh | no |
| standalone_password_hash | (Optional) Admin user's password hash (use command 'openssl passwd -6 PASSWORD' to get the PASSWORD's hash) | string | n/a | "" | no |
| resources_tag_name | (optional) | string | n/a | "" | no |
@@ -185,6 +185,7 @@ In order to check the template version, please refer to [sk116585](https://suppo
| Template Version | Description |
|------------------|-------------------------------------------------------------------------------------------------------------------------|
+| 20241027 | R82 version support |
| 20240704 | - R80.40 version deprecation.
- R81 version deprecation. |
| 20240515 | Add support for requiring use instance metadata service version 2 (IMDSv2) only |
| 20231113 | Add support for BYOL license type for Standalone |
diff --git a/terraform/aws/standalone/README.md b/terraform/aws/standalone/README.md
old mode 100755
new mode 100644
index 1614c44d..619be496
--- a/terraform/aws/standalone/README.md
+++ b/terraform/aws/standalone/README.md
@@ -114,7 +114,7 @@ secret_key = "my-secret-key"
## Inputs
| Name | Description | Type | Allowed values | Default | Required |
-|-------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------|----------|
+|-------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------|----------|
| vpc_id | The VPC id in which to deploy | string | n/a | n/a | yes |
| public_subnet_id | The public subnet of the Security Gateway & Management (Standalone) | string | n/a | n/a | yes |
| private_subnet_id | The private subnet of the Security Gateway & Management (Standalone) | string | n/a | n/a | yes |
@@ -129,7 +129,7 @@ secret_key = "my-secret-key"
| disable_instance_termination | Prevents an instance from accidental termination. Note: Once this attribute is true terraform destroy won't work properly | bool | true/false | false | no |
| metadata_imdsv2_required | Set true to deploy the instance with metadata v2 token required | bool | true/false | true | yes |
| instance_tags | (Optional) A map of tags as key=value pairs. All tags will be added to the Standalone EC2 Instance | map(string) | n/a | {} | no |
-| standalone_version | Security Gateway & Management (Standalone) version and license | string | - R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.20-BYOL
- R81.20-PAYG-NGTP | R81.20-BYOL | no |
+| standalone_version | Security Gateway & Management (Standalone) version and license | string | - R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R82-BYOL
- R82-PAYG | R81.20-BYOL | no |
| admin_shell | Set the admin shell to enable advanced command line configuration | string | - /etc/cli.sh
- /bin/bash
- /bin/csh
- /bin/tcsh | /etc/cli.sh | no |
| standalone_password_hash | (Optional) Admin user's password hash (use command 'openssl passwd -6 PASSWORD' to get the PASSWORD's hash) | string | n/a | "" | no |
| resources_tag_name | (optional) | string | n/a | "" | no |
@@ -157,7 +157,8 @@ secret_key = "my-secret-key"
In order to check the template version, please refer to [sk116585](https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk116585)
| Template Version | Description |
-|--------------------|------------------------------------------------------------------------------------------------------------------|
+|------------------|------------------------------------------------------------------------------------------------------------------|
+| 20241027 | R82 version support |
| 20210309 | First release of Check Point Security Management Server & Security Gateway (Standalone) Terraform module for AWS |
## License
diff --git a/terraform/aws/standalone/standalone_userdata.yaml b/terraform/aws/standalone/standalone_userdata.yaml
old mode 100755
new mode 100644
index 0bf47ec4..205b5bc3
--- a/terraform/aws/standalone/standalone_userdata.yaml
+++ b/terraform/aws/standalone/standalone_userdata.yaml
@@ -1,4 +1,4 @@
#cloud-config
runcmd:
- |
- python3 /etc/cloud_config.py enableCloudWatch=\"${EnableCloudWatch}\" installationType=\"standalone\" osVersion=\"${OsVersion}\" allowUploadDownload=\"${AllowUploadDownload}\" templateVersion=\"20240704\" templateName=\"standalone\" templateType=\"terraform\" shell=\"${Shell}\" enableInstanceConnect=\"${EnableInstanceConnect}\" hostName=\"${Hostname }\" ntpPrimary=\"${NTPPrimary}\" ntpSecondary=\"${NTPSecondary}\" passwordHash=\"${PasswordHash}\" MaintenanceModePassword=\"${MaintenanceModePassword}\" adminSubnet=\"${AdminSubnet}\" allocatePublicAddress=\"${AllocateElasticIP}\" bootstrapScript64=\"${StandaloneBootstrapScript}\"
\ No newline at end of file
+ python3 /etc/cloud_config.py enableCloudWatch=\"${EnableCloudWatch}\" installationType=\"standalone\" osVersion=\"${OsVersion}\" allowUploadDownload=\"${AllowUploadDownload}\" templateVersion=\"20241027\" templateName=\"standalone\" templateType=\"terraform\" shell=\"${Shell}\" enableInstanceConnect=\"${EnableInstanceConnect}\" hostName=\"${Hostname }\" ntpPrimary=\"${NTPPrimary}\" ntpSecondary=\"${NTPSecondary}\" passwordHash=\"${PasswordHash}\" MaintenanceModePassword=\"${MaintenanceModePassword}\" adminSubnet=\"${AdminSubnet}\" allocatePublicAddress=\"${AllocateElasticIP}\" bootstrapScript64=\"${StandaloneBootstrapScript}\"
\ No newline at end of file
diff --git a/terraform/aws/tap/main.tf b/terraform/aws/tap/main.tf
old mode 100755
new mode 100644
diff --git a/terraform/aws/tap/output.tf b/terraform/aws/tap/output.tf
old mode 100755
new mode 100644
diff --git a/terraform/aws/tap/tap_lambda.py b/terraform/aws/tap/tap_lambda.py
old mode 100755
new mode 100644
diff --git a/terraform/aws/tap/tap_termination_lambda.py b/terraform/aws/tap/tap_termination_lambda.py
old mode 100755
new mode 100644
diff --git a/terraform/aws/tap/tap_user_data.sh b/terraform/aws/tap/tap_user_data.sh
old mode 100755
new mode 100644
diff --git a/terraform/aws/tgw-asg-master/README.md b/terraform/aws/tgw-asg-master/README.md
old mode 100755
new mode 100644
index 18940e6e..85b2aa3c
--- a/terraform/aws/tgw-asg-master/README.md
+++ b/terraform/aws/tgw-asg-master/README.md
@@ -168,14 +168,14 @@ secret_key = "my-secret-key"
| gateway_instance_type | The instance type of the Security Gateways | string | - c4.large
- c4.xlarge
- c5.large
- c5.xlarge
- c5.2xlarge
- c5.4xlarge
- c5.9xlarge
- c5.12xlarge
- c5.18xlarge
- c5.24xlarge
- c5n.large
- c5n.xlarge
- c5n.2xlarge
- c5n.4xlarge
- c5n.9xlarge
- c5n.18xlarge
- c5d.large
- c5d.xlarge
- c5d.2xlarge
- c5d.4xlarge
- c5d.9xlarge
- c5d.12xlarge
- c5d.18xlarge
- c5d.24xlarge
- m5.large
- m5.xlarge
- m5.2xlarge
- m5.4xlarge
- m5.8xlarge
- m5.12xlarge
- m5.16xlarge
- m5.24xlarge
- m6i.large
- m6i.xlarge
- m6i.2xlarge
- m6i.4xlarge
- m6i.8xlarge
- m6i.12xlarge
- m6i.16xlarge
- m6i.24xlarge
- m6i.32xlarge
- c6i.large
- c6i.xlarge
- c6i.2xlarge
- c6i.4xlarge
- c6i.8xlarge
- c6i.12xlarge
- c6i.16xlarge
- c6i.24xlarge
- c6i.32xlarge
- c6in.large
- c6in.xlarge
- c6in.2xlarge
- c6in.4xlarge
- c6in.8xlarge
- c6in.12xlarge
- c6in.16xlarge
- c6in.24xlarge
- c6in.32xlarge
- r5.large
- r5.xlarge
- r5.2xlarge
- r5.4xlarge
- r5.8xlarge
- r5.12xlarge
- r5.16xlarge
- r5.24xlarge
- r5a.large
- r5a.xlarge
- r5a.2xlarge
- r5a.4xlarge
- r5a.8xlarge
- r5a.12xlarge
- r5a.16xlarge
- r5a.24xlarge
- r5b.large
- r5b.xlarge
- r5b.2xlarge
- r5b.4xlarge
- r5b.8xlarge
- r5b.12xlarge
- r5b.16xlarge
- r5b.24xlarge
- r5n.large
- r5n.xlarge
- r5n.2xlarge
- r5n.4xlarge
- r5n.8xlarge
- r5n.12xlarge
- r5n.16xlarge
- r5n.24xlarge
- r6i.large
- r6i.xlarge
- r6i.2xlarge
- r6i.4xlarge
- r6i.8xlarge
- r6i.12xlarge
- r6i.16xlarge
- r6i.24xlarge
- r6i.32xlarge
- m6a.large
- m6a.xlarge
- m6a.2xlarge
- m6a.4xlarge
- m6a.8xlarge
- m6a.12xlarge
- m6a.16xlarge
- m6a.24xlarge - m6a.32xlarge
- m6a.48xlarge
| c5.xlarge | no |
| gateways_min_group_size | The minimal number of Security Gateways | number | n/a | 2 | no |
| gateways_max_group_size | The maximal number of Security Gateways | number | n/a | 10 | no |
-| gateway_version | Gateway version and license | string | - R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.10-PAYG-NGTX
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX | R81.20-BYOL | no |
+| gateway_version | Gateway version and license | string | - R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.10-PAYG-NGTX
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
- R82-BYOL
- R82-PAYG-NGTP
- R82-PAYG-NGTX | R81.20-BYOL | no |
| gateway_password_hash | (Optional) Admin user's password hash (use command 'openssl passwd -6 PASSWORD' to get the PASSWORD's hash) | string | n/a | "" | no |
| gateway_SIC_Key | The Secure Internal Communication key for trusted connection between Check Point components. Choose a random string consisting of at least 8 alphanumeric characters | string | n/a | "12345678" | yes |
| enable_cloudwatch | Report Check Point specific CloudWatch metrics | bool | true/false | false | no |
| asn | The organization Autonomous System Number (ASN) that identifies the routing domain for the Security Gateways | string | n/a | 6500 | no |
| management_deploy | Select 'false' to use an existing Security Management Server or to deploy one later and to ignore the other parameters of this section | bool | true/false | true | no |
| management_instance_type | The EC2 instance type of the Security Management Server | string | - c5.large
- c5.xlarge
- c5.2xlarge
- c5.4xlarge
- c5.9xlarge
- c5.12xlarge
- c5.18xlarge
- c5.24xlarge
- c5n.large
- c5n.xlarge
- c5n.2xlarge
- c5n.4xlarge
- c5n.9xlarge
- c5n.18xlarge
- c5d.large
- c5d.xlarge
- c5d.2xlarge
- c5d.4xlarge
- c5d.9xlarge
- c5d.12xlarge
- c5d.18xlarge
- c5d.24xlarge
- m5.large
- m5.xlarge
- m5.2xlarge
- m5.4xlarge
- m5.8xlarge
- m5.12xlarge
- m5.16xlarge
- m5.24xlarge
- m6i.large
- m6i.xlarge
- m6i.2xlarge
- m6i.4xlarge
- m6i.8xlarge
- m6i.12xlarge
- m6i.16xlarge
- m6i.24xlarge
- m6i.32xlarge
- c6i.large
- c6i.xlarge
- c6i.2xlarge
- c6i.4xlarge
- c6i.8xlarge
- c6i.12xlarge
- c6i.16xlarge
- c6i.24xlarge
- c6i.32xlarge
- c6in.large
- c6in.xlarge
- c6in.2xlarge
- c6in.4xlarge
- c6in.8xlarge
- c6in.12xlarge
- c6in.16xlarge
- c6in.24xlarge
- c6in.32xlarge
- r5.large
- r5.xlarge
- r5.2xlarge
- r5.4xlarge
- r5.8xlarge
- r5.12xlarge
- r5.16xlarge
- r5.24xlarge
- r5a.large
- r5a.xlarge
- r5a.2xlarge
- r5a.4xlarge
- r5a.8xlarge
- r5a.12xlarge
- r5a.16xlarge
- r5a.24xlarge
- r5b.large
- r5b.xlarge
- r5b.2xlarge
- r5b.4xlarge
- r5b.8xlarge
- r5b.12xlarge
- r5b.16xlarge
- r5b.24xlarge
- r5n.large
- r5n.xlarge
- r5n.2xlarge
- r5n.4xlarge
- r5n.8xlarge
- r5n.12xlarge
- r5n.16xlarge
- r5n.24xlarge
- r6i.large
- r6i.xlarge
- r6i.2xlarge
- r6i.4xlarge
- r6i.8xlarge
- r6i.12xlarge
- r6i.16xlarge
- r6i.24xlarge
- r6i.32xlarge
- m6a.large
- m6a.xlarge
- m6a.2xlarge
- m6a.4xlarge
- m6a.8xlarge
- m6a.12xlarge
- m6a.16xlarge
- m6a.24xlarge - m6a.32xlarge
- m6a.48xlarge
| m5.xlarge | no |
-| management_version | The license to install on the Security Management Server | string | - R81.10-BYOL
- R81.10-PAYG
- R81.20-BYOL
- R81.20-PAYG | R81.20-BYOL | no |
+| management_version | The license to install on the Security Management Server | string | - R81.10-BYOL
- R81.10-PAYG
- R81.20-BYOL
- R81.20-PAYG
- R82-BYOL
- R82-PAYG | R81.20-BYOL | no |
| management_password_hash | (Optional) Admin user's password hash (use command 'openssl passwd -6 PASSWORD' to get the PASSWORD's hash) | string | n/a | "" | no |
| management_permissions | IAM role to attach to the instance profile | string | - None (configure later)
- Use existing (specify an existing IAM role name)
- Create with assume role permissions (specify an STS role ARN)
- Create with read permissions
- Create with read-write permissions | Create with read-write permissions | no |
| management_predefined_role | ((Optional) A predefined IAM role to attach to the instance profile. Ignored if IAM role is not set to 'Use existing' | string | n/a | "" | no |
@@ -207,6 +207,7 @@ In order to check the template version, please refer to [sk116585](https://suppo
| Template Version | Description |
|------------------|-------------------------------------------------------------------------------------------------|
+| 20241027 | R82 version support |
| 20240704 | - R80.40 version deprecation.
- R81 version deprecation. |
| 20240515 | Add support for requiring use instance metadata service version 2 (IMDSv2) only |
| 20231012 | Update AWS Terraform provider version to 5.20.1 |
diff --git a/terraform/aws/tgw-asg/README.md b/terraform/aws/tgw-asg/README.md
old mode 100755
new mode 100644
index 44e1c298..e32fa852
--- a/terraform/aws/tgw-asg/README.md
+++ b/terraform/aws/tgw-asg/README.md
@@ -159,14 +159,14 @@ secret_key = "my-secret-key"
| gateway_instance_type | The instance type of the Security Gateways | string | - c4.large
- c4.xlarge
- c5.large
- c5.xlarge
- c5.2xlarge
- c5.4xlarge
- c5.9xlarge
- c5.12xlarge
- c5.18xlarge
- c5.24xlarge
- c5n.large
- c5n.xlarge
- c5n.2xlarge
- c5n.4xlarge
- c5n.9xlarge
- c5n.18xlarge
- c5d.large
- c5d.xlarge
- c5d.2xlarge
- c5d.4xlarge
- c5d.9xlarge
- c5d.12xlarge
- c5d.18xlarge
- c5d.24xlarge
- m5.large
- m5.xlarge
- m5.2xlarge
- m5.4xlarge
- m5.8xlarge
- m5.12xlarge
- m5.16xlarge
- m5.24xlarge
- m6i.large
- m6i.xlarge
- m6i.2xlarge
- m6i.4xlarge
- m6i.8xlarge
- m6i.12xlarge
- m6i.16xlarge
- m6i.24xlarge
- m6i.32xlarge
- c6i.large
- c6i.xlarge
- c6i.2xlarge
- c6i.4xlarge
- c6i.8xlarge
- c6i.12xlarge
- c6i.16xlarge
- c6i.24xlarge
- c6i.32xlarge
- c6in.large
- c6in.xlarge
- c6in.2xlarge
- c6in.4xlarge
- c6in.8xlarge
- c6in.12xlarge
- c6in.16xlarge
- c6in.24xlarge
- c6in.32xlarge
- r5.large
- r5.xlarge
- r5.2xlarge
- r5.4xlarge
- r5.8xlarge
- r5.12xlarge
- r5.16xlarge
- r5.24xlarge
- r5a.large
- r5a.xlarge
- r5a.2xlarge
- r5a.4xlarge
- r5a.8xlarge
- r5a.12xlarge
- r5a.16xlarge
- r5a.24xlarge
- r5b.large
- r5b.xlarge
- r5b.2xlarge
- r5b.4xlarge
- r5b.8xlarge
- r5b.12xlarge
- r5b.16xlarge
- r5b.24xlarge
- r5n.large
- r5n.xlarge
- r5n.2xlarge
- r5n.4xlarge
- r5n.8xlarge
- r5n.12xlarge
- r5n.16xlarge
- r5n.24xlarge
- r6i.large
- r6i.xlarge
- r6i.2xlarge
- r6i.4xlarge
- r6i.8xlarge
- r6i.12xlarge
- r6i.16xlarge
- r6i.24xlarge
- r6i.32xlarge
- m6a.large
- m6a.xlarge
- m6a.2xlarge
- m6a.4xlarge
- m6a.8xlarge
- m6a.12xlarge
- m6a.16xlarge
- m6a.24xlarge - m6a.32xlarge
- m6a.48xlarge
| c5.xlarge | no |
| gateways_min_group_size | The minimal number of Security Gateways | number | n/a | 2 | no |
| gateways_max_group_size | The maximal number of Security Gateways | number | n/a | 10 | no |
-| gateway_version | Gateway version and license | string | - R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.10-PAYG-NGTX
- R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.10-PAYG-NGTX
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
- R81.20-PAYG-NGTX | R81.20-BYOL | no |
+| gateway_version | Gateway version and license | string | - R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.10-PAYG-NGTX
- R81.10-BYOL
- R81.10-PAYG-NGTP
- R81.10-PAYG-NGTX
- R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
- R81.20-PAYG-NGTX
- R82-BYOL
- R82-PAYG-NGTP
- R82-PAYG-NGTX | R81.20-BYOL | no |
| gateway_password_hash | (Optional) Admin user's password hash (use command 'openssl passwd -6 PASSWORD' to get the PASSWORD's hash) | string | n/a | "" | no |
| gateway_SIC_Key | The Secure Internal Communication key for trusted connection between Check Point components. Choose a random string consisting of at least 8 alphanumeric characters | string | n/a | "12345678" | yes |
| enable_cloudwatch | Report Check Point specific CloudWatch metrics | bool | true/false | false | no |
| asn | The organization Autonomous System Number (ASN) that identifies the routing domain for the Security Gateways | string | n/a | 6500 | no |
| management_deploy | Select 'false' to use an existing Security Management Server or to deploy one later and to ignore the other parameters of this section | bool | true/false | true | no |
| management_instance_type | The EC2 instance type of the Security Management Server | string | - c5.large
- c5.xlarge
- c5.2xlarge
- c5.4xlarge
- c5.9xlarge
- c5.12xlarge
- c5.18xlarge
- c5.24xlarge
- c5n.large
- c5n.xlarge
- c5n.2xlarge
- c5n.4xlarge
- c5n.9xlarge
- c5n.18xlarge
- c5d.large
- c5d.xlarge
- c5d.2xlarge
- c5d.4xlarge
- c5d.9xlarge
- c5d.12xlarge
- c5d.18xlarge
- c5d.24xlarge
- m5.large
- m5.xlarge
- m5.2xlarge
- m5.4xlarge
- m5.8xlarge
- m5.12xlarge
- m5.16xlarge
- m5.24xlarge
- m6i.large
- m6i.xlarge
- m6i.2xlarge
- m6i.4xlarge
- m6i.8xlarge
- m6i.12xlarge
- m6i.16xlarge
- m6i.24xlarge
- m6i.32xlarge
- c6i.large
- c6i.xlarge
- c6i.2xlarge
- c6i.4xlarge
- c6i.8xlarge
- c6i.12xlarge
- c6i.16xlarge
- c6i.24xlarge
- c6i.32xlarge
- c6in.large
- c6in.xlarge
- c6in.2xlarge
- c6in.4xlarge
- c6in.8xlarge
- c6in.12xlarge
- c6in.16xlarge
- c6in.24xlarge
- c6in.32xlarge
- r5.large
- r5.xlarge
- r5.2xlarge
- r5.4xlarge
- r5.8xlarge
- r5.12xlarge
- r5.16xlarge
- r5.24xlarge
- r5a.large
- r5a.xlarge
- r5a.2xlarge
- r5a.4xlarge
- r5a.8xlarge
- r5a.12xlarge
- r5a.16xlarge
- r5a.24xlarge
- r5b.large
- r5b.xlarge
- r5b.2xlarge
- r5b.4xlarge
- r5b.8xlarge
- r5b.12xlarge
- r5b.16xlarge
- r5b.24xlarge
- r5n.large
- r5n.xlarge
- r5n.2xlarge
- r5n.4xlarge
- r5n.8xlarge
- r5n.12xlarge
- r5n.16xlarge
- r5n.24xlarge
- r6i.large
- r6i.xlarge
- r6i.2xlarge
- r6i.4xlarge
- r6i.8xlarge
- r6i.12xlarge
- r6i.16xlarge
- r6i.24xlarge
- r6i.32xlarge
- m6a.large
- m6a.xlarge
- m6a.2xlarge
- m6a.4xlarge
- m6a.8xlarge
- m6a.12xlarge
- m6a.16xlarge
- m6a.24xlarge - m6a.32xlarge
- m6a.48xlarge
| m5.xlarge | no |
-| management_version | The license to install on the Security Management Server | string | - R81.10-BYOL
- R81.10-PAYG
- R81.20-BYOL
- R81.20-PAYG | R81.20-BYOL | no |
+| management_version | The license to install on the Security Management Server | string | - R81.10-BYOL
- R81.10-PAYG
- R81.20-BYOL
- R81.20-PAYG
- R82-BYOL
- R82-PAYG | R81.20-BYOL | no |
| management_password_hash | (Optional) Admin user's password hash (use command 'openssl passwd -6 PASSWORD' to get the PASSWORD's hash) | string | n/a | "" | no |
| management_permissions | IAM role to attach to the instance profile | string | - None (configure later)
- Use existing (specify an existing IAM role name)
- Create with assume role permissions (specify an STS role ARN)
- Create with read permissions
- Create with read-write permissions | Create with read-write permissions | no |
| management_predefined_role | ((Optional) A predefined IAM role to attach to the instance profile. Ignored if IAM role is not set to 'Use existing' | string | n/a | "" | no |
@@ -182,32 +182,33 @@ secret_key = "my-secret-key"
## Outputs
-| Name | Description |
-|--------------------------|--------------------------------------------------------------------------------------------------------|
-| management_instance_name | The deployed Security Management AWS instance name |
-| management_public_ip | The deployed Security Management Server AWS public ip |
-| management_url | URL to the portal of the deployed Security Management Server |
-| autoscaling_group_name | The name of the deployed AutoScaling Group |
+| Name | Description |
+|--------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| management_instance_name | The deployed Security Management AWS instance name |
+| management_public_ip | The deployed Security Management Server AWS public ip |
+| management_url | URL to the portal of the deployed Security Management Server |
+| autoscaling_group_name | The name of the deployed AutoScaling Group |
| configuration_template | The name that represents the configuration template. Configurations required to automatically provision the Gateways in the Auto Scaling Group, such as what Security Policy to install and which Blades to enable, will be placed under this template name |
-| controller_name | The name that represents the controller. Configurations required to connect to your AWS environment, such as credentials and regions, will be placed under this controller name |
+| controller_name | The name that represents the controller. Configurations required to connect to your AWS environment, such as credentials and regions, will be placed under this controller name |
## Revision History
In order to check the template version, please refer to [sk116585](https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk116585)
-| Template Version | Description |
-|------------------|------------------------------------------------------------------------------------------|
-| 20240704 | - R80.40 version deprecation.
- R81 version deprecation. |
-| 20240515 | Add support for requiring use instance metadata service version 2 (IMDSv2) only |
-| 20231012 | Update AWS Terraform provider version to 5.20.1 |
-| 20230923 | Add support for C5d instance type |
-| 20230914 | Add support for maintenance mode password |
-| 20230829 | Change default Check Point version to R81.20 |
-| 20230806 | Add support for c6in instance type |
-| 20230626 | Fixed missing x-chkp-* tags on Auto Scale Group |
-| 20221226 | Support ASG Launch Template instead of Launch Configuration |
-| 20221123 | R81.20 version support |
-| 20220606 | New instance type support |
-| 20210329 | First release of Check Point Transit Gateway Auto Scaling Group Terraform module for AWS |
+| Template Version | Description |
+|------------------|-----------------------------------------------------------------------------------------------|
+| 20241027 | R82 version support |
+| 20240704 | - R80.40 version deprecation.
- R81 version deprecation. |
+| 20240515 | Add support for requiring use instance metadata service version 2 (IMDSv2) only |
+| 20231012 | Update AWS Terraform provider version to 5.20.1 |
+| 20230923 | Add support for C5d instance type |
+| 20230914 | Add support for maintenance mode password |
+| 20230829 | Change default Check Point version to R81.20 |
+| 20230806 | Add support for c6in instance type |
+| 20230626 | Fixed missing x-chkp-* tags on Auto Scale Group |
+| 20221226 | Support ASG Launch Template instead of Launch Configuration |
+| 20221123 | R81.20 version support |
+| 20220606 | New instance type support |
+| 20210329 | First release of Check Point Transit Gateway Auto Scaling Group Terraform module for AWS |
## License
diff --git a/terraform/aws/tgw-cross-az-cluster-master/README.md b/terraform/aws/tgw-cross-az-cluster-master/README.md
old mode 100755
new mode 100644
index 6f488b2d..210d40b5
--- a/terraform/aws/tgw-cross-az-cluster-master/README.md
+++ b/terraform/aws/tgw-cross-az-cluster-master/README.md
@@ -140,7 +140,7 @@ secret_key = "my-secret-key"
## Inputs
| Name | Description | Type | Allowed values | Default | Required |
-|----------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------|----------|
+|----------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------|----------|
| vpc_cidr | The CIDR block of the VPC | string | n/a | n/a | yes |
| public_subnets_map | A map of pairs {availability-zone = subnet-suffix-number}. Each entry creates a subnet. Minimum 2 pairs. (e.g. {\"us-east-1a\" = 1 \"us-east-1b\" = 2} ) | map | n/a | n/a | yes |
| private_subnets_map | A map of pairs {availability-zone = subnet-suffix-number}. Each entry creates a subnet. Minimum 2 pairs. (e.g. {\"us-east-1a\" = 3 \"us-east-1b\" = 4} ) | map | n/a | n/a | yes |
@@ -158,7 +158,7 @@ secret_key = "my-secret-key"
| metadata_imdsv2_required | Set true to deploy the instance with metadata v2 token required | bool | true/false | true | yes |
| instance_tags | (Optional) A map of tags as key=value pairs. All tags will be added to the Gateway EC2 Instances | map(string) | n/a | {} | no |
| predefined_role | (Optional) A predefined IAM role to attach to the cluster profile | string | n/a | "" | no |
-| gateway_version | Gateway version and license | string | - R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX | R81.20-BYOL | no |
+| gateway_version | Gateway version and license | string | - R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
- R82-BYOL
- R82-PAYG-NGTP
- R82-PAYG-NGTX | R81.20-BYOL | no |
| admin_shell | Set the admin shell to enable advanced command line configuration | string | - /etc/cli.sh
- /bin/bash
- /bin/csh
- /bin/tcsh | /etc/cli.sh | no |
| gateway_SICKey | The Secure Internal Communication key for trusted connection between Check Point components. Choose a random string consisting of at least 8 alphanumeric characters | string | n/a | "12345678" | yes |
| gateway_password_hash | (Optional) Admin user's password hash (use command 'openssl passwd -6 PASSWORD' to get the PASSWORD's hash) | string | n/a | "" | no |
@@ -190,6 +190,7 @@ In order to check the template version, please refer to [sk116585](https://suppo
| Template Version | Description |
|------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| 20241027 | R82 version support |
| 20240515 | Add support for requiring use instance metadata service version 2 (IMDSv2) only |
| 20231012 | Update AWS Terraform provider version to 5.20.1 |
| 20230923 | Add support for C5d instance type |
diff --git a/terraform/aws/tgw-cross-az-cluster/README.md b/terraform/aws/tgw-cross-az-cluster/README.md
old mode 100755
new mode 100644
index de08521c..971ea70b
--- a/terraform/aws/tgw-cross-az-cluster/README.md
+++ b/terraform/aws/tgw-cross-az-cluster/README.md
@@ -134,41 +134,41 @@ secret_key = "my-secret-key"
- In Smart Console: reset SIC with the re-deployed member and install policy
## Inputs
-| Name | Description | Type | Allowed values | Default | Required |
-|-------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------|----------|
-| vpc_id | The VPC id in which to deploy | string | n/a | n/a | yes |
-| public_subnet_id | The public subnet of the cluster. The cluster's public IPs will be generated from this subnet | string | n/a | n/a | yes |
-| private_subnet_id | The private subnet of the cluster. The cluster's private IPs will be generated from this subnet | string | n/a | n/a | yes |
-| tgw_subnet_1_id | The TGW attachment subnet ID located in the 1st Availability Zone | string | n/a | n/a | yes |
-| tgw_subnet_2_id | The TGW attachment subnet ID located in the 2st Availability Zone | string | n/a | n/a | yes |
-| private_route_table | (Optional) Set 0.0.0.0/0 route to the Active Cluster member instance in this route table (e.g. rtb-12a34567). Route table cannot have an existing 0.0.0.0/0 route | string | n/a | "" | no |
-| gateway_name | (Optional) The name tag of the Security Gateway instances | string | n/a | Check-Point-Cluster-tf | no |
-| gateway_instance_type | The instance type of the Security Gateways | string | - c4.large
- c4.xlarge
- c5.large
- c5.xlarge
- c5.2xlarge
- c5.4xlarge
- c5.9xlarge
- c5.12xlarge
- c5.18xlarge
- c5.24xlarge
- c5n.large
- c5n.xlarge
- c5n.2xlarge
- c5n.4xlarge
- c5n.9xlarge
- c5n.18xlarge
- c5d.large
- c5d.xlarge
- c5d.2xlarge
- c5d.4xlarge
- c5d.9xlarge
- c5d.12xlarge
- c5d.18xlarge
- c5d.24xlarge
- m5.large
- m5.xlarge
- m5.2xlarge
- m5.4xlarge
- m5.8xlarge
- m5.12xlarge
- m5.16xlarge
- m5.24xlarge
- m6i.large
- m6i.xlarge
- m6i.2xlarge
- m6i.4xlarge
- m6i.8xlarge
- m6i.12xlarge
- m6i.16xlarge
- m6i.24xlarge
- m6i.32xlarge
- c6i.large
- c6i.xlarge
- c6i.2xlarge
- c6i.4xlarge
- c6i.8xlarge
- c6i.12xlarge
- c6i.16xlarge
- c6i.24xlarge
- c6i.32xlarge
- c6in.large
- c6in.xlarge
- c6in.2xlarge
- c6in.4xlarge
- c6in.8xlarge
- c6in.12xlarge
- c6in.16xlarge
- c6in.24xlarge
- c6in.32xlarge
- r5.large
- r5.xlarge
- r5.2xlarge
- r5.4xlarge
- r5.8xlarge
- r5.12xlarge
- r5.16xlarge
- r5.24xlarge
- r5a.large
- r5a.xlarge
- r5a.2xlarge
- r5a.4xlarge
- r5a.8xlarge
- r5a.12xlarge
- r5a.16xlarge
- r5a.24xlarge
- r5b.large
- r5b.xlarge
- r5b.2xlarge
- r5b.4xlarge
- r5b.8xlarge
- r5b.12xlarge
- r5b.16xlarge
- r5b.24xlarge
- r5n.large
- r5n.xlarge
- r5n.2xlarge
- r5n.4xlarge
- r5n.8xlarge
- r5n.12xlarge
- r5n.16xlarge
- r5n.24xlarge
- r6i.large
- r6i.xlarge
- r6i.2xlarge
- r6i.4xlarge
- r6i.8xlarge
- r6i.12xlarge
- r6i.16xlarge
- r6i.24xlarge
- r6i.32xlarge
- m6a.large
- m6a.xlarge
- m6a.2xlarge
- m6a.4xlarge
- m6a.8xlarge
- m6a.12xlarge
- m6a.16xlarge
- m6a.24xlarge - m6a.32xlarge
- m6a.48xlarge
| c5.xlarge | no |
-| key_name | The EC2 Key Pair name to allow SSH access to the instance | string | n/a | n/a | yes |
-| allocate_and_associate_eip | If set to true, an elastic IP will be allocated and associated with each cluster member, in addition to the shared cluster Elastic IP | bool | true/false | true | no |
-| volume_size | Root volume size (GB) - minimum 100 | number | n/a | 100 | no |
-| volume_type | General Purpose SSD Volume Type | string | - gp3
- gp2 | gp3 | no |
-| volume_encryption | KMS or CMK key Identifier: Use key ID, alias or ARN. Key alias should be prefixed with 'alias/' (e.g. for KMS default alias 'aws/ebs' - insert 'alias/aws/ebs') | string | n/a | alias/aws/ebs | no |
-| enable_instance_connect | Enable AWS Instance Connect. Supporting regions can be found [here](https://aws.amazon.com/about-aws/whats-new/2019/06/introducing-amazon-ec2-instance-connect/) | bool | true/false | false | no |
-| disable_instance_termination | Prevents an instance from accidental termination. Note: Once this attribute is true terraform destroy won't work properly | bool | true/false | false | no |
-| metadata_imdsv2_required | Set true to deploy the instance with metadata v2 token required | bool | true/false | true | yes |
-| instance_tags | (Optional) A map of tags as key=value pairs. All tags will be added to the Gateway EC2 Instances | map(string) | n/a | {} | no |
-| predefined_role | (Optional) A predefined IAM role to attach to the cluster profile | string | n/a | "" | no |
-| gateway_version | Gateway version and license | string | - R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX | R81.20-BYOL | no |
-| admin_shell | Set the admin shell to enable advanced command line configuration | string | - /etc/cli.sh
- /bin/bash
- /bin/csh
- /bin/tcsh | /etc/cli.sh | no |
-| gateway_SICKey | The Secure Internal Communication key for trusted connection between Check Point components. Choose a random string consisting of at least 8 alphanumeric characters | string | n/a | "12345678" | yes |
-| gateway_password_hash | (Optional) Admin user's password hash (use command 'openssl passwd -6 PASSWORD' to get the PASSWORD's hash) | string | n/a | "" | no |
-| memberAToken | (Recommended) Quick connect to Smart-1 Cloud. Paste here the token copied from the Connect Gateway screen in Smart-1 Cloud portal. Follow the instructions in SK180501 to quickly connect this Gateway to Smart-1 Cloud. | string | n/a | "" | no |
-| memberBToken | (Recommended) Quick connect to Smart-1 Cloud. Paste here the token copied from the Connect Gateway screen in Smart-1 Cloud portal. Follow the instructions in SK180501 to quickly connect this Gateway to Smart-1 Cloud. | string | n/a | "" | no |
-| resources_tag_name | (Optional) Name tag prefix of the resources | string | n/a | "" | no |
-| gateway_hostname | (Optional) The host name will be appended with member-a/b accordingly. The name must not contain reserved words. For details, refer to sk40179. | string | n/a | "" | no |
-| allow_upload_download | Automatically download Blade Contracts and other important data. Improve product experience by sending data to Check Point | bool | true/false | true | no |
-| enable_cloudwatch | Report Check Point specific CloudWatch metrics | bool | true/false | false | no |
-| gateway_bootstrap_script | (Optional) Semicolon (;) separated commands to run on the initial boot | string | n/a | "" | no |
-| primary_ntp | (Optional) The IPv4 addresses of Network Time Protocol primary server | string | n/a | 169.254.169.123 | no |
-| secondary_ntp | (Optional) The IPv4 addresses of Network Time Protocol secondary server | string | n/a | 0.pool.ntp.org | no |
-| gateway_maintenance_mode_password_hash | Check Point recommends setting Admin user's password and maintenance-mode password for recovery purposes. For R81.10 and below the Admin user's password is used also as maintenance-mode password. (To generate a password hash use the command "grub2-mkpasswd-pbkdf2" on Linux and paste it here). (optional) | string | n/a | "" | no |
-| management_maintenance_mode_password_hash | Check Point recommends setting Admin user's password and maintenance-mode password for recovery purposes. For R81.10 and below the Admin user's password is used also as maintenance-mode password. (To generate a password hash use the command "grub2-mkpasswd-pbkdf2" on Linux and paste it here). (optional) | string | n/a | "" | no |
+| Name | Description | Type | Allowed values | Default | Required |
+|-------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------|----------|
+| vpc_id | The VPC id in which to deploy | string | n/a | n/a | yes |
+| public_subnet_id | The public subnet of the cluster. The cluster's public IPs will be generated from this subnet | string | n/a | n/a | yes |
+| private_subnet_id | The private subnet of the cluster. The cluster's private IPs will be generated from this subnet | string | n/a | n/a | yes |
+| tgw_subnet_1_id | The TGW attachment subnet ID located in the 1st Availability Zone | string | n/a | n/a | yes |
+| tgw_subnet_2_id | The TGW attachment subnet ID located in the 2st Availability Zone | string | n/a | n/a | yes |
+| private_route_table | (Optional) Set 0.0.0.0/0 route to the Active Cluster member instance in this route table (e.g. rtb-12a34567). Route table cannot have an existing 0.0.0.0/0 route | string | n/a | "" | no |
+| gateway_name | (Optional) The name tag of the Security Gateway instances | string | n/a | Check-Point-Cluster-tf | no |
+| gateway_instance_type | The instance type of the Security Gateways | string | - c4.large
- c4.xlarge
- c5.large
- c5.xlarge
- c5.2xlarge
- c5.4xlarge
- c5.9xlarge
- c5.12xlarge
- c5.18xlarge
- c5.24xlarge
- c5n.large
- c5n.xlarge
- c5n.2xlarge
- c5n.4xlarge
- c5n.9xlarge
- c5n.18xlarge
- c5d.large
- c5d.xlarge
- c5d.2xlarge
- c5d.4xlarge
- c5d.9xlarge
- c5d.12xlarge
- c5d.18xlarge
- c5d.24xlarge
- m5.large
- m5.xlarge
- m5.2xlarge
- m5.4xlarge
- m5.8xlarge
- m5.12xlarge
- m5.16xlarge
- m5.24xlarge
- m6i.large
- m6i.xlarge
- m6i.2xlarge
- m6i.4xlarge
- m6i.8xlarge
- m6i.12xlarge
- m6i.16xlarge
- m6i.24xlarge
- m6i.32xlarge
- c6i.large
- c6i.xlarge
- c6i.2xlarge
- c6i.4xlarge
- c6i.8xlarge
- c6i.12xlarge
- c6i.16xlarge
- c6i.24xlarge
- c6i.32xlarge
- c6in.large
- c6in.xlarge
- c6in.2xlarge
- c6in.4xlarge
- c6in.8xlarge
- c6in.12xlarge
- c6in.16xlarge
- c6in.24xlarge
- c6in.32xlarge
- r5.large
- r5.xlarge
- r5.2xlarge
- r5.4xlarge
- r5.8xlarge
- r5.12xlarge
- r5.16xlarge
- r5.24xlarge
- r5a.large
- r5a.xlarge
- r5a.2xlarge
- r5a.4xlarge
- r5a.8xlarge
- r5a.12xlarge
- r5a.16xlarge
- r5a.24xlarge
- r5b.large
- r5b.xlarge
- r5b.2xlarge
- r5b.4xlarge
- r5b.8xlarge
- r5b.12xlarge
- r5b.16xlarge
- r5b.24xlarge
- r5n.large
- r5n.xlarge
- r5n.2xlarge
- r5n.4xlarge
- r5n.8xlarge
- r5n.12xlarge
- r5n.16xlarge
- r5n.24xlarge
- r6i.large
- r6i.xlarge
- r6i.2xlarge
- r6i.4xlarge
- r6i.8xlarge
- r6i.12xlarge
- r6i.16xlarge
- r6i.24xlarge
- r6i.32xlarge
- m6a.large
- m6a.xlarge
- m6a.2xlarge
- m6a.4xlarge
- m6a.8xlarge
- m6a.12xlarge
- m6a.16xlarge
- m6a.24xlarge - m6a.32xlarge
- m6a.48xlarge
| c5.xlarge | no |
+| key_name | The EC2 Key Pair name to allow SSH access to the instance | string | n/a | n/a | yes |
+| allocate_and_associate_eip | If set to true, an elastic IP will be allocated and associated with each cluster member, in addition to the shared cluster Elastic IP | bool | true/false | true | no |
+| volume_size | Root volume size (GB) - minimum 100 | number | n/a | 100 | no |
+| volume_type | General Purpose SSD Volume Type | string | - gp3
- gp2 | gp3 | no |
+| volume_encryption | KMS or CMK key Identifier: Use key ID, alias or ARN. Key alias should be prefixed with 'alias/' (e.g. for KMS default alias 'aws/ebs' - insert 'alias/aws/ebs') | string | n/a | alias/aws/ebs | no |
+| enable_instance_connect | Enable AWS Instance Connect. Supporting regions can be found [here](https://aws.amazon.com/about-aws/whats-new/2019/06/introducing-amazon-ec2-instance-connect/) | bool | true/false | false | no |
+| disable_instance_termination | Prevents an instance from accidental termination. Note: Once this attribute is true terraform destroy won't work properly | bool | true/false | false | no |
+| metadata_imdsv2_required | Set true to deploy the instance with metadata v2 token required | bool | true/false | true | yes |
+| instance_tags | (Optional) A map of tags as key=value pairs. All tags will be added to the Gateway EC2 Instances | map(string) | n/a | {} | no |
+| predefined_role | (Optional) A predefined IAM role to attach to the cluster profile | string | n/a | "" | no |
+| gateway_version | Gateway version and license | string | - R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
- R82-BYOL
- R82-PAYG-NGTP
- R82-PAYG-NGTX | R81.20-BYOL | no |
+| admin_shell | Set the admin shell to enable advanced command line configuration | string | - /etc/cli.sh
- /bin/bash
- /bin/csh
- /bin/tcsh | /etc/cli.sh | no |
+| gateway_SICKey | The Secure Internal Communication key for trusted connection between Check Point components. Choose a random string consisting of at least 8 alphanumeric characters | string | n/a | "12345678" | yes |
+| gateway_password_hash | (Optional) Admin user's password hash (use command 'openssl passwd -6 PASSWORD' to get the PASSWORD's hash) | string | n/a | "" | no |
+| memberAToken | (Recommended) Quick connect to Smart-1 Cloud. Paste here the token copied from the Connect Gateway screen in Smart-1 Cloud portal. Follow the instructions in SK180501 to quickly connect this Gateway to Smart-1 Cloud. | string | n/a | "" | no |
+| memberBToken | (Recommended) Quick connect to Smart-1 Cloud. Paste here the token copied from the Connect Gateway screen in Smart-1 Cloud portal. Follow the instructions in SK180501 to quickly connect this Gateway to Smart-1 Cloud. | string | n/a | "" | no |
+| resources_tag_name | (Optional) Name tag prefix of the resources | string | n/a | "" | no |
+| gateway_hostname | (Optional) The host name will be appended with member-a/b accordingly. The name must not contain reserved words. For details, refer to sk40179. | string | n/a | "" | no |
+| allow_upload_download | Automatically download Blade Contracts and other important data. Improve product experience by sending data to Check Point | bool | true/false | true | no |
+| enable_cloudwatch | Report Check Point specific CloudWatch metrics | bool | true/false | false | no |
+| gateway_bootstrap_script | (Optional) Semicolon (;) separated commands to run on the initial boot | string | n/a | "" | no |
+| primary_ntp | (Optional) The IPv4 addresses of Network Time Protocol primary server | string | n/a | 169.254.169.123 | no |
+| secondary_ntp | (Optional) The IPv4 addresses of Network Time Protocol secondary server | string | n/a | 0.pool.ntp.org | no |
+| gateway_maintenance_mode_password_hash | Check Point recommends setting Admin user's password and maintenance-mode password for recovery purposes. For R81.10 and below the Admin user's password is used also as maintenance-mode password. (To generate a password hash use the command "grub2-mkpasswd-pbkdf2" on Linux and paste it here). (optional) | string | n/a | "" | no |
+| management_maintenance_mode_password_hash | Check Point recommends setting Admin user's password and maintenance-mode password for recovery purposes. For R81.10 and below the Admin user's password is used also as maintenance-mode password. (To generate a password hash use the command "grub2-mkpasswd-pbkdf2" on Linux and paste it here). (optional) | string | n/a | "" | no |
## Outputs
@@ -187,6 +187,7 @@ In order to check the template version, please refer to [sk116585](https://suppo
| Template Version | Description |
|------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| 20241027 | R82 version support |
| 20240515 | Add support for requiring use instance metadata service version 2 (IMDSv2) only |
| 20231012 | Update AWS Terraform provider version to 5.20.1 |
| 20230923 | Add support for C5d instance type |
diff --git a/terraform/aws/tgw-gwlb-master/README.md b/terraform/aws/tgw-gwlb-master/README.md
old mode 100755
new mode 100644
index 28d62d04..0ccc4165
--- a/terraform/aws/tgw-gwlb-master/README.md
+++ b/terraform/aws/tgw-gwlb-master/README.md
@@ -176,7 +176,7 @@ secret_key = "my-secret-key"
## Inputs
| Name | Description | Type | Allowed values | Default | Required |
-|-------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------|-----------|
+|-------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------|----------|
| vpc_cidr | The CIDR block of the VPC | string | n/a | n/a | yes |
| subnets_bit_length | Number of additional bits with which to extend the vpc cidr. For example, if given a vpc_cidr ending in /16 and a subnets_bit_length value of 4, the resulting subnet address will have length /20 | number | n/a | n/a | yes |
| public_subnets_map | A map of pairs {availability-zone = subnet-suffix-number}. Each entry creates a subnet. Minimum 1 pair. (e.g. {\"us-east-1a\" = 1} ) | map | n/a | n/a | yes |
@@ -209,7 +209,7 @@ secret_key = "my-secret-key"
| gateway_instance_type | The instance type of the Security Gateways | string | - c4.large
- c4.xlarge
- c5.large
- c5.xlarge
- c5.2xlarge
- c5.4xlarge
- c5.9xlarge
- c5.12xlarge
- c5.18xlarge
- c5.24xlarge
- c5n.large
- c5n.xlarge
- c5n.2xlarge
- c5n.4xlarge
- c5n.9xlarge
- c5n.18xlarge
- c5d.large
- c5d.xlarge
- c5d.2xlarge
- c5d.4xlarge
- c5d.9xlarge
- c5d.12xlarge
- c5d.18xlarge
- c5d.24xlarge
- m5.large
- m5.xlarge
- m5.2xlarge
- m5.4xlarge
- m5.8xlarge
- m5.12xlarge
- m5.16xlarge
- m5.24xlarge
- m6i.large
- m6i.xlarge
- m6i.2xlarge
- m6i.4xlarge
- m6i.8xlarge
- m6i.12xlarge
- m6i.16xlarge
- m6i.24xlarge
- m6i.32xlarge
- c6i.large
- c6i.xlarge
- c6i.2xlarge
- c6i.4xlarge
- c6i.8xlarge
- c6i.12xlarge
- c6i.16xlarge
- c6i.24xlarge
- c6i.32xlarge
- c6in.large
- c6in.xlarge
- c6in.2xlarge
- c6in.4xlarge
- c6in.8xlarge
- c6in.12xlarge
- c6in.16xlarge
- c6in.24xlarge
- c6in.32xlarge
- r5.large
- r5.xlarge
- r5.2xlarge
- r5.4xlarge
- r5.8xlarge
- r5.12xlarge
- r5.16xlarge
- r5.24xlarge
- r5a.large
- r5a.xlarge
- r5a.2xlarge
- r5a.4xlarge
- r5a.8xlarge
- r5a.12xlarge
- r5a.16xlarge
- r5a.24xlarge
- r5b.large
- r5b.xlarge
- r5b.2xlarge
- r5b.4xlarge
- r5b.8xlarge
- r5b.12xlarge
- r5b.16xlarge
- r5b.24xlarge
- r5n.large
- r5n.xlarge
- r5n.2xlarge
- r5n.4xlarge
- r5n.8xlarge
- r5n.12xlarge
- r5n.16xlarge
- r5n.24xlarge
- r6i.large
- r6i.xlarge
- r6i.2xlarge
- r6i.4xlarge
- r6i.8xlarge
- r6i.12xlarge
- r6i.16xlarge
- r6i.24xlarge
- r6i.32xlarge
- m6a.large
- m6a.xlarge
- m6a.2xlarge
- m6a.4xlarge
- m6a.8xlarge
- m6a.12xlarge
- m6a.16xlarge
- m6a.24xlarge - m6a.32xlarge
- m6a.48xlarge
| c5.xlarge | no |
| gateways_min_group_size | The minimal number of Security Gateways | number | n/a | 2 | no |
| gateways_max_group_size | The maximal number of Security Gateways | number | n/a | 10 | no |
-| gateway_version | Gateway version and license | string | - R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX | R81.20-BYOL | no |
+| gateway_version | Gateway version and license | string | - R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
- R82-BYOL
- R82-PAYG-NGTP
- R82-PAYG-NGTX | R81.20-BYOL | no |
| gateway_password_hash | (Optional) Admin user's password hash (use command 'openssl passwd -6 PASSWORD' to get the PASSWORD's hash) | string | n/a | "" | no |
| gateway_SICKey | The Secure Internal Communication key for trusted connection between Check Point components. Choose a random string consisting of at least 8 alphanumeric characters | string | n/a | "12345678" | yes |
| enable_cloudwatch | Report Check Point specific CloudWatch metrics | bool | true/false | false | no |
@@ -218,7 +218,7 @@ secret_key = "my-secret-key"
| allocate_public_IP | Allocate a Public IP for gateway members. | bool | true/false | false | no |
| management_deploy | Select 'false' to use an existing Security Management Server or to deploy one later and to ignore the other parameters of this section | bool | true/false | true | no |
| management_instance_type | The EC2 instance type of the Security Management Server | string | - c5.large
- c5.xlarge
- c5.2xlarge
- c5.4xlarge
- c5.9xlarge
- c5.12xlarge
- c5.18xlarge
- c5.24xlarge
- c5n.large
- c5n.xlarge
- c5n.2xlarge
- c5n.4xlarge
- c5n.9xlarge
- c5n.18xlarge
- c5d.large
- c5d.xlarge
- c5d.2xlarge
- c5d.4xlarge
- c5d.9xlarge
- c5d.12xlarge
- c5d.18xlarge
- c5d.24xlarge
- m5.large
- m5.xlarge
- m5.2xlarge
- m5.4xlarge
- m5.8xlarge
- m5.12xlarge
- m5.16xlarge
- m5.24xlarge
- m6i.large
- m6i.xlarge
- m6i.2xlarge
- m6i.4xlarge
- m6i.8xlarge
- m6i.12xlarge
- m6i.16xlarge
- m6i.24xlarge
- m6i.32xlarge
- c6i.large
- c6i.xlarge
- c6i.2xlarge
- c6i.4xlarge
- c6i.8xlarge
- c6i.12xlarge
- c6i.16xlarge
- c6i.24xlarge
- c6i.32xlarge
- c6in.large
- c6in.xlarge
- c6in.2xlarge
- c6in.4xlarge
- c6in.8xlarge
- c6in.12xlarge
- c6in.16xlarge
- c6in.24xlarge
- c6in.32xlarge
- r5.large
- r5.xlarge
- r5.2xlarge
- r5.4xlarge
- r5.8xlarge
- r5.12xlarge
- r5.16xlarge
- r5.24xlarge
- r5a.large
- r5a.xlarge
- r5a.2xlarge
- r5a.4xlarge
- r5a.8xlarge
- r5a.12xlarge
- r5a.16xlarge
- r5a.24xlarge
- r5b.large
- r5b.xlarge
- r5b.2xlarge
- r5b.4xlarge
- r5b.8xlarge
- r5b.12xlarge
- r5b.16xlarge
- r5b.24xlarge
- r5n.large
- r5n.xlarge
- r5n.2xlarge
- r5n.4xlarge
- r5n.8xlarge
- r5n.12xlarge
- r5n.16xlarge
- r5n.24xlarge
- r6i.large
- r6i.xlarge
- r6i.2xlarge
- r6i.4xlarge
- r6i.8xlarge
- r6i.12xlarge
- r6i.16xlarge
- r6i.24xlarge
- r6i.32xlarge
- m6a.large
- m6a.xlarge
- m6a.2xlarge
- m6a.4xlarge
- m6a.8xlarge
- m6a.12xlarge
- m6a.16xlarge
- m6a.24xlarge - m6a.32xlarge
- m6a.48xlarge
| m5.xlarge | no |
-| management_version | The license to install on the Security Management Server | string | - R81.10-BYOL
- R81.10-PAYG
- R81.20-BYOL
- R81.20-PAYG | R81.20-BYOL | no |
+| management_version | The license to install on the Security Management Server | string | - R81.10-BYOL
- R81.10-PAYG
- R81.20-BYOL
- R81.20-PAYG
- R82-BYOL
- R82-PAYG | R81.20-BYOL | no |
| management_password_hash | (Optional) Admin user's password hash (use command 'openssl passwd -6 PASSWORD' to get the PASSWORD's hash) | string | n/a | "" | no |
| gateways_policy | The name of the Security Policy package to be installed on the gateways in the Security Gateways Auto Scaling group | string | n/a | Standard | no |
| gateway_management | Select 'Over the internet' if any of the gateways you wish to manage are not directly accessed via their private IP address. | string | - Locally managed
- Over the internet | Locally managed | no |
@@ -247,6 +247,7 @@ In order to check the template version, please refer to [sk116585](https://suppo
| Template Version | Description |
|------------------|----------------------------------------------------------------------------------------------------------------------------|
+| 20241027 | R82 version support |
| 20240704 | R80.40 version deprecation |
| 20240515 | Add support for requiring use instance metadata service version 2 (IMDSv2) only |
| 20231012 | Update AWS Terraform provider version to 5.20.1 |
diff --git a/terraform/aws/tgw-gwlb/README.md b/terraform/aws/tgw-gwlb/README.md
old mode 100755
new mode 100644
index d85546e3..89325fd5
--- a/terraform/aws/tgw-gwlb/README.md
+++ b/terraform/aws/tgw-gwlb/README.md
@@ -172,7 +172,7 @@ secret_key = "my-secret-key"
## Inputs
| Name | Description | Type | Allowed values | Default | Required |
-|-------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------|----------|
+|-------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------|----------|
| vpc_id | Select an existing VPC | string | n/a | n/a | yes |
| internet_gateway_id | VPC's Internet Gateway Id | string | n/a | n/a | yes |
| availability_zones | The Availability Zones (AZs) to use for the subnets in the VPC. | string | n/a | n/a | yes |
@@ -208,7 +208,7 @@ secret_key = "my-secret-key"
| gateway_instance_type | The instance type of the Security Gateways | string | - c4.large
- c4.xlarge
- c5.large
- c5.xlarge
- c5.2xlarge
- c5.4xlarge
- c5.9xlarge
- c5.12xlarge
- c5.18xlarge
- c5.24xlarge
- c5n.large
- c5n.xlarge
- c5n.2xlarge
- c5n.4xlarge
- c5n.9xlarge
- c5n.18xlarge
- c5d.large
- c5d.xlarge
- c5d.2xlarge
- c5d.4xlarge
- c5d.9xlarge
- c5d.12xlarge
- c5d.18xlarge
- c5d.24xlarge
- m5.large
- m5.xlarge
- m5.2xlarge
- m5.4xlarge
- m5.8xlarge
- m5.12xlarge
- m5.16xlarge
- m5.24xlarge
- m6i.large
- m6i.xlarge
- m6i.2xlarge
- m6i.4xlarge
- m6i.8xlarge
- m6i.12xlarge
- m6i.16xlarge
- m6i.24xlarge
- m6i.32xlarge
- c6i.large
- c6i.xlarge
- c6i.2xlarge
- c6i.4xlarge
- c6i.8xlarge
- c6i.12xlarge
- c6i.16xlarge
- c6i.24xlarge
- c6i.32xlarge
- c6in.large
- c6in.xlarge
- c6in.2xlarge
- c6in.4xlarge
- c6in.8xlarge
- c6in.12xlarge
- c6in.16xlarge
- c6in.24xlarge
- c6in.32xlarge
- r5.large
- r5.xlarge
- r5.2xlarge
- r5.4xlarge
- r5.8xlarge
- r5.12xlarge
- r5.16xlarge
- r5.24xlarge
- r5a.large
- r5a.xlarge
- r5a.2xlarge
- r5a.4xlarge
- r5a.8xlarge
- r5a.12xlarge
- r5a.16xlarge
- r5a.24xlarge
- r5b.large
- r5b.xlarge
- r5b.2xlarge
- r5b.4xlarge
- r5b.8xlarge
- r5b.12xlarge
- r5b.16xlarge
- r5b.24xlarge
- r5n.large
- r5n.xlarge
- r5n.2xlarge
- r5n.4xlarge
- r5n.8xlarge
- r5n.12xlarge
- r5n.16xlarge
- r5n.24xlarge
- r6i.large
- r6i.xlarge
- r6i.2xlarge
- r6i.4xlarge
- r6i.8xlarge
- r6i.12xlarge
- r6i.16xlarge
- r6i.24xlarge
- r6i.32xlarge
- m6a.large
- m6a.xlarge
- m6a.2xlarge
- m6a.4xlarge
- m6a.8xlarge
- m6a.12xlarge
- m6a.16xlarge
- m6a.24xlarge - m6a.32xlarge
- m6a.48xlarge
| c5.xlarge | no |
| gateways_min_group_size | The minimal number of Security Gateways | number | n/a | 2 | no |
| gateways_max_group_size | The maximal number of Security Gateways | number | n/a | 10 | no |
-| gateway_version | Gateway version and license | string | - R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX | R81.20-BYOL | no |
+| gateway_version | Gateway version and license | string | - R81.20-BYOL
- R81.20-PAYG-NGTP
- R81.20-PAYG-NGTX
- R82-BYOL
- R82-PAYG-NGTP
- R82-PAYG-NGTX | R81.20-BYOL | no |
| gateway_password_hash | (Optional) Admin user's password hash (use command 'openssl passwd -6 PASSWORD' to get the PASSWORD's hash) | string | n/a | "" | no |
| gateway_SICKey | The Secure Internal Communication key for trusted connection between Check Point components. Choose a random string consisting of at least 8 alphanumeric characters | string | n/a | "12345678" | yes |
| enable_cloudwatch | Report Check Point specific CloudWatch metrics | bool | true/false | false | no |
@@ -217,7 +217,7 @@ secret_key = "my-secret-key"
| allocate_public_IP | Allocate a Public IP for gateway members. | bool | true/false | false | no |
| management_deploy | Select 'false' to use an existing Security Management Server or to deploy one later and to ignore the other parameters of this section | bool | true/false | true | no |
| management_instance_type | The EC2 instance type of the Security Management Server | string | - c5.large
- c5.xlarge
- c5.2xlarge
- c5.4xlarge
- c5.9xlarge
- c5.12xlarge
- c5.18xlarge
- c5.24xlarge
- c5n.large
- c5n.xlarge
- c5n.2xlarge
- c5n.4xlarge
- c5n.9xlarge
- c5n.18xlarge
- c5d.large
- c5d.xlarge
- c5d.2xlarge
- c5d.4xlarge
- c5d.9xlarge
- c5d.12xlarge
- c5d.18xlarge
- c5d.24xlarge
- m5.large
- m5.xlarge
- m5.2xlarge
- m5.4xlarge
- m5.8xlarge
- m5.12xlarge
- m5.16xlarge
- m5.24xlarge
- m6i.large
- m6i.xlarge
- m6i.2xlarge
- m6i.4xlarge
- m6i.8xlarge
- m6i.12xlarge
- m6i.16xlarge
- m6i.24xlarge
- m6i.32xlarge
- c6i.large
- c6i.xlarge
- c6i.2xlarge
- c6i.4xlarge
- c6i.8xlarge
- c6i.12xlarge
- c6i.16xlarge
- c6i.24xlarge
- c6i.32xlarge
- c6in.large
- c6in.xlarge
- c6in.2xlarge
- c6in.4xlarge
- c6in.8xlarge
- c6in.12xlarge
- c6in.16xlarge
- c6in.24xlarge
- c6in.32xlarge
- r5.large
- r5.xlarge
- r5.2xlarge
- r5.4xlarge
- r5.8xlarge
- r5.12xlarge
- r5.16xlarge
- r5.24xlarge
- r5a.large
- r5a.xlarge
- r5a.2xlarge
- r5a.4xlarge
- r5a.8xlarge
- r5a.12xlarge
- r5a.16xlarge
- r5a.24xlarge
- r5b.large
- r5b.xlarge
- r5b.2xlarge
- r5b.4xlarge
- r5b.8xlarge
- r5b.12xlarge
- r5b.16xlarge
- r5b.24xlarge
- r5n.large
- r5n.xlarge
- r5n.2xlarge
- r5n.4xlarge
- r5n.8xlarge
- r5n.12xlarge
- r5n.16xlarge
- r5n.24xlarge
- r6i.large
- r6i.xlarge
- r6i.2xlarge
- r6i.4xlarge
- r6i.8xlarge
- r6i.12xlarge
- r6i.16xlarge
- r6i.24xlarge
- r6i.32xlarge
- m6a.large
- m6a.xlarge
- m6a.2xlarge
- m6a.4xlarge
- m6a.8xlarge
- m6a.12xlarge
- m6a.16xlarge
- m6a.24xlarge - m6a.32xlarge
- m6a.48xlarge
| m5.xlarge | no |
-| management_version | The license to install on the Security Management Server | string | - R81.10-BYOL
- R81.10-PAYG
- R81.20-BYOL
- R81.20-PAYG | R81.20-BYOL | no |
+| management_version | The license to install on the Security Management Server | string | - R81.10-BYOL
- R81.10-PAYG
- R81.20-BYOL
- R81.20-PAYG
- R82-BYOL
- R82-PAYG | R81.20-BYOL | no |
| management_password_hash | (Optional) Admin user's password hash (use command 'openssl passwd -6 PASSWORD' to get the PASSWORD's hash) | string | n/a | "" | no |
| gateways_policy | The name of the Security Policy package to be installed on the gateways in the Security Gateways Auto Scaling group | string | n/a | Standard | no |
| gateway_management | Select 'Over the internet' if any of the gateways you wish to manage are not directly accessed via their private IP address. | string | - Locally managed
- Over the internet | Locally managed | no |
@@ -246,6 +246,7 @@ In order to check the template version, please refer to [sk116585](https://suppo
| Template Version | Description |
|------------------|--------------------------------------------------------------------------------------------------------------------|
+| 20241027 | R82 version support |
| 20240704 | R80.40 version deprecation |
| 20240515 | Add support for requiring use instance metadata service version 2 (IMDSv2) only |
| 20231012 | Update AWS Terraform provider version to 5.20.1 |
diff --git a/terraform/azure/high-availability-existing-vnet/README.md b/terraform/azure/high-availability-existing-vnet/README.md
old mode 100755
new mode 100644
index 2aa7468d..50753f21
--- a/terraform/azure/high-availability-existing-vnet/README.md
+++ b/terraform/azure/high-availability-existing-vnet/README.md
@@ -115,9 +115,9 @@ This solution uses the following modules:
| | | | | |
| **vm_os_sku** | A sku of the image to be deployed | string | "sg-byol" - BYOL license;
"sg-ngtp" - NGTP PAYG license;
"sg-ngtx" - NGTX PAYG license; | n/a |
| | | | | |
- | **vm_os_offer** | The name of the image offer to be deployed | string | "check-point-cg-r81";
"check-point-cg-r81.10";
"check-point-cg-r81.20"; | n/a |
+ | **vm_os_offer** | The name of the image offer to be deployed | string | "check-point-cg-r81";
"check-point-cg-r81.10";
"check-point-cg-r81.20";
"check-point-cg-r82"; | n/a |
| | | | | |
- | **os_version** | GAIA OS version | string | "R81";
"R8110";
"R8120"; | n/a |
+ | **os_version** | GAIA OS version | string | "R81";
"R8110";
"R8120";
"R82"; | n/a |
| | | | | |
| **bootstrap_script** | An optional script to run on the initial boot | string | Bootstrap script example:
"touch /home/admin/bootstrap.txt; echo 'hello_world' > /home/admin/bootstrap.txt"
The script will create bootstrap.txt file in the /home/admin/ and add 'hello word' string into it | n/a |
| | | | | |
diff --git a/terraform/azure/high-availability-existing-vnet/variables.tf b/terraform/azure/high-availability-existing-vnet/variables.tf
old mode 100755
new mode 100644
index 4aa5ca72..319c945b
--- a/terraform/azure/high-availability-existing-vnet/variables.tf
+++ b/terraform/azure/high-availability-existing-vnet/variables.tf
@@ -117,7 +117,8 @@ locals { // locals for 'vm_os_offer' allowed values
os_version_allowed_values = [
"R81",
"R8110",
- "R8120"
+ "R8120",
+ "R82"
]
// will fail if [var.os_version] is invalid:
validate_os_version_value = index(local.os_version_allowed_values, var.os_version)
@@ -129,7 +130,7 @@ variable "vm_os_sku" {
}
variable "vm_os_offer" {
- description = "The name of the image offer to be deployed.Choose from: check-point-cg-r81, check-point-cg-r8110, check-point-cg-r8120"
+ description = "The name of the image offer to be deployed.Choose from: check-point-cg-r81, check-point-cg-r8110, check-point-cg-r8120, check-point-cg-r82"
type = string
}
@@ -138,6 +139,7 @@ locals { // locals for 'vm_os_offer' allowed values
"check-point-cg-r81",
"check-point-cg-r8110",
"check-point-cg-r8120"
+ "check-point-cg-r82"
]
// will fail if [var.vm_os_offer] is invalid:
validate_os_offer_value = index(local.vm_os_offer_allowed_values, var.vm_os_offer)
diff --git a/terraform/azure/high-availability-new-vnet/README.md b/terraform/azure/high-availability-new-vnet/README.md
old mode 100755
new mode 100644
index 15bfa197..a2dcb08b
--- a/terraform/azure/high-availability-new-vnet/README.md
+++ b/terraform/azure/high-availability-new-vnet/README.md
@@ -113,9 +113,9 @@ This solution uses the following modules:
| | | | | |
| **vm_os_sku** | A sku of the image to be deployed | string | "sg-byol" - BYOL license;
"sg-ngtp" - NGTP PAYG license;
"sg-ngtx" - NGTX PAYG license;| n/a |
| | | | | |
- | **vm_os_offer** | The name of the image offer to be deployed | string | "check-point-cg-r81";
"check-point-cg-r8110";
"check-point-cg-r8120"; | n/a |
+ | **vm_os_offer** | The name of the image offer to be deployed | string | "check-point-cg-r81";
"check-point-cg-r8110";
"check-point-cg-r8120";
"check-point-cg-r82"; | n/a |
| | | | | |
- | **os_version** | GAIA OS version | string | "R81";
"R8110";
"R8120"; | n/a |
+ | **os_version** | GAIA OS version | string | "R81";
"R8110";
"R8120";
"R82";| n/a |
| | | | | |
| **bootstrap_script** | An optional script to run on the initial boot | string | Bootstrap script example:
"touch /home/admin/bootstrap.txt; echo 'hello_world' > /home/admin/bootstrap.txt"
The script will create bootstrap.txt file in the /home/admin/ and add 'hello word' string into it | n/a |
| | | | | |
diff --git a/terraform/azure/high-availability-new-vnet/variables.tf b/terraform/azure/high-availability-new-vnet/variables.tf
old mode 100755
new mode 100644
index 15e5ee4e..b40d7e9f
--- a/terraform/azure/high-availability-new-vnet/variables.tf
+++ b/terraform/azure/high-availability-new-vnet/variables.tf
@@ -117,7 +117,8 @@ locals { // locals for 'vm_os_offer' allowed values
os_version_allowed_values = [
"R81",
"R8110",
- "R8120"
+ "R8120",
+ "R82"
]
// will fail if [var.os_version] is invalid:
validate_os_version_value = index(local.os_version_allowed_values, var.os_version)
@@ -129,7 +130,7 @@ variable "vm_os_sku" {
}
variable "vm_os_offer" {
- description = "The name of the image offer to be deployed.Choose from: check-point-cg-r81, check-point-cg-r8110, check-point-cg-r8120"
+ description = "The name of the image offer to be deployed.Choose from: check-point-cg-r81, check-point-cg-r8110, check-point-cg-r8120, check-point-cg-r82"
type = string
}
@@ -137,7 +138,8 @@ locals { // locals for 'vm_os_offer' allowed values
vm_os_offer_allowed_values = [
"check-point-cg-r81",
"check-point-cg-r8110",
- "check-point-cg-r8120"
+ "check-point-cg-r8120",
+ "check-point-cg-r82"
]
// will fail if [var.vm_os_offer] is invalid:
validate_os_offer_value = index(local.vm_os_offer_allowed_values, var.vm_os_offer)
diff --git a/terraform/azure/management-existing-vnet/README.md b/terraform/azure/management-existing-vnet/README.md
old mode 100755
new mode 100644
index 41c772e4..8159b782
--- a/terraform/azure/management-existing-vnet/README.md
+++ b/terraform/azure/management-existing-vnet/README.md
@@ -108,9 +108,9 @@ This solution uses the following modules:
| | | | | |
| **vm_os_sku** | A sku of the image to be deployed | string | "mgmt-byol" - BYOL license;
"mgmt-25" - PAYG; | n/a
| | | | | |
- | **vm_os_offer** | The name of the image offer to be deployed | string | "check-point-cg-r81";
"check-point-cg-r8110";
"check-point-cg-r8120"; | n/a
+ | **vm_os_offer** | The name of the image offer to be deployed | string | "check-point-cg-r81";
"check-point-cg-r8110";
"check-point-cg-r8120";
"check-point-cg-r82"; | n/a
| | | | | |
- | **os_version** | GAIA OS version | string | "R81";
"R8110";
"R8120";| n/a
+ | **os_version** | GAIA OS version | string | "R81";
"R8110";
"R8120";
"R82"; | n/a
| | | | | |
| **bootstrap_script** | An optional script to run on the initial boot | string | Bootstrap script example:
"touch /home/admin/bootstrap.txt; echo 'hello_world' > /home/admin/bootstrap.txt"
The script will create bootstrap.txt file in the /home/admin/ and add 'hello word' string into it | ""
| | | | | |
diff --git a/terraform/azure/management-existing-vnet/variables.tf b/terraform/azure/management-existing-vnet/variables.tf
old mode 100755
new mode 100644
index ec9272a4..94436ce3
--- a/terraform/azure/management-existing-vnet/variables.tf
+++ b/terraform/azure/management-existing-vnet/variables.tf
@@ -91,7 +91,8 @@ locals { // locals for 'vm_os_offer' allowed values
os_version_allowed_values = [
"R81",
"R8110",
- "R8120"
+ "R8120",
+ "R82"
]
// will fail if [var.os_version] is invalid:
validate_os_version_value = index(local.os_version_allowed_values, var.os_version)
@@ -103,7 +104,7 @@ variable "vm_os_sku" {
}
variable "vm_os_offer" {
- description = "The name of the image offer to be deployed.Choose from: check-point-cg-r81, check-point-cg-r8110, check-point-cg-r8120"
+ description = "The name of the image offer to be deployed.Choose from: check-point-cg-r81, check-point-cg-r8110, check-point-cg-r8120, check-point-cg-r82"
type = string
}
@@ -112,6 +113,7 @@ locals { // locals for 'vm_os_offer' allowed values
"check-point-cg-r81",
"check-point-cg-r8110",
"check-point-cg-r8120",
+ "check-point-cg-r82",
]
// will fail if [var.vm_os_offer] is invalid:
validate_os_offer_value = index(local.vm_os_offer_allowed_values, var.vm_os_offer)
diff --git a/terraform/azure/management-new-vnet/README.md b/terraform/azure/management-new-vnet/README.md
old mode 100755
new mode 100644
index bd14ac2d..d19866e5
--- a/terraform/azure/management-new-vnet/README.md
+++ b/terraform/azure/management-new-vnet/README.md
@@ -108,9 +108,9 @@ This solution uses the following modules:
| | | | | |
| **vm_os_sku** | A sku of the image to be deployed | string | "mgmt-byol" - BYOL license;
"mgmt-25" - PAYG; | n/a
| | | | | |
- | **vm_os_offer** | The name of the image offer to be deployed | string | "check-point-cg-r81";
"check-point-cg-r8110";
"check-point-cg-r8120"; | n/a
+ | **vm_os_offer** | The name of the image offer to be deployed | string | "check-point-cg-r81";
"check-point-cg-r8110";
"check-point-cg-r8120";
"check-point-cg-r82"; | n/a
| | | | | |
- | **os_version** | GAIA OS version | string | "R81";
"R8110";
"R8120";| n/a
+ | **os_version** | GAIA OS version | string | "R81";
"R8110";
"R8120";
"R82"; | n/a
| | | | | |
| **bootstrap_script** | An optional script to run on the initial boot | string | Bootstrap script example:
"touch /home/admin/bootstrap.txt; echo 'hello_world' > /home/admin/bootstrap.txt"
The script will create bootstrap.txt file in the /home/admin/ and add 'hello word' string into it | ""
| | | | | |
diff --git a/terraform/azure/management-new-vnet/variables.tf b/terraform/azure/management-new-vnet/variables.tf
old mode 100755
new mode 100644
index 3ed686e1..7097c647
--- a/terraform/azure/management-new-vnet/variables.tf
+++ b/terraform/azure/management-new-vnet/variables.tf
@@ -91,6 +91,7 @@ locals { // locals for 'vm_os_offer' allowed values
"R81",
"R8110",
"R8120",
+ "R82"
]
// will fail if [var.os_version] is invalid:
validate_os_version_value = index(local.os_version_allowed_values, var.os_version)
@@ -102,7 +103,7 @@ variable "vm_os_sku" {
}
variable "vm_os_offer" {
- description = "The name of the image offer to be deployed.Choose from: check-point-cg-r81, check-point-cg-r8110, check-point-cg-r8120"
+ description = "The name of the image offer to be deployed.Choose from: check-point-cg-r81, check-point-cg-r8110, check-point-cg-r8120, check-point-cg-r82"
type = string
}
@@ -110,7 +111,8 @@ locals { // locals for 'vm_os_offer' allowed values
vm_os_offer_allowed_values = [
"check-point-cg-r81",
"check-point-cg-r8110",
- "check-point-cg-r8120"
+ "check-point-cg-r8120",
+ "check-point-cg-r82"
]
// will fail if [var.vm_os_offer] is invalid:
validate_os_offer_value = index(local.vm_os_offer_allowed_values, var.vm_os_offer)
diff --git a/terraform/azure/mds-existing-vnet/README.md b/terraform/azure/mds-existing-vnet/README.md
old mode 100755
new mode 100644
index 6980d7cc..5ab6f874
--- a/terraform/azure/mds-existing-vnet/README.md
+++ b/terraform/azure/mds-existing-vnet/README.md
@@ -108,9 +108,9 @@ This solution uses the following modules:
| | | | | |
| **vm_os_sku** | A sku of the image to be deployed | string | "mgmt-byol" - BYOL license;
"mgmt-25" - PAYG; | n/a
| | | | | |
- | **vm_os_offer** | The name of the image offer to be deployed | string | "check-point-cg-r81";
"check-point-cg-r8110";
"check-point-cg-r8120"; | n/a
+ | **vm_os_offer** | The name of the image offer to be deployed | string | "check-point-cg-r81";
"check-point-cg-r8110";
"check-point-cg-r8120";
"check-point-cg-r82"; | n/a
| | | | | |
- | **os_version** | GAIA OS version | string | "R81";
"R8110";
"R8120";| n/a
+ | **os_version** | GAIA OS version | string | "R81";
"R8110";
"R8120";
"R82"; | n/a
| | | | | |
| **bootstrap_script** | An optional script to run on the initial boot | string | Bootstrap script example:
"touch /home/admin/bootstrap.txt; echo 'hello_world' > /home/admin/bootstrap.txt"
The script will create bootstrap.txt file in the /home/admin/ and add 'hello word' string into it | ""
| | | | | |
diff --git a/terraform/azure/mds-existing-vnet/variables.tf b/terraform/azure/mds-existing-vnet/variables.tf
old mode 100755
new mode 100644
index 745c78c7..f870ad8d
--- a/terraform/azure/mds-existing-vnet/variables.tf
+++ b/terraform/azure/mds-existing-vnet/variables.tf
@@ -111,7 +111,8 @@ locals { // locals for 'vm_os_offer' allowed values
os_version_allowed_values = [
"R81",
"R8110",
- "R8120"
+ "R8120",
+ "R82"
]
// will fail if [var.os_version] is invalid:
validate_os_version_value = index(local.os_version_allowed_values, var.os_version)
@@ -123,7 +124,7 @@ variable "vm_os_sku" {
}
variable "vm_os_offer" {
- description = "The name of the image offer to be deployed.Choose from: check-point-cg-r81, check-point-cg-r8110, check-point-cg-r8120"
+ description = "The name of the image offer to be deployed.Choose from: check-point-cg-r81, check-point-cg-r8110, check-point-cg-r8120, check-point-cg-r82"
type = string
}
@@ -131,7 +132,8 @@ locals { // locals for 'vm_os_offer' allowed values
vm_os_offer_allowed_values = [
"check-point-cg-r81",
"check-point-cg-r8110",
- "check-point-cg-r8120"
+ "check-point-cg-r8120",
+ "check-point-cg-r82"
]
// will fail if [var.vm_os_offer] is invalid:
validate_os_offer_value = index(local.vm_os_offer_allowed_values, var.vm_os_offer)
diff --git a/terraform/azure/mds-new-vnet/README.md b/terraform/azure/mds-new-vnet/README.md
old mode 100755
new mode 100644
index 8b3afc49..c1c7e9d3
--- a/terraform/azure/mds-new-vnet/README.md
+++ b/terraform/azure/mds-new-vnet/README.md
@@ -108,9 +108,9 @@ This solution uses the following modules:
| | | | | |
| **vm_os_sku** | A sku of the image to be deployed | string | "mgmt-byol" - BYOL license;
"mgmt-25" - PAYG; | n/a
| | | | | |
- | **vm_os_offer** | The name of the image offer to be deployed | string | "check-point-cg-r81";
"check-point-cg-r8110";
"check-point-cg-r8120"; | n/a
+ | **vm_os_offer** | The name of the image offer to be deployed | string | "check-point-cg-r81";
"check-point-cg-r8110";
"check-point-cg-r8120";
"check-point-cg-r82"; | n/a
| | | | | |
- | **os_version** | GAIA OS version | string | "R81";
"R8110";
"R8120";| n/a
+ | **os_version** | GAIA OS version | string | "R81";
"R8110";
"R8120";
"R82"; | n/a
| | | | | |
| **bootstrap_script** | An optional script to run on the initial boot | string | Bootstrap script example:
"touch /home/admin/bootstrap.txt; echo 'hello_world' > /home/admin/bootstrap.txt"
The script will create bootstrap.txt file in the /home/admin/ and add 'hello word' string into it | ""
| | | | | |
diff --git a/terraform/azure/mds-new-vnet/variables.tf b/terraform/azure/mds-new-vnet/variables.tf
old mode 100755
new mode 100644
index 45c2175a..57891273
--- a/terraform/azure/mds-new-vnet/variables.tf
+++ b/terraform/azure/mds-new-vnet/variables.tf
@@ -110,7 +110,8 @@ locals { // locals for 'vm_os_offer' allowed values
os_version_allowed_values = [
"R81",
"R8110",
- "R8120"
+ "R8120",
+ "R82"
]
// will fail if [var.os_version] is invalid:
validate_os_version_value = index(local.os_version_allowed_values, var.os_version)
@@ -122,7 +123,7 @@ variable "vm_os_sku" {
}
variable "vm_os_offer" {
- description = "The name of the image offer to be deployed.Choose from: check-point-cg-r81, check-point-cg-r8110, check-point-cg-r8120"
+ description = "The name of the image offer to be deployed.Choose from: check-point-cg-r81, check-point-cg-r8110, check-point-cg-r8120, check-point-cg-r82"
type = string
}
@@ -130,7 +131,8 @@ locals { // locals for 'vm_os_offer' allowed values
vm_os_offer_allowed_values = [
"check-point-cg-r81",
"check-point-cg-r8110",
- "check-point-cg-r8120"
+ "check-point-cg-r8120",
+ "check-point-cg-r82"
]
// will fail if [var.vm_os_offer] is invalid:
validate_os_offer_value = index(local.vm_os_offer_allowed_values, var.vm_os_offer)
diff --git a/terraform/azure/modules/add-routing-intent.py b/terraform/azure/modules/add-routing-intent.py
old mode 100755
new mode 100644
diff --git a/terraform/azure/modules/common/variables.tf b/terraform/azure/modules/common/variables.tf
old mode 100755
new mode 100644
index 33d85f45..99aa176a
--- a/terraform/azure/modules/common/variables.tf
+++ b/terraform/azure/modules/common/variables.tf
@@ -138,7 +138,8 @@ locals { // locals for 'os_version' allowed values
os_version_allowed_values = [
"R81",
"R8110",
- "R8120"
+ "R8120",
+ "R82"
]
// will fail if [var.installation_type] is invalid:
validate_os_version_value = index(local.os_version_allowed_values, var.os_version)
@@ -216,7 +217,7 @@ variable "publisher" {
//************** Storage image reference and plan variables ****************//
variable "vm_os_offer" {
- description = "The name of the image offer to be deployed.Choose from: check-point-cg-r81, check-point-cg-r8110, check-point-cg-r8120"
+ description = "The name of the image offer to be deployed.Choose from: check-point-cg-r81, check-point-cg-r8110, check-point-cg-r8120, check-point-cg-r82"
type = string
}
@@ -224,7 +225,8 @@ locals { // locals for 'vm_os_offer' allowed values
vm_os_offer_allowed_values = [
"check-point-cg-r81",
"check-point-cg-r8110",
- "check-point-cg-r8120"
+ "check-point-cg-r8120",
+ "check-point-cg-r82"
]
// will fail if [var.vm_os_offer] is invalid:
validate_os_offer_value = index(local.vm_os_offer_allowed_values, var.vm_os_offer)
diff --git a/terraform/azure/nva-into-existing-hub/README.md b/terraform/azure/nva-into-existing-hub/README.md
index a2765298..6dca42ef 100644
--- a/terraform/azure/nva-into-existing-hub/README.md
+++ b/terraform/azure/nva-into-existing-hub/README.md
@@ -85,7 +85,7 @@ please see the [CloudGuard Network for Azure Virtual WAN Deployment Guide](https
| | | | | |
| **nva-rg-name** | The name of the resource group that will contain the NVA | string | Resource group names only allow alphanumeric characters, periods, underscores, hyphens and parenthesis and cannot end in a period | "tf-vwan-nva-rg"|
| | | | | |
- | **os-version** | The GAIA os version | string | "R8110"
"R8120" | "R8120" |
+ | **os-version** | The GAIA os version | string | "R8110"
"R8120"
"R82" | "R8120" |
| | | | | |
| **license-type** | The Check Point licence type | string | "Security Enforcement (NGTP)"
"Full Package (NGTX + S1C)"
"Full Package Premium (NGTX + S1C++)" | "Security Enforcement (NGTP)" |
| | | | | | | | | |
@@ -161,8 +161,9 @@ In order to check the template version refer to the [sk116585](https://supportce
| Template Version | Description |
|------------------|-------------------|
-| 20240613 | Cosmetic fixes & default values |
-| 20240228 | Added public IP for ingress support | | |
+| 20241028 |Added R82 version support |
+| 20240613 | Cosmetic fixes & default values |
+| 20240228 | Added public IP for ingress support | | |
| 20231226 | First release of Check Point CloudGuard Network Security Virtual WAN Terraform deployment for Azure | |
diff --git a/terraform/azure/nva-into-existing-hub/main.tf b/terraform/azure/nva-into-existing-hub/main.tf
old mode 100755
new mode 100644
index 5987c76b..5580d250
--- a/terraform/azure/nva-into-existing-hub/main.tf
+++ b/terraform/azure/nva-into-existing-hub/main.tf
@@ -40,7 +40,7 @@ data "http" "image-versions" {
}
locals {
- image_versions = tolist([for version in jsondecode(data.http.image-versions.response_body).properties.availableVersions : version if substr(version, 0, 4) == substr(lower(var.os-version), 1, 4)])
+ image_versions = tolist([for version in jsondecode(data.http.image-versions.response_body).properties.availableVersions : version if substr(version, 0, 4) == substr(lower(length(var.os-version) > 3 ? var.os-version : "${var.os-version}00"), 1, 4)])
routing_intent-internet-policy = {
"name": "InternetTraffic",
"destinations": [
@@ -105,7 +105,7 @@ resource "azurerm_managed_application" "nva" {
name = "vwan-app"
product = "cp-vwan-managed-app"
publisher = "checkpoint"
- version = "1.0.14"
+ version = "1.0.15"
}
parameter_values = jsonencode({
location = {
diff --git a/terraform/azure/nva-into-existing-hub/variables.tf b/terraform/azure/nva-into-existing-hub/variables.tf
old mode 100755
new mode 100644
index d00283d4..2d6c8e48
--- a/terraform/azure/nva-into-existing-hub/variables.tf
+++ b/terraform/azure/nva-into-existing-hub/variables.tf
@@ -65,8 +65,8 @@ variable "os-version" {
type = string
default = "R8120"
validation {
- condition = contains(["R8110", "R8120"], var.os-version)
- error_message = "Allowed values for os-version are 'R8110', 'R8120'"
+ condition = contains(["R8110", "R8120", "R82"], var.os-version)
+ error_message = "Allowed values for os-version are 'R8110', 'R8120', 'R82'"
}
}
diff --git a/terraform/azure/nva-into-existing-hub/versions.tf b/terraform/azure/nva-into-existing-hub/versions.tf
old mode 100755
new mode 100644
diff --git a/terraform/azure/nva-into-new-vwan/README.md b/terraform/azure/nva-into-new-vwan/README.md
index 17fa1ffe..c86b95ac 100644
--- a/terraform/azure/nva-into-new-vwan/README.md
+++ b/terraform/azure/nva-into-new-vwan/README.md
@@ -90,7 +90,7 @@ please see the [CloudGuard Network for Azure Virtual WAN Deployment Guide](https
| || | | |
| **nva-rg-name** | The name of the resource group that will contain the NVA | string | Resource group names only allow alphanumeric characters, periods, underscores, hyphens and parenthesis and cannot end in a period | tf-vwan-nva-rg |
| || | | |
- | **os-version** | The GAIA os version| string | "R8110"
"R8120" | "R8120" |
+ | **os-version** | The GAIA os version| string | "R8110"
"R8120"
"R82" | "R8120" |
| || | | |
| **license-type** | The Check Point licence type | string | "Security Enforcement (NGTP)"
"Full Package (NGTX + S1C)"
"Full Package Premium (NGTX + S1C++)" | "Security Enforcement (NGTP)" |
| || | | |
@@ -169,11 +169,12 @@ please see the [CloudGuard Network for Azure Virtual WAN Deployment Guide](https
## Revision History
In order to check the template version refer to the [sk116585](https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk116585)
-| Template Version | Description |
-|------------------|-----------------------------------------------------------------------------------------------|
-| 20240613 | Cosmetic fixes & default values |
-| 20240228 | Added public IP for ingress support | | |
-| 20231226 | First release of Check Point CloudGuard Network Security Virtual WAN Terraform deployment for Azure | | |
+| Template Version | Description |
+|------------------|-----------------------------------------------------------------------------------------------------|
+| 20241028 | Added R82 version support |
+| 20240613 | Cosmetic fixes & default values |
+| 20240228 | Added public IP for ingress support | | |
+| 20231226 | First release of Check Point CloudGuard Network Security Virtual WAN Terraform deployment for Azure | | |
## License
diff --git a/terraform/azure/nva-into-new-vwan/main.tf b/terraform/azure/nva-into-new-vwan/main.tf
old mode 100755
new mode 100644
index 43a409c3..627b0728
--- a/terraform/azure/nva-into-new-vwan/main.tf
+++ b/terraform/azure/nva-into-new-vwan/main.tf
@@ -49,7 +49,7 @@ data "http" "image-versions" {
}
locals {
- image_versions = tolist([for version in jsondecode(data.http.image-versions.response_body).properties.availableVersions : version if substr(version, 0, 4) == substr(lower(var.os-version), 1, 4)])
+ image_versions = tolist([for version in jsondecode(data.http.image-versions.response_body).properties.availableVersions : version if substr(version, 0, 4) == substr(lower(length(var.os-version) > 3 ? var.os-version : "${var.os-version}00"), 1, 4)])
routing_intent-internet-policy = {
"name": "InternetTraffic",
"destinations": [
@@ -115,7 +115,7 @@ resource "azurerm_managed_application" "nva" {
name = "vwan-app"
product = "cp-vwan-managed-app"
publisher = "checkpoint"
- version = "1.0.14"
+ version = "1.0.15"
}
parameter_values = jsonencode({
location = {
diff --git a/terraform/azure/nva-into-new-vwan/variables.tf b/terraform/azure/nva-into-new-vwan/variables.tf
old mode 100755
new mode 100644
index 927592c9..b5ec36b9
--- a/terraform/azure/nva-into-new-vwan/variables.tf
+++ b/terraform/azure/nva-into-new-vwan/variables.tf
@@ -76,8 +76,8 @@ variable "os-version" {
type = string
default = "R8120"
validation {
- condition = contains(["R8110", "R8120"], var.os-version)
- error_message = "Allowed values for os-version are 'R8110', 'R8120'"
+ condition = contains(["R8110", "R8120", "R82"], var.os-version)
+ error_message = "Allowed values for os-version are 'R8110', 'R8120', 'R82'"
}
}
diff --git a/terraform/azure/nva-into-new-vwan/versions.tf b/terraform/azure/nva-into-new-vwan/versions.tf
old mode 100755
new mode 100644
diff --git a/terraform/azure/single-gateway-existing-vnet/README.md b/terraform/azure/single-gateway-existing-vnet/README.md
old mode 100755
new mode 100644
index b49b1886..47eb8a5c
--- a/terraform/azure/single-gateway-existing-vnet/README.md
+++ b/terraform/azure/single-gateway-existing-vnet/README.md
@@ -112,9 +112,9 @@ This solution uses the following modules:
| | | | | |
| **vm_os_sku** | A sku of the image to be deployed | string | "sg-byol" - BYOL license;
"sg-ngtp" - NGTP PAYG license;
"sg-ngtx" - NGTX PAYG license | n/a
| | | | | |
- | **vm_os_offer** | The name of the image offer to be deployed | string | "check-point-cg-r81";
"check-point-cg-r8110";
"check-point-cg-r8120"; | n/a
+ | **vm_os_offer** | The name of the image offer to be deployed | string | "check-point-cg-r81";
"check-point-cg-r8110";
"check-point-cg-r8120";
"check-point-cg-r82"; | n/a
| | | | | |
- | **os_version** | GAIA OS version | string | "R81";
"R8110";
"R8120"; | n/a
+ | **os_version** | GAIA OS version | string | "R81";
"R8110";
"R8120";
"R82"; | n/a
| | | | | |
| **bootstrap_script** | An optional script to run on the initial boot | string | Bootstrap script example:
"touch /home/admin/bootstrap.txt; echo 'hello_world' > /home/admin/bootstrap.txt"
The script will create bootstrap.txt file in the /home/admin/ and add 'hello word' string into it | ""
| | | | | |
diff --git a/terraform/azure/single-gateway-existing-vnet/variables.tf b/terraform/azure/single-gateway-existing-vnet/variables.tf
old mode 100755
new mode 100644
index f6f2da36..debd9b9d
--- a/terraform/azure/single-gateway-existing-vnet/variables.tf
+++ b/terraform/azure/single-gateway-existing-vnet/variables.tf
@@ -104,7 +104,8 @@ locals { // locals for 'vm_os_offer' allowed values
os_version_allowed_values = [
"R81",
"R8110",
- "R8120"
+ "R8120",
+ "R82"
]
// will fail if [var.os_version] is invalid:
validate_os_version_value = index(local.os_version_allowed_values, var.os_version)
@@ -116,7 +117,7 @@ variable "vm_os_sku" {
}
variable "vm_os_offer" {
- description = "The name of the image offer to be deployed.Choose from: check-point-cg-r81, check-point-cg-r8110, check-point-cg-r8120"
+ description = "The name of the image offer to be deployed.Choose from: check-point-cg-r81, check-point-cg-r8110, check-point-cg-r8120, check-point-cg-r82"
type = string
}
@@ -124,7 +125,8 @@ locals { // locals for 'vm_os_offer' allowed values
vm_os_offer_allowed_values = [
"check-point-cg-r81",
"check-point-cg-r8110",
- "check-point-cg-r8120"
+ "check-point-cg-r8120",
+ "check-point-cg-r82"
]
// will fail if [var.vm_os_offer] is invalid:
validate_os_offer_value = index(local.vm_os_offer_allowed_values, var.vm_os_offer)
diff --git a/terraform/azure/single-gateway-new-vnet/README.md b/terraform/azure/single-gateway-new-vnet/README.md
old mode 100755
new mode 100644
index 1f0edaef..6aaad416
--- a/terraform/azure/single-gateway-new-vnet/README.md
+++ b/terraform/azure/single-gateway-new-vnet/README.md
@@ -112,9 +112,9 @@ This solution uses the following modules:
| | | | | |
| **vm_os_sku** | A sku of the image to be deployed | string | "sg-byol" - BYOL license;
"sg-ngtp" - NGTP PAYG license;
"sg-ngtx" - NGTX PAYG license | n/a
| | | | | |
- | **vm_os_offer** | The name of the image offer to be deployed | string | "check-point-cg-r81";
"check-point-cg-r8110";
"check-point-cg-r8120"; | n/a
+ | **vm_os_offer** | The name of the image offer to be deployed | string | "check-point-cg-r81";
"check-point-cg-r8110";
"check-point-cg-r8120";
"check-point-cg-r82"; | n/a
| | | | | |
- | **os_version** | GAIA OS version | string | "R81";
"R8110";
"R8120"; | n/a |
+ | **os_version** | GAIA OS version | string | "R81";
"R8110";
"R8120";
"R82"; | n/a |
| | | | | |
| **bootstrap_script** | An optional script to run on the initial boot | string | Bootstrap script example:
"touch /home/admin/bootstrap.txt; echo 'hello_world' > /home/admin/bootstrap.txt"
The script will create bootstrap.txt file in the /home/admin/ and add 'hello word' string into it | ""
| | | | | |
diff --git a/terraform/azure/single-gateway-new-vnet/variables.tf b/terraform/azure/single-gateway-new-vnet/variables.tf
old mode 100755
new mode 100644
index 7b247e96..5a75c23d
--- a/terraform/azure/single-gateway-new-vnet/variables.tf
+++ b/terraform/azure/single-gateway-new-vnet/variables.tf
@@ -103,7 +103,8 @@ locals { // locals for 'vm_os_offer' allowed values
os_version_allowed_values = [
"R81",
"R8110",
- "R8120"
+ "R8120",
+ "R82"
]
// will fail if [var.os_version] is invalid:
validate_os_version_value = index(local.os_version_allowed_values, var.os_version)
@@ -115,7 +116,7 @@ variable "vm_os_sku" {
}
variable "vm_os_offer" {
- description = "The name of the image offer to be deployed.Choose from: check-point-cg-r81, check-point-cg-r8110, check-point-cg-r8120"
+ description = "The name of the image offer to be deployed.Choose from: check-point-cg-r81, check-point-cg-r8110, check-point-cg-r8120, check-point-cg-r82"
type = string
}
@@ -123,7 +124,8 @@ locals { // locals for 'vm_os_offer' allowed values
vm_os_offer_allowed_values = [
"check-point-cg-r81",
"check-point-cg-r8110",
- "check-point-cg-r8120"
+ "check-point-cg-r8120",
+ "check-point-cg-r82"
]
// will fail if [var.vm_os_offer] is invalid:
validate_os_offer_value = index(local.vm_os_offer_allowed_values, var.vm_os_offer)
diff --git a/terraform/azure/vmss-existing-vnet/README.md b/terraform/azure/vmss-existing-vnet/README.md
old mode 100755
new mode 100644
index 73b83eb3..f19aa45a
--- a/terraform/azure/vmss-existing-vnet/README.md
+++ b/terraform/azure/vmss-existing-vnet/README.md
@@ -109,9 +109,9 @@ This solution uses the following modules:
| | | | | |
| **vm_os_sku** | A sku of the image to be deployed | string | "sg-byol" - BYOL license;
"sg-ngtp" - NGTP PAYG license;
"sg-ngtx" - NGTX PAYG license; | n/a
| | | | | |
- | **vm_os_offer** | The name of the image offer to be deployed | string | "check-point-cg-r81";
"check-point-cg-r8110";
"check-point-cg-r8120"; | n/a
+ | **vm_os_offer** | The name of the image offer to be deployed | string | "check-point-cg-r81";
"check-point-cg-r8110";
"check-point-cg-r8120";
"check-point-cg-r82"; | n/a
| | | | | |
- | **os_version** | GAIA OS version | string | "R81";
"R8110";
"R8120"; | n/a
+ | **os_version** | GAIA OS version | string | "R81";
"R8110";
"R8120";
"R82"; | n/a
| | | | | |
| **bootstrap_script** | An optional script to run on the initial boot | string | Bootstrap script example:
"touch /home/admin/bootstrap.txt; echo 'hello_world' > /home/admin/bootstrap.txt"
The script will create bootstrap.txt file in the /home/admin/ and add 'hello word' string into it | n/a
| | | | | |
diff --git a/terraform/azure/vmss-existing-vnet/variables.tf b/terraform/azure/vmss-existing-vnet/variables.tf
old mode 100755
new mode 100644
index 1ad5bb46..b95ee2e4
--- a/terraform/azure/vmss-existing-vnet/variables.tf
+++ b/terraform/azure/vmss-existing-vnet/variables.tf
@@ -116,7 +116,8 @@ locals { // locals for 'vm_os_offer' allowed values
os_version_allowed_values = [
"R81",
"R8110",
- "R8120"
+ "R8120",
+ "R82"
]
// will fail if [var.os_version] is invalid:
validate_os_version_value = index(local.os_version_allowed_values, var.os_version)
@@ -332,7 +333,7 @@ locals { // locals for 'frontend_load_distribution' allowed values
//********************** Scale Set variables *******************//
variable "vm_os_offer" {
- description = "The name of the offer of the image that you want to deploy.Choose from: check-point-cg-r81, check-point-cg-r8110, check-point-cg-r8120"
+ description = "The name of the offer of the image that you want to deploy.Choose from: check-point-cg-r81, check-point-cg-r8110, check-point-cg-r8120, check-point-cg-r82"
type = string
}
@@ -341,6 +342,7 @@ locals { // locals for 'vm_os_offer' allowed values
"check-point-cg-r81",
"check-point-cg-r8110",
"check-point-cg-r8120",
+ "check-point-cg-r82"
]
// will fail if [var.vm_os_offer] is invalid:
validate_os_offer_value = index(local.vm_os_offer_allowed_values, var.vm_os_offer)
diff --git a/terraform/azure/vmss-existing-vnet/versions.tf b/terraform/azure/vmss-existing-vnet/versions.tf
old mode 100755
new mode 100644
diff --git a/terraform/azure/vmss-new-vnet/README.md b/terraform/azure/vmss-new-vnet/README.md
old mode 100755
new mode 100644
index 71857101..b9feac93
--- a/terraform/azure/vmss-new-vnet/README.md
+++ b/terraform/azure/vmss-new-vnet/README.md
@@ -111,9 +111,9 @@ This solution uses the following modules:
| | | | | |
| **vm_os_sku** | A sku of the image to be deployed | string | "sg-byol" - BYOL license;
"sg-ngtp" - NGTP PAYG license;
"sg-ngtx" - NGTX PAYG license; | n/a
| | | | | |
- | **vm_os_offer** | The name of the image offer to be deployed | string | "check-point-cg-r81";
"check-point-cg-r8110";
"check-point-cg-r8120"; | n/a
+ | **vm_os_offer** | The name of the image offer to be deployed | string | "check-point-cg-r81";
"check-point-cg-r8110";
"check-point-cg-r8120";
"check-point-cg-r82"; | n/a
| | | | | |
- | **os_version** | GAIA OS version | string | "R81";
"R8110";
"R8120"; | n/a
+ | **os_version** | GAIA OS version | string | "R81";
"R8110";
"R8120";
"R82"; | n/a
| | | | | |
| **bootstrap_script** | An optional script to run on the initial boot | string | Bootstrap script example:
"touch /home/admin/bootstrap.txt; echo 'hello_world' > /home/admin/bootstrap.txt"
The script will create bootstrap.txt file in the /home/admin/ and add 'hello word' string into it | n/a
| | | | | |
diff --git a/terraform/azure/vmss-new-vnet/variables.tf b/terraform/azure/vmss-new-vnet/variables.tf
old mode 100755
new mode 100644
index afc907c5..f59e7007
--- a/terraform/azure/vmss-new-vnet/variables.tf
+++ b/terraform/azure/vmss-new-vnet/variables.tf
@@ -117,6 +117,7 @@ locals { // locals for 'vm_os_offer' allowed values
"R81",
"R8110",
"R8120",
+ "R82"
]
// will fail if [var.os_version] is invalid:
validate_os_version_value = index(local.os_version_allowed_values, var.os_version)
@@ -326,7 +327,7 @@ locals { // locals for 'frontend_load_distribution' allowed values
//********************** Scale Set variables *******************//
variable "vm_os_offer" {
- description = "The name of the offer of the image that you want to deploy.Choose from: check-point-cg-r81, check-point-cg-r8110, check-point-cg-r8120"
+ description = "The name of the offer of the image that you want to deploy.Choose from: check-point-cg-r81, check-point-cg-r8110, check-point-cg-r8120, check-point-cg-r82"
type = string
}
@@ -335,6 +336,7 @@ locals { // locals for 'vm_os_offer' allowed values
"check-point-cg-r81",
"check-point-cg-r8110",
"check-point-cg-r8120",
+ "check-point-cg-r82"
]
// will fail if [var.vm_os_offer] is invalid:
validate_os_offer_value = index(local.vm_os_offer_allowed_values, var.vm_os_offer)
diff --git a/terraform/azure/vmss-new-vnet/versions.tf b/terraform/azure/vmss-new-vnet/versions.tf
old mode 100755
new mode 100644
diff --git a/terraform/gcp/autoscale-into-existing-vpc/README.md b/terraform/gcp/autoscale-into-existing-vpc/README.md
old mode 100755
new mode 100644
index 45abf434..1949b511
--- a/terraform/gcp/autoscale-into-existing-vpc/README.md
+++ b/terraform/gcp/autoscale-into-existing-vpc/README.md
@@ -167,7 +167,7 @@ Please leave empty list for a protocol if you want to disable traffic for it.
| prefix | (Optional) Resources name prefix.
Note: resource name must not contain reserved words based on: sk40179. | string | N/A | "chkp-tf-mig" | no |
| license | Checkpoint license (BYOL or PAYG). | string | - BYOL
- PAYG
| "BYOL" | no |
| image_name | The autoscaling (MIG) image name (e.g. check-point-r8120-gw-byol-mig-631-991001335-v20230622). You can choose the desired mig image value from [Github](https://github.com/CheckPointSW/CloudGuardIaaS/blob/master/gcp/deployment-packages/autoscale-byol/images.py). | string | N/A | N/A | yes |
-| os_version |GAIA OS Version | string | R81;
R8110;
R8120 | R8120 | yes |
+| os_version |GAIA OS Version | string | R81;
R8110;
R8120;
R82 | R8120 | yes |
| | | | | |
| management_nic | Management Interface - Autoscaling Security Gateways in GCP can be managed by an ephemeral public IP or using the private IP of the internal interface (eth1). | string | Ephemeral Public IP (eth0)
- Private IP (eth1) | "Ephemeral Public IP (eth0)" | no |
| management_name | The name of the Security Management Server as appears in autoprovisioning configuration. (Please enter a valid Security Management name including lowercase letters, digits and hyphens only). | string | N/A | "checkpoint-management" | no |
@@ -220,6 +220,8 @@ In order to check the template version refer to the [sk116585](https://supportce
| Template Version | Description |
| ---------------- | ------------- |
+| 20241027 | Added R82 support |
+| | | |
| 20230910 | - R81.20 is the default version |
| | | |
| 20230109 | Updated startup script to use cloud-config. |
diff --git a/terraform/gcp/autoscale-into-existing-vpc/locals.tf b/terraform/gcp/autoscale-into-existing-vpc/locals.tf
old mode 100755
new mode 100644
index 9687f394..20143f79
--- a/terraform/gcp/autoscale-into-existing-vpc/locals.tf
+++ b/terraform/gcp/autoscale-into-existing-vpc/locals.tf
@@ -5,14 +5,15 @@ locals {
// will fail if [var.license] is invalid:
validate_license = index(local.license_allowed_values, upper(var.license))
- regex_validate_image_name = "check-point-r8[0-1][1-4]0-gw-(byol|payg)-mig-[0-9]{3}-([0-9]{3,}|[a-z]+)-v[0-9]{8,}"
+ regex_validate_image_name = "^check-point-${lower(var.os_version)}-gw-.*[0-9]{3}-([0-9]{3,}|[a-z]+)-v[0-9]{8,}.*"
// will fail if the image name is not in the right syntax
validate_image_name = length(regexall(local.regex_validate_image_name, var.image_name)) > 0 ? 0 : index(split("-", var.image_name), "INVALID IMAGE NAME")
version_allowed_values = [
"R81",
"R8110",
- "R8120"
+ "R8120",
+ "R82"
]
// Will fail if var.os_version is invalid:
validate_os_version = index(local.version_allowed_values, var.os_version)
diff --git a/terraform/gcp/autoscale-into-new-vpc/README.md b/terraform/gcp/autoscale-into-new-vpc/README.md
old mode 100755
new mode 100644
index 3958865d..873dcb67
--- a/terraform/gcp/autoscale-into-new-vpc/README.md
+++ b/terraform/gcp/autoscale-into-new-vpc/README.md
@@ -178,7 +178,7 @@ Please leave empty list for a protocol if you want to disable traffic for it.
| prefix | (Optional) Resources name prefix.
Note: resource name must not contain reserved words based on: sk40179. | string | N/A | "chkp-tf-mig" | no |
| license | Checkpoint license (BYOL or PAYG). | string | - BYOL
- PAYG
| "BYOL" | no |
| image_name | The autoscaling (MIG) image name (e.g. check-point-r8120-gw-byol-mig-631-991001335-v20230622). You can choose the desired mig image value from [Github](https://github.com/CheckPointSW/CloudGuardIaaS/blob/master/gcp/deployment-packages/autoscale-byol/images.py). | string | N/A | N/A | yes |
-| os_version |GAIA OS Version | string | R81;
R8110;
R8120 | R8120 | yes |
+| os_version |GAIA OS Version | string | R81;
R8110;
R8120;
R82 | R8120 | yes |
| | | | | |
| management_nic | Management Interface - Autoscaling Security Gateways in GCP can be managed by an ephemeral public IP or using the private IP of the internal interface (eth1). | string | Ephemeral Public IP (eth0)
- Private IP (eth1) | "Ephemeral Public IP (eth0)" | no |
| management_name | The name of the Security Management Server as appears in autoprovisioning configuration. (Please enter a valid Security Management name including lowercase letters, digits and hyphens only). | string | N/A | "checkpoint-management" | no |
@@ -233,6 +233,8 @@ In order to check the template version refer to the [sk116585](https://supportce
| Template Version | Description |
| ---------------- | ------------- |
+| 20241027 | Added R82 support |
+| | | |
| 20230910 | - R81.20 is the default version |
| | | |
| 20230109 | Updated startup script to use cloud-config. |
diff --git a/terraform/gcp/autoscale-into-new-vpc/locals.tf b/terraform/gcp/autoscale-into-new-vpc/locals.tf
old mode 100755
new mode 100644
index d49e09c4..b4679b97
--- a/terraform/gcp/autoscale-into-new-vpc/locals.tf
+++ b/terraform/gcp/autoscale-into-new-vpc/locals.tf
@@ -5,14 +5,15 @@ locals {
// will fail if [var.license] is invalid:
validate_license = index(local.license_allowed_values, upper(var.license))
- regex_validate_image_name = "check-point-r8[0-1][1-4]0-gw-(byol|payg)-mig-[0-9]{3}-([0-9]{3,}|[a-z]+)-v[0-9]{8,}"
+ regex_validate_image_name = "^check-point-${lower(var.os_version)}-gw-.*[0-9]{3}-([0-9]{3,}|[a-z]+)-v[0-9]{8,}.*"
// will fail if the image name is not in the right syntax
validate_image_name = length(regexall(local.regex_validate_image_name, var.image_name)) > 0 ? 0 : index(split("-", var.image_name), "INVALID IMAGE NAME")
version_allowed_values = [
"R81",
"R8110",
- "R8120"
+ "R8120",
+ "R82"
]
// Will fail if var.os_version is invalid:
validate_os_version = index(local.version_allowed_values, var.os_version)
diff --git a/terraform/gcp/high-availability/README.md b/terraform/gcp/high-availability/README.md
old mode 100755
new mode 100644
index d83af628..037bc592
--- a/terraform/gcp/high-availability/README.md
+++ b/terraform/gcp/high-availability/README.md
@@ -229,7 +229,7 @@ internal_network1_subnetwork_name = ""
| license | Checkpoint license (BYOL or PAYG). | string | - BYOL
- PAYG
| "BYOL" | no |
| image_name | The High Availability (cluster) image name (e.g. check-point-r8120-gw-byol-cluster-631-991001335-v20230622). You can choose the desired cluster image value from [Github](https://github.com/CheckPointSW/CloudGuardIaaS/blob/master/gcp/deployment-packages/ha-byol/images.py). | string | N/A | N/A | yes |
| | | | | |
-| os_version |GAIA OS Version | string | R81;
R8110;
R8120 | R8120 | yes |
+| os_version |GAIA OS Version | string | R81;
R8110;
R8120;
R82 | R8120 | yes |
| | | | | |
| region | GCP region | string | N/A | "us-central1" | no |
| zoneA | Member A Zone. The zone determines what computing resources are available and where your data is stored and used. | string | N/A | "us-central1-a" | no |
@@ -304,6 +304,8 @@ In order to check the template version refer to the [sk116585](https://supportce
| Template Version | Description |
| ---------------- | ------------- |
+| 20241027 | Added R82 support |
+| | | |
| 20230910 | - R81.20 is the default version |
| | | |
| 20230209 | Added Smart-1 Cloud support. |
diff --git a/terraform/gcp/high-availability/locals.tf b/terraform/gcp/high-availability/locals.tf
old mode 100755
new mode 100644
index a7d5d72a..53a9eb7a
--- a/terraform/gcp/high-availability/locals.tf
+++ b/terraform/gcp/high-availability/locals.tf
@@ -5,14 +5,15 @@ locals {
// will fail if [var.license] is invalid:
validate_license = index(local.license_allowed_values, upper(var.license))
- regex_validate_image_name = "check-point-r8[0-1][1-4]0-gw-(byol|payg)-cluster-[0-9]{3}-([0-9]{3,}|[a-z]+)-v[0-9]{8,}"
+ regex_validate_image_name = "^check-point-${lower(var.os_version)}-gw-.*[0-9]{3}-([0-9]{3,}|[a-z]+)-v[0-9]{8,}.*"
// will fail if the image name is not in the right syntax
validate_image_name = length(regexall(local.regex_validate_image_name, var.image_name)) > 0 ? 0 : index(split("-", var.image_name), "INVALID IMAGE NAME")
version_allowed_values = [
"R81",
"R8110",
- "R8120"
+ "R8120",
+ "R82"
]
// Will fail if var.os_version is invalid:
validate_os_version = index(local.version_allowed_values, var.os_version)
@@ -22,7 +23,7 @@ locals {
// will fail if the var.zoneA and var.zoneB are not at the same region:
validate_zones = index(local.split_zoneA, local.split_zoneB[0]) == local.split_zoneA[0] && index(local.split_zoneA, local.split_zoneB[1]) == local.split_zoneA[0] ? 0 : "var.zoneA and var.zoneB are not at the same region"
- regex_valid_management_network = "^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(/(3[0-2]|2[0-9]|1[0-9]|[0-9]))|(S1C)$"
+ regex_valid_management_network = "^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(/(3[0-2]|2[0-9]|1[0-9]|[0-9]))|(S1C)$"
// Will fail if var.management_network is invalid
regex_management_network = regex(local.regex_valid_management_network, var.management_network) == var.management_network ? 0 : "Variable [management_network] must be a valid address in CIDR notation or S1C."
diff --git a/terraform/gcp/single-into-existing-vpc/README.md b/terraform/gcp/single-into-existing-vpc/README.md
old mode 100755
new mode 100644
index 72bc8265..51f2a85e
--- a/terraform/gcp/single-into-existing-vpc/README.md
+++ b/terraform/gcp/single-into-existing-vpc/README.md
@@ -171,7 +171,7 @@ Please leave empty list for a protocol if you want to disable traffic for it.
| | | | | |
| image_name |The single gateway or management image name (e.g. check-point-r8120-gw-byol-single-631-991001335-v20230622 for gateway or check-point-r8120-byol-631-991001335-v20230621 for management). You can choose the desired gateway image value from [Github](https://github.com/CheckPointSW/CloudGuardIaaS/blob/master/gcp/deployment-packages/single-byol/images.py).| string | N/A | N/A | yes |
| | | | | |
-| os_version |GAIA OS Version | string | R81;
R8110;
R8120 | R8120 | yes |
+| os_version |GAIA OS Version | string | R81;
R8110;
R8120;
R82 | R8120 | yes |
| | | | | |
| installationType | Installation type and version | string |Gateway only;
Management only;
Manual Configuration
Gateway and Management (Standalone) |Gateway only|yes|
| | | | | |
@@ -253,6 +253,8 @@ In order to check the template version refer to the [sk116585](https://supportce
| Template Version | Description |
| ---------------- | ------------- |
+| 20241027 | Added R82 support |
+| | | |
| 20230910 | - R81.20 is the default version |
| | | |
| 20230209 | Added Smart-1 Cloud support. |
diff --git a/terraform/gcp/single-into-existing-vpc/locals.tf b/terraform/gcp/single-into-existing-vpc/locals.tf
old mode 100755
new mode 100644
index 78145861..4efc3b29
--- a/terraform/gcp/single-into-existing-vpc/locals.tf
+++ b/terraform/gcp/single-into-existing-vpc/locals.tf
@@ -18,15 +18,16 @@ locals {
// Will fail if var.sicKey is invalid
regex_sicKey = regex(local.regex_valid_sicKey, var.sicKey) == var.sicKey ? 0 : "Variable [sicKey] must be at least 8 alphanumeric characters."
- regex_validate_mgmt_image_name = "check-point-r8[0-1][1-4]0-(byol|payg)-[0-9]{3}-([0-9]{3,}|[a-z]+)-v[0-9]{8,}"
- regex_validate_single_image_name = "check-point-r8[0-1][1-4]0-gw-(byol|payg)-single-[0-9]{3}-([0-9]{3,}|[a-z]+)-v[0-9]{8,}"
+ regex_validate_mgmt_image_name = "^check-point-${lower(var.os_version)}-[^(gw)].*[0-9]{3}-([0-9]{3,}|[a-z]+)-v[0-9]{8,}.*"
+ regex_validate_single_image_name = "^check-point-${lower(var.os_version)}-gw-.*[0-9]{3}-([0-9]{3,}|[a-z]+)-v[0-9]{8,}.*"
// will fail if the image name is not in the right syntax
validate_image_name = var.installationType != "Gateway only" && length(regexall(local.regex_validate_mgmt_image_name, var.image_name)) > 0 ? 0 : (var.installationType == "Gateway only" && length(regexall(local.regex_validate_single_image_name, var.image_name)) > 0 ? 0 : index(split("-", var.image_name), "INVALID IMAGE NAME"))
version_allowed_values = [
"R81",
"R8110",
- "R8120"
+ "R8120",
+ "R82"
]
// Will fail if var.os_version is invalid:
validate_os_version = index(local.version_allowed_values, var.os_version)
diff --git a/terraform/gcp/single-into-new-vpc/README.md b/terraform/gcp/single-into-new-vpc/README.md
index 59db07be..029f71da 100644
--- a/terraform/gcp/single-into-new-vpc/README.md
+++ b/terraform/gcp/single-into-new-vpc/README.md
@@ -180,7 +180,7 @@ Please leave empty list for a protocol if you want to disable traffic for it.
| | | | | |
| image_name |The single gateway or management image name (e.g. check-point-r8120-gw-byol-single-631-991001335-v20230622 for gateway or check-point-r8120-byol-631-991001335-v20230621 for management). You can choose the desired gateway image value from [Github](https://github.com/CheckPointSW/CloudGuardIaaS/blob/master/gcp/deployment-packages/single-byol/images.py).| string | N/A | N/A | yes |
| | | | | |
-| os_version |GAIA OS Version | string | R81;
R8110;
R8120 | R8120 | yes |
+| os_version |GAIA OS Version | string | R81;
R8110;
R8120;
R82 | R8120 | yes |
| | | | | |
| installationType | Installation type and version | string |Gateway only;
Management only;
Manual Configuration
Gateway and Management (Standalone) |Gateway only|yes|
| | | | | |
@@ -262,6 +262,8 @@ In order to check the template version refer to the [sk116585](https://supportce
| Template Version | Description |
|------------------|-------------------------------------|
+| 20241027 | Added R82 support |
+| | | |
| 20230921 | Added single-into-new-vpc template. |
| | |
diff --git a/terraform/gcp/single-into-new-vpc/main.tf b/terraform/gcp/single-into-new-vpc/main.tf
old mode 100755
new mode 100644
diff --git a/terraform/gcp/single-into-new-vpc/output.tf b/terraform/gcp/single-into-new-vpc/output.tf
old mode 100755
new mode 100644
diff --git a/terraform/gcp/single-into-new-vpc/variables.tf b/terraform/gcp/single-into-new-vpc/variables.tf
old mode 100755
new mode 100644