From 64c72ccb06797609791d3a6aacda6b7ff7dc003f Mon Sep 17 00:00:00 2001
From: chkp-adambar <136433110+chkp-adambar@users.noreply.github.com>
Date: Thu, 15 Jun 2023 12:03:39 +0300
Subject: [PATCH] v2.5.0 (#147)
v2.5.0 terraform changes
---
CHANGELOG.md | 16 +
...ckpoint_management_checkpoint_host_test.go | 10 +-
...heckpoint_management_server_certificate.go | 97 ++
...oint_management_server_certificate_test.go | 51 +
...ource_checkpoint_management_service_gtp.go | 596 +++++++++
..._checkpoint_management_service_gtp_test.go | 84 ++
...ent_show_threat_rule_exception_rulebase.go | 674 +++++++++++
...how_threat_rule_exception_rulebase_test.go | 99 ++
...ce_checkpoint_management_simple_cluster.go | 9 +-
...source_checkpoint_management_smart_task.go | 482 ++++++++
...e_checkpoint_management_smart_task_test.go | 62 +
checkpoint/provider.go | 8 +
...urce_checkpoint_management_access_layer.go | 8 +
...checkpoint_management_access_point_name.go | 6 +
...ource_checkpoint_management_access_role.go | 8 +
...ce_checkpoint_management_access_section.go | 8 +
...point_management_aci_data_center_server.go | 8 +
...rce_checkpoint_management_address_range.go | 7 +
...rce_checkpoint_management_administrator.go | 7 +
..._checkpoint_management_application_site.go | 8 +
...nt_management_application_site_category.go | 8 +
...point_management_application_site_group.go | 8 +
...point_management_aws_data_center_server.go | 10 +-
...resource_checkpoint_management_azure_ad.go | 8 +
...int_management_azure_data_center_server.go | 8 +
...e_checkpoint_management_checkpoint_host.go | 8 +
...checkpoint_management_data_center_query.go | 8 +
...source_checkpoint_management_dns_domain.go | 8 +
.../resource_checkpoint_management_domain.go | 8 +
...t_management_domain_permissions_profile.go | 24 +-
...anagement_dynamic_global_network_object.go | 6 +
...ce_checkpoint_management_dynamic_object.go | 6 +
...e_checkpoint_management_exception_group.go | 27 +-
...heckpoint_management_gaia_best_practice.go | 8 +
...point_management_gcp_data_center_server.go | 6 +
...t_management_generic_data_center_server.go | 8 +
.../resource_checkpoint_management_group.go | 8 +
...ckpoint_management_group_with_exclusion.go | 8 +
...heckpoint_management_gsn_handover_group.go | 8 +
.../resource_checkpoint_management_host.go | 7 +-
...ource_checkpoint_management_https_layer.go | 6 +
...source_checkpoint_management_https_rule.go | 6 +
...urce_checkpoint_management_identity_tag.go | 8 +
...oint_management_idp_administrator_group.go | 6 +
...ckpoint_management_interoperable_device.go | 7 +
...point_management_ise_data_center_server.go | 8 +
...anagement_kubernetes_data_center_server.go | 8 +
...ource_checkpoint_management_lsv_profile.go | 7 +-
...point_management_md_permissions_profile.go | 6 +
.../resource_checkpoint_management_mds.go | 6 +
...oint_management_multicast_address_range.go | 6 +
.../resource_checkpoint_management_network.go | 6 +
...urce_checkpoint_management_network_feed.go | 6 +
...int_management_nuage_data_center_server.go | 7 +
...t_management_nutanix_data_center_server.go | 8 +
...management_openstack_data_center_server.go | 8 +
...checkpoint_management_opsec_application.go | 8 +
...agement_oracle_cloud_data_center_server.go | 8 +
.../resource_checkpoint_management_package.go | 7 +
...checkpoint_management_repository_script.go | 7 +
...rce_checkpoint_management_security_zone.go | 6 +
...heckpoint_management_server_certificate.go | 194 +++
...oint_management_server_certificate_test.go | 108 ++
...heckpoint_management_service_citrix_tcp.go | 7 +
...ckpoint_management_service_compound_tcp.go | 7 +
...e_checkpoint_management_service_dce_rpc.go | 6 +
...rce_checkpoint_management_service_group.go | 6 +
...ource_checkpoint_management_service_gtp.go | 1066 +++++++++++++++++
..._checkpoint_management_service_gtp_test.go | 153 +++
...urce_checkpoint_management_service_icmp.go | 6 +
...rce_checkpoint_management_service_icmp6.go | 6 +
...rce_checkpoint_management_service_other.go | 7 +
...ource_checkpoint_management_service_rpc.go | 6 +
...urce_checkpoint_management_service_sctp.go | 6 +
...ource_checkpoint_management_service_tcp.go | 6 +
...ource_checkpoint_management_service_udp.go | 6 +
...ce_checkpoint_management_simple_cluster.go | 15 +-
...ce_checkpoint_management_simple_gateway.go | 6 +
...source_checkpoint_management_smart_task.go | 824 +++++++++++++
...e_checkpoint_management_smart_task_test.go | 118 ++
...ource_checkpoint_management_smtp_server.go | 7 +
.../resource_checkpoint_management_tag.go | 6 +
..._checkpoint_management_threat_exception.go | 4 +-
...e_checkpoint_management_threat_ioc_feed.go | 6 +
...urce_checkpoint_management_threat_layer.go | 6 +
...ce_checkpoint_management_threat_profile.go | 6 +
.../resource_checkpoint_management_time.go | 24 +-
...source_checkpoint_management_time_group.go | 6 +
...ce_checkpoint_management_trusted_client.go | 6 +
.../resource_checkpoint_management_user.go | 6 +
...source_checkpoint_management_user_group.go | 6 +
...rce_checkpoint_management_user_template.go | 6 +
...nt_management_vmware_data_center_server.go | 6 +
...ckpoint_management_vpn_community_meshed.go | 6 +
...heckpoint_management_vpn_community_star.go | 7 +
...resource_checkpoint_management_wildcard.go | 6 +
website/checkpoint.erb | 21 +
...anagement_server_certificate.html.markdown | 40 +
...point_management_service_gtp.html.markdown | 150 +++
...kpoint_management_smart_task.html.markdown | 107 ++
...reat_rule_exception_rulebase.html.markdown | 86 ++
...anagement_server_certificate.html.markdown | 35 +
...point_management_service_gtp.html.markdown | 146 +++
...kpoint_management_smart_task.html.markdown | 91 ++
104 files changed, 5876 insertions(+), 50 deletions(-)
create mode 100644 checkpoint/data_source_checkpoint_management_server_certificate.go
create mode 100644 checkpoint/data_source_checkpoint_management_server_certificate_test.go
create mode 100644 checkpoint/data_source_checkpoint_management_service_gtp.go
create mode 100644 checkpoint/data_source_checkpoint_management_service_gtp_test.go
create mode 100644 checkpoint/data_source_checkpoint_management_show_threat_rule_exception_rulebase.go
create mode 100644 checkpoint/data_source_checkpoint_management_show_threat_rule_exception_rulebase_test.go
create mode 100644 checkpoint/data_source_checkpoint_management_smart_task.go
create mode 100644 checkpoint/data_source_checkpoint_management_smart_task_test.go
create mode 100644 checkpoint/resource_checkpoint_management_server_certificate.go
create mode 100644 checkpoint/resource_checkpoint_management_server_certificate_test.go
create mode 100644 checkpoint/resource_checkpoint_management_service_gtp.go
create mode 100644 checkpoint/resource_checkpoint_management_service_gtp_test.go
create mode 100644 checkpoint/resource_checkpoint_management_smart_task.go
create mode 100644 checkpoint/resource_checkpoint_management_smart_task_test.go
create mode 100644 website/docs/d/checkpoint_management_server_certificate.html.markdown
create mode 100644 website/docs/d/checkpoint_management_service_gtp.html.markdown
create mode 100644 website/docs/d/checkpoint_management_smart_task.html.markdown
create mode 100644 website/docs/d/checkpoint_management_threat_rule_exception_rulebase.html.markdown
create mode 100644 website/docs/r/checkpoint_management_server_certificate.html.markdown
create mode 100644 website/docs/r/checkpoint_management_service_gtp.html.markdown
create mode 100644 website/docs/r/checkpoint_management_smart_task.html.markdown
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3f14d56c..6d82c741 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,19 @@
+## 2.5.0 (June 13, 2023)
+
+FEATURES
+* **New Resource:** `resouce_checkpoint_management_service_gtp`
+* **New Resource:** `resouce_checkpoint_management_smart_task`
+* **New Resource:** `resouce_checkpoint_management_server_certificate`
+* **New Data Source:** `data_source_checkpoint_management_threat_rule_exception_rulebase`
+* **New Data Source:** `data_source_checkpoint_management_smart_task`
+* **New Data Source:** `data_source_checkpoint_management_service_gtp`
+* **New Data Source:** `data_source_checkpoint_management_server_certificate`
+
+BUG FIXES
+* Fix issue in `fetch_policy` field in the read function of `checkpoint_management_simple_cluster` resource and data source.
+* Fix issue in `applied_threat_rules` field in `checkpoint_management_exception_group` update function.
+* Add the `ignore_warnings` and `ignore_errors` flags to multiple resources if they were missing.
+
## 2.4.0 (May 4, 2023)
ENHANCEMENTS
diff --git a/checkpoint/data_source_checkpoint_management_checkpoint_host_test.go b/checkpoint/data_source_checkpoint_management_checkpoint_host_test.go
index 12115b37..ef6587f5 100644
--- a/checkpoint/data_source_checkpoint_management_checkpoint_host_test.go
+++ b/checkpoint/data_source_checkpoint_management_checkpoint_host_test.go
@@ -35,11 +35,11 @@ func TestAccDataSourceCheckpointManagementCheckpointHost_basic(t *testing.T) {
}
func testAccDataSourceManagementCheckpointHostConfig(name string, ipv4Address string) string {
- return fmt.Sprintf(`
-resource "checkpoint_management_checkpoint_host" "checkpoint_host" {
- name = "%s"
- ipv4_address = "%s"
-}
+ return fmt.Sprintf(
+ `resource "checkpoint_management_checkpoint_host" "checkpoint_host" {
+ name = "%s"
+ ipv4_address = "%s"
+ }
data "checkpoint_management_checkpoint_host" "data_checkpoint_host" {
name = "${checkpoint_management_checkpoint_host.checkpoint_host.name}"
diff --git a/checkpoint/data_source_checkpoint_management_server_certificate.go b/checkpoint/data_source_checkpoint_management_server_certificate.go
new file mode 100644
index 00000000..8cb40da4
--- /dev/null
+++ b/checkpoint/data_source_checkpoint_management_server_certificate.go
@@ -0,0 +1,97 @@
+package checkpoint
+
+import (
+ "fmt"
+ checkpoint "github.com/CheckPointSW/cp-mgmt-api-go-sdk/APIFiles"
+ "github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+ "log"
+)
+
+func dataSourceManagementServerCertificate() *schema.Resource {
+ return &schema.Resource{
+
+ Read: dataSourceManagementServerCertificateRead,
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Object name.",
+ },
+ "uid": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Object name.",
+ },
+ "subject": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Certificate's subject.",
+ },
+ "valid_from": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Server certificate valid from date.",
+ },
+ "valid_to": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Server certificate valid up to date.",
+ },
+ "comments": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Server certificate comments.",
+ },
+ },
+ }
+}
+func dataSourceManagementServerCertificateRead(d *schema.ResourceData, m interface{}) error {
+
+ client := m.(*checkpoint.ApiClient)
+
+ name := d.Get("name").(string)
+ uid := d.Get("uid").(string)
+
+ payload := make(map[string]interface{})
+
+ if name != "" {
+ payload["name"] = name
+ } else if uid != "" {
+ payload["uid"] = uid
+ }
+ showServerCertificateRes, err := client.ApiCall("show-server-certificate", payload, client.GetSessionID(), true, client.IsProxyUsed())
+ if err != nil {
+ return fmt.Errorf(err.Error())
+ }
+ if !showServerCertificateRes.Success {
+ fmt.Errorf(showServerCertificateRes.ErrorMsg)
+ }
+
+ serverCertificate := showServerCertificateRes.GetData()
+
+ log.Println("Read ServerCertificate - Show JSON ", serverCertificate)
+
+ if v := serverCertificate["uid"]; v != nil {
+ _ = d.Set("uid", v)
+ d.SetId(v.(string))
+ }
+
+ if v := serverCertificate["name"]; v != nil {
+ _ = d.Set("name", v)
+ }
+
+ if v := serverCertificate["subject"]; v != nil {
+ _ = d.Set("subject", v)
+ }
+ if v := serverCertificate["valid-from"]; v != nil {
+ _ = d.Set("valid_from", v)
+ }
+ if v := serverCertificate["valid-to"]; v != nil {
+ _ = d.Set("valid_to", v)
+ }
+ if v := serverCertificate["comments"]; v != nil {
+ _ = d.Set("comments", v)
+ }
+
+ return nil
+}
diff --git a/checkpoint/data_source_checkpoint_management_server_certificate_test.go b/checkpoint/data_source_checkpoint_management_server_certificate_test.go
new file mode 100644
index 00000000..3d8e1854
--- /dev/null
+++ b/checkpoint/data_source_checkpoint_management_server_certificate_test.go
@@ -0,0 +1,51 @@
+package checkpoint
+
+import (
+ "fmt"
+ "github.com/hashicorp/terraform-plugin-sdk/helper/acctest"
+ "github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+ "os"
+ "testing"
+)
+
+func TestAccDataSourceCheckpointManagementServerCertificate_basic(t *testing.T) {
+
+ objName := "tfTestManagementDataServerCertificate" + acctest.RandString(6)
+ resourceName := "checkpoint_management_server_certificate.cert1"
+ dataSourceName := "data.checkpoint_management_server_certificate.data"
+
+ base64_cert := "MIIKSAIBAzCCCg4GCSqGSIb3DQEHAaCCCf8Eggn7MIIJ9zCCBI8GCSqGSIb3DQEHBqCCBIAwggR8AgEAMIIEdQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQILAfxjBi7DTQCAggAgIIESKgKoClNx4YyTQr7xfIgSBSDs0It2vVsLubNFJpbQXzJUu2WaPQPbqV3wISpWCa/auLYC9OWpTI89HFt30rVAdWCFVoty7jI6L8HjTYa8fTGyqW7PyfoGyZclmz6totsmeVWc8i7wnl9Hk8NZpLWuixNoSLQUqBoloyZENll3i3/Z+/6mDlYkRmpCMQA2YLQm1yc/3n7Fq6grBJDro0tIIoAwIzgCdoKqIMwlDNA9c0eaHeXsP4k9WfJQbK6AyLTvHbrrNrgUyEDJQI6BCkeQwkBW2zRUHoe7s1DSQ5Rwft4koIaDcGovLES5g1gnXzmMr4/23+rf4/EZszB0QvlYvZIKLQ8O2ofvZ/HK+59fxlhKEiEkW2yhezDGR9s6hZnzZ8vMutisQJ8MO0m9iKVD5AAtif/32iy5+TVIQfqgER+DYVGOuk15YF2VcZGRlQ8pSvBXIkMMUDRqjFxQfKYIMlyk6RuSSgmIn+EIA9GfaBmEGy2xJYvw6IkUJ+xoR+SYeLYiMw+HkzI+cCOKF7fKPXlOCVvnESEeKwJ4inSxiI2GQG01aN/GNdsx/EM1Xi2LSHfzhG9URIOhjuJIQZn2Z7f3fpTxpWWCpEEVjcQZhoR0KX0DJ/gIx/iY8UsbNo58FTq5AwMFY6m8hxlHOorqh0MSE/x8LKq0v7JKIxQwrdkyUlVUqdaGreW5MgRdjqOrxQx53nLPdQelKWbR8Gn4KkwFcYCAB1VAe944zqq6YKL4mvNwxk5wyqDjn5UZtPokKFfqBOwOSAGsaZ389x/2tqXEgPhWVGFPJlsIUUKBRVTtqxsb2LdaCPHjO8bQhhgOIMEav+iWZAJYudZuolr8Aviccorg1w0sr2eklHbO6yMWrDrvlCVpSawRnLIeeWe+4rwV7SNdcA5hSombTWKRcR8mOkTGjpByiz6+g+3mHOeJbyTrmIfUSENMZy5oYjQfDyNLi0RMmCPCqMjRSwyAs/CDhzz4wTFLEYbu+fUrm2WZc2vhhxafbVrbZ+FcDcnYomYfp8aSxiIIq8+gxT99Oi3WNqhJ+IZGJODWMYRfpKNwgCab8uJt8TV3SVXVIXW0Y28l4ZuP/qWEfnEC8Wl6HJGhJo7arqBFTWWEuKvHw985OpksavdQFXgVU9Egbue0anb0U5SDyRu0hqJ/Gw83dKJbCg8hPv4gGq/yeOb+cX63DCKvOcoXjZ0szeRcGiro0+BSgr143Ks19lsxWHPOlauLSnD3jVrgpXmVwxCizRTnX3OLJ07IpvvEJGAQR/Ru2lo7eN0H4933G93tVQtte69BiPwbkWtSx8ddzbRGmMW7IsG72FVm5QrJC1C1Na5xqQQV6G2oHqIHNdNyXD6TmhuQ4BnpCoamCzfsX4iozS+NySz/Jdbuj0YZ9L2dQYUHiBF4xotlHfwiAiCghaBH31OZJ0n52d0NGqRkN5F0Qdfz1O2+rLx2zswggVgBgkqhkiG9w0BBwGgggVRBIIFTTCCBUkwggVFBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQIRNvlE6KdajoCAggABIIEyBJbsgafEO1D9xQ8BFYFNKf/meJNAOO4XVPTFtUBpyvEn3PkyxyKU1cMenESXeMacSv/VftkYC7CwN81kzbRMRSEXZSCsyj48kMqwTqMNmZmgF8XaFvzXOGlu2E411LZ/sOenWO7lxe0NGZM3vk4FWvl+4fa5Xd5TDqya65VsXSocDUA5kpeqn323TcdeCldGmEniX85NGIiPpWuRLGrNf8VOIuE3NFAmTSveHH9Oo7PjscCifc7O4+NpOW9GfayZMqG8dTpLhIRacdvy/QvbWePXdzzSI9rKogX/7+bSzU0Hq+8rpWlAhz0qnW2Bb3T7of86Len5cuNr0k425Dhpuo4od81exDdSa3+aFQqR3nKVSkPapLBrpGNZIX4TwctRnbi2ZHdFxMKkJewGt/beam3LcujJRlN2RBeA0IRWEAyO6ubjpQ62ChrW+faHXXxYnH3Be6nPXSF5pq4VAIVglNsPOxGYIb+qNDhOblzQBq4nF30fyHmOwDIRgNWwOStT7dUFmN0ouHinP6QXWBDDQiDo2RRFs2/RWu0ZY0EAzEYAMCSvmk+SQgKbKpNFf0C5kuJ56PWXUuGSoAXV/vxvK6OHIGF/FcZo+VrRgYTHY/eSjw1+/lpUkwaWAzoH0X6KxuLXfgzv+E8Z+LFVWIAoknJ96ieljiHzNnfeSTZYwTaJbYaritdAQ2MTGcBrpJFIqr9GjWGVsFQK0ct/ZIFzZw0Vnt/aOj5OjMPlpy9UXfC+tw9gfRYWfSDuDLuUH0Znu3JB/+J2XQP4PBArXKyvFv6wMVSvY/04r2WQQKV9YTUCkbgvHAlQ7vP0a8z44xSrKc4M04sEBE3cFD2NBAQrP3GqRyz2ukuzJhrj/B1dZWA23SZaqfN9gpbfFbtPXN6F/nY1UUsikLjcXDjC8rGVU9Pp4VCnv2EUgl4QmkUEdVeDZjUnz/k9Kd53q3h+chAId+3VBsemd3ZadX4gupw6Xf6zT8Av7v75/1/vFw2yz22DG8pIpN4uuEdSFhvs9lr6f2M6bQABS+NWfehq5aqBqsXXX8R3fSxYLL0gO4lxf4YqUSomA4AlzS9tJtEe2DKWYmnYwiiUGYLs7aGMLZQbHbYutPKKZXTaSGWYBaIrVjbDM67la/csYmxpb2n6UD6TkNICuZwd/ImVvDhbCEsR/EU+YU0HPwxlUtcCsqw4Vy8rBtbla2XmegGUcLWSurKmq42SW8W1LBJQfY/9sWyaMqSGy0/Vq4/+/CtXUZ1N5rgibYyIZ9Tvm/ndv2xBW1hYivIZZQFRbg5fWxKA5ifYejGmYCWGQynRSVCbqccw08xy5Iwnww4v5Cz5bcNyRLFOU2/bfn7SC5mcQ/Tw5ZKOQVRn88G78amMPHNRqX4RzPtIwmK+B3zPJX0MHrY3w5hzPZ0UCtR2YsbYLeqsYP6b+RBLSV3wtkUZ9PgbMeu7zXSE0z1svGpjF7yWpnP47ilbxwe1YXL5+CuqN6iHFfyaP1JPYILmHdw0gzgyOdo1y4rUXgCeiCyH4vJVLts8ERKpXZDMCUmujb306IOD9haFXdQHV5XlQurtw+JC7ySe9bVMrzYJv5/oPioOXMnLPI2OXYbACwlQ/UHgl5LmDlsxeairdfYTdAxajFEMB0GCSqGSIb3DQEJFDEQHg4AbQB5AGEAbABpAGEAczAjBgkqhkiG9w0BCRUxFgQU7cUIcmKuQKAMfwbKiKzQozUsyHwwMTAhMAkGBSsOAwIaBQAEFEFoI0QTIv2s2lR8PxS8xfiT5S06BAjANT3YLoakoAICCAA="
+ base64_pass := "bXlfcGFzc3dvcmQ="
+
+ context := os.Getenv("CHECKPOINT_CONTEXT")
+ if context != "web_api" {
+ t.Skip("Skipping management test")
+ }
+ resource.Test(t, resource.TestCase{
+
+ PreCheck: func() { testAccPreCheck(t) },
+ Providers: testAccProviders,
+ Steps: []resource.TestStep{
+ {
+ Config: testAccDataSourceServerCertificateConfig(objName, base64_cert, base64_pass),
+ Check: resource.ComposeTestCheckFunc(
+ resource.TestCheckResourceAttrPair(dataSourceName, "name", resourceName, "name")),
+ },
+ },
+ })
+}
+
+func testAccDataSourceServerCertificateConfig(name string, base64Cert string, base64Pass string) string {
+ return fmt.Sprintf(
+ `
+ resource "checkpoint_management_server_certificate" "cert1" {
+ name = "%s"
+ base64_certificate = "%s"
+ base64_password = "%s"
+ }
+
+ data "checkpoint_management_server_certificate" "data" {
+ name = "${checkpoint_management_server_certificate.cert1.name}"
+ }
+ `, name, base64Cert, base64Pass)
+}
diff --git a/checkpoint/data_source_checkpoint_management_service_gtp.go b/checkpoint/data_source_checkpoint_management_service_gtp.go
new file mode 100644
index 00000000..81261882
--- /dev/null
+++ b/checkpoint/data_source_checkpoint_management_service_gtp.go
@@ -0,0 +1,596 @@
+package checkpoint
+
+import (
+ "fmt"
+ checkpoint "github.com/CheckPointSW/cp-mgmt-api-go-sdk/APIFiles"
+ "github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+ "log"
+ "strconv"
+)
+
+func dataSourceManagementServiceGtp() *schema.Resource {
+ return &schema.Resource{
+
+ Read: dataSourceManagementServiceGtpRead,
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Object name.",
+ },
+ "uid": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Object unique identifier.",
+ },
+ "version": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "GTP version.",
+ },
+ "access_point_name": {
+ Type: schema.TypeMap,
+ Computed: true,
+ Description: "Match by Access Point Name.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "enable": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "",
+ },
+ "apn": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "The Access Point Name object identified by Name or UID.",
+ },
+ },
+ },
+ },
+ "allow_usage_of_static_ip": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "Allow usage of static IP addresses.",
+ },
+ "apply_access_policy_on_user_traffic": {
+ Type: schema.TypeMap,
+ Computed: true,
+ Description: "Apply Access Policy on user traffic.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "enable": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "",
+ },
+ "add_imsi_field_to_log": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "Add IMSI field to logs generated by user traffic.",
+ },
+ },
+ },
+ },
+ "cs_fallback_and_srvcc": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "CS Fallback and SRVCC (Relevant for V2 only).",
+ },
+ "imsi_prefix": {
+ Type: schema.TypeMap,
+ Computed: true,
+ Description: "Match by IMSI prefix.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "enable": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "",
+ },
+ "prefix": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "The IMSI prefix.",
+ },
+ },
+ },
+ },
+ "interface_profile": {
+ Type: schema.TypeMap,
+ Computed: true,
+ Description: "Match only message types relevant to the given GTP interface. Relevant only for GTP V1 or V2.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "profile": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "The Interface Profile object identified by Name or UID.",
+ },
+ "custom_message_types": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "The messages types to match on them for this service. To specify a range, add a hyphen between the lowest and the highest numbers, for example: 32-35. Multiple Ranges can be chosen when separated with comma. This field relevant only when the Interface profile is set to 'Custom'.",
+ },
+ },
+ },
+ },
+ "ldap_group": {
+ Type: schema.TypeMap,
+ Computed: true,
+ Description: "Match by an LDAP Group.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "enable": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "",
+ },
+ "group": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "The Ldap Group object identified by Name or UID.",
+ },
+ "according_to": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "According to MS-ISDN or according to IMSI.",
+ },
+ },
+ },
+ },
+ "ms_isdn": {
+ Type: schema.TypeMap,
+ Computed: true,
+ Description: "Match by an MS-ISDN.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "enable": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "",
+ },
+ "ms_isdn": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "The MS-ISDN.",
+ },
+ },
+ },
+ },
+ "radio_access_technology": {
+ Type: schema.TypeList,
+ Computed: true,
+ Description: "Match by Radio Access Technology.",
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "utran": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "(1).",
+ },
+ "geran": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "(2).",
+ },
+ "wlan": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "(3).",
+ },
+ "gan": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "(4).",
+ },
+ "hspa_evolution": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "(5).",
+ },
+ "eutran": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "(6).",
+ },
+ "virtual": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "(7).",
+ },
+ "nb_iot": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "(8).",
+ },
+ "other_types_range": {
+ Type: schema.TypeList,
+ Computed: true,
+ Description: "(9-255).",
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "enable": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "",
+ },
+ "types": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Other RAT Types. To specify other RAT ranges, add a hyphen between the lowest and the highest numbers, for example: 11-15. Multiple Ranges can be chosen when separated with comma.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "restoration_and_recovery": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "Restoration and Recovery (Relevant for V2 only).",
+ },
+ "reverse_service": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "Accept PDUs from the GGSN/PGW to the SGSN/SGW on a previously established PDP context, even if different ports are used.",
+ },
+ "selection_mode": {
+ Type: schema.TypeList,
+ Computed: true,
+ Description: "Match by a selection mode.",
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "enable": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "",
+ },
+ "mode": {
+ Type: schema.TypeInt,
+ Computed: true,
+ Description: "The mode as integer. [0 - Verified, 1 - MS - Not verified, 2 - Network - Not verified].",
+ },
+ },
+ },
+ },
+ "trace_management": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "Trace Management (Relevant for V2 only).",
+ },
+ "tags": {
+ Type: schema.TypeSet,
+ Computed: true,
+ Description: "Collection of tag identifiers.",
+ Elem: &schema.Schema{
+ Type: schema.TypeString,
+ },
+ },
+ "color": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Color of the object. Should be one of existing colors.",
+ },
+ "comments": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Comments string.",
+ },
+ "groups": {
+ Type: schema.TypeSet,
+ Computed: true,
+ Description: "Collection of group identifiers.",
+ Elem: &schema.Schema{
+ Type: schema.TypeString,
+ },
+ },
+ "ignore_warnings": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "Apply changes ignoring warnings.",
+ },
+ "ignore_errors": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.",
+ },
+ },
+ }
+}
+func dataSourceManagementServiceGtpRead(d *schema.ResourceData, m interface{}) error {
+
+ client := m.(*checkpoint.ApiClient)
+
+ name := d.Get("name").(string)
+ uid := d.Get("uid").(string)
+
+ payload := make(map[string]interface{})
+
+ if name != "" {
+ payload["name"] = name
+ } else if uid != "" {
+ payload["uid"] = uid
+ }
+
+ showServiceGtpRes, err := client.ApiCall("show-service-gtp", payload, client.GetSessionID(), true, client.IsProxyUsed())
+
+ if err != nil {
+ return fmt.Errorf(err.Error())
+ }
+ if !showServiceGtpRes.Success {
+ return fmt.Errorf(showServiceGtpRes.ErrorMsg)
+ }
+
+ serviceGtp := showServiceGtpRes.GetData()
+
+ log.Println("Read Service Gtp - Show JSON = ", serviceGtp)
+
+ if v := serviceGtp["uid"]; v != nil {
+ _ = d.Set("uid", v)
+ d.SetId(v.(string))
+ }
+
+ if v := serviceGtp["name"]; v != nil {
+ _ = d.Set("name", v)
+ }
+ if v := serviceGtp["version"]; v != nil {
+ _ = d.Set("version", v)
+ }
+ if v := serviceGtp["access-point-name"]; v != nil {
+
+ accessPointMap := make(map[string]interface{})
+
+ payload := v.(map[string]interface{})
+
+ if v := payload["enable"]; v != nil {
+ accessPointMap["enable"] = strconv.FormatBool(v.(bool))
+ }
+ if v := payload["apn"]; v != nil {
+ innerMap := v.(map[string]interface{})
+
+ accessPointMap["apn"] = innerMap["name"].(string)
+
+ }
+ log.Println("map is ", accessPointMap)
+ _ = d.Set("access_point_name", accessPointMap)
+
+ } else {
+ _ = d.Set("access_point_name", nil)
+ }
+ if v := serviceGtp["allow-usage-of-static-ip"]; v != nil {
+ d.Set("allow_usage_of_static_ip", v)
+ }
+
+ if v := serviceGtp["apply-access-policy-on-user-traffic"]; v != nil {
+
+ payload := v.(map[string]interface{})
+
+ res := make(map[string]interface{})
+
+ if v := payload["enable"]; v != nil {
+ res["enable"] = strconv.FormatBool(v.(bool))
+ }
+ if v := payload["add-imsi-field-to-log"]; v != nil {
+ res["add_imsi_field_to_log"] = strconv.FormatBool(v.(bool))
+ }
+ d.Set("apply_access_policy_on_user_traffic", res)
+ } else {
+ d.Set("apply_access_policy_on_user_traffic", nil)
+ }
+
+ if v := serviceGtp["cs-fallback-and-srvcc"]; v != nil {
+ d.Set("cs_fallback_and_srvcc", v)
+ }
+
+ if v := serviceGtp["imsi-prefix"]; v != nil {
+ payload := v.(map[string]interface{})
+
+ res := make(map[string]interface{})
+
+ if v := payload["enable"]; v != nil {
+ res["enable"] = strconv.FormatBool(v.(bool))
+ }
+ if v := payload["prefix"]; v != nil {
+ res["prefix"] = v
+ }
+
+ d.Set("imsi_prefix", res)
+ } else {
+ d.Set("imsi_prefix", nil)
+ }
+
+ if v := serviceGtp["interface-profile"]; v != nil {
+ payload := v.(map[string]interface{})
+
+ res := make(map[string]interface{})
+
+ if v := payload["profile"]; v != nil {
+ profileMap := v.(map[string]interface{})
+ if j, _ := profileMap["name"]; j != nil {
+ res["profile"] = j
+ }
+ }
+ if v := payload["custom-message-types"]; v != nil {
+ res["custom_message_types"] = v
+ }
+
+ d.Set("interface_profile", res)
+ } else {
+ d.Set("interface_profile", nil)
+ }
+
+ if serviceGtp["ldap-group"] != nil {
+
+ ldapGroupMap := serviceGtp["ldap-group"].(map[string]interface{})
+
+ ldapGroupMapToReturn := make(map[string]interface{})
+
+ if v, _ := ldapGroupMap["enable"]; v != nil {
+ ldapGroupMapToReturn["enable"] = strconv.FormatBool(v.(bool))
+ }
+ if v, _ := ldapGroupMap["group"]; v != nil {
+ groupMap := v.(map[string]interface{})
+ if j, _ := groupMap["name"]; j != nil {
+ ldapGroupMapToReturn["group"] = j.(string)
+ }
+ }
+ if v, _ := ldapGroupMap["according-to"]; v != nil {
+ ldapGroupMapToReturn["according_to"] = v
+ }
+ _ = d.Set("ldap_group", ldapGroupMapToReturn)
+ } else {
+ _ = d.Set("ldap_group", nil)
+ }
+
+ if serviceGtp["ms-isdn"] != nil {
+
+ msIsdnMap := serviceGtp["ms-isdn"].(map[string]interface{})
+
+ msIsdnMapToReturn := make(map[string]interface{})
+
+ if v, _ := msIsdnMap["enable"]; v != nil {
+ msIsdnMapToReturn["enable"] = strconv.FormatBool(v.(bool))
+ }
+ if v, _ := msIsdnMap["ms-isdn"]; v != nil {
+ msIsdnMapToReturn["ms_isdn"] = v
+ }
+ _ = d.Set("ms_isdn", msIsdnMapToReturn)
+ } else {
+ _ = d.Set("ms_isdn", nil)
+ }
+
+ if serviceGtp["radio-access-technology"] != nil {
+
+ radioAccessTechnologyMap, ok := serviceGtp["radio-access-technology"].(map[string]interface{})
+
+ if ok {
+ radioAccessTechnologyMapToReturn := make(map[string]interface{})
+
+ if v := radioAccessTechnologyMap["utran"]; v != nil {
+ radioAccessTechnologyMapToReturn["utran"] = v
+ }
+ if v := radioAccessTechnologyMap["geran"]; v != nil {
+ radioAccessTechnologyMapToReturn["geran"] = v
+ }
+ if v := radioAccessTechnologyMap["wlan"]; v != nil {
+ radioAccessTechnologyMapToReturn["wlan"] = v
+ }
+ if v := radioAccessTechnologyMap["gan"]; v != nil {
+ radioAccessTechnologyMapToReturn["gan"] = v
+ }
+ if v := radioAccessTechnologyMap["hspa-evolution"]; v != nil {
+ radioAccessTechnologyMapToReturn["hspa_evolution"] = v
+ }
+ if v := radioAccessTechnologyMap["eutran"]; v != nil {
+ radioAccessTechnologyMapToReturn["eutran"] = v
+ }
+ if v := radioAccessTechnologyMap["virtual"]; v != nil {
+ radioAccessTechnologyMapToReturn["virtual"] = v
+ }
+ if v := radioAccessTechnologyMap["nb-iot"]; v != nil {
+ radioAccessTechnologyMapToReturn["nb_iot"] = v
+ }
+ if v, ok := radioAccessTechnologyMap["other-types-range"]; ok {
+
+ otherTypesRangeMap, ok := v.(map[string]interface{})
+ if ok {
+ otherTypesRangeMapToReturn := make(map[string]interface{})
+
+ if v, _ := otherTypesRangeMap["enable"]; v != nil {
+ otherTypesRangeMapToReturn["enable"] = v
+ }
+ if v, _ := otherTypesRangeMap["types"]; v != nil {
+ otherTypesRangeMapToReturn["types"] = v
+ }
+ radioAccessTechnologyMapToReturn["other_types_range"] = []interface{}{otherTypesRangeMapToReturn}
+ }
+ }
+ _ = d.Set("radio_access_technology", []interface{}{radioAccessTechnologyMapToReturn})
+
+ }
+ } else {
+ _ = d.Set("radio_access_technology", nil)
+ }
+
+ if v := serviceGtp["restoration-and-recovery"]; v != nil {
+ _ = d.Set("restoration_and_recovery", v)
+ }
+
+ if v := serviceGtp["reverse-service"]; v != nil {
+ _ = d.Set("reverse_service", v)
+ }
+
+ if serviceGtp["selection-mode"] != nil {
+
+ selectionModeMapToReturn := make(map[string]interface{})
+
+ innerMap := serviceGtp["selection-mode"].(map[string]interface{})
+
+ if v, _ := innerMap["mode"]; v != nil {
+
+ selectionModeMapToReturn["mode"] = v
+ }
+
+ if v, _ := innerMap["enable"]; v != nil {
+ selectionModeMapToReturn["enable"] = v
+ }
+
+ _ = d.Set("selection_mode", []interface{}{selectionModeMapToReturn})
+ } else {
+ _ = d.Set("selection_mode", nil)
+ }
+
+ if v := serviceGtp["trace-management"]; v != nil {
+ _ = d.Set("trace_management", v)
+ }
+
+ if serviceGtp["tags"] != nil {
+ tagsJson, ok := serviceGtp["tags"].([]interface{})
+ if ok {
+ tagsIds := make([]string, 0)
+ if len(tagsJson) > 0 {
+ for _, tags := range tagsJson {
+ tags := tags.(map[string]interface{})
+ tagsIds = append(tagsIds, tags["name"].(string))
+ }
+ }
+ _ = d.Set("tags", tagsIds)
+ }
+ } else {
+ _ = d.Set("tags", nil)
+ }
+
+ if v := serviceGtp["color"]; v != nil {
+ _ = d.Set("color", v)
+ }
+
+ if v := serviceGtp["comments"]; v != nil {
+ _ = d.Set("comments", v)
+ }
+
+ if serviceGtp["groups"] != nil {
+ groupsJson, ok := serviceGtp["groups"].([]interface{})
+ if ok {
+ groupsIds := make([]string, 0)
+ if len(groupsJson) > 0 {
+ for _, groups := range groupsJson {
+ groups := groups.(map[string]interface{})
+ groupsIds = append(groupsIds, groups["name"].(string))
+ }
+ }
+ _ = d.Set("groups", groupsIds)
+ }
+ } else {
+ _ = d.Set("groups", nil)
+ }
+
+ if v := serviceGtp["ignore-warnings"]; v != nil {
+ _ = d.Set("ignore_warnings", v)
+ }
+
+ return nil
+}
diff --git a/checkpoint/data_source_checkpoint_management_service_gtp_test.go b/checkpoint/data_source_checkpoint_management_service_gtp_test.go
new file mode 100644
index 00000000..a4a3b351
--- /dev/null
+++ b/checkpoint/data_source_checkpoint_management_service_gtp_test.go
@@ -0,0 +1,84 @@
+package checkpoint
+
+import (
+ "fmt"
+ "github.com/hashicorp/terraform-plugin-sdk/helper/acctest"
+ "github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+ "os"
+ "testing"
+)
+
+func TestAccDataSourceCheckpointManagementServiceGtp_basic(t *testing.T) {
+
+ objName := "tfTestManagementDataServiceIcmp6_" + acctest.RandString(6)
+ resourceName := "checkpoint_management_service_gtp.service_gtp"
+ dataSourceName := "data.checkpoint_management_service_gtp.data_service_gtp"
+
+ context := os.Getenv("CHECKPOINT_CONTEXT")
+ if context != "web_api" {
+ t.Skip("Skipping management test")
+ }
+
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() { testAccPreCheck(t) },
+ Providers: testAccProviders,
+ Steps: []resource.TestStep{
+ {
+ Config: testAccDataSourceManagementServiceGtpConfig(objName),
+ Check: resource.ComposeTestCheckFunc(
+ resource.TestCheckResourceAttrPair(dataSourceName, "name", resourceName, "name"),
+ ),
+ },
+ },
+ })
+}
+
+func testAccDataSourceManagementServiceGtpConfig(name string) string {
+ return fmt.Sprintf(`
+ resource "checkpoint_management_service_gtp" "service_gtp" {
+ name = "%s"
+ version = "v2"
+ reverse_service = true
+ trace_management = true
+ imsi_prefix = {
+ enable = true
+ prefix = "123"
+ }
+ interface_profile = {
+ profile = "Custom"
+ custom_message_types = "32-35"
+ }
+ selection_mode {
+ enable = true
+ mode = 1
+ }
+ ms_isdn= {
+ enable = true
+ ms_isdn = "312"
+ }
+ access_point_name ={
+ enable = true
+ apn = "AccP2"
+ }
+ apply_access_policy_on_user_traffic ={
+ enable = true
+ add_imsi_field_to_log = true
+ }
+ radio_access_technology {
+ other_types_range {
+ enable = true
+ types = "11-50"
+ }
+ }
+ ldap_group = {
+ enable = true
+ group = "ldap_group_1"
+ according_to = "MS-ISDN"
+ }
+}
+data "checkpoint_management_service_gtp" "data_service_gtp" {
+ name = "${checkpoint_management_service_gtp.service_gtp.name}"
+}
+`, name)
+
+}
diff --git a/checkpoint/data_source_checkpoint_management_show_threat_rule_exception_rulebase.go b/checkpoint/data_source_checkpoint_management_show_threat_rule_exception_rulebase.go
new file mode 100644
index 00000000..5f7e0d94
--- /dev/null
+++ b/checkpoint/data_source_checkpoint_management_show_threat_rule_exception_rulebase.go
@@ -0,0 +1,674 @@
+package checkpoint
+
+import (
+ "fmt"
+ checkpoint "github.com/CheckPointSW/cp-mgmt-api-go-sdk/APIFiles"
+ "github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+ "log"
+)
+
+func dataSourceManagementShowThreatRuleExceptionRuleBase() *schema.Resource {
+
+ return &schema.Resource{
+
+ Read: dataSourceManagementShowThreatRuleExceptionRuleBaseRead,
+
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Object name.",
+ },
+ "uid": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Object uid",
+ },
+ "rule_name": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The name of the parent rule.",
+ },
+ "rule_uid": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The UID of the parent rule.",
+ },
+ "rule_number": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The position in the rulebase of the parent rule.",
+ },
+ "filter": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Search expression to filter the rulebase.",
+ },
+ "filter_settings": {
+ Type: schema.TypeMap,
+ Optional: true,
+ Description: "Sets filter preferences.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "search_mode": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "search mode",
+ },
+ "packet_search_settings": {
+ Type: schema.TypeMap,
+ Optional: true,
+ Description: "packet search settings",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+
+ "expand_group_members": {
+
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "When true, if the search expression contains a UID or a name of a group object, results will include rules that match on at least one member of the group.",
+ },
+ "expand_group_with_exclusion_members": {
+
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "When true, if the search expression contains a UID or a name of a group-with-exclusion object, results will include rules that match at least one member of the \"include\" part and is not a member of the \"except\" part.",
+ },
+ "match_on_any": {
+
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "Whether to match on 'Any' object",
+ },
+ "match_on_group_with_exclusion": {
+
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "Whether to match on a group-with-exclusion.",
+ },
+ "match_on_negate": {
+
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "Whether to match on a negated cell.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "limit": {
+ Type: schema.TypeInt,
+ Optional: true,
+ Description: "The maximal number of returned results.",
+ },
+ "offset": {
+ Type: schema.TypeInt,
+ Optional: true,
+ Description: "Number of the results to initially skip.",
+ },
+ "order": {
+ Type: schema.TypeMap,
+ Optional: true,
+ Description: "Sorts the results by search criteria",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "ASC": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Sorts results by the given field in ascending order.",
+ },
+ "DESC": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Sorts results by the given field in descending order.",
+ },
+ },
+ },
+ },
+ "package": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Name of the package.",
+ },
+ "use_object_dictionary": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "",
+ Default: true,
+ },
+ "from": {
+ Type: schema.TypeInt,
+ Computed: true,
+ Description: "From which element number the query was done.",
+ },
+ "rulebase": {
+ Type: schema.TypeList,
+ Computed: true,
+ Description: "",
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "group name",
+ },
+ "type": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "rulebase type.",
+ },
+ "uid": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "rulebase uid.",
+ },
+ "from": {
+ Type: schema.TypeInt,
+ Computed: true,
+ Description: "From which element number the query was done.",
+ },
+ "to": {
+ Type: schema.TypeInt,
+ Computed: true,
+ Description: "To which element number the query was done.",
+ },
+ "rulebase": {
+ Type: schema.TypeList,
+ Computed: true,
+ Description: "list of rulebases.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "rule name",
+ },
+ "type": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "rule type",
+ },
+ "uid": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "rule uid",
+ },
+ "install_on": {
+ Type: schema.TypeSet,
+ Computed: true,
+ Description: "Which Gateways identified by the name or UID to install the policy on.",
+ Elem: &schema.Schema{
+ Type: schema.TypeString,
+ },
+ },
+ "source": {
+ Type: schema.TypeSet,
+ Computed: true,
+ Description: "Collection of Network objects identified by the name or UID.",
+ Elem: &schema.Schema{
+ Type: schema.TypeString,
+ },
+ },
+ "source_negate": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "True if negate is set for source.",
+ },
+ "destination": {
+ Type: schema.TypeSet,
+ Computed: true,
+ Description: "Collection of Network objects identified by the name or UID.",
+ Elem: &schema.Schema{
+ Type: schema.TypeString,
+ },
+ },
+ "destination_negate": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "True if negate is set for destination.",
+ },
+ "service": {
+ Type: schema.TypeSet,
+ Computed: true,
+ Description: "Collection of Network objects identified by the name or UID.",
+ Elem: &schema.Schema{
+ Type: schema.TypeString,
+ },
+ },
+ "service_negate": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "True if negate is set for service.",
+ },
+ "protected_scope": {
+ Type: schema.TypeSet,
+ Computed: true,
+ Description: "Collection of objects defining Protected Scope identified by the name or UID.",
+ Elem: &schema.Schema{
+ Type: schema.TypeString,
+ },
+ },
+ "protected_scope_negate": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "True if negate is set for Protected Scope.",
+ },
+ "protection_or_site": {
+ Type: schema.TypeSet,
+ Computed: true,
+ Description: "Name of the protection or site.",
+ Elem: &schema.Schema{
+ Type: schema.TypeString,
+ },
+ },
+ "track": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Packet tracking.",
+ },
+ "action": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Action-the enforced profile.",
+ },
+ "exception_number": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The UID of the exception-group.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "objects_dictionary": {
+ Type: schema.TypeList,
+ Computed: true,
+ Description: "This table shows the level of details in the Standard level.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "rule name",
+ },
+ "type": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "rule type",
+ },
+ "uid": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "rule uid",
+ },
+ },
+ },
+ },
+ "to": {
+ Type: schema.TypeInt,
+ Computed: true,
+ Description: "To which element number the query was done.",
+ },
+ "total": {
+ Type: schema.TypeInt,
+ Computed: true,
+ Description: "Total number of elements returned by the query.",
+ },
+ },
+ }
+
+}
+
+func dataSourceManagementShowThreatRuleExceptionRuleBaseRead(d *schema.ResourceData, m interface{}) error {
+
+ client := m.(*checkpoint.ApiClient)
+
+ name := d.Get("name").(string)
+ uid := d.Get("uid").(string)
+
+ payload := map[string]interface{}{}
+ if name != "" {
+ payload["name"] = name
+ } else if uid != "" {
+ payload["uid"] = uid
+ }
+ ruleuid := d.Get("rule_uid").(string)
+
+ rulename := d.Get("rule_name").(string)
+
+ rulenumber := d.Get("rule_number").(string)
+
+ if rulename != "" {
+ payload["rule-name"] = rulename
+ } else if ruleuid != "" {
+ payload["rule-uid"] = ruleuid
+ } else if rulenumber != "" {
+ payload["rule-number"] = rulenumber
+ }
+
+ if v, ok := d.GetOk("filter"); ok {
+ payload["filter"] = v.(string)
+ }
+
+ if v, ok := d.GetOk("filter_settings"); ok {
+ filters, ok := v.(map[string]interface{})
+ if ok {
+
+ filtersMapToReturn := make(map[string]interface{})
+
+ packetSearchMap := make(map[string]interface{})
+
+ if val, ok := filters["search_mode"]; ok {
+ filtersMapToReturn["search-mode"] = val
+ } else {
+ filtersMapToReturn["search-mode"] = "general"
+ }
+
+ if val, ok := filters["expand_group_members"]; ok {
+ packetSearchMap["expand-group-members"] = val
+ } else {
+ packetSearchMap["expand-group-members"] = false
+ }
+
+ if val, ok := filters["expand_group_with_exclusion_members"]; ok {
+ packetSearchMap["expand-group-with-exclusion-members"] = val
+ } else {
+ packetSearchMap["expand-group-with-exclusion-members"] = false
+ }
+
+ if val, ok := filters["match_on_any"]; ok {
+ packetSearchMap["match-on-any"] = val
+ } else {
+ packetSearchMap["match-on-any"] = true
+ }
+
+ if val, ok := filters["match_on_group_with_exclusion"]; ok {
+ packetSearchMap["match-on-group-with-exclusion"] = val
+ } else {
+ packetSearchMap["match-on-group-with-exclusion"] = true
+ }
+
+ if val, ok := filters["match_on_negate"]; ok {
+ packetSearchMap["match-on-negate"] = val
+ } else {
+ packetSearchMap["match-on-negate"] = true
+ }
+
+ filtersMapToReturn["packet-search-settings"] = packetSearchMap
+ payload["filter-settings"] = filtersMapToReturn
+ }
+ }
+ if v, ok := d.GetOk("limit"); ok {
+ payload["limit"] = v.(int)
+ }
+
+ if v, ok := d.GetOk("offset"); ok {
+ payload["offset"] = v.(int)
+ }
+
+ useObjDict := true
+ if v, ok := d.GetOkExists("use_object_dictionary"); ok {
+ payload["use-object-dictionary"] = v.(bool)
+ useObjDict = v.(bool)
+ }
+
+ showThreatRuleExceptionRuleBaseRes, err := client.ApiCall("show-threat-rule-exception-rulebase", payload, client.GetSessionID(), true, client.IsProxyUsed())
+ if err != nil {
+ return fmt.Errorf(err.Error())
+ }
+ if !showThreatRuleExceptionRuleBaseRes.Success {
+ return fmt.Errorf(showThreatRuleExceptionRuleBaseRes.ErrorMsg)
+ }
+ threatRuleExceptionRuleBase := showThreatRuleExceptionRuleBaseRes.GetData()
+
+ log.Println("Read ruleBaseJson - Show JSON = ", threatRuleExceptionRuleBase)
+
+ if v := threatRuleExceptionRuleBase["uid"]; v != nil {
+ _ = d.Set("uid", v)
+ d.SetId(v.(string))
+ }
+ if v := threatRuleExceptionRuleBase["name"]; v != nil {
+ _ = d.Set("name", v)
+ }
+ if v := threatRuleExceptionRuleBase["from"]; v != nil {
+
+ val := v.(float64)
+
+ _ = d.Set("from", int(val))
+ }
+
+ if threatRuleExceptionRuleBase["rulebase"] != nil {
+
+ threatRuleExceptionRuleBaseList := threatRuleExceptionRuleBase["rulebase"].([]interface{})
+
+ var ruleBaseArrToReturn []map[string]interface{}
+
+ if len(threatRuleExceptionRuleBaseList) > 0 {
+
+ for i := range threatRuleExceptionRuleBaseList {
+
+ threatRuleExceptionRuleBaseMap := threatRuleExceptionRuleBaseList[i].(map[string]interface{})
+
+ payload := make(map[string]interface{})
+
+ if v := threatRuleExceptionRuleBaseMap["name"]; v != nil {
+ payload["name"] = v.(string)
+ }
+ if v := threatRuleExceptionRuleBaseMap["type"]; v != nil {
+ payload["type"] = v.(string)
+ }
+ if v := threatRuleExceptionRuleBaseMap["uid"]; v != nil {
+ payload["uid"] = v.(string)
+ }
+ if v := threatRuleExceptionRuleBaseMap["from"]; v != nil {
+ payload["from"] = int(v.(float64))
+ }
+ if v := threatRuleExceptionRuleBaseMap["to"]; v != nil {
+ payload["to"] = int(v.(float64))
+ }
+ if v := threatRuleExceptionRuleBaseMap["rulebase"]; v != nil {
+ ruleBaseList := v.([]interface{})
+ var ruleBaseListToReturn []map[string]interface{}
+ if len(ruleBaseList) > 0 {
+ for i := range ruleBaseList {
+ ruleBaseObj := ruleBaseList[i].(map[string]interface{})
+ innerPayload := make(map[string]interface{})
+ if v := ruleBaseObj["name"]; v != nil {
+ innerPayload["name"] = v
+ }
+ if v := ruleBaseObj["type"]; v != nil {
+ innerPayload["type"] = v
+ }
+ if v := ruleBaseObj["uid"]; v != nil {
+ innerPayload["uid"] = v
+ }
+ if v := ruleBaseObj["source-negate"]; v != nil {
+ innerPayload["source_negate"] = v.(bool)
+ }
+ if v := ruleBaseObj["service-negate"]; v != nil {
+ innerPayload["service_negate"] = v.(bool)
+ }
+ if v := ruleBaseObj["destination-negate"]; v != nil {
+ innerPayload["destination_negate"] = v.(bool)
+ }
+ if v := ruleBaseObj["protected-scope-negate"]; v != nil {
+ innerPayload["protected_scope_negate"] = v.(bool)
+ }
+ if useObjDict {
+ if v := ruleBaseObj["source"]; v != nil {
+ innerPayload["source"] = v
+ }
+ if v := ruleBaseObj["action"]; v != nil {
+ innerPayload["action"] = v.(string)
+ }
+ if v := ruleBaseObj["track"]; v != nil {
+ innerPayload["track"] = v.(string)
+ }
+ if v := ruleBaseObj["service"]; v != nil {
+ innerPayload["service"] = v
+ }
+ if v := ruleBaseObj["destination"]; v != nil {
+ innerPayload["destination"] = v
+ }
+ if v := ruleBaseObj["protected-scope"]; v != nil {
+ innerPayload["protected_scope"] = v
+ }
+ if v := ruleBaseObj["install-on"]; v != nil {
+ innerPayload["install_on"] = v
+ }
+ if v := ruleBaseObj["protection-or-site"]; v != nil {
+ innerPayload["protection_or_site"] = v
+ }
+ } else {
+ if v := ruleBaseObj["action"]; v != nil {
+ innerPayload["action"] = v.(map[string]interface{})["name"]
+ }
+ if v := ruleBaseObj["track"]; v != nil {
+ innerPayload["track"] = v.(map[string]interface{})["name"]
+ }
+ if v := ruleBaseObj["source"]; v != nil {
+ sourceJson := v.([]interface{})
+ sourceNames := make([]string, 0)
+ if len(sourceJson) > 0 {
+ for _, source := range sourceJson {
+ source := source.(map[string]interface{})
+ sourceNames = append(sourceNames, source["name"].(string))
+ }
+ }
+ _, sourceInConf := d.GetOk("source")
+ if sourceNames[0] == "Any" && !sourceInConf {
+ innerPayload["source"] = []interface{}{}
+ } else {
+ innerPayload["source"] = sourceNames
+ }
+ }
+ if v := ruleBaseObj["service"]; v != nil {
+
+ serviceJson := v.([]interface{})
+ serviceJsonNames := make([]string, 0)
+ if len(serviceJson) > 0 {
+ for _, service := range serviceJson {
+ service := service.(map[string]interface{})
+ serviceJsonNames = append(serviceJsonNames, service["name"].(string))
+ }
+ }
+ _, serviceInConf := d.GetOk("service")
+ if serviceJsonNames[0] == "Any" && !serviceInConf {
+ innerPayload["service"] = []interface{}{}
+ } else {
+ innerPayload["service"] = serviceJsonNames
+ }
+ }
+ if v := ruleBaseObj["destination"]; v != nil {
+ destinationJson := v.([]interface{})
+ destinationNames := make([]string, 0)
+ if len(destinationJson) > 0 {
+ for _, destination := range destinationJson {
+ destination := destination.(map[string]interface{})
+ destinationNames = append(destinationNames, destination["name"].(string))
+ }
+ }
+ _, destinationInConf := d.GetOk("destination")
+ if destinationNames[0] == "Any" && !destinationInConf {
+ innerPayload["destination"] = []interface{}{}
+ } else {
+ innerPayload["destination"] = destinationNames
+ }
+ }
+ if v := ruleBaseObj["protected-scope"]; v != nil {
+ protectedScopeJson := v.([]interface{})
+ protectedScopeNames := make([]string, 0)
+ if len(protectedScopeJson) > 0 {
+ for _, protectedScope := range protectedScopeJson {
+ protectedScope := protectedScope.(map[string]interface{})
+ protectedScopeNames = append(protectedScopeNames, protectedScope["name"].(string))
+ }
+ }
+ _, protectedScopeInConf := d.GetOk("protected_scope")
+ if protectedScopeNames[0] == "Any" && !protectedScopeInConf {
+ innerPayload["protected_scope"] = []interface{}{}
+ } else {
+ innerPayload["protected_scope"] = protectedScopeNames
+ }
+ }
+ if v := ruleBaseObj["install-on"]; v != nil {
+ installOnJson := v.([]interface{})
+ installOnJsonNames := make([]string, 0)
+ if len(installOnJson) > 0 {
+ for _, installOn := range installOnJson {
+ installOn := installOn.(map[string]interface{})
+ installOnJsonNames = append(installOnJsonNames, installOn["name"].(string))
+ }
+ }
+ _, installOnInConf := d.GetOk("install_on")
+ if installOnJsonNames[0] == "Policy Targets" && !installOnInConf {
+ innerPayload["install_on"] = []interface{}{}
+ } else {
+ innerPayload["install_on"] = installOnJsonNames
+ }
+ }
+ if v := ruleBaseObj["protection-or-site"]; v != nil {
+ protectionOrSiteJson := v.([]interface{})
+ protectionOrSiteIds := make([]string, 0)
+ if len(protectionOrSiteJson) > 0 {
+ for _, protectionOrSite := range protectionOrSiteJson {
+ protectionOrSite := protectionOrSite.(map[string]interface{})
+ protectionOrSiteIds = append(protectionOrSiteIds, protectionOrSite["name"].(string))
+ }
+ }
+ _, protectionOrSiteInConf := d.GetOk("protection_or_site")
+ if protectionOrSiteIds[0] == "Any" && !protectionOrSiteInConf {
+ innerPayload["protection_or_site"] = []interface{}{}
+ } else {
+ innerPayload["protection_or_site"] = protectionOrSiteIds
+ }
+ }
+ }
+ ruleBaseListToReturn = append(ruleBaseListToReturn, innerPayload)
+ }
+ }
+ payload["rulebase"] = ruleBaseListToReturn
+ }
+ ruleBaseArrToReturn = append(ruleBaseArrToReturn, payload)
+ }
+ }
+ d.Set("rulebase", ruleBaseArrToReturn)
+ }
+ if useObjDict {
+ if v := threatRuleExceptionRuleBase["objects-dictionary"]; v != nil {
+ var listOfObjectToReturn []map[string]interface{}
+ objectDictionaryList := v.([]interface{})
+ if len(objectDictionaryList) > 0 {
+ for i := range objectDictionaryList {
+ objDict := objectDictionaryList[i].(map[string]interface{})
+ payload := make(map[string]interface{})
+ if v := objDict["name"]; v != nil {
+ payload["name"] = v.(string)
+ }
+ if v := objDict["type"]; v != nil {
+ payload["type"] = v.(string)
+ }
+ if v := objDict["uid"]; v != nil {
+ payload["uid"] = v.(string)
+ }
+ listOfObjectToReturn = append(listOfObjectToReturn, payload)
+ }
+ }
+ d.Set("objects_dictionary", listOfObjectToReturn)
+ }
+ }
+ if v := threatRuleExceptionRuleBase["to"]; v != nil {
+ val := v.(float64)
+ _ = d.Set("to", int(val))
+ }
+ if v := threatRuleExceptionRuleBase["total"]; v != nil {
+ val := v.(float64)
+ _ = d.Set("total", int(val))
+ }
+ return nil
+}
diff --git a/checkpoint/data_source_checkpoint_management_show_threat_rule_exception_rulebase_test.go b/checkpoint/data_source_checkpoint_management_show_threat_rule_exception_rulebase_test.go
new file mode 100644
index 00000000..aaed6059
--- /dev/null
+++ b/checkpoint/data_source_checkpoint_management_show_threat_rule_exception_rulebase_test.go
@@ -0,0 +1,99 @@
+package checkpoint
+
+import (
+ "fmt"
+ checkpoint "github.com/CheckPointSW/cp-mgmt-api-go-sdk/APIFiles"
+ "github.com/hashicorp/terraform-plugin-sdk/helper/acctest"
+ "github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+ "github.com/hashicorp/terraform-plugin-sdk/terraform"
+ "log"
+ "os"
+ "testing"
+)
+
+func TestAccDataSourceCheckpointManagementShowThreatRuleExceptionRuleBase_basic(t *testing.T) {
+
+ objName := "tfTestManagementDataThreatRuleExceptionRulebase" + acctest.RandString(6)
+ var showObjectsQuery map[string]interface{}
+ dataSourceShowObjects := "data.checkpoint_management_threat_rule_exception_rulebase.data"
+
+ context := os.Getenv("CHECKPOINT_CONTEXT")
+ if context != "web_api" {
+ t.Skip("Skipping management test")
+ }
+
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() { testAccPreCheck(t) },
+ Providers: testAccProviders,
+ Steps: []resource.TestStep{
+ {
+ Config: testAccDataSourceManagementShowThreatRuleExceptionRuleBaseConfig(objName),
+ Check: resource.ComposeTestCheckFunc(
+ testAccCheckCheckpointThreatRuleExceptionRulebase(dataSourceShowObjects, &showObjectsQuery, objName),
+ testAccCheckCheckpointThreatRuleExceptionRulebaseAttributes(&showObjectsQuery, objName),
+ ),
+ },
+ },
+ })
+}
+
+func testAccCheckCheckpointThreatRuleExceptionRulebaseAttributes(showThreatExceptionRulebaseMap *map[string]interface{}, objName string) resource.TestCheckFunc {
+ return func(s *terraform.State) error {
+
+ showAccessRulebaseMap := *showThreatExceptionRulebaseMap
+ if showAccessRulebaseMap == nil {
+ return fmt.Errorf("showThreatRuleExcpetionRulebaseMap is nil")
+ }
+
+ name := showAccessRulebaseMap["rulebase"].([]interface{})[0].(map[string]interface{})["rulebase"].([]interface{})[0].(map[string]interface{})["name"]
+
+ if name != objName {
+ return fmt.Errorf("rule name is %s. while expected name is %s\n", name, objName)
+ }
+ log.Println("rule name match.")
+ return nil
+ }
+}
+
+func testAccCheckCheckpointThreatRuleExceptionRulebase(resourceTfName string, res *map[string]interface{}, filter string) resource.TestCheckFunc {
+ return func(s *terraform.State) error {
+
+ rs, ok := s.RootModule().Resources[resourceTfName]
+ if !ok {
+ return fmt.Errorf("show-threat-rule-exception-rulebase data source not found: %s", resourceTfName)
+ }
+
+ if rs.Primary.ID == "" {
+ return fmt.Errorf("show-threat-rule-exception-rulebase data source ID is not set")
+ }
+
+ client := testAccProvider.Meta().(*checkpoint.ApiClient)
+ response, _ := client.ApiCall("show-threat-rule-exception-rulebase", map[string]interface{}{"name": "Standard Threat Prevention", "rule-name": "rule1", "use-object-dictionary": "false"}, client.GetSessionID(), true, client.IsProxyUsed())
+ if !response.Success {
+ return fmt.Errorf(response.ErrorMsg)
+ }
+
+ *res = response.GetData()
+
+ return nil
+ }
+}
+
+func testAccDataSourceManagementShowThreatRuleExceptionRuleBaseConfig(objName string) string {
+ return fmt.Sprintf(`
+
+ resource "checkpoint_management_threat_exception" "threat_exception" {
+ name = "%s"
+ position = {top = "top"}
+ exception_group_name = "Global Exceptions"
+ track = "Log"
+ service = ["AH", "AOL"]
+
+}
+data "checkpoint_management_threat_rule_exception_rulebase" "data" {
+ name = "Standard Threat Prevention"
+ rule_number = 1
+
+}
+`, objName)
+}
diff --git a/checkpoint/data_source_checkpoint_management_simple_cluster.go b/checkpoint/data_source_checkpoint_management_simple_cluster.go
index 2c611880..64de6110 100644
--- a/checkpoint/data_source_checkpoint_management_simple_cluster.go
+++ b/checkpoint/data_source_checkpoint_management_simple_cluster.go
@@ -1954,14 +1954,7 @@ func dataSourceManagementSimpleClusterRead(d *schema.ResourceData, m interface{}
if cluster["fetch-policy"] != nil {
fetchPolicyJson, ok := cluster["fetch-policy"].([]interface{})
if ok {
- fetchPolicyIds := make([]string, 0)
- if len(fetchPolicyJson) > 0 {
- for _, fetch_policy := range fetchPolicyJson {
- fetch_policy := fetch_policy.(map[string]interface{})
- fetchPolicyIds = append(fetchPolicyIds, fetch_policy["name"].(string))
- }
- }
- _ = d.Set("fetch_policy", fetchPolicyIds)
+ _ = d.Set("fetch_policy", fetchPolicyJson)
}
} else {
_ = d.Set("fetch_policy", nil)
diff --git a/checkpoint/data_source_checkpoint_management_smart_task.go b/checkpoint/data_source_checkpoint_management_smart_task.go
new file mode 100644
index 00000000..d6960438
--- /dev/null
+++ b/checkpoint/data_source_checkpoint_management_smart_task.go
@@ -0,0 +1,482 @@
+package checkpoint
+
+import (
+ "fmt"
+ checkpoint "github.com/CheckPointSW/cp-mgmt-api-go-sdk/APIFiles"
+ "github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+ "log"
+)
+
+func dataSourceManagementSmartTask() *schema.Resource {
+ return &schema.Resource{
+ Read: dataSourceManagementSmartTaskRead,
+ Schema: map[string]*schema.Schema{
+ "uid": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Object unique identifier.",
+ },
+ "name": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Object name.",
+ },
+ "action": {
+ Type: schema.TypeList,
+ Computed: true,
+ Description: "The action to be run when the trigger is fired.",
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "send_web_request": {
+ Type: schema.TypeList,
+ Computed: true,
+ Description: "When the trigger is fired, sends an HTTPS POST web request to the configured URL.
The trigger data will be passed along with the SmartTask's custom data in the request's payload.",
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "URL used for the web request.",
+ },
+ "fingerprint": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "The SHA1 fingerprint of the URL's SSL certificate. Used to trust servers with self-signed SSL certificates.",
+ },
+ "override_proxy": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "Option to send to the web request via a proxy other than the Management's Server proxy (if defined).",
+ },
+ "proxy_url": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "URL of the proxy used to send the request.",
+ },
+ "shared_secret": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Shared secret that can be used by the target server to identify the Management Server.
The value will be sent as part of the request in the \"X-chkp-shared-secret\" header.",
+ },
+ "time_out": {
+ Type: schema.TypeInt,
+ Computed: true,
+ Description: "Web Request time-out in seconds.",
+ },
+ },
+ },
+ },
+ "run_script": {
+ Type: schema.TypeList,
+ Computed: true,
+ Description: "When the trigger is fired, runs the configured Repository Script on the defined targets.
The trigger data is then passed to the script as the first parameter. The parameter is JSON encoded in Base64 format.",
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "repository_script": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Repository script that is executed when the trigger is fired., identified by the name or UID.",
+ },
+ "targets": {
+ Type: schema.TypeSet,
+ Computed: true,
+ Description: "Targets to execute the script on.",
+ Elem: &schema.Schema{
+ Type: schema.TypeString,
+ },
+ },
+ "time_out": {
+ Type: schema.TypeInt,
+ Computed: true,
+ Description: "Script execution time-out in seconds.",
+ },
+ },
+ },
+ },
+ "send_mail": {
+ Type: schema.TypeList,
+ Computed: true,
+ Description: "When the trigger is fired, sends the configured email to the defined recipients.",
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "mail_settings": {
+ Type: schema.TypeList,
+ Computed: true,
+ Description: "The required settings to send the mail by.",
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "recipients": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "A comma separated list of recipient mail addresses.",
+ },
+ "sender_email": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "An email address to send the mail from.",
+ },
+ "subject": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "The email subject.",
+ },
+ "body": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "The email body.",
+ },
+ "attachment": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "What file should be attached to the mail.",
+ },
+ "bcc_recipients": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "A comma separated list of bcc recipient mail addresses.",
+ },
+ "cc_recipients": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "A comma separated list of cc recipient mail addresses.",
+ },
+ },
+ },
+ },
+ "smtp_server": {
+ Type: schema.TypeList,
+ Computed: true,
+ Description: "The UID or the name a preconfigured SMTP server object.",
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Object name. Must be unique in the domain",
+ },
+ "port": {
+ Type: schema.TypeInt,
+ Computed: true,
+ Description: "The SMTP port to use.",
+ },
+ "server": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "The SMTP server address.",
+ },
+ "authentication": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "Does the mail server requires authentication.",
+ },
+ "encryption": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Encryption type.",
+ },
+ "username": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "A username for the SMTP server.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "trigger": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Trigger type associated with the SmartTask.",
+ },
+ "custom_data": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Per SmartTask custom data in JSON format.
When the trigger is fired, the trigger data is converted to JSON. The custom data is then concatenated to the trigger data JSON.",
+ },
+ "description": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Description of the SmartTask's functionality and options.",
+ },
+ "enabled": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "Whether the SmartTask is enabled and will run when triggered.",
+ },
+ "fail_open": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "If the action fails to execute, whether to treat the execution failure as an error, or continue.",
+ },
+ "tags": {
+ Type: schema.TypeSet,
+ Computed: true,
+ Description: "Collection of tag identifiers.",
+ Elem: &schema.Schema{
+ Type: schema.TypeString,
+ },
+ },
+ "color": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Color of the object. Should be one of existing colors.",
+ },
+ "comments": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Comments string.",
+ },
+ "ignore_warnings": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "Apply changes ignoring warnings.",
+ },
+ "ignore_errors": {
+ Type: schema.TypeBool,
+ Computed: true,
+ Description: "Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.",
+ },
+ },
+ }
+
+}
+func dataSourceManagementSmartTaskRead(d *schema.ResourceData, m interface{}) error {
+
+ client := m.(*checkpoint.ApiClient)
+
+ name := d.Get("name").(string)
+ uid := d.Get("uid").(string)
+
+ payload := make(map[string]interface{})
+
+ if name != "" {
+ payload["name"] = name
+ } else if uid != "" {
+ payload["uid"] = uid
+ }
+
+ showSmartTaskRes, err := client.ApiCall("show-smart-task", payload, client.GetSessionID(), true, client.IsProxyUsed())
+ if err != nil {
+ return fmt.Errorf(err.Error())
+ }
+ if !showSmartTaskRes.Success {
+ return fmt.Errorf(showSmartTaskRes.ErrorMsg)
+ }
+
+ smartTask := showSmartTaskRes.GetData()
+
+ log.Println("smart task is ", smartTask)
+
+ if v := smartTask["uid"]; v != nil {
+ _ = d.Set("uid", v)
+ d.SetId(v.(string))
+ }
+
+ if v := smartTask["name"]; v != nil {
+ _ = d.Set("name", v)
+ }
+
+ if smartTask["action"] != nil {
+
+ actionMap, ok := smartTask["action"].(map[string]interface{})
+
+ if ok {
+ actionMapToReturn := make(map[string]interface{})
+
+ if v, ok := actionMap["send-web-request"]; ok {
+
+ sendWebRequestMap, ok := v.(map[string]interface{})
+ if ok {
+ sendWebRequestMapToReturn := make(map[string]interface{})
+
+ if v, _ := sendWebRequestMap["url"]; v != nil {
+ sendWebRequestMapToReturn["url"] = v
+ }
+ if v, _ := sendWebRequestMap["fingerprint"]; v != nil {
+ sendWebRequestMapToReturn["fingerprint"] = v
+ }
+ if v, _ := sendWebRequestMap["override-proxy"]; v != nil {
+ sendWebRequestMapToReturn["override_proxy"] = v
+ }
+ if v, _ := sendWebRequestMap["proxy-url"]; v != nil {
+ sendWebRequestMapToReturn["proxy_url"] = v
+ }
+ if v, _ := sendWebRequestMap["shared-secret"]; v != nil {
+ sendWebRequestMapToReturn["shared_secret"] = v
+ }
+ if v, _ := sendWebRequestMap["time-out"]; v != nil {
+ sendWebRequestMapToReturn["time_out"] = v
+ }
+ actionMapToReturn["send_web_request"] = []interface{}{sendWebRequestMapToReturn}
+ }
+ }
+ if v, ok := actionMap["run-script"]; ok {
+
+ runScriptMap, ok := v.(map[string]interface{})
+ if ok {
+ runScriptMapToReturn := make(map[string]interface{})
+
+ if v, _ := runScriptMap["repository-script"]; v != nil {
+
+ payload := v.(map[string]interface{})
+
+ if v := payload["name"]; v != nil {
+ runScriptMapToReturn["repository_script"] = v.(string)
+ }
+
+ }
+ if v, _ := runScriptMap["targets"]; v != nil {
+ runScriptMapToReturn["targets"] = v
+ }
+ if v, _ := runScriptMap["time-out"]; v != nil {
+ runScriptMapToReturn["time_out"] = v
+ }
+ actionMapToReturn["run_script"] = []interface{}{runScriptMapToReturn}
+ }
+ }
+ if v, ok := actionMap["send-mail"]; ok {
+
+ sendMailMap, ok := v.(map[string]interface{})
+ if ok {
+ sendMailMapToReturn := make(map[string]interface{})
+
+ if v, _ := sendMailMap["mail-settings"]; v != nil {
+
+ innerMap := v.(map[string]interface{})
+
+ res := make(map[string]interface{})
+
+ if v := innerMap["recipients"]; v != nil {
+ res["recipients"] = v
+ }
+ if v := innerMap["sender-email"]; v != nil {
+ res["sender_email"] = v
+ }
+ if v := innerMap["subject"]; v != nil {
+ res["subject"] = v
+ }
+ if v := innerMap["body"]; v != nil {
+ res["body"] = v
+ }
+ if v := innerMap["attachment"]; v != nil {
+ res["attachment"] = v
+ }
+ if v := innerMap["bcc-recipients"]; v != nil {
+ res["bcc_recipients"] = v
+ }
+ if v := innerMap["cc-recipients"]; v != nil {
+ res["cc_recipients"] = v
+ }
+ sendMailMapToReturn["mail_settings"] = []interface{}{res}
+ }
+ if v, _ := sendMailMap["smtp-server"]; v != nil {
+
+ innerMap := v.(map[string]interface{})
+
+ res := make(map[string]interface{})
+
+ if v := innerMap["name"]; v != nil {
+ res["name"] = v
+ }
+ if v := innerMap["port"]; v != nil {
+ res["port"] = v
+ }
+ if v := innerMap["server"]; v != nil {
+ res["server"] = v
+ }
+
+ if v := innerMap["authentication"]; v != nil {
+ res["authentication"] = v
+ }
+ if v := innerMap["encryption"]; v != nil {
+ res["encryption"] = v
+ }
+ if v := innerMap["username"]; v != nil {
+ res["username"] = v
+ }
+ sendMailMapToReturn["smtp_server"] = []interface{}{res}
+ }
+ actionMapToReturn["send_mail"] = []interface{}{sendMailMapToReturn}
+ }
+ }
+
+ err = d.Set("action", []interface{}{actionMapToReturn})
+ if err != nil {
+ return fmt.Errorf(err.Error())
+ }
+ }
+ } else {
+ _ = d.Set("action", nil)
+ }
+
+ if v := smartTask["trigger"]; v != nil {
+ payload := v.(map[string]interface{})
+
+ if v := payload["name"]; v != nil {
+
+ _ = d.Set("trigger", v.(string))
+ }
+
+ }
+
+ if v := smartTask["custom-data"]; v != nil {
+ _ = d.Set("custom_data", v)
+ }
+
+ if v := smartTask["description"]; v != nil {
+ _ = d.Set("description", v)
+ }
+
+ if v := smartTask["enabled"]; v != nil {
+ _ = d.Set("enabled", v)
+ }
+
+ if v := smartTask["fail-open"]; v != nil {
+ _ = d.Set("fail_open", v)
+ }
+
+ if smartTask["tags"] != nil {
+ tagsJson, ok := smartTask["tags"].([]interface{})
+ if ok {
+ tagsIds := make([]string, 0)
+ if len(tagsJson) > 0 {
+ for _, tags := range tagsJson {
+ tags := tags.(map[string]interface{})
+ tagsIds = append(tagsIds, tags["name"].(string))
+ }
+ }
+ _ = d.Set("tags", tagsIds)
+ }
+ } else {
+ _ = d.Set("tags", nil)
+ }
+
+ if v := smartTask["color"]; v != nil {
+ _ = d.Set("color", v)
+ }
+
+ if v := smartTask["comments"]; v != nil {
+ _ = d.Set("comments", v)
+ }
+
+ if v := smartTask["ignore-warnings"]; v != nil {
+ _ = d.Set("ignore_warnings", v)
+ }
+
+ if v := smartTask["ignore-errors"]; v != nil {
+ _ = d.Set("ignore_errors", v)
+ }
+
+ return nil
+}
diff --git a/checkpoint/data_source_checkpoint_management_smart_task_test.go b/checkpoint/data_source_checkpoint_management_smart_task_test.go
new file mode 100644
index 00000000..43802983
--- /dev/null
+++ b/checkpoint/data_source_checkpoint_management_smart_task_test.go
@@ -0,0 +1,62 @@
+package checkpoint
+
+import (
+ "fmt"
+ "github.com/hashicorp/terraform-plugin-sdk/helper/acctest"
+ "github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+ "os"
+ "testing"
+)
+
+func TestAccDataSourceCheckpointManagementSmartTask_basic(t *testing.T) {
+
+ objName := "tfTestManagementDataServiceIcmp6_" + acctest.RandString(6)
+ resourceName := "checkpoint_management_smart_task.test"
+ dataSourceName := "data.checkpoint_management_smart_task.data_test"
+
+ context := os.Getenv("CHECKPOINT_CONTEXT")
+ if context != "web_api" {
+ t.Skip("Skipping management test")
+ }
+
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() { testAccPreCheck(t) },
+ Providers: testAccProviders,
+ Steps: []resource.TestStep{
+ {
+ Config: testAccDataSourceManagementSmartTaskConfig(objName),
+ Check: resource.ComposeTestCheckFunc(
+ resource.TestCheckResourceAttrPair(dataSourceName, "name", resourceName, "name"),
+ resource.TestCheckResourceAttrPair(dataSourceName, "action", resourceName, "action"),
+ resource.TestCheckResourceAttrPair(dataSourceName, "trigger", resourceName, "trigger"),
+ ),
+ },
+ },
+ })
+}
+
+func testAccDataSourceManagementSmartTaskConfig(name string) string {
+ return fmt.Sprintf(`
+ resource "checkpoint_management_smart_task" "test" {
+
+ name = "%s"
+ trigger = "Before Publish"
+ description = "my smart task"
+ action {
+
+ send_web_request {
+ url = "https://demo.example.com/policy-installation-reports"
+ fingerprint = "8023a5652ba2c8f5b0902363a5314cd2b4fdbc5c"
+ override_proxy = true
+ proxy_url = "https://demo.example.com/policy-installation-reports"
+ time_out = 200
+ shared_secret = " secret"
+ }
+ }
+ enabled = true
+}
+data "checkpoint_management_smart_task" "data_test" {
+ name = "${checkpoint_management_smart_task.test.name}"
+}
+`, name)
+}
diff --git a/checkpoint/provider.go b/checkpoint/provider.go
index dfd9f36f..d25d2a1c 100644
--- a/checkpoint/provider.go
+++ b/checkpoint/provider.go
@@ -111,6 +111,9 @@ func Provider() terraform.ResourceProvider {
},
},
ResourcesMap: map[string]*schema.Resource{
+ "checkpoint_management_service_gtp": resourceManagementServiceGtp(),
+ "checkpoint_management_smart_task": resourceManagementSmartTask(),
+ "checkpoint_management_server_certificate": resourceManagementServerCertificate(),
"checkpoint_management_host": resourceManagementHost(),
"checkpoint_management_network": resourceManagementNetwork(),
"checkpoint_management_wildcard": resourceManagementWildcard(),
@@ -278,6 +281,11 @@ func Provider() terraform.ResourceProvider {
"checkpoint_management_global_assignment": resourceManagementGlobalAssignment(),
},
DataSourcesMap: map[string]*schema.Resource{
+
+ "checkpoint_management_threat_rule_exception_rulebase": dataSourceManagementShowThreatRuleExceptionRuleBase(),
+ "checkpoint_management_smart_task": dataSourceManagementSmartTask(),
+ "checkpoint_management_service_gtp": dataSourceManagementServiceGtp(),
+ "checkpoint_management_server_certificate": dataSourceManagementServerCertificate(),
"checkpoint_management_data_host": dataSourceManagementHost(),
"checkpoint_management_data_network": dataSourceManagementNetwork(),
"checkpoint_management_data_group": dataSourceManagementGroup(),
diff --git a/checkpoint/resource_checkpoint_management_access_layer.go b/checkpoint/resource_checkpoint_management_access_layer.go
index 4b5eabf8..588d6c07 100644
--- a/checkpoint/resource_checkpoint_management_access_layer.go
+++ b/checkpoint/resource_checkpoint_management_access_layer.go
@@ -359,6 +359,14 @@ func deleteManagementAccessLayer(d *schema.ResourceData, m interface{}) error {
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ accessLayerPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ accessLayerPayload["ignore-errors"] = v.(bool)
+ }
+
log.Println("Delete AccessLayer")
deleteAccessLayerRes, err := client.ApiCall("delete-access-layer", accessLayerPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_access_point_name.go b/checkpoint/resource_checkpoint_management_access_point_name.go
index e6db01af..388513ed 100644
--- a/checkpoint/resource_checkpoint_management_access_point_name.go
+++ b/checkpoint/resource_checkpoint_management_access_point_name.go
@@ -299,7 +299,13 @@ func deleteManagementAccessPointName(d *schema.ResourceData, m interface{}) erro
accessPointNamePayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ accessPointNamePayload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ accessPointNamePayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete AccessPointName")
deleteAccessPointNameRes, err := client.ApiCall("delete-access-point-name", accessPointNamePayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_access_role.go b/checkpoint/resource_checkpoint_management_access_role.go
index dcb2890c..b38ba72e 100644
--- a/checkpoint/resource_checkpoint_management_access_role.go
+++ b/checkpoint/resource_checkpoint_management_access_role.go
@@ -568,6 +568,14 @@ func deleteManagementAccessRole(d *schema.ResourceData, m interface{}) error {
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ accessRolePayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ accessRolePayload["ignore-errors"] = v.(bool)
+ }
+
log.Println("Delete AccessRole")
deleteAccessRoleRes, err := client.ApiCall("delete-access-role", accessRolePayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_access_section.go b/checkpoint/resource_checkpoint_management_access_section.go
index f178d1ae..1e249c08 100644
--- a/checkpoint/resource_checkpoint_management_access_section.go
+++ b/checkpoint/resource_checkpoint_management_access_section.go
@@ -236,6 +236,14 @@ func deleteManagementAccessSection(d *schema.ResourceData, m interface{}) error
"layer": d.Get("layer"),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ accessSectionPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ accessSectionPayload["ignore-errors"] = v.(bool)
+ }
+
log.Println("Delete AccessSection")
deleteAccessSectionRes, err := client.ApiCall("delete-access-section", accessSectionPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_aci_data_center_server.go b/checkpoint/resource_checkpoint_management_aci_data_center_server.go
index 59cbce31..4bb701fc 100644
--- a/checkpoint/resource_checkpoint_management_aci_data_center_server.go
+++ b/checkpoint/resource_checkpoint_management_aci_data_center_server.go
@@ -348,6 +348,14 @@ func deleteManagementAciDataCenterServer(d *schema.ResourceData, m interface{})
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ aciDataCenterServerPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ aciDataCenterServerPayload["ignore-errors"] = v.(bool)
+ }
+
log.Println("Delete aciDataCenterServer")
deleteAciDataCenterServerRes, err := client.ApiCall("delete-data-center-server", aciDataCenterServerPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_address_range.go b/checkpoint/resource_checkpoint_management_address_range.go
index d9b3406e..664841f5 100644
--- a/checkpoint/resource_checkpoint_management_address_range.go
+++ b/checkpoint/resource_checkpoint_management_address_range.go
@@ -411,6 +411,13 @@ func deleteManagementAddressRange(d *schema.ResourceData, m interface{}) error {
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ addressRangePayload["ignore-errors"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ addressRangePayload["ignore-warnings"] = v.(bool)
+ }
+
deleteAddressRangeRes, err := client.ApiCall("delete-address-range", addressRangePayload, client.GetSessionID(), true, client.IsProxyUsed())
if err != nil || !deleteAddressRangeRes.Success {
if deleteAddressRangeRes.ErrorMsg != "" {
diff --git a/checkpoint/resource_checkpoint_management_administrator.go b/checkpoint/resource_checkpoint_management_administrator.go
index 3df2b1b8..b9f88bcb 100644
--- a/checkpoint/resource_checkpoint_management_administrator.go
+++ b/checkpoint/resource_checkpoint_management_administrator.go
@@ -491,6 +491,13 @@ func deleteManagementAdministrator(d *schema.ResourceData, m interface{}) error
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ administratorPayload["ignore-errors"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ administratorPayload["ignore-warnings"] = v.(bool)
+ }
+
deleteAdministratorRes, err := client.ApiCall("delete-administrator", administratorPayload, client.GetSessionID(), true, client.IsProxyUsed())
if err != nil || !deleteAdministratorRes.Success {
if deleteAdministratorRes.ErrorMsg != "" {
diff --git a/checkpoint/resource_checkpoint_management_application_site.go b/checkpoint/resource_checkpoint_management_application_site.go
index a172c152..5b325097 100644
--- a/checkpoint/resource_checkpoint_management_application_site.go
+++ b/checkpoint/resource_checkpoint_management_application_site.go
@@ -368,6 +368,14 @@ func deleteManagementApplicationSite(d *schema.ResourceData, m interface{}) erro
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ applicationSitePayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ applicationSitePayload["ignore-errors"] = v.(bool)
+ }
+
log.Println("Delete ApplicationSite")
deleteApplicationSiteRes, err := client.ApiCall("delete-application-site", applicationSitePayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_application_site_category.go b/checkpoint/resource_checkpoint_management_application_site_category.go
index 17a24187..15646e27 100644
--- a/checkpoint/resource_checkpoint_management_application_site_category.go
+++ b/checkpoint/resource_checkpoint_management_application_site_category.go
@@ -241,6 +241,14 @@ func deleteManagementApplicationSiteCategory(d *schema.ResourceData, m interface
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ applicationSiteCategoryPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ applicationSiteCategoryPayload["ignore-errors"] = v.(bool)
+ }
+
log.Println("Delete ApplicationSiteCategory")
deleteApplicationSiteCategoryRes, err := client.ApiCall("delete-application-site-category", applicationSiteCategoryPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_application_site_group.go b/checkpoint/resource_checkpoint_management_application_site_group.go
index 934322cc..b0052efb 100644
--- a/checkpoint/resource_checkpoint_management_application_site_group.go
+++ b/checkpoint/resource_checkpoint_management_application_site_group.go
@@ -261,6 +261,14 @@ func deleteManagementApplicationSiteGroup(d *schema.ResourceData, m interface{})
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ applicationSiteGroupPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ applicationSiteGroupPayload["ignore-errors"] = v.(bool)
+ }
+
log.Println("Delete ApplicationSiteGroup")
deleteApplicationSiteGroupRes, err := client.ApiCall("delete-application-site-group", applicationSiteGroupPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_aws_data_center_server.go b/checkpoint/resource_checkpoint_management_aws_data_center_server.go
index 8e2af7b5..738ceea9 100644
--- a/checkpoint/resource_checkpoint_management_aws_data_center_server.go
+++ b/checkpoint/resource_checkpoint_management_aws_data_center_server.go
@@ -134,7 +134,7 @@ func createManagementAwsDataCenterServer(d *schema.ResourceData, m interface{})
}
if v, ok := d.GetOk("sts_external_id"); ok {
- awsDataCenterServer["sts-external-id"] = v.(string)
+ awsDataCenterServer["custom-value"] = v.(string)
}
if v, ok := d.GetOk("tags"); ok {
@@ -352,6 +352,14 @@ func deleteManagementAwsDataCenterServer(d *schema.ResourceData, m interface{})
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ awsDataCenterServerPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ awsDataCenterServerPayload["ignore-errors"] = v.(bool)
+ }
+
log.Println("Delete awsDataCenterServer")
deleteAwsDataCenterServerRes, err := client.ApiCall("delete-data-center-server", awsDataCenterServerPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_azure_ad.go b/checkpoint/resource_checkpoint_management_azure_ad.go
index 3678ca72..12b65cc1 100644
--- a/checkpoint/resource_checkpoint_management_azure_ad.go
+++ b/checkpoint/resource_checkpoint_management_azure_ad.go
@@ -355,6 +355,14 @@ func deleteManagementAzureAd(d *schema.ResourceData, m interface{}) error {
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ azureAdPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ azureAdPayload["ignore-errors"] = v.(bool)
+ }
+
log.Println("Delete AzureAd")
deleteAzureAdRes, err := client.ApiCall("delete-azure-ad", azureAdPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_azure_data_center_server.go b/checkpoint/resource_checkpoint_management_azure_data_center_server.go
index 3f5eaf3a..685d7618 100644
--- a/checkpoint/resource_checkpoint_management_azure_data_center_server.go
+++ b/checkpoint/resource_checkpoint_management_azure_data_center_server.go
@@ -364,6 +364,14 @@ func deleteManagementAzureDataCenterServer(d *schema.ResourceData, m interface{}
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ azureDataCenterServerPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ azureDataCenterServerPayload["ignore-errors"] = v.(bool)
+ }
+
log.Println("Delete azureDataCenterServer")
deleteAzureDataCenterServerRes, err := client.ApiCall("delete-data-center-server", azureDataCenterServerPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_checkpoint_host.go b/checkpoint/resource_checkpoint_management_checkpoint_host.go
index 75882ba5..136bede1 100644
--- a/checkpoint/resource_checkpoint_management_checkpoint_host.go
+++ b/checkpoint/resource_checkpoint_management_checkpoint_host.go
@@ -1511,6 +1511,14 @@ func deleteManagementCheckpointHost(d *schema.ResourceData, m interface{}) error
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ checkpointHostPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ checkpointHostPayload["ignore-errors"] = v.(bool)
+ }
+
log.Println("Delete CheckpointHost")
deleteCheckpointHostRes, err := client.ApiCall("delete-checkpoint-host", checkpointHostPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_data_center_query.go b/checkpoint/resource_checkpoint_management_data_center_query.go
index 2db651da..29636b6a 100644
--- a/checkpoint/resource_checkpoint_management_data_center_query.go
+++ b/checkpoint/resource_checkpoint_management_data_center_query.go
@@ -387,6 +387,14 @@ func deleteManagementDataCenterQuery(d *schema.ResourceData, m interface{}) erro
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ dataCenterQueryPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ dataCenterQueryPayload["ignore-errors"] = v.(bool)
+ }
+
log.Println("Delete DataCenterQuery")
deleteDataCenterQueryRes, err := client.ApiCall("delete-data-center-query", dataCenterQueryPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_dns_domain.go b/checkpoint/resource_checkpoint_management_dns_domain.go
index 8f6a043d..ede032d4 100644
--- a/checkpoint/resource_checkpoint_management_dns_domain.go
+++ b/checkpoint/resource_checkpoint_management_dns_domain.go
@@ -241,6 +241,14 @@ func deleteManagementDnsDomain(d *schema.ResourceData, m interface{}) error {
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ dnsDomainPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ dnsDomainPayload["ignore-errors"] = v.(bool)
+ }
+
log.Println("Delete DnsDomain")
deleteDnsDomainRes, err := client.ApiCall("delete-dns-domain", dnsDomainPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_domain.go b/checkpoint/resource_checkpoint_management_domain.go
index 4ed37e3f..fc82589d 100644
--- a/checkpoint/resource_checkpoint_management_domain.go
+++ b/checkpoint/resource_checkpoint_management_domain.go
@@ -354,6 +354,14 @@ func deleteManagementDomain(d *schema.ResourceData, m interface{}) error {
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ domainPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ domainPayload["ignore-errors"] = v.(bool)
+ }
+
log.Println("Delete Domain")
deleteDomainRes, err := client.ApiCall("delete-domain", domainPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_domain_permissions_profile.go b/checkpoint/resource_checkpoint_management_domain_permissions_profile.go
index b3934a70..4ab24cdb 100644
--- a/checkpoint/resource_checkpoint_management_domain_permissions_profile.go
+++ b/checkpoint/resource_checkpoint_management_domain_permissions_profile.go
@@ -867,14 +867,14 @@ func readManagementDomainPermissionsProfile(d *schema.ResourceData, m interface{
if domainPermissionsProfile["access-control"] != nil {
defaultEventsAndReports := map[string]interface{}{
- "show-policy": "custom",
- "dlp-policy": "write",
- "geo-control-policy": "write",
- "nat-policy": "true",
- "qos-policy": "true",
- "access-control-objects-and-settings": "true",
- "app-control-and-url-filtering-update": "true",
- "install-policy": "true",
+ "show-policy": "custom",
+ "dlp-policy": "write",
+ "geo-control-policy": "write",
+ "nat-policy": "true",
+ "qos-policy": "true",
+ "access-control-objects-and-settings": "true",
+ "app-control-and-url-filtering-update": "true",
+ "install-policy": "true",
}
accessControlMap, ok := domainPermissionsProfile["access-control"].(map[string]interface{})
@@ -1651,6 +1651,14 @@ func deleteManagementDomainPermissionsProfile(d *schema.ResourceData, m interfac
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ domainPermissionsProfilePayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ domainPermissionsProfilePayload["ignore-errors"] = v.(bool)
+ }
+
log.Println("Delete DomainPermissionsProfile")
deleteDomainPermissionsProfileRes, err := client.ApiCall("delete-domain-permissions-profile", domainPermissionsProfilePayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_dynamic_global_network_object.go b/checkpoint/resource_checkpoint_management_dynamic_global_network_object.go
index 04d2f7cd..b8dad7be 100644
--- a/checkpoint/resource_checkpoint_management_dynamic_global_network_object.go
+++ b/checkpoint/resource_checkpoint_management_dynamic_global_network_object.go
@@ -220,7 +220,13 @@ func deleteManagementDynamicGlobalNetworkObject(d *schema.ResourceData, m interf
dynamicGlobalNetworkObjectPayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ dynamicGlobalNetworkObjectPayload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ dynamicGlobalNetworkObjectPayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete DynamicGlobalNetworkObject")
deleteDynamicGlobalNetworkObjectRes, err := client.ApiCall("delete-dynamic-global-network-object", dynamicGlobalNetworkObjectPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_dynamic_object.go b/checkpoint/resource_checkpoint_management_dynamic_object.go
index 3320a9d9..86def27a 100644
--- a/checkpoint/resource_checkpoint_management_dynamic_object.go
+++ b/checkpoint/resource_checkpoint_management_dynamic_object.go
@@ -223,7 +223,13 @@ func deleteManagementDynamicObject(d *schema.ResourceData, m interface{}) error
dynamicObjectPayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ dynamicObjectPayload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ dynamicObjectPayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete DynamicObject")
deleteDynamicObjectRes, err := client.ApiCall("delete-dynamic-object", dynamicObjectPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_exception_group.go b/checkpoint/resource_checkpoint_management_exception_group.go
index 47e8e516..4dfe0ec9 100644
--- a/checkpoint/resource_checkpoint_management_exception_group.go
+++ b/checkpoint/resource_checkpoint_management_exception_group.go
@@ -356,17 +356,20 @@ func updateManagementExceptionGroup(d *schema.ResourceData, m interface{}) error
Payload := make(map[string]interface{})
- if d.HasChange("applied_threat_rules." + strconv.Itoa(i) + ".layer") {
- Payload["layer"] = d.Get("applied_threat_rules." + strconv.Itoa(i) + ".layer")
+ if v, ok := d.GetOk("applied_threat_rules." + strconv.Itoa(i) + ".layer"); ok {
+ Payload["layer"] = v
}
- if d.HasChange("applied_threat_rules." + strconv.Itoa(i) + ".name") {
- Payload["name"] = d.Get("applied_threat_rules." + strconv.Itoa(i) + ".name")
+
+ if v, ok := d.GetOk("applied_threat_rules." + strconv.Itoa(i) + ".name"); ok {
+ Payload["name"] = v
}
- if d.HasChange("applied_threat_rules." + strconv.Itoa(i) + ".rule_number") {
- Payload["rule-number"] = d.Get("applied_threat_rules." + strconv.Itoa(i) + ".rule_number")
+
+ if v, ok := d.GetOk("applied_threat_rules." + strconv.Itoa(i) + ".rule_number"); ok {
+ Payload["rule_number"] = v
}
- if d.HasChange("applied_threat_rules." + strconv.Itoa(i) + ".position") {
- Payload["position"] = d.Get("applied_threat_rules." + strconv.Itoa(i) + ".position")
+
+ if v, ok := d.GetOk("applied_threat_rules." + strconv.Itoa(i) + ".position"); ok {
+ Payload["position"] = v
}
appliedThreatRulesPayload = append(appliedThreatRulesPayload, Payload)
}
@@ -431,6 +434,14 @@ func deleteManagementExceptionGroup(d *schema.ResourceData, m interface{}) error
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ exceptionGroupPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ exceptionGroupPayload["ignore-errors"] = v.(bool)
+ }
+
log.Println("Delete ExceptionGroup")
deleteExceptionGroupRes, err := client.ApiCall("delete-exception-group", exceptionGroupPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_gaia_best_practice.go b/checkpoint/resource_checkpoint_management_gaia_best_practice.go
index d9aeb3c9..ca6ed623 100644
--- a/checkpoint/resource_checkpoint_management_gaia_best_practice.go
+++ b/checkpoint/resource_checkpoint_management_gaia_best_practice.go
@@ -402,6 +402,14 @@ func deleteManagementGaiaBestPractice(d *schema.ResourceData, m interface{}) err
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ gaiaBestPracticePayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ gaiaBestPracticePayload["ignore-errors"] = v.(bool)
+ }
+
log.Println("Delete GaiaBestPractice")
deleteGaiaBestPracticeRes, err := client.ApiCall("delete-gaia-best-practice", gaiaBestPracticePayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_gcp_data_center_server.go b/checkpoint/resource_checkpoint_management_gcp_data_center_server.go
index f8d78f79..f4597b13 100644
--- a/checkpoint/resource_checkpoint_management_gcp_data_center_server.go
+++ b/checkpoint/resource_checkpoint_management_gcp_data_center_server.go
@@ -279,7 +279,13 @@ func deleteManagementGcpDataCenterServer(d *schema.ResourceData, m interface{})
gcpDataCenterServerPayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ gcpDataCenterServerPayload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ gcpDataCenterServerPayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete gcpDataCenterServer")
deleteGcpDataCenterServerRes, err := client.ApiCall("delete-data-center-server", gcpDataCenterServerPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_generic_data_center_server.go b/checkpoint/resource_checkpoint_management_generic_data_center_server.go
index b0c32176..18bffc54 100644
--- a/checkpoint/resource_checkpoint_management_generic_data_center_server.go
+++ b/checkpoint/resource_checkpoint_management_generic_data_center_server.go
@@ -324,6 +324,14 @@ func deleteManagementGenericDataCenterServer(d *schema.ResourceData, m interface
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ genericDataCenterServerPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ genericDataCenterServerPayload["ignore-errors"] = v.(bool)
+ }
+
log.Println("Delete genericDataCenterServer")
deleteGenericDataCenterServerRes, err := client.ApiCall("delete-data-center-server", genericDataCenterServerPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_group.go b/checkpoint/resource_checkpoint_management_group.go
index e60c011d..433c85f3 100644
--- a/checkpoint/resource_checkpoint_management_group.go
+++ b/checkpoint/resource_checkpoint_management_group.go
@@ -234,6 +234,14 @@ func deleteManagementGroup(d *schema.ResourceData, m interface{}) error {
payload := map[string]interface{}{
"uid": d.Id(),
}
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ payload["ignore-errors"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ payload["ignore-warnings"] = v.(bool)
+ }
+
deleteGroupRes, _ := client.ApiCall("delete-group", payload, client.GetSessionID(), true, client.IsProxyUsed())
if !deleteGroupRes.Success {
return fmt.Errorf(deleteGroupRes.ErrorMsg)
diff --git a/checkpoint/resource_checkpoint_management_group_with_exclusion.go b/checkpoint/resource_checkpoint_management_group_with_exclusion.go
index 80070847..8600ae44 100644
--- a/checkpoint/resource_checkpoint_management_group_with_exclusion.go
+++ b/checkpoint/resource_checkpoint_management_group_with_exclusion.go
@@ -258,6 +258,14 @@ func deleteManagementGroupWithExclusion(d *schema.ResourceData, m interface{}) e
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ groupWithExclusionPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ groupWithExclusionPayload["ignore-errors"] = v.(bool)
+ }
+
log.Println("Delete GroupWithExclusion")
deleteGroupWithExclusionRes, err := client.ApiCall("delete-group-with-exclusion", groupWithExclusionPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_gsn_handover_group.go b/checkpoint/resource_checkpoint_management_gsn_handover_group.go
index 37b0dea0..d9832ea1 100644
--- a/checkpoint/resource_checkpoint_management_gsn_handover_group.go
+++ b/checkpoint/resource_checkpoint_management_gsn_handover_group.go
@@ -283,6 +283,14 @@ func deleteManagementGsnHandoverGroup(d *schema.ResourceData, m interface{}) err
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ gsnHandoverGroupPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ gsnHandoverGroupPayload["ignore-errors"] = v.(bool)
+ }
+
log.Println("Delete GsnHandoverGroup")
deleteGsnHandoverGroupRes, err := client.ApiCall("delete-gsn-handover-group", gsnHandoverGroupPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_host.go b/checkpoint/resource_checkpoint_management_host.go
index 8440c91f..bb34a642 100644
--- a/checkpoint/resource_checkpoint_management_host.go
+++ b/checkpoint/resource_checkpoint_management_host.go
@@ -809,7 +809,12 @@ func deleteManagementHost(d *schema.ResourceData, m interface{}) error {
hostPayload := map[string]interface{}{
"uid": d.Id(),
}
-
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ hostPayload["ignore-errors"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ hostPayload["ignore-warnings"] = v.(bool)
+ }
deleteHostRes, err := client.ApiCall("delete-host", hostPayload, client.GetSessionID(), true, client.IsProxyUsed())
if err != nil || !deleteHostRes.Success {
if deleteHostRes.ErrorMsg != "" {
diff --git a/checkpoint/resource_checkpoint_management_https_layer.go b/checkpoint/resource_checkpoint_management_https_layer.go
index 5b72ce85..8bfbc1ed 100644
--- a/checkpoint/resource_checkpoint_management_https_layer.go
+++ b/checkpoint/resource_checkpoint_management_https_layer.go
@@ -241,7 +241,13 @@ func deleteManagementHttpsLayer(d *schema.ResourceData, m interface{}) error {
httpsLayerPayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ httpsLayerPayload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ httpsLayerPayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete HttpsLayer")
deleteHttpsLayerRes, err := client.ApiCall("delete-https-layer", httpsLayerPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_https_rule.go b/checkpoint/resource_checkpoint_management_https_rule.go
index fca91110..b420fc26 100644
--- a/checkpoint/resource_checkpoint_management_https_rule.go
+++ b/checkpoint/resource_checkpoint_management_https_rule.go
@@ -608,7 +608,13 @@ func deleteManagementHttpsRule(d *schema.ResourceData, m interface{}) error {
"uid": d.Id(),
"layer": d.Get("layer"),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ httpsRulePayload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ httpsRulePayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete HttpsRule")
deleteHttpsRuleRes, err := client.ApiCall("delete-https-rule", httpsRulePayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_identity_tag.go b/checkpoint/resource_checkpoint_management_identity_tag.go
index 93bada9e..fab987e3 100644
--- a/checkpoint/resource_checkpoint_management_identity_tag.go
+++ b/checkpoint/resource_checkpoint_management_identity_tag.go
@@ -229,6 +229,14 @@ func deleteManagementIdentityTag(d *schema.ResourceData, m interface{}) error {
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ identityTagPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ identityTagPayload["ignore-errors"] = v.(bool)
+ }
+
log.Println("Delete IdentityTag")
deleteIdentityTagRes, err := client.ApiCall("delete-identity-tag", identityTagPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_idp_administrator_group.go b/checkpoint/resource_checkpoint_management_idp_administrator_group.go
index 4eb7e546..bbd18412 100644
--- a/checkpoint/resource_checkpoint_management_idp_administrator_group.go
+++ b/checkpoint/resource_checkpoint_management_idp_administrator_group.go
@@ -358,7 +358,13 @@ func deleteManagementIdpAdministratorGroup(d *schema.ResourceData, m interface{}
idpAdministratorGroupPayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ idpAdministratorGroupPayload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ idpAdministratorGroupPayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete IdpAdministratorGroup")
deleteIdpAdministratorGroupRes, err := client.ApiCall("delete-idp-administrator-group", idpAdministratorGroupPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_interoperable_device.go b/checkpoint/resource_checkpoint_management_interoperable_device.go
index c4021c67..13e79529 100644
--- a/checkpoint/resource_checkpoint_management_interoperable_device.go
+++ b/checkpoint/resource_checkpoint_management_interoperable_device.go
@@ -811,6 +811,13 @@ func deleteManagementInteroperableDevice(d *schema.ResourceData, m interface{})
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ interoperableDevicePayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ interoperableDevicePayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete InteroperableDevice")
deleteInteroperableDeviceRes, err := client.ApiCall("delete-interoperable-device", interoperableDevicePayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_ise_data_center_server.go b/checkpoint/resource_checkpoint_management_ise_data_center_server.go
index f9f207ae..8da6a0f7 100644
--- a/checkpoint/resource_checkpoint_management_ise_data_center_server.go
+++ b/checkpoint/resource_checkpoint_management_ise_data_center_server.go
@@ -348,6 +348,14 @@ func deleteManagementIseDataCenterServer(d *schema.ResourceData, m interface{})
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ iseDataCenterServerPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ iseDataCenterServerPayload["ignore-errors"] = v.(bool)
+ }
+
log.Println("Delete iseDataCenterServer")
deleteIseDataCenterServerRes, err := client.ApiCall("delete-data-center-server", iseDataCenterServerPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_kubernetes_data_center_server.go b/checkpoint/resource_checkpoint_management_kubernetes_data_center_server.go
index 42dd4f2d..75cef2a4 100644
--- a/checkpoint/resource_checkpoint_management_kubernetes_data_center_server.go
+++ b/checkpoint/resource_checkpoint_management_kubernetes_data_center_server.go
@@ -311,6 +311,14 @@ func deleteManagementKubernetesDataCenterServer(d *schema.ResourceData, m interf
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ kubernetesDataCenterServerPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ kubernetesDataCenterServerPayload["ignore-errors"] = v.(bool)
+ }
+
log.Println("Delete kubernetesDataCenterServer")
deleteKubernetesDataCenterServerRes, err := client.ApiCall("delete-data-center-server", kubernetesDataCenterServerPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_lsv_profile.go b/checkpoint/resource_checkpoint_management_lsv_profile.go
index 63ea3cc1..17b6263a 100644
--- a/checkpoint/resource_checkpoint_management_lsv_profile.go
+++ b/checkpoint/resource_checkpoint_management_lsv_profile.go
@@ -357,7 +357,12 @@ func deleteManagementLsvProfile(d *schema.ResourceData, m interface{}) error {
lsvProfilePayload := map[string]interface{}{
"uid": d.Id(),
}
-
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ lsvProfilePayload["ignore-errors"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ lsvProfilePayload["ignore-warnings"] = v.(bool)
+ }
deleteLsvProfileRes, err := client.ApiCall("delete-lsv-profile", lsvProfilePayload, client.GetSessionID(), true, client.IsProxyUsed())
if err != nil || !deleteLsvProfileRes.Success {
if deleteLsvProfileRes.ErrorMsg != "" {
diff --git a/checkpoint/resource_checkpoint_management_md_permissions_profile.go b/checkpoint/resource_checkpoint_management_md_permissions_profile.go
index 6401f2b1..b8eacc28 100644
--- a/checkpoint/resource_checkpoint_management_md_permissions_profile.go
+++ b/checkpoint/resource_checkpoint_management_md_permissions_profile.go
@@ -485,7 +485,13 @@ func deleteManagementMdPermissionsProfile(d *schema.ResourceData, m interface{})
mdPermissionsProfilePayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ mdPermissionsProfilePayload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ mdPermissionsProfilePayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete MdPermissionsProfile")
deleteMdPermissionsProfileRes, err := client.ApiCall("delete-md-permissions-profile", mdPermissionsProfilePayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_mds.go b/checkpoint/resource_checkpoint_management_mds.go
index 7fb53821..efe61504 100644
--- a/checkpoint/resource_checkpoint_management_mds.go
+++ b/checkpoint/resource_checkpoint_management_mds.go
@@ -428,7 +428,13 @@ func deleteManagementMds(d *schema.ResourceData, m interface{}) error {
mdsPayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ mdsPayload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ mdsPayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete Mds")
deleteMdsRes, err := client.ApiCall("delete-mds", mdsPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_multicast_address_range.go b/checkpoint/resource_checkpoint_management_multicast_address_range.go
index 2f93f2db..0dd2e1bb 100644
--- a/checkpoint/resource_checkpoint_management_multicast_address_range.go
+++ b/checkpoint/resource_checkpoint_management_multicast_address_range.go
@@ -325,7 +325,13 @@ func deleteManagementMulticastAddressRange(d *schema.ResourceData, m interface{}
multicastAddressRangePayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ multicastAddressRangePayload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ multicastAddressRangePayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete MulticastAddressRange")
deleteMulticastAddressRangeRes, err := client.ApiCall("delete-multicast-address-range", multicastAddressRangePayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_network.go b/checkpoint/resource_checkpoint_management_network.go
index 39adf41c..96f16827 100644
--- a/checkpoint/resource_checkpoint_management_network.go
+++ b/checkpoint/resource_checkpoint_management_network.go
@@ -421,6 +421,12 @@ func deleteManagementNetwork(d *schema.ResourceData, m interface{}) error {
payload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ payload["ignore-errors"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ payload["ignore-warnings"] = v.(bool)
+ }
deleteNetworkRes, _ := client.ApiCall("delete-network", payload, client.GetSessionID(), true, client.IsProxyUsed())
if !deleteNetworkRes.Success {
return fmt.Errorf(deleteNetworkRes.ErrorMsg)
diff --git a/checkpoint/resource_checkpoint_management_network_feed.go b/checkpoint/resource_checkpoint_management_network_feed.go
index cdbad7e0..89306aec 100644
--- a/checkpoint/resource_checkpoint_management_network_feed.go
+++ b/checkpoint/resource_checkpoint_management_network_feed.go
@@ -574,7 +574,13 @@ func deleteManagementNetworkFeed(d *schema.ResourceData, m interface{}) error {
networkFeedPayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ networkFeedPayload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ networkFeedPayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete NetworkFeed")
deleteNetworkFeedRes, err := client.ApiCall("delete-network-feed", networkFeedPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_nuage_data_center_server.go b/checkpoint/resource_checkpoint_management_nuage_data_center_server.go
index c7b57f2c..4104454e 100644
--- a/checkpoint/resource_checkpoint_management_nuage_data_center_server.go
+++ b/checkpoint/resource_checkpoint_management_nuage_data_center_server.go
@@ -355,6 +355,13 @@ func deleteManagementNuageDataCenterServer(d *schema.ResourceData, m interface{}
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ nuageDataCenterServerPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ nuageDataCenterServerPayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete nuageDataCenterServer")
deleteNuageDataCenterServerRes, err := client.ApiCall("delete-data-center-server", nuageDataCenterServerPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_nutanix_data_center_server.go b/checkpoint/resource_checkpoint_management_nutanix_data_center_server.go
index b3b83e1a..e40635f2 100644
--- a/checkpoint/resource_checkpoint_management_nutanix_data_center_server.go
+++ b/checkpoint/resource_checkpoint_management_nutanix_data_center_server.go
@@ -337,6 +337,14 @@ func deleteManagementNutanixDataCenterServer(d *schema.ResourceData, m interface
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ nutanixDataCenterServerPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ nutanixDataCenterServerPayload["ignore-errors"] = v.(bool)
+ }
+
log.Println("Delete nutanixDataCenterServer")
deleteNutanixDataCenterServerRes, err := client.ApiCall("delete-data-center-server", nutanixDataCenterServerPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_openstack_data_center_server.go b/checkpoint/resource_checkpoint_management_openstack_data_center_server.go
index 8f0d3b6d..5f288851 100644
--- a/checkpoint/resource_checkpoint_management_openstack_data_center_server.go
+++ b/checkpoint/resource_checkpoint_management_openstack_data_center_server.go
@@ -342,6 +342,14 @@ func deleteManagementOpenStackDataCenterServer(d *schema.ResourceData, m interfa
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ openstackDataCenterServerPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ openstackDataCenterServerPayload["ignore-errors"] = v.(bool)
+ }
+
log.Println("Delete openstackDataCenterServer")
deleteOpenStackDataCenterServerRes, err := client.ApiCall("delete-data-center-server", openstackDataCenterServerPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_opsec_application.go b/checkpoint/resource_checkpoint_management_opsec_application.go
index e30f38d7..301d98ab 100644
--- a/checkpoint/resource_checkpoint_management_opsec_application.go
+++ b/checkpoint/resource_checkpoint_management_opsec_application.go
@@ -420,6 +420,14 @@ func deleteManagementOpsecApplication(d *schema.ResourceData, m interface{}) err
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ opsecApplicationPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ opsecApplicationPayload["ignore-errors"] = v.(bool)
+ }
+
log.Println("Delete OpsecApplication")
deleteOpsecApplicationRes, err := client.ApiCall("delete-opsec-application", opsecApplicationPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_oracle_cloud_data_center_server.go b/checkpoint/resource_checkpoint_management_oracle_cloud_data_center_server.go
index 6fba32c1..1c62af24 100644
--- a/checkpoint/resource_checkpoint_management_oracle_cloud_data_center_server.go
+++ b/checkpoint/resource_checkpoint_management_oracle_cloud_data_center_server.go
@@ -333,6 +333,14 @@ func deleteManagementOracleCloudDataCenterServer(d *schema.ResourceData, m inter
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ oracleCloudDataCenterServerPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ oracleCloudDataCenterServerPayload["ignore-errors"] = v.(bool)
+ }
+
deleteOracleCloudDataCenterServerRes, err := client.ApiCall("delete-data-center-server", oracleCloudDataCenterServerPayload, client.GetSessionID(), true, client.IsProxyUsed())
if err != nil || !deleteOracleCloudDataCenterServerRes.Success {
if deleteOracleCloudDataCenterServerRes.ErrorMsg != "" {
diff --git a/checkpoint/resource_checkpoint_management_package.go b/checkpoint/resource_checkpoint_management_package.go
index 765d33a5..f5fac525 100644
--- a/checkpoint/resource_checkpoint_management_package.go
+++ b/checkpoint/resource_checkpoint_management_package.go
@@ -355,6 +355,13 @@ func deleteManagementPackage(d *schema.ResourceData, m interface{}) error {
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ packagePayload["ignore-errors"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ packagePayload["ignore-warnings"] = v.(bool)
+ }
+
deletePackageRes, err := client.ApiCall("delete-package", packagePayload, client.GetSessionID(), true, client.IsProxyUsed())
if err != nil || !deletePackageRes.Success {
if deletePackageRes.ErrorMsg != "" {
diff --git a/checkpoint/resource_checkpoint_management_repository_script.go b/checkpoint/resource_checkpoint_management_repository_script.go
index 31686cd2..15c960c2 100644
--- a/checkpoint/resource_checkpoint_management_repository_script.go
+++ b/checkpoint/resource_checkpoint_management_repository_script.go
@@ -260,6 +260,13 @@ func deleteManagementRepositoryScript(d *schema.ResourceData, m interface{}) err
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ repositoryScriptPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ repositoryScriptPayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete RepositoryScript")
deleteRepositoryScriptRes, err := client.ApiCall("delete-repository-script", repositoryScriptPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_security_zone.go b/checkpoint/resource_checkpoint_management_security_zone.go
index 78c7543f..353c6002 100644
--- a/checkpoint/resource_checkpoint_management_security_zone.go
+++ b/checkpoint/resource_checkpoint_management_security_zone.go
@@ -223,7 +223,13 @@ func deleteManagementSecurityZone(d *schema.ResourceData, m interface{}) error {
securityZonePayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ securityZonePayload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ securityZonePayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete SecurityZone")
deleteSecurityZoneRes, err := client.ApiCall("delete-security-zone", securityZonePayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_server_certificate.go b/checkpoint/resource_checkpoint_management_server_certificate.go
new file mode 100644
index 00000000..22fb7550
--- /dev/null
+++ b/checkpoint/resource_checkpoint_management_server_certificate.go
@@ -0,0 +1,194 @@
+package checkpoint
+
+import (
+ "fmt"
+ checkpoint "github.com/CheckPointSW/cp-mgmt-api-go-sdk/APIFiles"
+ "github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+ "log"
+)
+
+func resourceManagementServerCertificate() *schema.Resource {
+ return &schema.Resource{
+ Create: createManagementServerCertificate,
+ Read: readManagementServerCertificate,
+ Update: updateManagementServerCertificate,
+ Delete: deleteManagementServerCertificate,
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Object name.",
+ },
+ "base64_certificate": {
+ Type: schema.TypeString,
+ Optional: true,
+ Sensitive: true,
+ Description: "Certificate file encoded in base64.
Valid file formats: p12.",
+ },
+ "base64_password": {
+ Type: schema.TypeString,
+ Optional: true,
+ Sensitive: true,
+ Description: "Base64 encoded password of the certificate file.",
+ },
+ "comments": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Server certificate comments.",
+ },
+ "subject": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Certificate's subject.",
+ },
+ "valid_from": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Server certificate valid from date.",
+ },
+ "valid_to": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Server certificate valid up to date.",
+ },
+ },
+ }
+}
+
+func createManagementServerCertificate(d *schema.ResourceData, m interface{}) error {
+ client := m.(*checkpoint.ApiClient)
+
+ serverCertificate := make(map[string]interface{})
+
+ if v, ok := d.GetOk("name"); ok {
+ serverCertificate["name"] = v.(string)
+ }
+
+ if v, ok := d.GetOk("base64_certificate"); ok {
+ serverCertificate["base64-certificate"] = v.(string)
+ }
+
+ if v, ok := d.GetOk("base64_password"); ok {
+ serverCertificate["base64-password"] = v.(string)
+ }
+
+ if v, ok := d.GetOk("comments"); ok {
+ serverCertificate["comments"] = v.(string)
+ }
+
+ log.Println("Create ServerCertificate - Map = ", serverCertificate)
+
+ addServerCertificateRes, err := client.ApiCall("add-server-certificate", serverCertificate, client.GetSessionID(), true, false)
+ if err != nil || !addServerCertificateRes.Success {
+ if addServerCertificateRes.ErrorMsg != "" {
+ return fmt.Errorf(addServerCertificateRes.ErrorMsg)
+ }
+ return fmt.Errorf(err.Error())
+ }
+
+ d.SetId(addServerCertificateRes.GetData()["uid"].(string))
+
+ return readManagementServerCertificate(d, m)
+}
+
+func readManagementServerCertificate(d *schema.ResourceData, m interface{}) error {
+
+ client := m.(*checkpoint.ApiClient)
+
+ payload := map[string]interface{}{
+ "uid": d.Id(),
+ }
+
+ showServerCertificateRes, err := client.ApiCall("show-server-certificate", payload, client.GetSessionID(), true, false)
+ if err != nil {
+ return fmt.Errorf(err.Error())
+ }
+ if !showServerCertificateRes.Success {
+ if objectNotFound(showServerCertificateRes.GetData()["code"].(string)) {
+ d.SetId("")
+ return nil
+ }
+ return fmt.Errorf(showServerCertificateRes.ErrorMsg)
+ }
+
+ serverCertificate := showServerCertificateRes.GetData()
+
+ log.Println("Read ServerCertificate - Show JSON = ", serverCertificate)
+
+ if v := serverCertificate["name"]; v != nil {
+ _ = d.Set("name", v)
+ }
+
+ if v := serverCertificate["subject"]; v != nil {
+ _ = d.Set("subject", v)
+ }
+ if v := serverCertificate["valid-from"]; v != nil {
+ _ = d.Set("valid_from", v)
+ }
+ if v := serverCertificate["valid-to"]; v != nil {
+ _ = d.Set("valid_to", v)
+ }
+
+ return nil
+
+}
+
+func updateManagementServerCertificate(d *schema.ResourceData, m interface{}) error {
+
+ client := m.(*checkpoint.ApiClient)
+ serverCertificate := make(map[string]interface{})
+
+ if ok := d.HasChange("name"); ok {
+ oldName, newName := d.GetChange("name")
+ serverCertificate["name"] = oldName
+ serverCertificate["new-name"] = newName
+ } else {
+ serverCertificate["name"] = d.Get("name")
+ }
+
+ if ok := d.HasChange("base64_certificate"); ok {
+ serverCertificate["base64-certificate"] = d.Get("base64_certificate")
+ }
+
+ if ok := d.HasChange("base64_password"); ok {
+ serverCertificate["base64-password"] = d.Get("base64_password")
+ }
+
+ if ok := d.HasChange("comments"); ok {
+ serverCertificate["comments"] = d.Get("comments")
+ }
+
+ log.Println("Update ServerCertificate - Map = ", serverCertificate)
+
+ updateServerCertificateRes, err := client.ApiCall("set-server-certificate", serverCertificate, client.GetSessionID(), true, false)
+ if err != nil || !updateServerCertificateRes.Success {
+ if updateServerCertificateRes.ErrorMsg != "" {
+ return fmt.Errorf(updateServerCertificateRes.ErrorMsg)
+ }
+ return fmt.Errorf(err.Error())
+ }
+
+ return readManagementServerCertificate(d, m)
+}
+
+func deleteManagementServerCertificate(d *schema.ResourceData, m interface{}) error {
+
+ client := m.(*checkpoint.ApiClient)
+
+ serverCertificatePayload := map[string]interface{}{
+ "uid": d.Id(),
+ }
+
+ log.Println("Delete ServerCertificate")
+
+ deleteServerCertificateRes, err := client.ApiCall("delete-server-certificate", serverCertificatePayload, client.GetSessionID(), true, false)
+ if err != nil || !deleteServerCertificateRes.Success {
+ if deleteServerCertificateRes.ErrorMsg != "" {
+ return fmt.Errorf(deleteServerCertificateRes.ErrorMsg)
+ }
+ return fmt.Errorf(err.Error())
+ }
+ d.SetId("")
+
+ return nil
+}
diff --git a/checkpoint/resource_checkpoint_management_server_certificate_test.go b/checkpoint/resource_checkpoint_management_server_certificate_test.go
new file mode 100644
index 00000000..a33cb861
--- /dev/null
+++ b/checkpoint/resource_checkpoint_management_server_certificate_test.go
@@ -0,0 +1,108 @@
+package checkpoint
+
+import (
+ "fmt"
+ checkpoint "github.com/CheckPointSW/cp-mgmt-api-go-sdk/APIFiles"
+ "github.com/hashicorp/terraform-plugin-sdk/helper/acctest"
+ "github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+ "github.com/hashicorp/terraform-plugin-sdk/terraform"
+ "os"
+ "strings"
+ "testing"
+)
+
+func TestAccCheckpointManagementServerCertificate_basic(t *testing.T) {
+
+ var serverCertificateMap map[string]interface{}
+
+ resourceName := "checkpoint_management_server_certificate.test"
+ objName := "tfTestManagementServerCertificate" + acctest.RandString(6)
+
+ context := os.Getenv("CHECKPOINT_CONTEXT")
+ if context != "web_api" {
+ t.Skip("Skipping management test")
+ } else if context == "" {
+ t.Skip("Env CHECKPOINT_CONTEXT must be specified to run this acc test")
+ }
+
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() { testAccPreCheck(t) },
+ Providers: testAccProviders,
+ CheckDestroy: testAccCheckpointManagementServerCertificateDestroy,
+ Steps: []resource.TestStep{
+ {
+ Config: testAccManagementServerCertificateConfig(objName, "MIIKSAIBAzCCCg4GCSqGSIb3DQEHAaCCCf8Eggn7MIIJ9zCCBI8GCSqGSIb3DQEHBqCCBIAwggR8AgEAMIIEdQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQILAfxjBi7DTQCAggAgIIESKgKoClNx4YyTQr7xfIgSBSDs0It2vVsLubNFJpbQXzJUu2WaPQPbqV3wISpWCa/auLYC9OWpTI89HFt30rVAdWCFVoty7jI6L8HjTYa8fTGyqW7PyfoGyZclmz6totsmeVWc8i7wnl9Hk8NZpLWuixNoSLQUqBoloyZENll3i3/Z+/6mDlYkRmpCMQA2YLQm1yc/3n7Fq6grBJDro0tIIoAwIzgCdoKqIMwlDNA9c0eaHeXsP4k9WfJQbK6AyLTvHbrrNrgUyEDJQI6BCkeQwkBW2zRUHoe7s1DSQ5Rwft4koIaDcGovLES5g1gnXzmMr4/23+rf4/EZszB0QvlYvZIKLQ8O2ofvZ/HK+59fxlhKEiEkW2yhezDGR9s6hZnzZ8vMutisQJ8MO0m9iKVD5AAtif/32iy5+TVIQfqgER+DYVGOuk15YF2VcZGRlQ8pSvBXIkMMUDRqjFxQfKYIMlyk6RuSSgmIn+EIA9GfaBmEGy2xJYvw6IkUJ+xoR+SYeLYiMw+HkzI+cCOKF7fKPXlOCVvnESEeKwJ4inSxiI2GQG01aN/GNdsx/EM1Xi2LSHfzhG9URIOhjuJIQZn2Z7f3fpTxpWWCpEEVjcQZhoR0KX0DJ/gIx/iY8UsbNo58FTq5AwMFY6m8hxlHOorqh0MSE/x8LKq0v7JKIxQwrdkyUlVUqdaGreW5MgRdjqOrxQx53nLPdQelKWbR8Gn4KkwFcYCAB1VAe944zqq6YKL4mvNwxk5wyqDjn5UZtPokKFfqBOwOSAGsaZ389x/2tqXEgPhWVGFPJlsIUUKBRVTtqxsb2LdaCPHjO8bQhhgOIMEav+iWZAJYudZuolr8Aviccorg1w0sr2eklHbO6yMWrDrvlCVpSawRnLIeeWe+4rwV7SNdcA5hSombTWKRcR8mOkTGjpByiz6+g+3mHOeJbyTrmIfUSENMZy5oYjQfDyNLi0RMmCPCqMjRSwyAs/CDhzz4wTFLEYbu+fUrm2WZc2vhhxafbVrbZ+FcDcnYomYfp8aSxiIIq8+gxT99Oi3WNqhJ+IZGJODWMYRfpKNwgCab8uJt8TV3SVXVIXW0Y28l4ZuP/qWEfnEC8Wl6HJGhJo7arqBFTWWEuKvHw985OpksavdQFXgVU9Egbue0anb0U5SDyRu0hqJ/Gw83dKJbCg8hPv4gGq/yeOb+cX63DCKvOcoXjZ0szeRcGiro0+BSgr143Ks19lsxWHPOlauLSnD3jVrgpXmVwxCizRTnX3OLJ07IpvvEJGAQR/Ru2lo7eN0H4933G93tVQtte69BiPwbkWtSx8ddzbRGmMW7IsG72FVm5QrJC1C1Na5xqQQV6G2oHqIHNdNyXD6TmhuQ4BnpCoamCzfsX4iozS+NySz/Jdbuj0YZ9L2dQYUHiBF4xotlHfwiAiCghaBH31OZJ0n52d0NGqRkN5F0Qdfz1O2+rLx2zswggVgBgkqhkiG9w0BBwGgggVRBIIFTTCCBUkwggVFBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQIRNvlE6KdajoCAggABIIEyBJbsgafEO1D9xQ8BFYFNKf/meJNAOO4XVPTFtUBpyvEn3PkyxyKU1cMenESXeMacSv/VftkYC7CwN81kzbRMRSEXZSCsyj48kMqwTqMNmZmgF8XaFvzXOGlu2E411LZ/sOenWO7lxe0NGZM3vk4FWvl+4fa5Xd5TDqya65VsXSocDUA5kpeqn323TcdeCldGmEniX85NGIiPpWuRLGrNf8VOIuE3NFAmTSveHH9Oo7PjscCifc7O4+NpOW9GfayZMqG8dTpLhIRacdvy/QvbWePXdzzSI9rKogX/7+bSzU0Hq+8rpWlAhz0qnW2Bb3T7of86Len5cuNr0k425Dhpuo4od81exDdSa3+aFQqR3nKVSkPapLBrpGNZIX4TwctRnbi2ZHdFxMKkJewGt/beam3LcujJRlN2RBeA0IRWEAyO6ubjpQ62ChrW+faHXXxYnH3Be6nPXSF5pq4VAIVglNsPOxGYIb+qNDhOblzQBq4nF30fyHmOwDIRgNWwOStT7dUFmN0ouHinP6QXWBDDQiDo2RRFs2/RWu0ZY0EAzEYAMCSvmk+SQgKbKpNFf0C5kuJ56PWXUuGSoAXV/vxvK6OHIGF/FcZo+VrRgYTHY/eSjw1+/lpUkwaWAzoH0X6KxuLXfgzv+E8Z+LFVWIAoknJ96ieljiHzNnfeSTZYwTaJbYaritdAQ2MTGcBrpJFIqr9GjWGVsFQK0ct/ZIFzZw0Vnt/aOj5OjMPlpy9UXfC+tw9gfRYWfSDuDLuUH0Znu3JB/+J2XQP4PBArXKyvFv6wMVSvY/04r2WQQKV9YTUCkbgvHAlQ7vP0a8z44xSrKc4M04sEBE3cFD2NBAQrP3GqRyz2ukuzJhrj/B1dZWA23SZaqfN9gpbfFbtPXN6F/nY1UUsikLjcXDjC8rGVU9Pp4VCnv2EUgl4QmkUEdVeDZjUnz/k9Kd53q3h+chAId+3VBsemd3ZadX4gupw6Xf6zT8Av7v75/1/vFw2yz22DG8pIpN4uuEdSFhvs9lr6f2M6bQABS+NWfehq5aqBqsXXX8R3fSxYLL0gO4lxf4YqUSomA4AlzS9tJtEe2DKWYmnYwiiUGYLs7aGMLZQbHbYutPKKZXTaSGWYBaIrVjbDM67la/csYmxpb2n6UD6TkNICuZwd/ImVvDhbCEsR/EU+YU0HPwxlUtcCsqw4Vy8rBtbla2XmegGUcLWSurKmq42SW8W1LBJQfY/9sWyaMqSGy0/Vq4/+/CtXUZ1N5rgibYyIZ9Tvm/ndv2xBW1hYivIZZQFRbg5fWxKA5ifYejGmYCWGQynRSVCbqccw08xy5Iwnww4v5Cz5bcNyRLFOU2/bfn7SC5mcQ/Tw5ZKOQVRn88G78amMPHNRqX4RzPtIwmK+B3zPJX0MHrY3w5hzPZ0UCtR2YsbYLeqsYP6b+RBLSV3wtkUZ9PgbMeu7zXSE0z1svGpjF7yWpnP47ilbxwe1YXL5+CuqN6iHFfyaP1JPYILmHdw0gzgyOdo1y4rUXgCeiCyH4vJVLts8ERKpXZDMCUmujb306IOD9haFXdQHV5XlQurtw+JC7ySe9bVMrzYJv5/oPioOXMnLPI2OXYbACwlQ/UHgl5LmDlsxeairdfYTdAxajFEMB0GCSqGSIb3DQEJFDEQHg4AbQB5AGEAbABpAGEAczAjBgkqhkiG9w0BCRUxFgQU7cUIcmKuQKAMfwbKiKzQozUsyHwwMTAhMAkGBSsOAwIaBQAEFEFoI0QTIv2s2lR8PxS8xfiT5S06BAjANT3YLoakoAICCAA=", "bXlfcGFzc3dvcmQ=", "this is a comment"),
+ Check: resource.ComposeTestCheckFunc(
+ testAccCheckCheckpointManagementServerCertificateExists(resourceName, &serverCertificateMap),
+ testAccCheckCheckpointManagementServerCertificateAttributes(&serverCertificateMap, objName, "MIIKSAIBAzCCCg4GCSqGSIb3DQEHAaCCCf8Eggn7MIIJ9zCCBI8GCSqGSIb3DQEHBqCCBIAwggR8AgEAMIIEdQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQILAfxjBi7DTQCAggAgIIESKgKoClNx4YyTQr7xfIgSBSDs0It2vVsLubNFJpbQXzJUu2WaPQPbqV3wISpWCa/auLYC9OWpTI89HFt30rVAdWCFVoty7jI6L8HjTYa8fTGyqW7PyfoGyZclmz6totsmeVWc8i7wnl9Hk8NZpLWuixNoSLQUqBoloyZENll3i3/Z+/6mDlYkRmpCMQA2YLQm1yc/3n7Fq6grBJDro0tIIoAwIzgCdoKqIMwlDNA9c0eaHeXsP4k9WfJQbK6AyLTvHbrrNrgUyEDJQI6BCkeQwkBW2zRUHoe7s1DSQ5Rwft4koIaDcGovLES5g1gnXzmMr4/23+rf4/EZszB0QvlYvZIKLQ8O2ofvZ/HK+59fxlhKEiEkW2yhezDGR9s6hZnzZ8vMutisQJ8MO0m9iKVD5AAtif/32iy5+TVIQfqgER+DYVGOuk15YF2VcZGRlQ8pSvBXIkMMUDRqjFxQfKYIMlyk6RuSSgmIn+EIA9GfaBmEGy2xJYvw6IkUJ+xoR+SYeLYiMw+HkzI+cCOKF7fKPXlOCVvnESEeKwJ4inSxiI2GQG01aN/GNdsx/EM1Xi2LSHfzhG9URIOhjuJIQZn2Z7f3fpTxpWWCpEEVjcQZhoR0KX0DJ/gIx/iY8UsbNo58FTq5AwMFY6m8hxlHOorqh0MSE/x8LKq0v7JKIxQwrdkyUlVUqdaGreW5MgRdjqOrxQx53nLPdQelKWbR8Gn4KkwFcYCAB1VAe944zqq6YKL4mvNwxk5wyqDjn5UZtPokKFfqBOwOSAGsaZ389x/2tqXEgPhWVGFPJlsIUUKBRVTtqxsb2LdaCPHjO8bQhhgOIMEav+iWZAJYudZuolr8Aviccorg1w0sr2eklHbO6yMWrDrvlCVpSawRnLIeeWe+4rwV7SNdcA5hSombTWKRcR8mOkTGjpByiz6+g+3mHOeJbyTrmIfUSENMZy5oYjQfDyNLi0RMmCPCqMjRSwyAs/CDhzz4wTFLEYbu+fUrm2WZc2vhhxafbVrbZ+FcDcnYomYfp8aSxiIIq8+gxT99Oi3WNqhJ+IZGJODWMYRfpKNwgCab8uJt8TV3SVXVIXW0Y28l4ZuP/qWEfnEC8Wl6HJGhJo7arqBFTWWEuKvHw985OpksavdQFXgVU9Egbue0anb0U5SDyRu0hqJ/Gw83dKJbCg8hPv4gGq/yeOb+cX63DCKvOcoXjZ0szeRcGiro0+BSgr143Ks19lsxWHPOlauLSnD3jVrgpXmVwxCizRTnX3OLJ07IpvvEJGAQR/Ru2lo7eN0H4933G93tVQtte69BiPwbkWtSx8ddzbRGmMW7IsG72FVm5QrJC1C1Na5xqQQV6G2oHqIHNdNyXD6TmhuQ4BnpCoamCzfsX4iozS+NySz/Jdbuj0YZ9L2dQYUHiBF4xotlHfwiAiCghaBH31OZJ0n52d0NGqRkN5F0Qdfz1O2+rLx2zswggVgBgkqhkiG9w0BBwGgggVRBIIFTTCCBUkwggVFBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQIRNvlE6KdajoCAggABIIEyBJbsgafEO1D9xQ8BFYFNKf/meJNAOO4XVPTFtUBpyvEn3PkyxyKU1cMenESXeMacSv/VftkYC7CwN81kzbRMRSEXZSCsyj48kMqwTqMNmZmgF8XaFvzXOGlu2E411LZ/sOenWO7lxe0NGZM3vk4FWvl+4fa5Xd5TDqya65VsXSocDUA5kpeqn323TcdeCldGmEniX85NGIiPpWuRLGrNf8VOIuE3NFAmTSveHH9Oo7PjscCifc7O4+NpOW9GfayZMqG8dTpLhIRacdvy/QvbWePXdzzSI9rKogX/7+bSzU0Hq+8rpWlAhz0qnW2Bb3T7of86Len5cuNr0k425Dhpuo4od81exDdSa3+aFQqR3nKVSkPapLBrpGNZIX4TwctRnbi2ZHdFxMKkJewGt/beam3LcujJRlN2RBeA0IRWEAyO6ubjpQ62ChrW+faHXXxYnH3Be6nPXSF5pq4VAIVglNsPOxGYIb+qNDhOblzQBq4nF30fyHmOwDIRgNWwOStT7dUFmN0ouHinP6QXWBDDQiDo2RRFs2/RWu0ZY0EAzEYAMCSvmk+SQgKbKpNFf0C5kuJ56PWXUuGSoAXV/vxvK6OHIGF/FcZo+VrRgYTHY/eSjw1+/lpUkwaWAzoH0X6KxuLXfgzv+E8Z+LFVWIAoknJ96ieljiHzNnfeSTZYwTaJbYaritdAQ2MTGcBrpJFIqr9GjWGVsFQK0ct/ZIFzZw0Vnt/aOj5OjMPlpy9UXfC+tw9gfRYWfSDuDLuUH0Znu3JB/+J2XQP4PBArXKyvFv6wMVSvY/04r2WQQKV9YTUCkbgvHAlQ7vP0a8z44xSrKc4M04sEBE3cFD2NBAQrP3GqRyz2ukuzJhrj/B1dZWA23SZaqfN9gpbfFbtPXN6F/nY1UUsikLjcXDjC8rGVU9Pp4VCnv2EUgl4QmkUEdVeDZjUnz/k9Kd53q3h+chAId+3VBsemd3ZadX4gupw6Xf6zT8Av7v75/1/vFw2yz22DG8pIpN4uuEdSFhvs9lr6f2M6bQABS+NWfehq5aqBqsXXX8R3fSxYLL0gO4lxf4YqUSomA4AlzS9tJtEe2DKWYmnYwiiUGYLs7aGMLZQbHbYutPKKZXTaSGWYBaIrVjbDM67la/csYmxpb2n6UD6TkNICuZwd/ImVvDhbCEsR/EU+YU0HPwxlUtcCsqw4Vy8rBtbla2XmegGUcLWSurKmq42SW8W1LBJQfY/9sWyaMqSGy0/Vq4/+/CtXUZ1N5rgibYyIZ9Tvm/ndv2xBW1hYivIZZQFRbg5fWxKA5ifYejGmYCWGQynRSVCbqccw08xy5Iwnww4v5Cz5bcNyRLFOU2/bfn7SC5mcQ/Tw5ZKOQVRn88G78amMPHNRqX4RzPtIwmK+B3zPJX0MHrY3w5hzPZ0UCtR2YsbYLeqsYP6b+RBLSV3wtkUZ9PgbMeu7zXSE0z1svGpjF7yWpnP47ilbxwe1YXL5+CuqN6iHFfyaP1JPYILmHdw0gzgyOdo1y4rUXgCeiCyH4vJVLts8ERKpXZDMCUmujb306IOD9haFXdQHV5XlQurtw+JC7ySe9bVMrzYJv5/oPioOXMnLPI2OXYbACwlQ/UHgl5LmDlsxeairdfYTdAxajFEMB0GCSqGSIb3DQEJFDEQHg4AbQB5AGEAbABpAGEAczAjBgkqhkiG9w0BCRUxFgQU7cUIcmKuQKAMfwbKiKzQozUsyHwwMTAhMAkGBSsOAwIaBQAEFEFoI0QTIv2s2lR8PxS8xfiT5S06BAjANT3YLoakoAICCAA=", "bXlfcGFzc3dvcmQ=", "this is a comment"),
+ ),
+ },
+ },
+ })
+}
+
+func testAccCheckpointManagementServerCertificateDestroy(s *terraform.State) error {
+
+ client := testAccProvider.Meta().(*checkpoint.ApiClient)
+ for _, rs := range s.RootModule().Resources {
+ if rs.Type != "checkpoint_management_server_certificate" {
+ continue
+ }
+ if rs.Primary.ID != "" {
+ res, _ := client.ApiCall("show-server-certificate", map[string]interface{}{"uid": rs.Primary.ID}, client.GetSessionID(), true, false)
+ if res.Success {
+ return fmt.Errorf("ServerCertificate object (%s) still exists", rs.Primary.ID)
+ }
+ }
+ return nil
+ }
+ return nil
+}
+
+func testAccCheckCheckpointManagementServerCertificateExists(resourceTfName string, res *map[string]interface{}) resource.TestCheckFunc {
+ return func(s *terraform.State) error {
+
+ rs, ok := s.RootModule().Resources[resourceTfName]
+ if !ok {
+ return fmt.Errorf("Resource not found: %s", resourceTfName)
+ }
+
+ if rs.Primary.ID == "" {
+ return fmt.Errorf("ServerCertificate ID is not set")
+ }
+
+ client := testAccProvider.Meta().(*checkpoint.ApiClient)
+
+ response, err := client.ApiCall("show-server-certificate", map[string]interface{}{"uid": rs.Primary.ID}, client.GetSessionID(), true, false)
+ if !response.Success {
+ return err
+ }
+
+ *res = response.GetData()
+
+ return nil
+ }
+}
+
+func testAccCheckCheckpointManagementServerCertificateAttributes(serverCertificateMap *map[string]interface{}, name string, base64Certificate string, base64Password string, comments string) resource.TestCheckFunc {
+ return func(s *terraform.State) error {
+
+ serverCertificateName := (*serverCertificateMap)["name"].(string)
+ if !strings.EqualFold(serverCertificateName, name) {
+ return fmt.Errorf("name is %s, expected %s", name, serverCertificateName)
+ }
+
+ return nil
+ }
+}
+
+func testAccManagementServerCertificateConfig(name string, base64Certificate string, base64Password string, comments string) string {
+ return fmt.Sprintf(`
+resource "checkpoint_management_server_certificate" "test" {
+ name = "%s"
+ base64_certificate = "%s"
+ base64_password = "%s"
+ comments = "%s"
+}
+`, name, base64Certificate, base64Password, comments)
+}
diff --git a/checkpoint/resource_checkpoint_management_service_citrix_tcp.go b/checkpoint/resource_checkpoint_management_service_citrix_tcp.go
index 4d7854b9..68996133 100644
--- a/checkpoint/resource_checkpoint_management_service_citrix_tcp.go
+++ b/checkpoint/resource_checkpoint_management_service_citrix_tcp.go
@@ -228,6 +228,13 @@ func deleteManagementServiceCitrixTcp(d *schema.ResourceData, m interface{}) err
serviceCitrixTcpPayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ serviceCitrixTcpPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ serviceCitrixTcpPayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete ServiceCitrixTcp")
diff --git a/checkpoint/resource_checkpoint_management_service_compound_tcp.go b/checkpoint/resource_checkpoint_management_service_compound_tcp.go
index d19236bf..b5887149 100644
--- a/checkpoint/resource_checkpoint_management_service_compound_tcp.go
+++ b/checkpoint/resource_checkpoint_management_service_compound_tcp.go
@@ -248,6 +248,13 @@ func deleteManagementServiceCompoundTcp(d *schema.ResourceData, m interface{}) e
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ serviceCompoundTcpPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ serviceCompoundTcpPayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete ServiceCompoundTcp")
deleteServiceCompoundTcpRes, err := client.ApiCall("delete-service-compound-tcp", serviceCompoundTcpPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_service_dce_rpc.go b/checkpoint/resource_checkpoint_management_service_dce_rpc.go
index f9268439..58365fff 100644
--- a/checkpoint/resource_checkpoint_management_service_dce_rpc.go
+++ b/checkpoint/resource_checkpoint_management_service_dce_rpc.go
@@ -257,7 +257,13 @@ func deleteManagementServiceDceRpc(d *schema.ResourceData, m interface{}) error
serviceDceRpcPayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ serviceDceRpcPayload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ serviceDceRpcPayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete ServiceDceRpc")
deleteServiceDceRpcRes, err := client.ApiCall("delete-service-dce-rpc", serviceDceRpcPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_service_group.go b/checkpoint/resource_checkpoint_management_service_group.go
index 708d087a..9f0558fc 100644
--- a/checkpoint/resource_checkpoint_management_service_group.go
+++ b/checkpoint/resource_checkpoint_management_service_group.go
@@ -234,6 +234,12 @@ func deleteManagementServiceGroup(d *schema.ResourceData, m interface{}) error {
payload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ payload["ignore-errors"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ payload["ignore-warnings"] = v.(bool)
+ }
deleteServiceGroupRes, _ := client.ApiCall("delete-service-group", payload, client.GetSessionID(), true, client.IsProxyUsed())
if !deleteServiceGroupRes.Success {
return fmt.Errorf(deleteServiceGroupRes.ErrorMsg)
diff --git a/checkpoint/resource_checkpoint_management_service_gtp.go b/checkpoint/resource_checkpoint_management_service_gtp.go
new file mode 100644
index 00000000..84a563be
--- /dev/null
+++ b/checkpoint/resource_checkpoint_management_service_gtp.go
@@ -0,0 +1,1066 @@
+package checkpoint
+
+import (
+ "fmt"
+ checkpoint "github.com/CheckPointSW/cp-mgmt-api-go-sdk/APIFiles"
+ "github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+ "log"
+ "strconv"
+)
+
+func resourceManagementServiceGtp() *schema.Resource {
+ return &schema.Resource{
+ Create: createManagementServiceGtp,
+ Read: readManagementServiceGtp,
+ Update: updateManagementServiceGtp,
+ Delete: deleteManagementServiceGtp,
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Object name.",
+ },
+ "version": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "GTP version.",
+ Default: "V2",
+ },
+ "access_point_name": {
+ Type: schema.TypeMap,
+ Optional: true,
+ Description: "Match by Access Point Name.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "enable": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "",
+ Default: false,
+ },
+ "apn": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The Access Point Name object identified by Name or UID.",
+ },
+ },
+ },
+ },
+ "allow_usage_of_static_ip": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "Allow usage of static IP addresses.",
+ Default: true,
+ },
+ "apply_access_policy_on_user_traffic": {
+ Type: schema.TypeMap,
+ Optional: true,
+ Description: "Apply Access Policy on user traffic.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "enable": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "",
+ Default: false,
+ },
+ "add_imsi_field_to_log": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "Add IMSI field to logs generated by user traffic.",
+ Default: false,
+ },
+ },
+ },
+ },
+ "cs_fallback_and_srvcc": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "CS Fallback and SRVCC (Relevant for V2 only).",
+ Default: true,
+ },
+ "imsi_prefix": {
+ Type: schema.TypeMap,
+ Optional: true,
+ Description: "Match by IMSI prefix.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "enable": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "",
+ Default: false,
+ },
+ "prefix": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The IMSI prefix.",
+ },
+ },
+ },
+ },
+ "interface_profile": {
+ Type: schema.TypeMap,
+ Optional: true,
+ Description: "Match only message types relevant to the given GTP interface. Relevant only for GTP V1 or V2.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "profile": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The Interface Profile object identified by Name or UID.",
+ Default: "Any",
+ },
+ "custom_message_types": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The messages types to match on them for this service. To specify a range, add a hyphen between the lowest and the highest numbers, for example: 32-35. Multiple Ranges can be chosen when separated with comma. This field relevant only when the Interface profile is set to 'Custom'.",
+ },
+ },
+ },
+ },
+ "ldap_group": {
+ Type: schema.TypeMap,
+ Optional: true,
+ Description: "Match by an LDAP Group.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "enable": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "",
+ Default: false,
+ },
+ "group": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The Ldap Group object identified by Name or UID.",
+ },
+ "according_to": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "According to MS-ISDN or according to IMSI.",
+ Default: "MS-ISDN",
+ },
+ },
+ },
+ },
+ "ms_isdn": {
+ Type: schema.TypeMap,
+ Optional: true,
+ Description: "Match by an MS-ISDN.",
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "enable": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "",
+ Default: false,
+ },
+ "ms_isdn": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The MS-ISDN.",
+ },
+ },
+ },
+ },
+ "radio_access_technology": {
+ Type: schema.TypeList,
+ Optional: true,
+ Description: "Match by Radio Access Technology.",
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "utran": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "(1).",
+ Default: false,
+ },
+ "geran": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "(2).",
+ Default: false,
+ },
+ "wlan": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "(3).",
+ Default: false,
+ },
+ "gan": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "(4).",
+ Default: false,
+ },
+ "hspa_evolution": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "(5).",
+ Default: false,
+ },
+ "eutran": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "(6).",
+ Default: false,
+ },
+ "virtual": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "(7).",
+ Default: false,
+ },
+ "nb_iot": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "(8).",
+ Default: false,
+ },
+ "other_types_range": {
+ Type: schema.TypeList,
+ Optional: true,
+ Description: "(9-255).",
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "enable": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "",
+ Default: false,
+ },
+ "types": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Other RAT Types. To specify other RAT ranges, add a hyphen between the lowest and the highest numbers, for example: 11-15. Multiple Ranges can be chosen when separated with comma.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "restoration_and_recovery": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "Restoration and Recovery (Relevant for V2 only).",
+ Default: true,
+ },
+ "reverse_service": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "Accept PDUs from the GGSN/PGW to the SGSN/SGW on a previously established PDP context, even if different ports are used.",
+ Default: false,
+ },
+ "selection_mode": {
+ Type: schema.TypeList,
+ Optional: true,
+ Description: "Match by a selection mode.",
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "enable": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "",
+ Default: false,
+ },
+ "mode": {
+ Type: schema.TypeInt,
+ Optional: true,
+ Description: "The mode as integer. [0 - Verified, 1 - MS - Not verified, 2 - Network - Not verified].",
+ },
+ },
+ },
+ },
+ "trace_management": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "Trace Management (Relevant for V2 only).",
+ Default: true,
+ },
+ "tags": {
+ Type: schema.TypeSet,
+ Optional: true,
+ Description: "Collection of tag identifiers.",
+ Elem: &schema.Schema{
+ Type: schema.TypeString,
+ },
+ },
+ "color": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Color of the object. Should be one of existing colors.",
+ Default: "black",
+ },
+ "comments": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Comments string.",
+ },
+ "groups": {
+ Type: schema.TypeSet,
+ Optional: true,
+ Description: "Collection of group identifiers.",
+ Elem: &schema.Schema{
+ Type: schema.TypeString,
+ },
+ },
+ "ignore_warnings": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "Apply changes ignoring warnings.",
+ Default: false,
+ },
+ "ignore_errors": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.",
+ Default: false,
+ },
+ },
+ }
+}
+
+func createManagementServiceGtp(d *schema.ResourceData, m interface{}) error {
+ client := m.(*checkpoint.ApiClient)
+
+ serviceGtp := make(map[string]interface{})
+
+ if v, ok := d.GetOk("name"); ok {
+ serviceGtp["name"] = v.(string)
+ }
+
+ if v, ok := d.GetOk("version"); ok {
+ serviceGtp["version"] = v.(string)
+ }
+
+ if _, ok := d.GetOk("access_point_name"); ok {
+
+ res := make(map[string]interface{})
+
+ if v, ok := d.GetOk("access_point_name.enable"); ok {
+ res["enable"] = v
+
+ }
+ if v, ok := d.GetOk("access_point_name.apn"); ok {
+ res["apn"] = v.(string)
+ }
+
+ serviceGtp["access-point-name"] = res
+ }
+
+ if v, ok := d.GetOkExists("allow_usage_of_static_ip"); ok {
+ serviceGtp["allow-usage-of-static-ip"] = v.(bool)
+ }
+
+ if _, ok := d.GetOk("apply_access_policy_on_user_traffic"); ok {
+
+ res := make(map[string]interface{})
+
+ if v, ok := d.GetOk("apply_access_policy_on_user_traffic.enable"); ok {
+ res["enable"] = v
+ }
+ if v, ok := d.GetOk("apply_access_policy_on_user_traffic.add_imsi_field_to_log"); ok {
+ res["add-imsi-field-to-log"] = v
+ }
+ serviceGtp["apply-access-policy-on-user-traffic"] = res
+ }
+
+ if v, ok := d.GetOkExists("cs_fallback_and_srvcc"); ok {
+ serviceGtp["cs-fallback-and-srvcc"] = v.(bool)
+ }
+
+ if _, ok := d.GetOk("imsi_prefix"); ok {
+
+ res := make(map[string]interface{})
+
+ if v, ok := d.GetOk("imsi_prefix.enable"); ok {
+ res["enable"] = v
+ }
+ if v, ok := d.GetOk("imsi_prefix.prefix"); ok {
+ res["prefix"] = v.(string)
+ }
+ serviceGtp["imsi-prefix"] = res
+ }
+
+ if _, ok := d.GetOk("interface_profile"); ok {
+
+ res := make(map[string]interface{})
+
+ if v, ok := d.GetOk("interface_profile.profile"); ok {
+ res["profile"] = v.(string)
+ }
+ if v, ok := d.GetOk("interface_profile.custom_message_types"); ok {
+ res["custom-message-types"] = v.(string)
+ }
+ serviceGtp["interface-profile"] = res
+ }
+
+ if _, ok := d.GetOk("ldap_group"); ok {
+
+ res := make(map[string]interface{})
+
+ if v, ok := d.GetOk("ldap_group.enable"); ok {
+ res["enable"] = v
+ }
+ if v, ok := d.GetOk("ldap_group.group"); ok {
+ res["group"] = v.(string)
+ }
+ if v, ok := d.GetOk("ldap_group.according_to"); ok {
+ res["according-to"] = v.(string)
+ }
+ serviceGtp["ldap-group"] = res
+ }
+
+ if _, ok := d.GetOk("ms_isdn"); ok {
+
+ res := make(map[string]interface{})
+
+ if v, ok := d.GetOk("ms_isdn.enable"); ok {
+ res["enable"] = v
+ }
+ if v, ok := d.GetOk("ms_isdn.ms_isdn"); ok {
+ res["ms-isdn"] = v.(string)
+ }
+ serviceGtp["ms-isdn"] = res
+ }
+
+ if v, ok := d.GetOk("radio_access_technology"); ok {
+
+ radioAccessTechnologyList := v.([]interface{})
+
+ if len(radioAccessTechnologyList) > 0 {
+
+ radioAccessTechnologyPayload := make(map[string]interface{})
+
+ if v, ok := d.GetOk("radio_access_technology.0.utran"); ok {
+ radioAccessTechnologyPayload["utran"] = v.(bool)
+ }
+ if v, ok := d.GetOk("radio_access_technology.0.geran"); ok {
+ radioAccessTechnologyPayload["geran"] = v.(bool)
+ }
+ if v, ok := d.GetOk("radio_access_technology.0.wlan"); ok {
+ radioAccessTechnologyPayload["wlan"] = v.(bool)
+ }
+ if v, ok := d.GetOk("radio_access_technology.0.gan"); ok {
+ radioAccessTechnologyPayload["gan"] = v.(bool)
+ }
+ if v, ok := d.GetOk("radio_access_technology.0.hspa_evolution"); ok {
+ radioAccessTechnologyPayload["hspa-evolution"] = v.(bool)
+ }
+ if v, ok := d.GetOk("radio_access_technology.0.eutran"); ok {
+ radioAccessTechnologyPayload["eutran"] = v.(bool)
+ }
+ if v, ok := d.GetOk("radio_access_technology.0.virtual"); ok {
+ radioAccessTechnologyPayload["virtual"] = v.(bool)
+ }
+ if v, ok := d.GetOk("radio_access_technology.0.nb_iot"); ok {
+ radioAccessTechnologyPayload["nb-iot"] = v.(bool)
+ }
+ if _, ok := d.GetOk("radio_access_technology.0.other_types_range"); ok {
+
+ otherTypesRangePayload := make(map[string]interface{})
+
+ if v, ok := d.GetOk("radio_access_technology.0.other_types_range.0.enable"); ok {
+ otherTypesRangePayload["enable"] = strconv.FormatBool(v.(bool))
+ }
+ if v, ok := d.GetOk("radio_access_technology.0.other_types_range.0.types"); ok {
+ otherTypesRangePayload["types"] = v.(string)
+ }
+ radioAccessTechnologyPayload["other-types-range"] = otherTypesRangePayload
+ }
+ serviceGtp["radio-access-technology"] = radioAccessTechnologyPayload
+ }
+ }
+ if v, ok := d.GetOkExists("restoration_and_recovery"); ok {
+ serviceGtp["restoration-and-recovery"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("reverse_service"); ok {
+ serviceGtp["reverse-service"] = v.(bool)
+ }
+
+ if _, ok := d.GetOk("selection_mode"); ok {
+
+ res := make(map[string]interface{})
+
+ if v, ok := d.GetOk("selection_mode.0.enable"); ok {
+ res["enable"] = v
+ }
+ if v, ok := d.GetOk("selection_mode.0.mode"); ok {
+ res["mode"] = v
+ }
+ serviceGtp["selection-mode"] = res
+ }
+
+ if v, ok := d.GetOkExists("trace_management"); ok {
+ serviceGtp["trace-management"] = v.(bool)
+ }
+
+ if v, ok := d.GetOk("tags"); ok {
+ serviceGtp["tags"] = v.(*schema.Set).List()
+ }
+
+ if v, ok := d.GetOk("color"); ok {
+ serviceGtp["color"] = v.(string)
+ }
+
+ if v, ok := d.GetOk("comments"); ok {
+ serviceGtp["comments"] = v.(string)
+ }
+
+ if v, ok := d.GetOk("groups"); ok {
+ serviceGtp["groups"] = v.(*schema.Set).List()
+ }
+
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ serviceGtp["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ serviceGtp["ignore-errors"] = v.(bool)
+ }
+
+ log.Println("Create ServiceGtp - Map = ", serviceGtp)
+
+ addServiceGtpRes, err := client.ApiCall("add-service-gtp", serviceGtp, client.GetSessionID(), true, false)
+ if err != nil || !addServiceGtpRes.Success {
+ if addServiceGtpRes.ErrorMsg != "" {
+ return fmt.Errorf(addServiceGtpRes.ErrorMsg)
+ }
+ return fmt.Errorf(err.Error())
+ }
+
+ d.SetId(addServiceGtpRes.GetData()["uid"].(string))
+
+ return readManagementServiceGtp(d, m)
+}
+
+func readManagementServiceGtp(d *schema.ResourceData, m interface{}) error {
+
+ client := m.(*checkpoint.ApiClient)
+
+ payload := map[string]interface{}{
+ "uid": d.Id(),
+ }
+
+ showServiceGtpRes, err := client.ApiCall("show-service-gtp", payload, client.GetSessionID(), true, false)
+ if err != nil {
+ return fmt.Errorf(err.Error())
+ }
+ if !showServiceGtpRes.Success {
+ if objectNotFound(showServiceGtpRes.GetData()["code"].(string)) {
+ d.SetId("")
+ return nil
+ }
+ return fmt.Errorf(showServiceGtpRes.ErrorMsg)
+ }
+
+ serviceGtp := showServiceGtpRes.GetData()
+
+ log.Println("Read ServiceGtp - Show JSON = ", serviceGtp)
+
+ if v := serviceGtp["name"]; v != nil {
+ _ = d.Set("name", v)
+ }
+
+ if v := serviceGtp["version"]; v != nil {
+ _ = d.Set("version", v)
+ }
+
+ if serviceGtp["access-point-name"] != nil {
+
+ accessPointNameMap := serviceGtp["access-point-name"].(map[string]interface{})
+
+ accessPointNameMapToReturn := make(map[string]interface{})
+
+ if v, _ := accessPointNameMap["enable"]; v != nil {
+ accessPointNameMapToReturn["enable"] = strconv.FormatBool(v.(bool))
+ }
+ if v, _ := accessPointNameMap["apn"]; v != nil {
+
+ accessPointNameMapToReturn["apn"] = v.(map[string]interface{})["name"].(string)
+ }
+ _ = d.Set("access_point_name", accessPointNameMapToReturn)
+ } else {
+ _ = d.Set("access_point_name", nil)
+ }
+
+ if v := serviceGtp["allow-usage-of-static-ip"]; v != nil {
+ _ = d.Set("allow_usage_of_static_ip", v)
+ }
+
+ if serviceGtp["apply-access-policy-on-user-traffic"] != nil {
+
+ applyAccessPolicyOnUserTrafficMap := serviceGtp["apply-access-policy-on-user-traffic"].(map[string]interface{})
+
+ applyAccessPolicyOnUserTrafficMapToReturn := make(map[string]interface{})
+
+ if v, _ := applyAccessPolicyOnUserTrafficMap["enable"]; v != nil {
+ applyAccessPolicyOnUserTrafficMapToReturn["enable"] = strconv.FormatBool(v.(bool))
+ }
+ if v, _ := applyAccessPolicyOnUserTrafficMap["add-imsi-field-to-log"]; v != nil {
+ applyAccessPolicyOnUserTrafficMapToReturn["add_imsi_field_to_log"] = strconv.FormatBool(v.(bool))
+ }
+ _ = d.Set("apply_access_policy_on_user_traffic", applyAccessPolicyOnUserTrafficMapToReturn)
+ } else {
+ _ = d.Set("apply_access_policy_on_user_traffic", nil)
+ }
+
+ if v := serviceGtp["cs-fallback-and-srvcc"]; v != nil {
+ _ = d.Set("cs_fallback_and_srvcc", v)
+ }
+
+ if serviceGtp["imsi-prefix"] != nil {
+
+ imsiPrefixMap := serviceGtp["imsi-prefix"].(map[string]interface{})
+
+ imsiPrefixMapToReturn := make(map[string]interface{})
+
+ if v, _ := imsiPrefixMap["enable"]; v != nil {
+ imsiPrefixMapToReturn["enable"] = strconv.FormatBool(v.(bool))
+ }
+ if v, _ := imsiPrefixMap["prefix"]; v != nil {
+ imsiPrefixMapToReturn["prefix"] = v
+ }
+ _ = d.Set("imsi_prefix", imsiPrefixMapToReturn)
+ } else {
+ _ = d.Set("imsi_prefix", nil)
+ }
+
+ if serviceGtp["interface-profile"] != nil {
+
+ interfaceProfileMap := serviceGtp["interface-profile"].(map[string]interface{})
+
+ interfaceProfileMapToReturn := make(map[string]interface{})
+
+ if v, _ := interfaceProfileMap["profile"]; v != nil {
+ profileMap := v.(map[string]interface{})
+ if j, _ := profileMap["name"]; j != nil {
+ interfaceProfileMapToReturn["profile"] = j
+ }
+
+ }
+ if v, _ := interfaceProfileMap["custom-message-types"]; v != nil {
+ interfaceProfileMapToReturn["custom_message_types"] = v
+ }
+ _ = d.Set("interface_profile", interfaceProfileMapToReturn)
+ } else {
+ _ = d.Set("interface_profile", nil)
+ }
+
+ if serviceGtp["ldap-group"] != nil {
+
+ ldapGroupMap := serviceGtp["ldap-group"].(map[string]interface{})
+
+ ldapGroupMapToReturn := make(map[string]interface{})
+
+ if v, _ := ldapGroupMap["enable"]; v != nil {
+ ldapGroupMapToReturn["enable"] = strconv.FormatBool(v.(bool))
+ }
+ if v, _ := ldapGroupMap["group"]; v != nil {
+ groupMap := v.(map[string]interface{})
+ if j, _ := groupMap["name"]; j != nil {
+ ldapGroupMapToReturn["group"] = j.(string)
+ }
+ }
+ if v, _ := ldapGroupMap["according-to"]; v != nil {
+ ldapGroupMapToReturn["according_to"] = v
+ }
+ _ = d.Set("ldap_group", ldapGroupMapToReturn)
+ } else {
+ _ = d.Set("ldap_group", nil)
+ }
+
+ if serviceGtp["ms-isdn"] != nil {
+
+ msIsdnMap := serviceGtp["ms-isdn"].(map[string]interface{})
+
+ msIsdnMapToReturn := make(map[string]interface{})
+
+ if v, _ := msIsdnMap["enable"]; v != nil {
+ msIsdnMapToReturn["enable"] = strconv.FormatBool(v.(bool))
+ }
+ if v, _ := msIsdnMap["ms-isdn"]; v != nil {
+ msIsdnMapToReturn["ms_isdn"] = v
+ }
+ _ = d.Set("ms_isdn", msIsdnMapToReturn)
+ } else {
+ _ = d.Set("ms_isdn", nil)
+ }
+
+ if serviceGtp["radio-access-technology"] != nil {
+
+ radioAccessTechnologyMap, ok := serviceGtp["radio-access-technology"].(map[string]interface{})
+
+ if ok {
+ radioAccessTechnologyMapToReturn := make(map[string]interface{})
+
+ if v := radioAccessTechnologyMap["utran"]; v != nil {
+ radioAccessTechnologyMapToReturn["utran"] = v
+ }
+ if v := radioAccessTechnologyMap["geran"]; v != nil {
+ radioAccessTechnologyMapToReturn["geran"] = v
+ }
+ if v := radioAccessTechnologyMap["wlan"]; v != nil {
+ radioAccessTechnologyMapToReturn["wlan"] = v
+ }
+ if v := radioAccessTechnologyMap["gan"]; v != nil {
+ radioAccessTechnologyMapToReturn["gan"] = v
+ }
+ if v := radioAccessTechnologyMap["hspa-evolution"]; v != nil {
+ radioAccessTechnologyMapToReturn["hspa_evolution"] = v
+ }
+ if v := radioAccessTechnologyMap["eutran"]; v != nil {
+ radioAccessTechnologyMapToReturn["eutran"] = v
+ }
+ if v := radioAccessTechnologyMap["virtual"]; v != nil {
+ radioAccessTechnologyMapToReturn["virtual"] = v
+ }
+ if v := radioAccessTechnologyMap["nb-iot"]; v != nil {
+ radioAccessTechnologyMapToReturn["nb_iot"] = v
+ }
+ if v, ok := radioAccessTechnologyMap["other-types-range"]; ok {
+
+ otherTypesRangeMap, ok := v.(map[string]interface{})
+ if ok {
+ otherTypesRangeMapToReturn := make(map[string]interface{})
+
+ if v, _ := otherTypesRangeMap["enable"]; v != nil {
+ otherTypesRangeMapToReturn["enable"] = v
+ }
+ if v, _ := otherTypesRangeMap["types"]; v != nil {
+ otherTypesRangeMapToReturn["types"] = v
+ }
+ radioAccessTechnologyMapToReturn["other_types_range"] = []interface{}{otherTypesRangeMapToReturn}
+ }
+ }
+ _ = d.Set("radio_access_technology", []interface{}{radioAccessTechnologyMapToReturn})
+
+ }
+ } else {
+ _ = d.Set("radio_access_technology", nil)
+ }
+
+ if v := serviceGtp["restoration-and-recovery"]; v != nil {
+ _ = d.Set("restoration_and_recovery", v)
+ }
+
+ if v := serviceGtp["reverse-service"]; v != nil {
+ _ = d.Set("reverse_service", v)
+ }
+
+ if serviceGtp["selection-mode"] != nil {
+
+ selectionModeMapToReturn := make(map[string]interface{})
+
+ innerMap := serviceGtp["selection-mode"].(map[string]interface{})
+
+ if v, _ := innerMap["mode"]; v != nil {
+
+ selectionModeMapToReturn["mode"] = v
+ }
+
+ if v, _ := innerMap["enable"]; v != nil {
+ selectionModeMapToReturn["enable"] = v
+ }
+
+ _ = d.Set("selection_mode", []interface{}{selectionModeMapToReturn})
+ } else {
+ _ = d.Set("selection_mode", nil)
+ }
+
+ if v := serviceGtp["trace-management"]; v != nil {
+ _ = d.Set("trace_management", v)
+ }
+
+ if serviceGtp["tags"] != nil {
+ tagsJson, ok := serviceGtp["tags"].([]interface{})
+ if ok {
+ tagsIds := make([]string, 0)
+ if len(tagsJson) > 0 {
+ for _, tags := range tagsJson {
+ tags := tags.(map[string]interface{})
+ tagsIds = append(tagsIds, tags["name"].(string))
+ }
+ }
+ _ = d.Set("tags", tagsIds)
+ }
+ } else {
+ _ = d.Set("tags", nil)
+ }
+
+ if v := serviceGtp["color"]; v != nil {
+ _ = d.Set("color", v)
+ }
+
+ if v := serviceGtp["comments"]; v != nil {
+ _ = d.Set("comments", v)
+ }
+
+ if serviceGtp["groups"] != nil {
+ groupsJson, ok := serviceGtp["groups"].([]interface{})
+ if ok {
+ groupsIds := make([]string, 0)
+ if len(groupsJson) > 0 {
+ for _, groups := range groupsJson {
+ groups := groups.(map[string]interface{})
+ groupsIds = append(groupsIds, groups["name"].(string))
+ }
+ }
+ _ = d.Set("groups", groupsIds)
+ }
+ } else {
+ _ = d.Set("groups", nil)
+ }
+
+ if v := serviceGtp["ignore-warnings"]; v != nil {
+ _ = d.Set("ignore_warnings", v)
+ }
+
+ return nil
+
+}
+
+func updateManagementServiceGtp(d *schema.ResourceData, m interface{}) error {
+
+ client := m.(*checkpoint.ApiClient)
+ serviceGtp := make(map[string]interface{})
+
+ if ok := d.HasChange("name"); ok {
+ oldName, newName := d.GetChange("name")
+ serviceGtp["name"] = oldName
+ serviceGtp["new-name"] = newName
+ } else {
+ serviceGtp["name"] = d.Get("name")
+ }
+
+ if ok := d.HasChange("version"); ok {
+ serviceGtp["version"] = d.Get("version")
+ }
+
+ if d.HasChange("access_point_name") {
+
+ if _, ok := d.GetOk("access_point_name"); ok {
+ res := make(map[string]interface{})
+ if v, ok := d.GetOk("access_point_name.enable"); ok {
+ res["enable"] = v
+ }
+ if v, ok := d.GetOk("access_point_name.apn"); ok {
+ res["apn"] = v
+ }
+ serviceGtp["access-point-name"] = res
+ }
+ }
+ if v, ok := d.GetOkExists("allow_usage_of_static_ip"); ok {
+ serviceGtp["allow-usage-of-static-ip"] = v.(bool)
+ }
+ if d.HasChange("apply_access_policy_on_user_traffic") {
+
+ if _, ok := d.GetOk("apply_access_policy_on_user_traffic"); ok {
+
+ res := make(map[string]interface{})
+
+ if v, ok := d.GetOk("apply_access_policy_on_user_traffic.enable"); ok {
+ res["enable"] = v
+ }
+ if v, ok := d.GetOk("apply_access_policy_on_user_traffic.add_imsi_field_to_log"); ok {
+ res["add-imsi-field-to-log"] = v
+ }
+ serviceGtp["apply-access-policy-on-user-traffic"] = res
+ }
+ }
+ if v, ok := d.GetOkExists("cs_fallback_and_srvcc"); ok {
+ serviceGtp["cs-fallback-and-srvcc"] = v.(bool)
+ }
+ if d.HasChange("imsi_prefix") {
+
+ if _, ok := d.GetOk("imsi_prefix"); ok {
+ res := make(map[string]interface{})
+ if v, ok := d.GetOk("imsi_prefix.enable"); ok {
+ res["enable"] = v
+ }
+ if v, ok := d.GetOk("imsi_prefix.prefix"); ok {
+ res["prefix"] = v
+ }
+ serviceGtp["imsi-prefix"] = res
+ }
+ }
+ if d.HasChange("interface_profile") {
+ if _, ok := d.GetOk("interface_profile"); ok {
+ res := make(map[string]interface{})
+ if v, ok := d.GetOk("interface_profile.profile"); ok {
+ res["profile"] = v
+ }
+ if v, ok := d.GetOk("interface_profile.custom_message_types"); ok {
+ res["custom-message-types"] = v
+ }
+ serviceGtp["interface-profile"] = res
+ }
+ }
+ if d.HasChange("ldap_group") {
+ if _, ok := d.GetOk("ldap_group"); ok {
+ res := make(map[string]interface{})
+ if v, ok := d.GetOk("ldap_group.enable"); ok {
+ res["enable"] = v
+ }
+ if v, ok := d.GetOk("ldap_group.group"); ok {
+ res["group"] = v
+ }
+ if v, ok := d.GetOk("ldap_group.according_to"); ok {
+ res["according-to"] = v
+ }
+ serviceGtp["ldap-group"] = res
+ }
+ }
+ if d.HasChange("ms_isdn") {
+ if _, ok := d.GetOk("ms_isdn"); ok {
+ res := make(map[string]interface{})
+ if v, ok := d.GetOk("ms_isdn.enable"); ok {
+ res["enable"] = v
+ }
+ if v, ok := d.GetOk("ms_isdn.ms_isdn"); ok {
+ res["ms-isdn"] = v
+ }
+ serviceGtp["ms-isdn"] = res
+ }
+ }
+ if d.HasChange("radio_access_technology") {
+ if v, ok := d.GetOk("radio_access_technology"); ok {
+ radioAccessTechnologyList := v.([]interface{})
+
+ if len(radioAccessTechnologyList) > 0 {
+ radioAccessTechnologyPayload := make(map[string]interface{})
+ if v, ok := d.GetOk("radio_access_technology.0.utran"); ok {
+ radioAccessTechnologyPayload["utran"] = v.(bool)
+ }
+ if v, ok := d.GetOk("radio_access_technology.0.geran"); ok {
+ radioAccessTechnologyPayload["geran"] = v.(bool)
+ }
+ if v, ok := d.GetOk("radio_access_technology.0.wlan"); ok {
+ radioAccessTechnologyPayload["wlan"] = v.(bool)
+ }
+ if v, ok := d.GetOk("radio_access_technology.0.gan"); ok {
+ radioAccessTechnologyPayload["gan"] = v.(bool)
+ }
+ if v, ok := d.GetOk("radio_access_technology.0.hspa_evolution"); ok {
+ radioAccessTechnologyPayload["hspa-evolution"] = v.(bool)
+ }
+ if v, ok := d.GetOk("radio_access_technology.0.eutran"); ok {
+ radioAccessTechnologyPayload["eutran"] = v.(bool)
+ }
+ if v, ok := d.GetOk("radio_access_technology.0.virtual"); ok {
+ radioAccessTechnologyPayload["virtual"] = v.(bool)
+ }
+ if v, ok := d.GetOk("radio_access_technology.0.nb_iot"); ok {
+ radioAccessTechnologyPayload["nb-iot"] = v.(bool)
+ }
+ if _, ok := d.GetOk("radio_access_technology.0.other_types_range"); ok {
+ otherTypesRangePayload := make(map[string]interface{})
+ if v, ok := d.GetOk("radio_access_technology.0.other_types_range.0.enable"); ok {
+ otherTypesRangePayload["enable"] = v
+ }
+ if v, ok := d.GetOk("radio_access_technology.0.other_types_range.0.types"); ok {
+ otherTypesRangePayload["types"] = v.(string)
+ }
+ radioAccessTechnologyPayload["other-types-range"] = otherTypesRangePayload
+ }
+ serviceGtp["radio-access-technology"] = radioAccessTechnologyPayload
+ }
+ }
+ }
+ if v, ok := d.GetOkExists("restoration_and_recovery"); ok {
+ serviceGtp["restoration-and-recovery"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("reverse_service"); ok {
+ serviceGtp["reverse-service"] = v.(bool)
+ }
+ if d.HasChange("selection_mode") {
+ if _, ok := d.GetOk("selection_mode"); ok {
+ res := make(map[string]interface{})
+ if v, ok := d.GetOk("selection_mode.0.enable"); ok {
+ res["enable"] = v
+ }
+ if v, ok := d.GetOk("selection_mode.0.mode"); ok {
+ res["mode"] = v
+ }
+ serviceGtp["selection-mode"] = res
+ }
+ }
+ if v, ok := d.GetOkExists("trace_management"); ok {
+ serviceGtp["trace-management"] = v.(bool)
+ }
+ if d.HasChange("tags") {
+ if v, ok := d.GetOk("tags"); ok {
+ serviceGtp["tags"] = v.(*schema.Set).List()
+ } else {
+ oldTags, _ := d.GetChange("tags")
+ serviceGtp["tags"] = map[string]interface{}{"remove": oldTags.(*schema.Set).List()}
+ }
+ }
+ if ok := d.HasChange("color"); ok {
+ serviceGtp["color"] = d.Get("color")
+ }
+ if ok := d.HasChange("comments"); ok {
+ serviceGtp["comments"] = d.Get("comments")
+ }
+ if d.HasChange("groups") {
+ if v, ok := d.GetOk("groups"); ok {
+ serviceGtp["groups"] = v.(*schema.Set).List()
+ } else {
+ oldGroups, _ := d.GetChange("groups")
+ serviceGtp["groups"] = map[string]interface{}{"remove": oldGroups.(*schema.Set).List()}
+ }
+ }
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ serviceGtp["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ serviceGtp["ignore-errors"] = v.(bool)
+ }
+
+ log.Println("Update ServiceGtp - Map = ", serviceGtp)
+
+ updateServiceGtpRes, err := client.ApiCall("set-service-gtp", serviceGtp, client.GetSessionID(), true, false)
+ if err != nil || !updateServiceGtpRes.Success {
+ if updateServiceGtpRes.ErrorMsg != "" {
+ return fmt.Errorf(updateServiceGtpRes.ErrorMsg)
+ }
+ return fmt.Errorf(err.Error())
+ }
+
+ return readManagementServiceGtp(d, m)
+}
+
+func deleteManagementServiceGtp(d *schema.ResourceData, m interface{}) error {
+
+ client := m.(*checkpoint.ApiClient)
+
+ serviceGtpPayload := map[string]interface{}{
+ "uid": d.Id(),
+ }
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ serviceGtpPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ serviceGtpPayload["ignore-errors"] = v.(bool)
+ }
+ log.Println("Delete ServiceGtp")
+
+ deleteServiceGtpRes, err := client.ApiCall("delete-service-gtp", serviceGtpPayload, client.GetSessionID(), true, false)
+ if err != nil || !deleteServiceGtpRes.Success {
+ if deleteServiceGtpRes.ErrorMsg != "" {
+ return fmt.Errorf(deleteServiceGtpRes.ErrorMsg)
+ }
+ return fmt.Errorf(err.Error())
+ }
+ d.SetId("")
+
+ return nil
+}
diff --git a/checkpoint/resource_checkpoint_management_service_gtp_test.go b/checkpoint/resource_checkpoint_management_service_gtp_test.go
new file mode 100644
index 00000000..b2160f71
--- /dev/null
+++ b/checkpoint/resource_checkpoint_management_service_gtp_test.go
@@ -0,0 +1,153 @@
+package checkpoint
+
+import (
+ "fmt"
+ checkpoint "github.com/CheckPointSW/cp-mgmt-api-go-sdk/APIFiles"
+ "github.com/hashicorp/terraform-plugin-sdk/helper/acctest"
+ "github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+ "github.com/hashicorp/terraform-plugin-sdk/terraform"
+ "os"
+ "strings"
+ "testing"
+)
+
+func TestAccCheckpointManagementServiceGtp_basic(t *testing.T) {
+
+ var serviceGtpMap map[string]interface{}
+ resourceName := "checkpoint_management_service_gtp.test"
+ objName := "tfTestManagementServiceGtp" + acctest.RandString(6)
+
+ context := os.Getenv("CHECKPOINT_CONTEXT")
+ if context != "web_api" {
+ t.Skip("Skipping management test")
+ } else if context == "" {
+ t.Skip("Env CHECKPOINT_CONTEXT must be specified to run this acc test")
+ }
+
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() { testAccPreCheck(t) },
+ Providers: testAccProviders,
+ CheckDestroy: testAccCheckpointManagementServiceGtpDestroy,
+ Steps: []resource.TestStep{
+ {
+ Config: testAccManagementServiceGtpConfig(objName, "v2", false, true),
+ Check: resource.ComposeTestCheckFunc(
+ testAccCheckCheckpointManagementServiceGtpExists(resourceName, &serviceGtpMap),
+ testAccCheckCheckpointManagementServiceGtpAttributes(&serviceGtpMap, objName, "v2", false, true),
+ ),
+ },
+ },
+ })
+}
+
+func testAccCheckpointManagementServiceGtpDestroy(s *terraform.State) error {
+
+ client := testAccProvider.Meta().(*checkpoint.ApiClient)
+ for _, rs := range s.RootModule().Resources {
+ if rs.Type != "checkpoint_management_service_gtp" {
+ continue
+ }
+ if rs.Primary.ID != "" {
+ res, _ := client.ApiCall("show-service-gtp", map[string]interface{}{"uid": rs.Primary.ID}, client.GetSessionID(), true, false)
+ if res.Success {
+ return fmt.Errorf("ServiceGtp object (%s) still exists", rs.Primary.ID)
+ }
+ }
+ return nil
+ }
+ return nil
+}
+
+func testAccCheckCheckpointManagementServiceGtpExists(resourceTfName string, res *map[string]interface{}) resource.TestCheckFunc {
+ return func(s *terraform.State) error {
+
+ rs, ok := s.RootModule().Resources[resourceTfName]
+ if !ok {
+ return fmt.Errorf("Resource not found: %s", resourceTfName)
+ }
+
+ if rs.Primary.ID == "" {
+ return fmt.Errorf("ServiceGtp ID is not set")
+ }
+
+ client := testAccProvider.Meta().(*checkpoint.ApiClient)
+
+ response, err := client.ApiCall("show-service-gtp", map[string]interface{}{"uid": rs.Primary.ID}, client.GetSessionID(), true, false)
+ if !response.Success {
+ return err
+ }
+
+ *res = response.GetData()
+
+ return nil
+ }
+}
+
+func testAccCheckCheckpointManagementServiceGtpAttributes(serviceGtpMap *map[string]interface{}, name string, version string, reverseService bool, traceManagement bool) resource.TestCheckFunc {
+ return func(s *terraform.State) error {
+
+ serviceGtpName := (*serviceGtpMap)["name"].(string)
+ if !strings.EqualFold(serviceGtpName, name) {
+ return fmt.Errorf("name is %s, expected %s", name, serviceGtpName)
+ }
+ serviceGtpVersion := (*serviceGtpMap)["version"].(string)
+ if !strings.EqualFold(serviceGtpVersion, version) {
+ return fmt.Errorf("version is %s, expected %s", version, serviceGtpVersion)
+ }
+ serviceGtpReverseService := (*serviceGtpMap)["reverse-service"].(bool)
+ if serviceGtpReverseService != reverseService {
+ return fmt.Errorf("reverseService is %t, expected %t", reverseService, serviceGtpReverseService)
+ }
+ serviceGtpTraceManagement := (*serviceGtpMap)["trace-management"].(bool)
+ if serviceGtpTraceManagement != traceManagement {
+ return fmt.Errorf("traceManagement is %t, expected %t", traceManagement, serviceGtpTraceManagement)
+ }
+ return nil
+ }
+}
+
+func testAccManagementServiceGtpConfig(name string, version string, reverseService bool, traceManagement bool) string {
+ return fmt.Sprintf(`
+resource "checkpoint_management_service_gtp" "test" {
+ name = "%s"
+ version = "%s"
+ reverse_service = %t
+ trace_management = %t
+ imsi_prefix = {
+ enable = true
+ prefix = "123"
+ }
+ interface_profile = {
+ profile = "Custom"
+ custom_message_types = "32-35"
+ }
+ selection_mode {
+ enable = true
+ mode = 1
+ }
+ ms_isdn= {
+ enable = true
+ ms_isdn = "312"
+ }
+ access_point_name ={
+ enable = true
+ apn = "AccP2"
+ }
+ apply_access_policy_on_user_traffic ={
+ enable = true
+ add_imsi_field_to_log = true
+ }
+ radio_access_technology {
+ other_types_range {
+ enable = true
+ types = "11-50"
+ }
+ }
+ ldap_group = {
+ enable = true
+ group = "ldap_group_1"
+ according_to = "MS-ISDN"
+ }
+}
+`, name, version, reverseService, traceManagement)
+}
diff --git a/checkpoint/resource_checkpoint_management_service_icmp.go b/checkpoint/resource_checkpoint_management_service_icmp.go
index 360f8ed9..0c818819 100644
--- a/checkpoint/resource_checkpoint_management_service_icmp.go
+++ b/checkpoint/resource_checkpoint_management_service_icmp.go
@@ -277,7 +277,13 @@ func deleteManagementServiceIcmp(d *schema.ResourceData, m interface{}) error {
serviceIcmpPayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ serviceIcmpPayload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ serviceIcmpPayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete ServiceIcmp")
deleteServiceIcmpRes, err := client.ApiCall("delete-service-icmp", serviceIcmpPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_service_icmp6.go b/checkpoint/resource_checkpoint_management_service_icmp6.go
index 4a100aed..c9efb06b 100644
--- a/checkpoint/resource_checkpoint_management_service_icmp6.go
+++ b/checkpoint/resource_checkpoint_management_service_icmp6.go
@@ -274,7 +274,13 @@ func deleteManagementServiceIcmp6(d *schema.ResourceData, m interface{}) error {
serviceIcmp6Payload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ serviceIcmp6Payload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ serviceIcmp6Payload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete ServiceIcmp6")
deleteServiceIcmp6Res, err := client.ApiCall("delete-service-icmp6", serviceIcmp6Payload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_service_other.go b/checkpoint/resource_checkpoint_management_service_other.go
index c4b8ed24..8d43814b 100644
--- a/checkpoint/resource_checkpoint_management_service_other.go
+++ b/checkpoint/resource_checkpoint_management_service_other.go
@@ -510,6 +510,13 @@ func deleteManagementServiceOther(d *schema.ResourceData, m interface{}) error {
serviceOtherPayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ serviceOtherPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ serviceOtherPayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete ServiceOther")
diff --git a/checkpoint/resource_checkpoint_management_service_rpc.go b/checkpoint/resource_checkpoint_management_service_rpc.go
index 1930c69e..3e05ad30 100644
--- a/checkpoint/resource_checkpoint_management_service_rpc.go
+++ b/checkpoint/resource_checkpoint_management_service_rpc.go
@@ -257,7 +257,13 @@ func deleteManagementServiceRpc(d *schema.ResourceData, m interface{}) error {
serviceRpcPayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ serviceRpcPayload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ serviceRpcPayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete ServiceRpc")
deleteServiceRpcRes, err := client.ApiCall("delete-service-rpc", serviceRpcPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_service_sctp.go b/checkpoint/resource_checkpoint_management_service_sctp.go
index b7958b02..c870d05c 100644
--- a/checkpoint/resource_checkpoint_management_service_sctp.go
+++ b/checkpoint/resource_checkpoint_management_service_sctp.go
@@ -451,7 +451,13 @@ func deleteManagementServiceSctp(d *schema.ResourceData, m interface{}) error {
serviceSctpPayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ serviceSctpPayload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ serviceSctpPayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete ServiceSctp")
deleteServiceSctpRes, err := client.ApiCall("delete-service-sctp", serviceSctpPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_service_tcp.go b/checkpoint/resource_checkpoint_management_service_tcp.go
index a88b4256..e4c0416b 100644
--- a/checkpoint/resource_checkpoint_management_service_tcp.go
+++ b/checkpoint/resource_checkpoint_management_service_tcp.go
@@ -470,6 +470,12 @@ func deleteManagementServiceTcp(d *schema.ResourceData, m interface{}) error {
payload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ payload["ignore-errors"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ payload["ignore-warnings"] = v.(bool)
+ }
deleteServiceTcpRes, _ := client.ApiCall("delete-service-tcp", payload, client.GetSessionID(), true, client.IsProxyUsed())
if !deleteServiceTcpRes.Success {
return fmt.Errorf(deleteServiceTcpRes.ErrorMsg)
diff --git a/checkpoint/resource_checkpoint_management_service_udp.go b/checkpoint/resource_checkpoint_management_service_udp.go
index 6c2bd846..0e170dd6 100644
--- a/checkpoint/resource_checkpoint_management_service_udp.go
+++ b/checkpoint/resource_checkpoint_management_service_udp.go
@@ -486,6 +486,12 @@ func deleteManagementServiceUdp(d *schema.ResourceData, m interface{}) error {
payload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ payload["ignore-errors"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ payload["ignore-warnings"] = v.(bool)
+ }
deleteServiceUdpRes, _ := client.ApiCall("delete-service-udp", payload, client.GetSessionID(), true, client.IsProxyUsed())
if !deleteServiceUdpRes.Success {
return fmt.Errorf(deleteServiceUdpRes.ErrorMsg)
diff --git a/checkpoint/resource_checkpoint_management_simple_cluster.go b/checkpoint/resource_checkpoint_management_simple_cluster.go
index 743a403f..fae9dc07 100644
--- a/checkpoint/resource_checkpoint_management_simple_cluster.go
+++ b/checkpoint/resource_checkpoint_management_simple_cluster.go
@@ -2698,14 +2698,7 @@ func readManagementSimpleCluster(d *schema.ResourceData, m interface{}) error {
if cluster["fetch-policy"] != nil {
fetchPolicyJson, ok := cluster["fetch-policy"].([]interface{})
if ok {
- fetchPolicyIds := make([]string, 0)
- if len(fetchPolicyJson) > 0 {
- for _, fetch_policy := range fetchPolicyJson {
- fetch_policy := fetch_policy.(map[string]interface{})
- fetchPolicyIds = append(fetchPolicyIds, fetch_policy["name"].(string))
- }
- }
- _ = d.Set("fetch_policy", fetchPolicyIds)
+ _ = d.Set("fetch_policy", fetchPolicyJson)
}
} else {
_ = d.Set("fetch_policy", nil)
@@ -4508,7 +4501,13 @@ func deleteManagementSimpleCluster(d *schema.ResourceData, m interface{}) error
payload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ payload["ignore-warnings"] = v
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ payload["ignore-errors"] = v
+ }
deleteClusterRes, err := client.ApiCall("delete-simple-cluster", payload, client.GetSessionID(), true, client.IsProxyUsed())
if err != nil || !deleteClusterRes.Success {
if deleteClusterRes.ErrorMsg != "" {
diff --git a/checkpoint/resource_checkpoint_management_simple_gateway.go b/checkpoint/resource_checkpoint_management_simple_gateway.go
index 8ba68d6a..d088c3d3 100644
--- a/checkpoint/resource_checkpoint_management_simple_gateway.go
+++ b/checkpoint/resource_checkpoint_management_simple_gateway.go
@@ -4835,7 +4835,13 @@ func deleteManagementSimpleGateway(d *schema.ResourceData, m interface{}) error
gatewayPayload := map[string]interface{}{
"uid": d.Id(),
}
+ if ok := d.HasChange("color"); ok {
+ gatewayPayload["color"] = d.Get("color").(string)
+ }
+ if v, ok := d.GetOk("ignore_warnings"); ok {
+ gatewayPayload["ignore-warnings"] = v
+ }
deleteGatewayRes, err := client.ApiCall("delete-simple-gateway", gatewayPayload, client.GetSessionID(), true, client.IsProxyUsed())
if err != nil || !deleteGatewayRes.Success {
if deleteGatewayRes.ErrorMsg != "" {
diff --git a/checkpoint/resource_checkpoint_management_smart_task.go b/checkpoint/resource_checkpoint_management_smart_task.go
new file mode 100644
index 00000000..8f3e96c8
--- /dev/null
+++ b/checkpoint/resource_checkpoint_management_smart_task.go
@@ -0,0 +1,824 @@
+package checkpoint
+
+import (
+ "fmt"
+ checkpoint "github.com/CheckPointSW/cp-mgmt-api-go-sdk/APIFiles"
+ "github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+ "log"
+ "strconv"
+)
+
+func resourceManagementSmartTask() *schema.Resource {
+ return &schema.Resource{
+ Create: createManagementSmartTask,
+ Read: readManagementSmartTask,
+ Update: updateManagementSmartTask,
+ Delete: deleteManagementSmartTask,
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Required: true,
+ Description: "Object name.",
+ },
+ "action": {
+ Type: schema.TypeList,
+ Optional: true,
+ Description: "The action to be run when the trigger is fired.",
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "send_web_request": {
+ Type: schema.TypeList,
+ Optional: true,
+ Description: "When the trigger is fired, sends an HTTPS POST web request to the configured URL.
The trigger data will be passed along with the SmartTask's custom data in the request's payload.",
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "url": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "URL used for the web request.",
+ },
+ "fingerprint": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The SHA1 fingerprint of the URL's SSL certificate. Used to trust servers with self-signed SSL certificates.",
+ },
+ "override_proxy": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "Option to send to the web request via a proxy other than the Management's Server proxy (if defined).",
+ },
+ "proxy_url": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "URL of the proxy used to send the request.",
+ },
+ "shared_secret": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Shared secret that can be used by the target server to identify the Management Server.
The value will be sent as part of the request in the \"X-chkp-shared-secret\" header.",
+ },
+ "time_out": {
+ Type: schema.TypeInt,
+ Optional: true,
+ Description: "Web Request time-out in seconds.",
+ Default: 30,
+ },
+ },
+ },
+ },
+ "run_script": {
+ Type: schema.TypeList,
+ Optional: true,
+ Description: "When the trigger is fired, runs the configured Repository Script on the defined targets.
The trigger data is then passed to the script as the first parameter. The parameter is JSON encoded in Base64 format.",
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "repository_script": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Repository script that is executed when the trigger is fired., identified by the name or UID.",
+ },
+ "targets": {
+ Type: schema.TypeSet,
+ Optional: true,
+ Description: "Targets to execute the script on.",
+ Elem: &schema.Schema{
+ Type: schema.TypeString,
+ },
+ },
+ "time_out": {
+ Type: schema.TypeInt,
+ Optional: true,
+ Description: "Script execution time-out in seconds.",
+ Default: 30,
+ },
+ },
+ },
+ },
+ "send_mail": {
+ Type: schema.TypeList,
+ Optional: true,
+ Description: "When the trigger is fired, sends the configured email to the defined recipients.",
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "mail_settings": {
+ Type: schema.TypeList,
+ Required: true,
+ Description: "The required settings to send the mail by.",
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "recipients": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "A comma separated list of recipient mail addresses.",
+ },
+ "sender_email": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "An email address to send the mail from.",
+ },
+ "subject": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The email subject.",
+ },
+ "body": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "The email body.",
+ },
+ "attachment": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "What file should be attached to the mail.",
+ },
+ "bcc_recipients": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "A comma separated list of bcc recipient mail addresses.",
+ },
+ "cc_recipients": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "A comma separated list of cc recipient mail addresses.",
+ },
+ },
+ },
+ },
+ "smtp_server": {
+ Type: schema.TypeList,
+ Optional: true,
+ Description: "The UID or the name a preconfigured SMTP server object.",
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Object name. Must be unique in the domain",
+ },
+ "port": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "The SMTP port to use.",
+ },
+ "server": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "The SMTP server address.",
+ },
+ "authentication": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Does the mail server requires authentication.",
+ },
+ "encryption": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "Encryption type.",
+ },
+ "username": {
+ Type: schema.TypeString,
+ Computed: true,
+ Description: "A username for the SMTP server.",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "trigger": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Trigger type associated with the SmartTask.",
+ },
+ "custom_data": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Per SmartTask custom data in JSON format.
When the trigger is fired, the trigger data is converted to JSON. The custom data is then concatenated to the trigger data JSON.",
+ },
+ "description": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Description of the SmartTask's functionality and options.",
+ },
+ "enabled": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "Whether the SmartTask is enabled and will run when triggered.",
+ Default: false,
+ },
+ "fail_open": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "If the action fails to execute, whether to treat the execution failure as an error, or continue.",
+ Default: true,
+ },
+ "tags": {
+ Type: schema.TypeSet,
+ Optional: true,
+ Description: "Collection of tag identifiers.",
+ Elem: &schema.Schema{
+ Type: schema.TypeString,
+ },
+ },
+ "color": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Color of the object. Should be one of existing colors.",
+ Default: "black",
+ },
+ "comments": {
+ Type: schema.TypeString,
+ Optional: true,
+ Description: "Comments string.",
+ },
+ "ignore_warnings": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "Apply changes ignoring warnings.",
+ Default: false,
+ },
+ "ignore_errors": {
+ Type: schema.TypeBool,
+ Optional: true,
+ Description: "Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.",
+ Default: false,
+ },
+ },
+ }
+}
+
+func createManagementSmartTask(d *schema.ResourceData, m interface{}) error {
+ client := m.(*checkpoint.ApiClient)
+
+ smartTask := make(map[string]interface{})
+
+ if v, ok := d.GetOk("name"); ok {
+ smartTask["name"] = v.(string)
+ }
+
+ if v, ok := d.GetOk("action"); ok {
+
+ actionList := v.([]interface{})
+
+ if len(actionList) > 0 {
+
+ actionPayload := make(map[string]interface{})
+
+ if _, ok := d.GetOk("action.0.send_web_request"); ok {
+
+ sendWebRequestPayload := make(map[string]interface{})
+
+ if v, ok := d.GetOk("action.0.send_web_request.0.url"); ok {
+ sendWebRequestPayload["url"] = v.(string)
+ }
+ if v, ok := d.GetOk("action.0.send_web_request.0.fingerprint"); ok {
+ sendWebRequestPayload["fingerprint"] = v.(string)
+ }
+ if v, ok := d.GetOk("action.0.send_web_request.0.override_proxy"); ok {
+ sendWebRequestPayload["override-proxy"] = strconv.FormatBool(v.(bool))
+ }
+ if v, ok := d.GetOk("action.0.send_web_request.0.proxy_url"); ok {
+ sendWebRequestPayload["proxy-url"] = v.(string)
+ }
+ if v, ok := d.GetOk("action.0.send_web_request.0.shared_secret"); ok {
+ sendWebRequestPayload["shared-secret"] = v.(string)
+ }
+ if v, ok := d.GetOk("action.0.send_web_request.0.time_out"); ok {
+ sendWebRequestPayload["time-out"] = v
+ }
+ actionPayload["send-web-request"] = sendWebRequestPayload
+ }
+ if _, ok := d.GetOk("action.0.run_script"); ok {
+
+ runScriptPayload := make(map[string]interface{})
+
+ if v, ok := d.GetOk("action.0.run_script.0.repository_script"); ok {
+ runScriptPayload["repository-script"] = v.(string)
+ }
+ if v, ok := d.GetOk("action.0.run_script.0.targets"); ok {
+ runScriptPayload["targets"] = v.(*schema.Set).List()
+ }
+ if v, ok := d.GetOk("action.0.run_script.0.time_out"); ok {
+ runScriptPayload["time-out"] = v
+ }
+ actionPayload["run-script"] = runScriptPayload
+ }
+ if _, ok := d.GetOk("action.0.send_mail"); ok {
+
+ sendMailPayload := make(map[string]interface{})
+
+ if v, ok := d.GetOk("action.0.send_mail.0.mail_settings"); ok {
+
+ mailSettingsMap := v.([]interface{})[0].(map[string]interface{})
+
+ payload := make(map[string]interface{})
+
+ if v := mailSettingsMap["recipients"]; v != nil {
+ payload["recipients"] = v
+ }
+ if v := mailSettingsMap["sender_email"]; v != nil {
+ payload["sender-email"] = v
+ }
+ if v := mailSettingsMap["subject"]; v != nil {
+ payload["subject"] = v
+ }
+ if v := mailSettingsMap["body"]; v != nil {
+ payload["body"] = v
+ }
+ if v := mailSettingsMap["attachment"]; v != nil {
+ if len(v.(string)) > 0 {
+ payload["attachment"] = v
+ }
+ }
+ if v := mailSettingsMap["bcc_recipients"]; v != nil {
+ payload["bcc-recipients"] = v
+ }
+ if v := mailSettingsMap["cc_recipients"]; v != nil {
+ payload["cc-recipients"] = v
+ }
+ sendMailPayload["mail-settings"] = payload
+ }
+ if v, ok := d.GetOk("action.0.send_mail.0.smtp_server.0.name"); ok {
+ sendMailPayload["smtp-server"] = v.(string)
+ }
+ actionPayload["send-mail"] = sendMailPayload
+ }
+ smartTask["action"] = actionPayload
+ }
+ }
+ if v, ok := d.GetOk("trigger"); ok {
+ smartTask["trigger"] = v.(string)
+ }
+
+ if v, ok := d.GetOk("custom_data"); ok {
+ smartTask["custom-data"] = v.(string)
+ }
+
+ if v, ok := d.GetOk("description"); ok {
+ smartTask["description"] = v.(string)
+ }
+
+ if v, ok := d.GetOkExists("enabled"); ok {
+ smartTask["enabled"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("fail_open"); ok {
+ smartTask["fail-open"] = v.(bool)
+ }
+
+ if v, ok := d.GetOk("tags"); ok {
+ smartTask["tags"] = v.(*schema.Set).List()
+ }
+
+ if v, ok := d.GetOk("color"); ok {
+ smartTask["color"] = v.(string)
+ }
+
+ if v, ok := d.GetOk("comments"); ok {
+ smartTask["comments"] = v.(string)
+ }
+
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ smartTask["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ smartTask["ignore-errors"] = v.(bool)
+ }
+
+ log.Println("Create SmartTask - Map = ", smartTask)
+
+ addSmartTaskRes, err := client.ApiCall("add-smart-task", smartTask, client.GetSessionID(), true, false)
+ if err != nil || !addSmartTaskRes.Success {
+ if addSmartTaskRes.ErrorMsg != "" {
+ return fmt.Errorf(addSmartTaskRes.ErrorMsg)
+ }
+ return fmt.Errorf(err.Error())
+ }
+
+ d.SetId(addSmartTaskRes.GetData()["uid"].(string))
+
+ return readManagementSmartTask(d, m)
+}
+
+func readManagementSmartTask(d *schema.ResourceData, m interface{}) error {
+
+ client := m.(*checkpoint.ApiClient)
+
+ payload := map[string]interface{}{
+ "uid": d.Id(),
+ }
+
+ showSmartTaskRes, err := client.ApiCall("show-smart-task", payload, client.GetSessionID(), true, false)
+ if err != nil {
+ return fmt.Errorf(err.Error())
+ }
+ if !showSmartTaskRes.Success {
+ if objectNotFound(showSmartTaskRes.GetData()["code"].(string)) {
+ d.SetId("")
+ return nil
+ }
+ return fmt.Errorf(showSmartTaskRes.ErrorMsg)
+ }
+
+ smartTask := showSmartTaskRes.GetData()
+
+ log.Println("Read SmartTask - Show JSON = ", smartTask)
+
+ if v := smartTask["name"]; v != nil {
+ _ = d.Set("name", v)
+ }
+
+ if smartTask["action"] != nil {
+
+ actionMap, ok := smartTask["action"].(map[string]interface{})
+
+ if ok {
+ actionMapToReturn := make(map[string]interface{})
+
+ if v, ok := actionMap["send-web-request"]; ok {
+
+ sendWebRequestMap, ok := v.(map[string]interface{})
+ if ok {
+ sendWebRequestMapToReturn := make(map[string]interface{})
+
+ if v, _ := sendWebRequestMap["url"]; v != nil {
+ sendWebRequestMapToReturn["url"] = v
+ }
+ if v, _ := sendWebRequestMap["fingerprint"]; v != nil {
+ sendWebRequestMapToReturn["fingerprint"] = v
+ }
+ if v, _ := sendWebRequestMap["override-proxy"]; v != nil {
+ sendWebRequestMapToReturn["override_proxy"] = v
+ }
+ if v, _ := sendWebRequestMap["proxy-url"]; v != nil {
+ sendWebRequestMapToReturn["proxy_url"] = v
+ }
+ if v, _ := sendWebRequestMap["shared-secret"]; v != nil {
+ sendWebRequestMapToReturn["shared_secret"] = v
+ }
+ if v, _ := sendWebRequestMap["time-out"]; v != nil {
+ sendWebRequestMapToReturn["time_out"] = v
+ }
+ actionMapToReturn["send_web_request"] = []interface{}{sendWebRequestMapToReturn}
+ }
+ }
+ if v, ok := actionMap["run-script"]; ok {
+
+ runScriptMap, ok := v.(map[string]interface{})
+ if ok {
+ runScriptMapToReturn := make(map[string]interface{})
+
+ if v, _ := runScriptMap["repository-script"]; v != nil {
+
+ payload := v.(map[string]interface{})
+
+ if v := payload["name"]; v != nil {
+ runScriptMapToReturn["repository_script"] = v.(string)
+ }
+ }
+ if v, _ := runScriptMap["targets"]; v != nil {
+ runScriptMapToReturn["targets"] = v
+ }
+ if v, _ := runScriptMap["time-out"]; v != nil {
+ runScriptMapToReturn["time_out"] = v
+ }
+ actionMapToReturn["run_script"] = []interface{}{runScriptMapToReturn}
+ }
+ }
+ if v, ok := actionMap["send-mail"]; ok {
+
+ sendMailMap, ok := v.(map[string]interface{})
+ if ok {
+ sendMailMapToReturn := make(map[string]interface{})
+
+ if v, _ := sendMailMap["mail-settings"]; v != nil {
+
+ innerMap := v.(map[string]interface{})
+
+ res := make(map[string]interface{})
+
+ if v := innerMap["recipients"]; v != nil {
+ res["recipients"] = v
+ }
+ if v := innerMap["sender-email"]; v != nil {
+ res["sender_email"] = v
+ }
+ if v := innerMap["subject"]; v != nil {
+ res["subject"] = v
+ }
+ if v := innerMap["body"]; v != nil {
+ res["body"] = v
+ }
+ if v := innerMap["attachment"]; v != nil {
+ res["attachment"] = v
+ }
+ if v := innerMap["bcc-recipients"]; v != nil {
+ res["bcc_recipients"] = v
+ }
+ if v := innerMap["cc-recipients"]; v != nil {
+ res["cc_recipients"] = v
+ }
+ sendMailMapToReturn["mail_settings"] = []interface{}{res}
+ }
+ if v, _ := sendMailMap["smtp-server"]; v != nil {
+
+ innerMap := v.(map[string]interface{})
+
+ res := make(map[string]interface{})
+
+ if v := innerMap["name"]; v != nil {
+ res["name"] = v
+ }
+ if v := innerMap["port"]; v != nil {
+ res["port"] = v
+ }
+ if v := innerMap["server"]; v != nil {
+ res["server"] = v
+ }
+ if v := innerMap["authentication"]; v != nil {
+ res["authentication"] = v
+ }
+ if v := innerMap["encryption"]; v != nil {
+ res["encryption"] = v
+ }
+ if v := innerMap["username"]; v != nil {
+ res["username"] = v
+ }
+ sendMailMapToReturn["smtp_server"] = []interface{}{res}
+ }
+ actionMapToReturn["send_mail"] = []interface{}{sendMailMapToReturn}
+ }
+ }
+ _ = d.Set("action", []interface{}{actionMapToReturn})
+ }
+ } else {
+ _ = d.Set("action", nil)
+ }
+
+ if v := smartTask["trigger"]; v != nil {
+ payload := v.(map[string]interface{})
+
+ if v := payload["name"]; v != nil {
+ _ = d.Set("trigger", v.(string))
+ }
+
+ }
+
+ if v := smartTask["custom-data"]; v != nil {
+ _ = d.Set("custom_data", v)
+ }
+
+ if v := smartTask["description"]; v != nil {
+ _ = d.Set("description", v)
+ }
+
+ if v := smartTask["enabled"]; v != nil {
+ _ = d.Set("enabled", v)
+ }
+
+ if v := smartTask["fail-open"]; v != nil {
+ _ = d.Set("fail_open", v)
+ }
+
+ if smartTask["tags"] != nil {
+ tagsJson, ok := smartTask["tags"].([]interface{})
+ if ok {
+ tagsIds := make([]string, 0)
+ if len(tagsJson) > 0 {
+ for _, tags := range tagsJson {
+ tags := tags.(map[string]interface{})
+ tagsIds = append(tagsIds, tags["name"].(string))
+ }
+ }
+ _ = d.Set("tags", tagsIds)
+ }
+ } else {
+ _ = d.Set("tags", nil)
+ }
+
+ if v := smartTask["color"]; v != nil {
+ _ = d.Set("color", v)
+ }
+
+ if v := smartTask["comments"]; v != nil {
+ _ = d.Set("comments", v)
+ }
+
+ if v := smartTask["ignore-warnings"]; v != nil {
+ _ = d.Set("ignore_warnings", v)
+ }
+
+ if v := smartTask["ignore-errors"]; v != nil {
+ _ = d.Set("ignore_errors", v)
+ }
+
+ return nil
+
+}
+
+func updateManagementSmartTask(d *schema.ResourceData, m interface{}) error {
+
+ client := m.(*checkpoint.ApiClient)
+ smartTask := make(map[string]interface{})
+
+ if ok := d.HasChange("name"); ok {
+ oldName, newName := d.GetChange("name")
+ smartTask["name"] = oldName
+ smartTask["new-name"] = newName
+ } else {
+ smartTask["name"] = d.Get("name")
+ }
+
+ if d.HasChange("action") {
+
+ if v, ok := d.GetOk("action"); ok {
+
+ actionList := v.([]interface{})
+
+ if len(actionList) > 0 {
+
+ actionPayload := make(map[string]interface{})
+
+ if _, ok := d.GetOk("action.0.send_web_request"); ok {
+
+ sendWebRequestPayload := make(map[string]interface{})
+
+ if v, ok := d.GetOk("action.0.send_web_request.0.url"); ok {
+ sendWebRequestPayload["url"] = v.(string)
+ }
+ if v, ok := d.GetOk("action.0.send_web_request.0.fingerprint"); ok {
+ sendWebRequestPayload["fingerprint"] = v.(string)
+ }
+ if v, ok := d.GetOk("action.0.send_web_request.0.override_proxy"); ok {
+ sendWebRequestPayload["override-proxy"] = v
+ }
+ if v, ok := d.GetOk("action.0.send_web_request.0.proxy_url"); ok {
+ sendWebRequestPayload["proxy-url"] = v.(string)
+ }
+ if v, ok := d.GetOk("action.0.send_web_request.0.shared_secret"); ok {
+ sendWebRequestPayload["shared-secret"] = v.(string)
+ }
+ if v, ok := d.GetOk("action.0.send_web_request.0.time_out"); ok {
+ sendWebRequestPayload["time-out"] = v.(int)
+ }
+ actionPayload["send-web-request"] = sendWebRequestPayload
+ }
+ if _, ok := d.GetOk("action.0.run_script"); ok {
+
+ runScriptPayload := make(map[string]interface{})
+
+ if v, ok := d.GetOk("action.0.run_script.0.repository_script"); ok {
+ runScriptPayload["repository-script"] = v.(string)
+ }
+ if v, ok := d.GetOk("action.0.run_script.0.targets"); ok {
+ runScriptPayload["targets"] = v.(*schema.Set).List()
+ }
+ if v, ok := d.GetOk("action.0.run_script.0.time_out"); ok {
+ runScriptPayload["time-out"] = v
+ }
+ actionPayload["run-script"] = runScriptPayload
+ }
+ if _, ok := d.GetOk("action.0.send_mail"); ok {
+
+ sendMailPayload := make(map[string]interface{})
+
+ if v, ok := d.GetOk("action.0.send_mail.0.mail_settings"); ok {
+
+ mailSettingsMap := v.([]interface{})[0].(map[string]interface{})
+
+ payload := make(map[string]interface{})
+
+ if v := mailSettingsMap["recipients"]; v != nil {
+ payload["recipients"] = v
+ }
+ if v := mailSettingsMap["sender_email"]; v != nil {
+ payload["sender-email"] = v
+ }
+ if v := mailSettingsMap["subject"]; v != nil {
+ payload["subject"] = v
+ }
+ if v := mailSettingsMap["body"]; v != nil {
+ payload["body"] = v
+ }
+ if v := mailSettingsMap["attachment"]; v != nil {
+ if len(v.(string)) > 0 {
+ payload["attachment"] = v
+ }
+ }
+ if v := mailSettingsMap["bcc_recipients"]; v != nil {
+ payload["bcc-recipients"] = v
+ }
+ if v := mailSettingsMap["cc_recipients"]; v != nil {
+ payload["cc-recipients"] = v
+ }
+ sendMailPayload["mail-settings"] = payload
+ }
+ if v, ok := d.GetOk("action.0.send_mail.0.smtp_server"); ok {
+ smtp := v.([]interface{})[0].(map[string]interface{})
+ if j := smtp["name"]; j != nil {
+ sendMailPayload["smtp-server"] = j
+ }
+ }
+ actionPayload["send-mail"] = sendMailPayload
+ }
+ smartTask["action"] = actionPayload
+ }
+ }
+ }
+
+ if ok := d.HasChange("trigger"); ok {
+ smartTask["trigger"] = d.Get("trigger")
+ }
+
+ if ok := d.HasChange("custom_data"); ok {
+ smartTask["custom-data"] = d.Get("custom_data")
+ }
+
+ if ok := d.HasChange("description"); ok {
+ smartTask["description"] = d.Get("description")
+ }
+
+ if v, ok := d.GetOkExists("enabled"); ok {
+ smartTask["enabled"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("fail_open"); ok {
+ smartTask["fail-open"] = v.(bool)
+ }
+
+ if d.HasChange("tags") {
+ if v, ok := d.GetOk("tags"); ok {
+ smartTask["tags"] = v.(*schema.Set).List()
+ } else {
+ oldTags, _ := d.GetChange("tags")
+ smartTask["tags"] = map[string]interface{}{"remove": oldTags.(*schema.Set).List()}
+ }
+ }
+
+ if ok := d.HasChange("color"); ok {
+ smartTask["color"] = d.Get("color")
+ }
+
+ if ok := d.HasChange("comments"); ok {
+ smartTask["comments"] = d.Get("comments")
+ }
+
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ smartTask["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ smartTask["ignore-errors"] = v.(bool)
+ }
+
+ log.Println("Update SmartTask - Map = ", smartTask)
+
+ updateSmartTaskRes, err := client.ApiCall("set-smart-task", smartTask, client.GetSessionID(), true, false)
+ if err != nil || !updateSmartTaskRes.Success {
+ if updateSmartTaskRes.ErrorMsg != "" {
+ return fmt.Errorf(updateSmartTaskRes.ErrorMsg)
+ }
+ return fmt.Errorf(err.Error())
+ }
+
+ return readManagementSmartTask(d, m)
+}
+
+func deleteManagementSmartTask(d *schema.ResourceData, m interface{}) error {
+
+ client := m.(*checkpoint.ApiClient)
+
+ smartTaskPayload := map[string]interface{}{
+ "uid": d.Id(),
+ }
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ smartTaskPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ smartTaskPayload["ignore-errors"] = v.(bool)
+ }
+ log.Println("Delete SmartTask")
+
+ deleteSmartTaskRes, err := client.ApiCall("delete-smart-task", smartTaskPayload, client.GetSessionID(), true, false)
+ if err != nil || !deleteSmartTaskRes.Success {
+ if deleteSmartTaskRes.ErrorMsg != "" {
+ return fmt.Errorf(deleteSmartTaskRes.ErrorMsg)
+ }
+ return fmt.Errorf(err.Error())
+ }
+ d.SetId("")
+
+ return nil
+}
diff --git a/checkpoint/resource_checkpoint_management_smart_task_test.go b/checkpoint/resource_checkpoint_management_smart_task_test.go
new file mode 100644
index 00000000..f3aab20a
--- /dev/null
+++ b/checkpoint/resource_checkpoint_management_smart_task_test.go
@@ -0,0 +1,118 @@
+package checkpoint
+
+import (
+ "fmt"
+ checkpoint "github.com/CheckPointSW/cp-mgmt-api-go-sdk/APIFiles"
+ "github.com/hashicorp/terraform-plugin-sdk/helper/acctest"
+ "github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+ "github.com/hashicorp/terraform-plugin-sdk/terraform"
+ "os"
+ "strings"
+ "testing"
+)
+
+func TestAccCheckpointManagementSmartTask_basic(t *testing.T) {
+
+ var smartTaskMap map[string]interface{}
+ resourceName := "checkpoint_management_smart_task.smart_task"
+ objName := "tfTestManagementSmartTask_" + acctest.RandString(6)
+
+ context := os.Getenv("CHECKPOINT_CONTEXT")
+ if context != "web_api" {
+ t.Skip("Skipping management test")
+ } else if context == "" {
+ t.Skip("Env CHECKPOINT_CONTEXT must be specified to run this acc test")
+ }
+
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() { testAccPreCheck(t) },
+ Providers: testAccProviders,
+ CheckDestroy: testAccCheckpointManagementSmartTaskDestroy,
+ Steps: []resource.TestStep{
+ {
+ Config: testAccManagementSmartTaskConfig(objName),
+ Check: resource.ComposeTestCheckFunc(
+ testAccCheckCheckpointManagementSmartTaskExists(resourceName, &smartTaskMap),
+ testAccCheckCheckpointManagementSmartTaskAttributes(&smartTaskMap, objName),
+ ),
+ },
+ },
+ })
+}
+
+func testAccCheckpointManagementSmartTaskDestroy(s *terraform.State) error {
+
+ client := testAccProvider.Meta().(*checkpoint.ApiClient)
+ for _, rs := range s.RootModule().Resources {
+ if rs.Type != "checkpoint_management_smart_task" {
+ continue
+ }
+ if rs.Primary.ID != "" {
+ res, _ := client.ApiCall("show-smart-task", map[string]interface{}{"uid": rs.Primary.ID}, client.GetSessionID(), true, false)
+ if res.Success {
+ return fmt.Errorf("SmartTask object (%s) still exists", rs.Primary.ID)
+ }
+ }
+ return nil
+ }
+ return nil
+}
+
+func testAccCheckCheckpointManagementSmartTaskExists(resourceTfName string, res *map[string]interface{}) resource.TestCheckFunc {
+ return func(s *terraform.State) error {
+
+ rs, ok := s.RootModule().Resources[resourceTfName]
+ if !ok {
+ return fmt.Errorf("Resource not found: %s", resourceTfName)
+ }
+
+ if rs.Primary.ID == "" {
+ return fmt.Errorf("SmartTask ID is not set")
+ }
+
+ client := testAccProvider.Meta().(*checkpoint.ApiClient)
+
+ response, err := client.ApiCall("show-smart-task", map[string]interface{}{"uid": rs.Primary.ID}, client.GetSessionID(), true, false)
+ if !response.Success {
+ return err
+ }
+
+ *res = response.GetData()
+
+ return nil
+ }
+}
+
+func testAccCheckCheckpointManagementSmartTaskAttributes(smartTaskMap *map[string]interface{}, name string) resource.TestCheckFunc {
+ return func(s *terraform.State) error {
+
+ smartTaskName := (*smartTaskMap)["name"].(string)
+ if !strings.EqualFold(smartTaskName, name) {
+ return fmt.Errorf("name is %s, expected %s", name, smartTaskName)
+ }
+ return nil
+ }
+}
+
+func testAccManagementSmartTaskConfig(name string) string {
+ return fmt.Sprintf(`
+ resource "checkpoint_management_smart_task" "smart_task" {
+
+ name = "%s"
+ trigger = "Before Publish"
+ description = "my smart task"
+ action {
+
+ send_web_request {
+ url = "https://demo.example.com/policy-installation-reports"
+ fingerprint = "8023a5652ba2c8f5b0902363a5314cd2b4fdbc5c"
+ override_proxy = true
+ proxy_url = "https://demo.example.com/policy-installation-reports"
+ time_out = 200
+ shared_secret = " secret"
+ }
+ }
+ enabled = true
+}
+`, name)
+}
diff --git a/checkpoint/resource_checkpoint_management_smtp_server.go b/checkpoint/resource_checkpoint_management_smtp_server.go
index 8572c79c..9c13bd18 100644
--- a/checkpoint/resource_checkpoint_management_smtp_server.go
+++ b/checkpoint/resource_checkpoint_management_smtp_server.go
@@ -363,6 +363,13 @@ func deleteManagementSmtpServer(d *schema.ResourceData, m interface{}) error {
smtpServerPayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ smtpServerPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ smtpServerPayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete SmtpServer")
diff --git a/checkpoint/resource_checkpoint_management_tag.go b/checkpoint/resource_checkpoint_management_tag.go
index 04d28b93..e591ff8e 100644
--- a/checkpoint/resource_checkpoint_management_tag.go
+++ b/checkpoint/resource_checkpoint_management_tag.go
@@ -223,7 +223,13 @@ func deleteManagementTag(d *schema.ResourceData, m interface{}) error {
tagPayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ tagPayload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ tagPayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete Tag")
deleteTagRes, err := client.ApiCall("delete-tag", tagPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_threat_exception.go b/checkpoint/resource_checkpoint_management_threat_exception.go
index ff8cc917..61ee09c3 100644
--- a/checkpoint/resource_checkpoint_management_threat_exception.go
+++ b/checkpoint/resource_checkpoint_management_threat_exception.go
@@ -715,7 +715,9 @@ func deleteManagementThreatException(d *schema.ResourceData, m interface{}) erro
if v, ok := d.GetOk("rule_name"); ok {
threatExceptionPayload["rule-name"] = v
}
-
+ /**
+ adambar - we did not add ignore-warnings/erros since it is not supported by the API in the delete method.
+ */
deleteThreatExceptionRes, err := client.ApiCall("delete-threat-exception", threatExceptionPayload, client.GetSessionID(), true, client.IsProxyUsed())
if err != nil || !deleteThreatExceptionRes.Success {
if deleteThreatExceptionRes.ErrorMsg != "" {
diff --git a/checkpoint/resource_checkpoint_management_threat_ioc_feed.go b/checkpoint/resource_checkpoint_management_threat_ioc_feed.go
index 9ce74aa9..b19d3980 100644
--- a/checkpoint/resource_checkpoint_management_threat_ioc_feed.go
+++ b/checkpoint/resource_checkpoint_management_threat_ioc_feed.go
@@ -614,7 +614,13 @@ func deleteManagementThreatIocFeed(d *schema.ResourceData, m interface{}) error
threatIocFeedPayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ threatIocFeedPayload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ threatIocFeedPayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete ThreatIocFeed")
deleteThreatIocFeedRes, err := client.ApiCall("delete-threat-ioc-feed", threatIocFeedPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_threat_layer.go b/checkpoint/resource_checkpoint_management_threat_layer.go
index 91d48dee..d034db78 100644
--- a/checkpoint/resource_checkpoint_management_threat_layer.go
+++ b/checkpoint/resource_checkpoint_management_threat_layer.go
@@ -246,7 +246,13 @@ func deleteManagementThreatLayer(d *schema.ResourceData, m interface{}) error {
threatLayerPayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ threatLayerPayload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ threatLayerPayload["ignore-errors"] = v.(bool)
+ }
deleteThreatLayerRes, err := client.ApiCall("delete-threat-layer", threatLayerPayload, client.GetSessionID(), true, client.IsProxyUsed())
if err != nil || !deleteThreatLayerRes.Success {
if deleteThreatLayerRes.ErrorMsg != "" {
diff --git a/checkpoint/resource_checkpoint_management_threat_profile.go b/checkpoint/resource_checkpoint_management_threat_profile.go
index 8d93c886..f0229920 100644
--- a/checkpoint/resource_checkpoint_management_threat_profile.go
+++ b/checkpoint/resource_checkpoint_management_threat_profile.go
@@ -1367,7 +1367,13 @@ func deleteManagementThreatProfile(d *schema.ResourceData, m interface{}) error
threatProfilePayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ threatProfilePayload["ignore-errors"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ threatProfilePayload["ignore-warnings"] = v.(bool)
+ }
deleteThreatProfileRes, err := client.ApiCall("delete-threat-profile", threatProfilePayload, client.GetSessionID(), true, client.IsProxyUsed())
if err != nil {
diff --git a/checkpoint/resource_checkpoint_management_time.go b/checkpoint/resource_checkpoint_management_time.go
index b21800d1..d1061b2d 100644
--- a/checkpoint/resource_checkpoint_management_time.go
+++ b/checkpoint/resource_checkpoint_management_time.go
@@ -330,8 +330,8 @@ func readManagementTime(d *schema.ResourceData, m interface{}) error {
if time["end"] != nil {
defaultEndMap := map[string]interface{}{
- "date": "01-Jan-1970",
- "time": "00:00",
+ "date": "01-Jan-1970",
+ "time": "00:00",
}
endMap := time["end"].(map[string]interface{})
@@ -390,8 +390,8 @@ func readManagementTime(d *schema.ResourceData, m interface{}) error {
if time["start"] != nil {
defaultStartMap := map[string]interface{}{
- "date": "01-Jan-1970",
- "time": "00:00",
+ "date": "01-Jan-1970",
+ "time": "00:00",
}
startMap := time["start"].(map[string]interface{})
@@ -506,8 +506,8 @@ func updateManagementTime(d *schema.ResourceData, m interface{}) error {
if d.HasChange("end") {
defaultEndMap := map[string]interface{}{
- "date": "01-Jan-1970",
- "time": "00:00",
+ "date": "01-Jan-1970",
+ "time": "00:00",
}
res := make(map[string]interface{})
@@ -561,8 +561,8 @@ func updateManagementTime(d *schema.ResourceData, m interface{}) error {
if d.HasChange("start") {
defaultStartMap := map[string]interface{}{
- "date": "01-Jan-1970",
- "time": "00:00",
+ "date": "01-Jan-1970",
+ "time": "00:00",
}
res := make(map[string]interface{})
@@ -580,7 +580,7 @@ func updateManagementTime(d *schema.ResourceData, m interface{}) error {
}
- if d.HasChange("start_now"){
+ if d.HasChange("start_now") {
time["start-now"] = d.Get("start_now")
}
@@ -659,7 +659,13 @@ func deleteManagementTime(d *schema.ResourceData, m interface{}) error {
timePayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOk("ignore_warnings"); ok {
+ timePayload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOk("ignore_errors"); ok {
+ timePayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete Time")
deleteTimeRes, err := client.ApiCall("delete-time", timePayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_time_group.go b/checkpoint/resource_checkpoint_management_time_group.go
index 975beef6..9d16cedd 100644
--- a/checkpoint/resource_checkpoint_management_time_group.go
+++ b/checkpoint/resource_checkpoint_management_time_group.go
@@ -260,7 +260,13 @@ func deleteManagementTimeGroup(d *schema.ResourceData, m interface{}) error {
timeGroupPayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ timeGroupPayload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ timeGroupPayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete TimeGroup")
deleteTimeGroupRes, err := client.ApiCall("delete-time-group", timeGroupPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_trusted_client.go b/checkpoint/resource_checkpoint_management_trusted_client.go
index dcb15ac6..59728962 100644
--- a/checkpoint/resource_checkpoint_management_trusted_client.go
+++ b/checkpoint/resource_checkpoint_management_trusted_client.go
@@ -449,7 +449,13 @@ func deleteManagementTrustedClient(d *schema.ResourceData, m interface{}) error
trustedClientPayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ trustedClientPayload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ trustedClientPayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete TrustedClient")
deleteTrustedClientRes, err := client.ApiCall("delete-trusted-client", trustedClientPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_user.go b/checkpoint/resource_checkpoint_management_user.go
index 9a647c03..b6b3b3e6 100644
--- a/checkpoint/resource_checkpoint_management_user.go
+++ b/checkpoint/resource_checkpoint_management_user.go
@@ -606,7 +606,13 @@ func deleteManagementUser(d *schema.ResourceData, m interface{}) error {
userPayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ userPayload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ userPayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete User")
deleteUserRes, err := client.ApiCall("delete-user", userPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_user_group.go b/checkpoint/resource_checkpoint_management_user_group.go
index bbf44ffd..64e30267 100644
--- a/checkpoint/resource_checkpoint_management_user_group.go
+++ b/checkpoint/resource_checkpoint_management_user_group.go
@@ -265,7 +265,13 @@ func deleteManagementUserGroup(d *schema.ResourceData, m interface{}) error {
userGroupPayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ userGroupPayload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ userGroupPayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete UserGroup")
deleteUserGroupRes, err := client.ApiCall("delete-user-group", userGroupPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_user_template.go b/checkpoint/resource_checkpoint_management_user_template.go
index 13992c5f..fda2183d 100644
--- a/checkpoint/resource_checkpoint_management_user_template.go
+++ b/checkpoint/resource_checkpoint_management_user_template.go
@@ -573,7 +573,13 @@ func deleteManagementUserTemplate(d *schema.ResourceData, m interface{}) error {
userTemplatePayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ userTemplatePayload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ userTemplatePayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete UserTemplate")
deleteUserTemplateRes, err := client.ApiCall("delete-user-template", userTemplatePayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_vmware_data_center_server.go b/checkpoint/resource_checkpoint_management_vmware_data_center_server.go
index 8967c641..c446a519 100644
--- a/checkpoint/resource_checkpoint_management_vmware_data_center_server.go
+++ b/checkpoint/resource_checkpoint_management_vmware_data_center_server.go
@@ -352,7 +352,13 @@ func deleteManagementVMwareDataCenterServer(d *schema.ResourceData, m interface{
vmwareDataCenterServerPayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ vmwareDataCenterServerPayload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ vmwareDataCenterServerPayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete vmwareDataCenterServer")
deleteVMwareDataCenterServerRes, err := client.ApiCall("delete-data-center-server", vmwareDataCenterServerPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_vpn_community_meshed.go b/checkpoint/resource_checkpoint_management_vpn_community_meshed.go
index 9be1ef02..757ac06f 100644
--- a/checkpoint/resource_checkpoint_management_vpn_community_meshed.go
+++ b/checkpoint/resource_checkpoint_management_vpn_community_meshed.go
@@ -1093,7 +1093,13 @@ func deleteManagementVpnCommunityMeshed(d *schema.ResourceData, m interface{}) e
vpnCommunityMeshedPayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ vpnCommunityMeshedPayload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ vpnCommunityMeshedPayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete VpnCommunityMeshed")
deleteVpnCommunityMeshedRes, err := client.ApiCall("delete-vpn-community-meshed", vpnCommunityMeshedPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_vpn_community_star.go b/checkpoint/resource_checkpoint_management_vpn_community_star.go
index 790d07d0..5adb9a31 100644
--- a/checkpoint/resource_checkpoint_management_vpn_community_star.go
+++ b/checkpoint/resource_checkpoint_management_vpn_community_star.go
@@ -1148,6 +1148,13 @@ func deleteManagementVpnCommunityStar(d *schema.ResourceData, m interface{}) err
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ vpnCommunityStarPayload["ignore-warnings"] = v.(bool)
+ }
+
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ vpnCommunityStarPayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete VpnCommunityStar")
deleteVpnCommunityStarRes, err := client.ApiCall("delete-vpn-community-star", vpnCommunityStarPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/checkpoint/resource_checkpoint_management_wildcard.go b/checkpoint/resource_checkpoint_management_wildcard.go
index cd6d0f27..83b5b1a2 100644
--- a/checkpoint/resource_checkpoint_management_wildcard.go
+++ b/checkpoint/resource_checkpoint_management_wildcard.go
@@ -291,7 +291,13 @@ func deleteManagementWildcard(d *schema.ResourceData, m interface{}) error {
wildcardPayload := map[string]interface{}{
"uid": d.Id(),
}
+ if v, ok := d.GetOkExists("ignore_warnings"); ok {
+ wildcardPayload["ignore-warnings"] = v.(bool)
+ }
+ if v, ok := d.GetOkExists("ignore_errors"); ok {
+ wildcardPayload["ignore-errors"] = v.(bool)
+ }
log.Println("Delete Wildcard")
deleteWildcardRes, err := client.ApiCall("delete-wildcard", wildcardPayload, client.GetSessionID(), true, client.IsProxyUsed())
diff --git a/website/checkpoint.erb b/website/checkpoint.erb
index 1ac8efb2..45935da6 100644
--- a/website/checkpoint.erb
+++ b/website/checkpoint.erb
@@ -502,6 +502,15 @@
>
checkpoint_management_global_assignment
+ >
+ checkpoint_management_service_gtp
+
+ >
+ checkpoint_management_smart_task
+
+ >
+ checkpoint_management_server_certificate
+
@@ -871,6 +880,18 @@
>
checkpoint_management_global_assignment
+ >
+ checkpoint_management_threat_rule_exception_rulebase
+
+ >
+ checkpoint_management_smart_task
+
+ >
+ checkpoint_management_service_gtp
+
+ >
+ checkpoint_management_server_certificate
+
diff --git a/website/docs/d/checkpoint_management_server_certificate.html.markdown b/website/docs/d/checkpoint_management_server_certificate.html.markdown
new file mode 100644
index 00000000..530f55fa
--- /dev/null
+++ b/website/docs/d/checkpoint_management_server_certificate.html.markdown
@@ -0,0 +1,40 @@
+---
+layout: "checkpoint"
+page_title: "checkpoint_management_server_certificate"
+sidebar_current: "docs-checkpoint-resource-checkpoint-management-server-certificate"
+description: |-
+Use this data source to get information on an existing Check Point Server Certificate.
+---
+
+# Data Source : checkpoint_management_server_certificate
+
+Use this data source to get information on an existing Check Point Server Certificate.
+
+## Example Usage
+
+
+```hcl
+resource "checkpoint_management_server_certificate" "example" {
+ name = "MyServerCertificate"
+ base64_certificate = "MIIKSAIBAzCCCg4GCSqGSIb3DQEHAaCCCf8Eggn7MIIJ9zCCBI8GCSqGSIb3DQEHBqCCBIAwggR8AgEAMIIEdQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQILAfxjBi7DTQCAggAgIIESKgKoClNx4YyTQr7xfIgSBSDs0It2vVsLubNFJpbQXzJUu2WaPQPbqV3wISpWCa/auLYC9OWpTI89HFt30rVAdWCFVoty7jI6L8HjTYa8fTGyqW7PyfoGyZclmz6totsmeVWc8i7wnl9Hk8NZpLWuixNoSLQUqBoloyZENll3i3/Z+/6mDlYkRmpCMQA2YLQm1yc/3n7Fq6grBJDro0tIIoAwIzgCdoKqIMwlDNA9c0eaHeXsP4k9WfJQbK6AyLTvHbrrNrgUyEDJQI6BCkeQwkBW2zRUHoe7s1DSQ5Rwft4koIaDcGovLES5g1gnXzmMr4/23+rf4/EZszB0QvlYvZIKLQ8O2ofvZ/HK+59fxlhKEiEkW2yhezDGR9s6hZnzZ8vMutisQJ8MO0m9iKVD5AAtif/32iy5+TVIQfqgER+DYVGOuk15YF2VcZGRlQ8pSvBXIkMMUDRqjFxQfKYIMlyk6RuSSgmIn+EIA9GfaBmEGy2xJYvw6IkUJ+xoR+SYeLYiMw+HkzI+cCOKF7fKPXlOCVvnESEeKwJ4inSxiI2GQG01aN/GNdsx/EM1Xi2LSHfzhG9URIOhjuJIQZn2Z7f3fpTxpWWCpEEVjcQZhoR0KX0DJ/gIx/iY8UsbNo58FTq5AwMFY6m8hxlHOorqh0MSE/x8LKq0v7JKIxQwrdkyUlVUqdaGreW5MgRdjqOrxQx53nLPdQelKWbR8Gn4KkwFcYCAB1VAe944zqq6YKL4mvNwxk5wyqDjn5UZtPokKFfqBOwOSAGsaZ389x/2tqXEgPhWVGFPJlsIUUKBRVTtqxsb2LdaCPHjO8bQhhgOIMEav+iWZAJYudZuolr8Aviccorg1w0sr2eklHbO6yMWrDrvlCVpSawRnLIeeWe+4rwV7SNdcA5hSombTWKRcR8mOkTGjpByiz6+g+3mHOeJbyTrmIfUSENMZy5oYjQfDyNLi0RMmCPCqMjRSwyAs/CDhzz4wTFLEYbu+fUrm2WZc2vhhxafbVrbZ+FcDcnYomYfp8aSxiIIq8+gxT99Oi3WNqhJ+IZGJODWMYRfpKNwgCab8uJt8TV3SVXVIXW0Y28l4ZuP/qWEfnEC8Wl6HJGhJo7arqBFTWWEuKvHw985OpksavdQFXgVU9Egbue0anb0U5SDyRu0hqJ/Gw83dKJbCg8hPv4gGq/yeOb+cX63DCKvOcoXjZ0szeRcGiro0+BSgr143Ks19lsxWHPOlauLSnD3jVrgpXmVwxCizRTnX3OLJ07IpvvEJGAQR/Ru2lo7eN0H4933G93tVQtte69BiPwbkWtSx8ddzbRGmMW7IsG72FVm5QrJC1C1Na5xqQQV6G2oHqIHNdNyXD6TmhuQ4BnpCoamCzfsX4iozS+NySz/Jdbuj0YZ9L2dQYUHiBF4xotlHfwiAiCghaBH31OZJ0n52d0NGqRkN5F0Qdfz1O2+rLx2zswggVgBgkqhkiG9w0BBwGgggVRBIIFTTCCBUkwggVFBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQIRNvlE6KdajoCAggABIIEyBJbsgafEO1D9xQ8BFYFNKf/meJNAOO4XVPTFtUBpyvEn3PkyxyKU1cMenESXeMacSv/VftkYC7CwN81kzbRMRSEXZSCsyj48kMqwTqMNmZmgF8XaFvzXOGlu2E411LZ/sOenWO7lxe0NGZM3vk4FWvl+4fa5Xd5TDqya65VsXSocDUA5kpeqn323TcdeCldGmEniX85NGIiPpWuRLGrNf8VOIuE3NFAmTSveHH9Oo7PjscCifc7O4+NpOW9GfayZMqG8dTpLhIRacdvy/QvbWePXdzzSI9rKogX/7+bSzU0Hq+8rpWlAhz0qnW2Bb3T7of86Len5cuNr0k425Dhpuo4od81exDdSa3+aFQqR3nKVSkPapLBrpGNZIX4TwctRnbi2ZHdFxMKkJewGt/beam3LcujJRlN2RBeA0IRWEAyO6ubjpQ62ChrW+faHXXxYnH3Be6nPXSF5pq4VAIVglNsPOxGYIb+qNDhOblzQBq4nF30fyHmOwDIRgNWwOStT7dUFmN0ouHinP6QXWBDDQiDo2RRFs2/RWu0ZY0EAzEYAMCSvmk+SQgKbKpNFf0C5kuJ56PWXUuGSoAXV/vxvK6OHIGF/FcZo+VrRgYTHY/eSjw1+/lpUkwaWAzoH0X6KxuLXfgzv+E8Z+LFVWIAoknJ96ieljiHzNnfeSTZYwTaJbYaritdAQ2MTGcBrpJFIqr9GjWGVsFQK0ct/ZIFzZw0Vnt/aOj5OjMPlpy9UXfC+tw9gfRYWfSDuDLuUH0Znu3JB/+J2XQP4PBArXKyvFv6wMVSvY/04r2WQQKV9YTUCkbgvHAlQ7vP0a8z44xSrKc4M04sEBE3cFD2NBAQrP3GqRyz2ukuzJhrj/B1dZWA23SZaqfN9gpbfFbtPXN6F/nY1UUsikLjcXDjC8rGVU9Pp4VCnv2EUgl4QmkUEdVeDZjUnz/k9Kd53q3h+chAId+3VBsemd3ZadX4gupw6Xf6zT8Av7v75/1/vFw2yz22DG8pIpN4uuEdSFhvs9lr6f2M6bQABS+NWfehq5aqBqsXXX8R3fSxYLL0gO4lxf4YqUSomA4AlzS9tJtEe2DKWYmnYwiiUGYLs7aGMLZQbHbYutPKKZXTaSGWYBaIrVjbDM67la/csYmxpb2n6UD6TkNICuZwd/ImVvDhbCEsR/EU+YU0HPwxlUtcCsqw4Vy8rBtbla2XmegGUcLWSurKmq42SW8W1LBJQfY/9sWyaMqSGy0/Vq4/+/CtXUZ1N5rgibYyIZ9Tvm/ndv2xBW1hYivIZZQFRbg5fWxKA5ifYejGmYCWGQynRSVCbqccw08xy5Iwnww4v5Cz5bcNyRLFOU2/bfn7SC5mcQ/Tw5ZKOQVRn88G78amMPHNRqX4RzPtIwmK+B3zPJX0MHrY3w5hzPZ0UCtR2YsbYLeqsYP6b+RBLSV3wtkUZ9PgbMeu7zXSE0z1svGpjF7yWpnP47ilbxwe1YXL5+CuqN6iHFfyaP1JPYILmHdw0gzgyOdo1y4rUXgCeiCyH4vJVLts8ERKpXZDMCUmujb306IOD9haFXdQHV5XlQurtw+JC7ySe9bVMrzYJv5/oPioOXMnLPI2OXYbACwlQ/UHgl5LmDlsxeairdfYTdAxajFEMB0GCSqGSIb3DQEJFDEQHg4AbQB5AGEAbABpAGEAczAjBgkqhkiG9w0BCRUxFgQU7cUIcmKuQKAMfwbKiKzQozUsyHwwMTAhMAkGBSsOAwIaBQAEFEFoI0QTIv2s2lR8PxS8xfiT5S06BAjANT3YLoakoAICCAA="
+ base64_password = "bXlfcGFzc3dvcmQ="
+ comments = "this is a comment"
+}
+
+data "checkpoint_management_server_certificate" "data_cert1"{
+ name = "${checkpoint_management_server_certificate.cert1.name}"
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `name` - (Optional) Object name.
+* `uid` - (Optional) Object Uid.
+* `base64_certificate` - Certificate file encoded in base64.
Valid file formats: p12.
+* `base64_password` - Base64 encoded password of the certificate file.
+* `comments` - Server certificate comments.
+* `subject` - Certificate's subject.
+* `valid_from` - Server certificate valid from date.
+* `valid_to` - Server certificate valid up to date.
diff --git a/website/docs/d/checkpoint_management_service_gtp.html.markdown b/website/docs/d/checkpoint_management_service_gtp.html.markdown
new file mode 100644
index 00000000..8846055b
--- /dev/null
+++ b/website/docs/d/checkpoint_management_service_gtp.html.markdown
@@ -0,0 +1,150 @@
+---
+layout: "checkpoint"
+page_title: "checkpoint_management_service_gtp"
+sidebar_current: "docs-checkpoint-resource-checkpoint-management-service-gtp"
+description: |-
+Use this data source to get information on an existing Check Point Service Gtp.
+---
+
+# Data Source checkpoint_management_service_gtp
+
+Use this data source to get information on an existing Check Point Service Gtp.
+
+## Example Usage
+
+
+```hcl
+ resource "checkpoint_management_service_gtp" "service_gtp" {
+ name = "gtp_svc1"
+ version = "v2"
+ reverse_service = true
+ trace_management = true
+ imsi_prefix = {
+ enable = true
+ prefix = "123"
+ }
+ interface_profile = {
+ profile = "Custom"
+ custom_message_types = "32-35"
+ }
+ selection_mode {
+ enable = true
+ mode = 1
+ }
+ ms_isdn= {
+ enable = true
+ ms_isdn = "312"
+ }
+ access_point_name ={
+ enable = true
+ apn = "AccP2"
+ }
+ apply_access_policy_on_user_traffic ={
+ enable = true
+ add_imsi_field_to_log = true
+ }
+ radio_access_technology {
+ other_types_range {
+ enable = true
+ types = "11-50"
+ }
+ }
+ ldap_group = {
+ enable = true
+ group = "ldap_group_1"
+ according_to = "MS-ISDN"
+ }
+}
+data "checkpoint_management_service_gtp" "data_service_gtp" {
+ name = "${checkpoint_management_service_gtp.service_gtp.name}"
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `name` - (Optional) Object name.
+* `uid` - (Optional) Object unique identifier.
+* `version` - GTP version.
+* `access_point_name` - Match by Access Point Name.access_point_name blocks are documented below.
+* `allow_usage_of_static_ip` - Allow usage of static IP addresses.
+* `apply_access_policy_on_user_traffic` - Apply Access Policy on user traffic.apply_access_policy_on_user_traffic blocks are documented below.
+* `cs_fallback_and_srvcc` - CS Fallback and SRVCC (Relevant for V2 only).
+* `imsi_prefix` - Match by IMSI prefix.imsi_prefix blocks are documented below.
+* `interface_profile` - Match only message types relevant to the given GTP interface. Relevant only for GTP V1 or V2.interface_profile blocks are documented below.
+* `ldap_group` - Match by an LDAP Group.ldap_group blocks are documented below.
+* `ms_isdn` - Match by an MS-ISDN.ms_isdn blocks are documented below.
+* `radio_access_technology` - Match by Radio Access Technology.radio_access_technology blocks are documented below.
+* `restoration_and_recovery` - Restoration and Recovery (Relevant for V2 only).
+* `reverse_service` - Accept PDUs from the GGSN/PGW to the SGSN/SGW on a previously established PDP context, even if different ports are used.
+* `selection_mode` - Match by a selection mode.selection_mode blocks are documented below.
+* `trace_management` - Trace Management (Relevant for V2 only).
+* `tags` - Collection of tag identifiers.tags blocks are documented below.
+* `color` - Color of the object. Should be one of existing colors.
+* `comments` - Comments string.
+* `groups` - Collection of group identifiers.groups blocks are documented below.
+* `ignore_warnings` - Apply changes ignoring warnings.
+* `ignore_errors` - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+
+
+`access_point_name` supports the following:
+
+* `enable` -
+* `apn` - The Access Point Name object identified by Name or UID.
+
+
+`apply_access_policy_on_user_traffic` supports the following:
+
+* `enable` -
+* `add_imsi_field_to_log` - Add IMSI field to logs generated by user traffic.
+
+
+`imsi_prefix` supports the following:
+
+* `enable` -
+* `prefix` - The IMSI prefix.
+
+
+`interface_profile` supports the following:
+
+* `profile` - The Interface Profile object identified by Name or UID.
+* `custom_message_types` - The messages types to match on them for this service. To specify a range, add a hyphen between the lowest and the highest numbers, for example: 32-35. Multiple Ranges can be chosen when separated with comma. This field relevant only when the Interface profile is set to 'Custom'.
+
+
+`ldap_group` supports the following:
+
+* `enable` -
+* `group` - The Ldap Group object identified by Name or UID.
+* `according_to` - According to MS-ISDN or according to IMSI.
+
+
+`ms_isdn` supports the following:
+
+* `enable` -
+* `ms_isdn` - The MS-ISDN.
+
+
+`radio_access_technology` supports the following:
+
+* `utran` - (1).
+* `geran` - (2).
+* `wlan` - (3).
+* `gan` - (4).
+* `hspa_evolution` - (5).
+* `eutran` - (6).
+* `virtual` - (7).
+* `nb_iot` - (8).
+* `other_types_range` - (9-255).other_types_range blocks are documented below.
+
+
+`selection_mode` supports the following:
+
+* `enable` -
+* `mode` - The mode as integer. [0 - Verified, 1 - MS - Not verified, 2 - Network - Not verified].
+
+
+`other_types_range` supports the following:
+
+* `enable` -
+* `types` - Other RAT Types. To specify other RAT ranges, add a hyphen between the lowest and the highest numbers, for example: 11-15. Multiple Ranges can be chosen when separated with comma.
diff --git a/website/docs/d/checkpoint_management_smart_task.html.markdown b/website/docs/d/checkpoint_management_smart_task.html.markdown
new file mode 100644
index 00000000..4a1038e6
--- /dev/null
+++ b/website/docs/d/checkpoint_management_smart_task.html.markdown
@@ -0,0 +1,107 @@
+---
+layout: "checkpoint"
+page_title: "checkpoint_management_smart_task"
+sidebar_current: "docs-checkpoint-resource-checkpoint-management-smart-task"
+description: |-
+Use this data source to get information on an existing Check Point Smart Task.
+---
+
+#Data Source checkpoint_management_smart_task
+
+TUse this data source to get information on an existing Check Point Smart Task.
+
+## Example Usage
+
+
+```hcl
+ resource "checkpoint_management_smart_task" "smart_task" {
+
+ name = "smt"
+ trigger = "Before Publish"
+ description = "my smart task"
+ action {
+
+ send_web_request {
+ url = "https://demo.example.com/policy-installation-reports"
+ fingerprint = "8023a5652ba2c8f5b0902363a5314cd2b4fdbc5c"
+ override_proxy = true
+ proxy_url = "https://demo.example.com/policy-installation-reports"
+ time_out = 200
+ shared_secret = " secret"
+ }
+ }
+ enabled = true
+}
+
+data "checkpoint_management_smart_task" "data_smart_task" {
+
+ name = "${checkpoint_management_smart_task.smart_task.name}"
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `name` - (Optional) Object name.
+* `action` - (Optional) The action to be run when the trigger is fired.action blocks are documented below.
+* `trigger` - Trigger type associated with the SmartTask.
+* `custom_data` - Per SmartTask custom data in JSON format.
When the trigger is fired, the trigger data is converted to JSON. The custom data is then concatenated to the trigger data JSON.
+* `description` - Description of the SmartTask's functionality and options.
+* `enabled` - Whether the SmartTask is enabled and will run when triggered.
+* `fail_open` - If the action fails to execute, whether to treat the execution failure as an error, or continue.
+* `tags` - Collection of tag identifiers.tags blocks are documented below.
+* `color` - Color of the object. Should be one of existing colors.
+* `comments` - Comments string.
+* `ignore_warnings` - Apply changes ignoring warnings.
+* `ignore_errors` - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+
+
+`action` supports the following (exactly one of them must be defined):
+
+* `send_web_request` - When the trigger is fired, sends an HTTPS POST web request to the configured URL.
The trigger data will be passed along with the SmartTask's custom data in the request's payload.send_web_request blocks are documented below.
+* `run_script` - When the trigger is fired, runs the configured Repository Script on the defined targets.
The trigger data is then passed to the script as the first parameter. The parameter is JSON encoded in Base64 format.run_script blocks are documented below.
+* `send_mail` - When the trigger is fired, sends the configured email to the defined recipients.send_mail blocks are documented below.
+
+
+`send_web_request` supports the following:
+
+* `url` - URL used for the web request.
+* `fingerprint` - The SHA1 fingerprint of the URL's SSL certificate. Used to trust servers with self-signed SSL certificates.
+* `override_proxy` - Option to send to the web request via a proxy other than the Management's Server proxy (if defined).
+* `proxy_url` - URL of the proxy used to send the request.
+* `shared_secret` - Shared secret that can be used by the target server to identify the Management Server.
The value will be sent as part of the request in the "X-chkp-shared-secret" header.
+* `time_out` - Web Request time-out in seconds.
+
+
+`run_script` supports the following:
+
+* `repository_script` - Repository script that is executed when the trigger is fired., identified by the name or UID.
+* `targets` - Targets to execute the script on.targets blocks are documented below.
+* `time_out` - Script execution time-out in seconds.
+
+
+`send_mail` supports the following:
+
+* `mail_settings` - The required settings to send the mail by.mail_settings blocks are documented below.
+* `smtp_server` - The UID or the name a preconfigured SMTP server object.
+
+
+`mail_settings` supports the following:
+
+* `recipients` - A comma separated list of recipient mail addresses.
+* `sender_email` - An email address to send the mail from.
+* `subject` - The email subject.
+* `body` - The email body.
+* `attachment` - What file should be attached to the mail.
+* `bcc_recipients` - A comma separated list of bcc recipient mail addresses.
+* `cc_recipients` - A comma separated list of cc recipient mail addresses.
+
+`smtp_server` supports the following :
+
+* `name` - the SMTP server name.
+* `port` - The SMTP port to use.
+* `server` - The SMTP server address.
+* `authentication` - Does the mail server requires authentication.
+* `encryption`- Encryption type.
+* `username`- A username for the SMTP server.
\ No newline at end of file
diff --git a/website/docs/d/checkpoint_management_threat_rule_exception_rulebase.html.markdown b/website/docs/d/checkpoint_management_threat_rule_exception_rulebase.html.markdown
new file mode 100644
index 00000000..7fbf6fb1
--- /dev/null
+++ b/website/docs/d/checkpoint_management_threat_rule_exception_rulebase.html.markdown
@@ -0,0 +1,86 @@
+---
+layout: "checkpoint"
+page_title: "checkpoint_management_threat_rule_exception_rulebase"
+sidebar_current: "docs-checkpoint-data-source-checkpoint-management-threat-rule-exception-rulebase"
+description: |-
+Use this data source to get information on an existing Check Point threat-rule-exception-rulebase
+---
+
+# Data Source: checkpoint_management_threat_rule_exception_rulebase
+
+Use this data source to get information on an existing Check Point threat-rule-exception-rulebase
+
+## Example Usage
+
+
+```hcl
+data "checkpoint_management_threat_rule_exception_rulebase" "base1" {
+ name = "Standard Threat Prevention"
+ rule_number = 1
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+* `name` - (Optional) Object name. Must be unique in the domain.
+* `uid` - (Optional) Object unique identifier.
+* `filter` - (Optional) Search expression to filter the rulebase. The provided text should be exactly the same as it would be given in Smart Console. The logical operators in the expression ('AND', 'OR') should be provided in capital letters. If an operator is not used, the default OR operator applies.
+* `filter_settings` -(Optional) Enable enforce end user domain. filter_settings blocks are documented below.
+* `limit` - (Optional) The maximal number of returned results.
+* `offset` - (Optional) Number of the results to initially skip.
+* `order` - (Optional) Sorts the results by search criteria. Automatically sorts the results by Name, in the ascending order. orders blocks are documented below.
+* `package` - (Optional) Name of the package.
+* `use_object_dictionary` - (Optional) boolean flag. indicate whether to use object dictionary in the response (default true).
+* `name` - The name of the exception.
+* `uid` - Object unique identifier.
+* `from` - From which element number the query was done.
+* `rulebase` - Array that contain rulebase for each group of the matched rule.
+* `to` - To which element number the query was done.
+* `total` - Total number of elements returned by the query.
+* `objects_dictionary` - List of object that are part of the rulebase as services,sources etc..
+
+
+`filter_settings` supports the following:
+
+* `search_mode` - When set to 'general', both the Full Text Search and Packet Search are enabled. In this mode, Packet Search will not match on 'Any' object, a negated cell or a group-with-exclusion. When the search-mode is set to 'packet', by default, the match on 'Any' object, a negated cell or a group-with-exclusion are enabled. packet-search-settings may be provided to change the default behavior.
+* `expand_group_members` - (Optional, can only be used when search_mode is set to "packet") When true, if the search expression contains a UID or a name of a group object, results will include rules that match on at least one member of the group.
+* `expand_group_with_exclusion_members` - (Optional, can only be used when search_mode is set to "packet") When true, if the search expression contains a UID or a name of a group-with-exclusion object, results will include rules that match at least one member of the "include" part and is not a member of the "except" part.
+* `match_on_any` - (Optional, can only be used when search_mode is set to "packet") Whether to match on 'Any' object.
+* `match_on_group_with_exclusion` - (Optional, can only be used when search_mode is set to "packet") Whether to match on a group-with-exclusion.
+* `match_on_negate` - (Optional), can only be used when search_mode is set to "packet") Whether to match on a negated cell.
+
+`order` supports the following:
+
+* `asc` - (Optional) Sorts results by the given field in ascending order.
+* `desc` - (Optional) Sorts results by the given field in descending order.
+
+
+`rulebase` supports the following:
+
+* `name` - The name of the exception group.
+* `uid` - Object unique identifier.
+* `type` - Object type.
+* `from` - From which element number the query was done.
+* `rulebase` - Array that contain threat exception for a specific exception group.
+* `to` - To which element number the query was done.
+
+`rulebase` supports the following:
+
+* `action` - Action-the enforced profile.
+* `install_on` - Which Gateways identified by the name or UID to install the policy on.
+* `source` - Collection of Network objects identified by the name or UID.
+* `source_negate` - True if negate is set for source.
+* `destination` - Collection of Network objects identified by the name or UID.
+* `destination_negate` - True if negate is set for destination.
+* `protected_scope` - Collection of objects defining Protected Scope identified by the name or UID.
+* `protected_scope_negate` - True if negate is set for Protected Scope.
+* `service` - Collection of Network objects identified by the name or UID.
+* `service_negate` - True if negate is set for service.
+* `track` - Packet tracking.
+
+`objects_dictionary` supports the following:
+
+* `name` - The name of the Object.
+* `uid` - Object unique identifier.
+* `type` - Object type.
\ No newline at end of file
diff --git a/website/docs/r/checkpoint_management_server_certificate.html.markdown b/website/docs/r/checkpoint_management_server_certificate.html.markdown
new file mode 100644
index 00000000..d7ebab46
--- /dev/null
+++ b/website/docs/r/checkpoint_management_server_certificate.html.markdown
@@ -0,0 +1,35 @@
+---
+layout: "checkpoint"
+page_title: "checkpoint_management_server_certificate"
+sidebar_current: "docs-checkpoint-resource-checkpoint-management-server-certificate"
+description: |-
+This resource allows you to execute Check Point Server Certificate.
+---
+
+# checkpoint_management_server_certificate
+
+This resource allows you to execute Check Point Server Certificate.
+
+## Example Usage
+
+
+```hcl
+resource "checkpoint_management_server_certificate" "example" {
+ name = "MyServerCertificate"
+ base64_certificate = "MIIKSAIBAzCCCg4GCSqGSIb3DQEHAaCCCf8Eggn7MIIJ9zCCBI8GCSqGSIb3DQEHBqCCBIAwggR8AgEAMIIEdQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQILAfxjBi7DTQCAggAgIIESKgKoClNx4YyTQr7xfIgSBSDs0It2vVsLubNFJpbQXzJUu2WaPQPbqV3wISpWCa/auLYC9OWpTI89HFt30rVAdWCFVoty7jI6L8HjTYa8fTGyqW7PyfoGyZclmz6totsmeVWc8i7wnl9Hk8NZpLWuixNoSLQUqBoloyZENll3i3/Z+/6mDlYkRmpCMQA2YLQm1yc/3n7Fq6grBJDro0tIIoAwIzgCdoKqIMwlDNA9c0eaHeXsP4k9WfJQbK6AyLTvHbrrNrgUyEDJQI6BCkeQwkBW2zRUHoe7s1DSQ5Rwft4koIaDcGovLES5g1gnXzmMr4/23+rf4/EZszB0QvlYvZIKLQ8O2ofvZ/HK+59fxlhKEiEkW2yhezDGR9s6hZnzZ8vMutisQJ8MO0m9iKVD5AAtif/32iy5+TVIQfqgER+DYVGOuk15YF2VcZGRlQ8pSvBXIkMMUDRqjFxQfKYIMlyk6RuSSgmIn+EIA9GfaBmEGy2xJYvw6IkUJ+xoR+SYeLYiMw+HkzI+cCOKF7fKPXlOCVvnESEeKwJ4inSxiI2GQG01aN/GNdsx/EM1Xi2LSHfzhG9URIOhjuJIQZn2Z7f3fpTxpWWCpEEVjcQZhoR0KX0DJ/gIx/iY8UsbNo58FTq5AwMFY6m8hxlHOorqh0MSE/x8LKq0v7JKIxQwrdkyUlVUqdaGreW5MgRdjqOrxQx53nLPdQelKWbR8Gn4KkwFcYCAB1VAe944zqq6YKL4mvNwxk5wyqDjn5UZtPokKFfqBOwOSAGsaZ389x/2tqXEgPhWVGFPJlsIUUKBRVTtqxsb2LdaCPHjO8bQhhgOIMEav+iWZAJYudZuolr8Aviccorg1w0sr2eklHbO6yMWrDrvlCVpSawRnLIeeWe+4rwV7SNdcA5hSombTWKRcR8mOkTGjpByiz6+g+3mHOeJbyTrmIfUSENMZy5oYjQfDyNLi0RMmCPCqMjRSwyAs/CDhzz4wTFLEYbu+fUrm2WZc2vhhxafbVrbZ+FcDcnYomYfp8aSxiIIq8+gxT99Oi3WNqhJ+IZGJODWMYRfpKNwgCab8uJt8TV3SVXVIXW0Y28l4ZuP/qWEfnEC8Wl6HJGhJo7arqBFTWWEuKvHw985OpksavdQFXgVU9Egbue0anb0U5SDyRu0hqJ/Gw83dKJbCg8hPv4gGq/yeOb+cX63DCKvOcoXjZ0szeRcGiro0+BSgr143Ks19lsxWHPOlauLSnD3jVrgpXmVwxCizRTnX3OLJ07IpvvEJGAQR/Ru2lo7eN0H4933G93tVQtte69BiPwbkWtSx8ddzbRGmMW7IsG72FVm5QrJC1C1Na5xqQQV6G2oHqIHNdNyXD6TmhuQ4BnpCoamCzfsX4iozS+NySz/Jdbuj0YZ9L2dQYUHiBF4xotlHfwiAiCghaBH31OZJ0n52d0NGqRkN5F0Qdfz1O2+rLx2zswggVgBgkqhkiG9w0BBwGgggVRBIIFTTCCBUkwggVFBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQIRNvlE6KdajoCAggABIIEyBJbsgafEO1D9xQ8BFYFNKf/meJNAOO4XVPTFtUBpyvEn3PkyxyKU1cMenESXeMacSv/VftkYC7CwN81kzbRMRSEXZSCsyj48kMqwTqMNmZmgF8XaFvzXOGlu2E411LZ/sOenWO7lxe0NGZM3vk4FWvl+4fa5Xd5TDqya65VsXSocDUA5kpeqn323TcdeCldGmEniX85NGIiPpWuRLGrNf8VOIuE3NFAmTSveHH9Oo7PjscCifc7O4+NpOW9GfayZMqG8dTpLhIRacdvy/QvbWePXdzzSI9rKogX/7+bSzU0Hq+8rpWlAhz0qnW2Bb3T7of86Len5cuNr0k425Dhpuo4od81exDdSa3+aFQqR3nKVSkPapLBrpGNZIX4TwctRnbi2ZHdFxMKkJewGt/beam3LcujJRlN2RBeA0IRWEAyO6ubjpQ62ChrW+faHXXxYnH3Be6nPXSF5pq4VAIVglNsPOxGYIb+qNDhOblzQBq4nF30fyHmOwDIRgNWwOStT7dUFmN0ouHinP6QXWBDDQiDo2RRFs2/RWu0ZY0EAzEYAMCSvmk+SQgKbKpNFf0C5kuJ56PWXUuGSoAXV/vxvK6OHIGF/FcZo+VrRgYTHY/eSjw1+/lpUkwaWAzoH0X6KxuLXfgzv+E8Z+LFVWIAoknJ96ieljiHzNnfeSTZYwTaJbYaritdAQ2MTGcBrpJFIqr9GjWGVsFQK0ct/ZIFzZw0Vnt/aOj5OjMPlpy9UXfC+tw9gfRYWfSDuDLuUH0Znu3JB/+J2XQP4PBArXKyvFv6wMVSvY/04r2WQQKV9YTUCkbgvHAlQ7vP0a8z44xSrKc4M04sEBE3cFD2NBAQrP3GqRyz2ukuzJhrj/B1dZWA23SZaqfN9gpbfFbtPXN6F/nY1UUsikLjcXDjC8rGVU9Pp4VCnv2EUgl4QmkUEdVeDZjUnz/k9Kd53q3h+chAId+3VBsemd3ZadX4gupw6Xf6zT8Av7v75/1/vFw2yz22DG8pIpN4uuEdSFhvs9lr6f2M6bQABS+NWfehq5aqBqsXXX8R3fSxYLL0gO4lxf4YqUSomA4AlzS9tJtEe2DKWYmnYwiiUGYLs7aGMLZQbHbYutPKKZXTaSGWYBaIrVjbDM67la/csYmxpb2n6UD6TkNICuZwd/ImVvDhbCEsR/EU+YU0HPwxlUtcCsqw4Vy8rBtbla2XmegGUcLWSurKmq42SW8W1LBJQfY/9sWyaMqSGy0/Vq4/+/CtXUZ1N5rgibYyIZ9Tvm/ndv2xBW1hYivIZZQFRbg5fWxKA5ifYejGmYCWGQynRSVCbqccw08xy5Iwnww4v5Cz5bcNyRLFOU2/bfn7SC5mcQ/Tw5ZKOQVRn88G78amMPHNRqX4RzPtIwmK+B3zPJX0MHrY3w5hzPZ0UCtR2YsbYLeqsYP6b+RBLSV3wtkUZ9PgbMeu7zXSE0z1svGpjF7yWpnP47ilbxwe1YXL5+CuqN6iHFfyaP1JPYILmHdw0gzgyOdo1y4rUXgCeiCyH4vJVLts8ERKpXZDMCUmujb306IOD9haFXdQHV5XlQurtw+JC7ySe9bVMrzYJv5/oPioOXMnLPI2OXYbACwlQ/UHgl5LmDlsxeairdfYTdAxajFEMB0GCSqGSIb3DQEJFDEQHg4AbQB5AGEAbABpAGEAczAjBgkqhkiG9w0BCRUxFgQU7cUIcmKuQKAMfwbKiKzQozUsyHwwMTAhMAkGBSsOAwIaBQAEFEFoI0QTIv2s2lR8PxS8xfiT5S06BAjANT3YLoakoAICCAA="
+ base64_password = "bXlfcGFzc3dvcmQ="
+ comments = "this is a comment"
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `name` - (Required) Object name.
+* `base64_certificate` - (Optional) Certificate file encoded in base64.
Valid file formats: p12.
+* `base64_password` - (Optional) Base64 encoded password of the certificate file.
+* `comments` - (Optional) Server certificate comments.
+* `subject` - Certificate's subject.
+* `valid_from` - Server certificate valid from date.
+* `valid_to` - Server certificate valid up to date.
diff --git a/website/docs/r/checkpoint_management_service_gtp.html.markdown b/website/docs/r/checkpoint_management_service_gtp.html.markdown
new file mode 100644
index 00000000..d42ceda7
--- /dev/null
+++ b/website/docs/r/checkpoint_management_service_gtp.html.markdown
@@ -0,0 +1,146 @@
+---
+layout: "checkpoint"
+page_title: "checkpoint_management_service_gtp"
+sidebar_current: "docs-checkpoint-resource-checkpoint-management-service-gtp"
+description: |-
+This resource allows you to execute Check Point Service Gtp.
+---
+
+# checkpoint_management_service_gtp
+
+This resource allows you to execute Check Point Service Gtp.
+
+## Example Usage
+
+
+```hcl
+ resource "checkpoint_management_service_gtp" "service_gtp" {
+ name = "gtp_svc1"
+ version = "v2"
+ reverse_service = true
+ trace_management = true
+ imsi_prefix = {
+ enable = true
+ prefix = "123"
+ }
+ interface_profile = {
+ profile = "Custom"
+ custom_message_types = "32-35"
+ }
+ selection_mode {
+ enable = true
+ mode = 1
+ }
+ ms_isdn= {
+ enable = true
+ ms_isdn = "312"
+ }
+ access_point_name ={
+ enable = true
+ apn = "AccP2"
+ }
+ apply_access_policy_on_user_traffic ={
+ enable = true
+ add_imsi_field_to_log = true
+ }
+ radio_access_technology {
+ other_types_range {
+ enable = true
+ types = "11-50"
+ }
+ }
+ ldap_group = {
+ enable = true
+ group = "ldap_group_1"
+ according_to = "MS-ISDN"
+ }
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `name` - (Required) Object name.
+* `version` - (Optional) GTP version.
+* `access_point_name` - (Optional) Match by Access Point Name.access_point_name blocks are documented below.
+* `allow_usage_of_static_ip` - (Optional) Allow usage of static IP addresses.
+* `apply_access_policy_on_user_traffic` - (Optional) Apply Access Policy on user traffic.apply_access_policy_on_user_traffic blocks are documented below.
+* `cs_fallback_and_srvcc` - (Optional) CS Fallback and SRVCC (Relevant for V2 only).
+* `imsi_prefix` - (Optional) Match by IMSI prefix.imsi_prefix blocks are documented below.
+* `interface_profile` - (Optional) Match only message types relevant to the given GTP interface. Relevant only for GTP V1 or V2.interface_profile blocks are documented below.
+* `ldap_group` - (Optional) Match by an LDAP Group.ldap_group blocks are documented below.
+* `ms_isdn` - (Optional) Match by an MS-ISDN.ms_isdn blocks are documented below.
+* `radio_access_technology` - (Optional) Match by Radio Access Technology.radio_access_technology blocks are documented below.
+* `restoration_and_recovery` - (Optional) Restoration and Recovery (Relevant for V2 only).
+* `reverse_service` - (Optional) Accept PDUs from the GGSN/PGW to the SGSN/SGW on a previously established PDP context, even if different ports are used.
+* `selection_mode` - (Optional) Match by a selection mode.selection_mode blocks are documented below.
+* `trace_management` - (Optional) Trace Management (Relevant for V2 only).
+* `tags` - (Optional) Collection of tag identifiers.tags blocks are documented below.
+* `color` - (Optional) Color of the object. Should be one of existing colors.
+* `comments` - (Optional) Comments string.
+* `groups` - (Optional) Collection of group identifiers.groups blocks are documented below.
+* `ignore_warnings` - (Optional) Apply changes ignoring warnings.
+* `ignore_errors` - (Optional) Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+
+
+`access_point_name` supports the following:
+
+* `enable` - (Optional)
+* `apn` - (Optional) The Access Point Name object identified by Name or UID.
+
+
+`apply_access_policy_on_user_traffic` supports the following:
+
+* `enable` - (Optional)
+* `add_imsi_field_to_log` - (Optional) Add IMSI field to logs generated by user traffic.
+
+
+`imsi_prefix` supports the following:
+
+* `enable` - (Optional)
+* `prefix` - (Optional) The IMSI prefix.
+
+
+`interface_profile` supports the following:
+
+* `profile` - (Optional) The Interface Profile object identified by Name or UID.
+* `custom_message_types` - (Optional) The messages types to match on them for this service. To specify a range, add a hyphen between the lowest and the highest numbers, for example: 32-35. Multiple Ranges can be chosen when separated with comma. This field relevant only when the Interface profile is set to 'Custom'.
+
+
+`ldap_group` supports the following:
+
+* `enable` - (Optional)
+* `group` - (Optional) The Ldap Group object identified by Name or UID.
+* `according_to` - (Optional) According to MS-ISDN or according to IMSI.
+
+
+`ms_isdn` supports the following:
+
+* `enable` - (Optional)
+* `ms_isdn` - (Optional) The MS-ISDN.
+
+
+`radio_access_technology` supports the following:
+
+* `utran` - (Optional) (1).
+* `geran` - (Optional) (2).
+* `wlan` - (Optional) (3).
+* `gan` - (Optional) (4).
+* `hspa_evolution` - (Optional) (5).
+* `eutran` - (Optional) (6).
+* `virtual` - (Optional) (7).
+* `nb_iot` - (Optional) (8).
+* `other_types_range` - (Optional) (9-255).other_types_range blocks are documented below.
+
+
+`selection_mode` supports the following:
+
+* `enable` - (Optional)
+* `mode` - (Optional) The mode as integer. [0 - Verified, 1 - MS - Not verified, 2 - Network - Not verified].
+
+
+`other_types_range` supports the following:
+
+* `enable` - (Optional)
+* `types` - (Optional) Other RAT Types. To specify other RAT ranges, add a hyphen between the lowest and the highest numbers, for example: 11-15. Multiple Ranges can be chosen when separated with comma.
diff --git a/website/docs/r/checkpoint_management_smart_task.html.markdown b/website/docs/r/checkpoint_management_smart_task.html.markdown
new file mode 100644
index 00000000..03a5134e
--- /dev/null
+++ b/website/docs/r/checkpoint_management_smart_task.html.markdown
@@ -0,0 +1,91 @@
+---
+layout: "checkpoint"
+page_title: "checkpoint_management_smart_task"
+sidebar_current: "docs-checkpoint-resource-checkpoint-management-smart-task"
+description: |-
+This resource allows you to execute Check Point Smart Task.
+---
+
+# checkpoint_management_smart_task
+
+This resource allows you to execute Check Point Smart Task.
+
+## Example Usage
+
+
+```hcl
+ resource "checkpoint_management_smart_task" "smart_task" {
+ name = "smt"
+ trigger = "Before Publish"
+ description = "my smart task"
+ action {
+ send_web_request {
+ url = "https://demo.example.com/policy-installation-reports"
+ fingerprint = "8023a5652ba2c8f5b0902363a5314cd2b4fdbc5c"
+ override_proxy = true
+ proxy_url = "https://demo.example.com/policy-installation-reports"
+ time_out = 200
+ shared_secret = " secret"
+ }
+ }
+ enabled = true
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `name` - (Required) Object name.
+* `action` - (Required) The action to be run when the trigger is fired.action blocks are documented below.
+* `trigger` - (Optional) Trigger type associated with the SmartTask.
+* `custom_data` - (Optional) Per SmartTask custom data in JSON format.
When the trigger is fired, the trigger data is converted to JSON. The custom data is then concatenated to the trigger data JSON.
+* `description` - (Optional) Description of the SmartTask's functionality and options.
+* `enabled` - (Optional) Whether the SmartTask is enabled and will run when triggered.
+* `fail_open` - (Optional) If the action fails to execute, whether to treat the execution failure as an error, or continue.
+* `tags` - (Optional) Collection of tag identifiers.tags blocks are documented below.
+* `color` - (Optional) Color of the object. Should be one of existing colors.
+* `comments` - (Optional) Comments string.
+* `ignore_warnings` - (Optional) Apply changes ignoring warnings.
+* `ignore_errors` - (Optional) Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+
+
+`action` supports the following (exactly one of them must be defined):
+
+* `send_web_request` - (Optional) When the trigger is fired, sends an HTTPS POST web request to the configured URL.
The trigger data will be passed along with the SmartTask's custom data in the request's payload.send_web_request blocks are documented below.
+* `run_script` - (Optional) When the trigger is fired, runs the configured Repository Script on the defined targets.
The trigger data is then passed to the script as the first parameter. The parameter is JSON encoded in Base64 format.run_script blocks are documented below.
+* `send_mail` - (Optional) When the trigger is fired, sends the configured email to the defined recipients.send_mail blocks are documented below.
+
+
+`send_web_request` supports the following:
+
+* `url` - (Required) URL used for the web request.
+* `fingerprint` - (Optional) The SHA1 fingerprint of the URL's SSL certificate. Used to trust servers with self-signed SSL certificates.
+* `override_proxy` - (Optional) Option to send to the web request via a proxy other than the Management's Server proxy (if defined).
+* `proxy_url` - (Optional) URL of the proxy used to send the request.
+* `shared_secret` - (Optional) Shared secret that can be used by the target server to identify the Management Server.
The value will be sent as part of the request in the "X-chkp-shared-secret" header.
+* `time_out` - (Optional) Web Request time-out in seconds.
+
+
+`run_script` supports the following:
+
+* `repository_script` - (Required) Repository script that is executed when the trigger is fired., identified by the name or UID.
+* `targets` - (Optional) Targets to execute the script on.targets blocks are documented below.
+* `time_out` - (Optional) Script execution time-out in seconds.
+
+
+`send_mail` supports the following:
+
+* `mail_settings` - (Required) The required settings to send the mail by.mail_settings blocks are documented below.
+* `smtp_server` - (Required) The UID or the name a preconfigured SMTP server object.
+
+
+`mail_settings` supports the following:
+
+* `recipients` - (Required) A comma separated list of recipient mail addresses.
+* `sender_email` - (Required) An email address to send the mail from.
+* `subject` - (Required) The email subject.
+* `body` - (Required) The email body.
+* `attachment` - (Optional) What file should be attached to the mail.
+* `bcc_recipients` - (Optional) A comma separated list of bcc recipient mail addresses.
+* `cc_recipients` - (Optional) A comma separated list of cc recipient mail addresses.