When using Terraform one depends on the provider to give feedback on created resources.
For instance, if I create a policy package with "checkpoint_management_package" I cannot get any ID on neither the policy package itself, nor the checkpoint_management_access_layer. Without that information I cannot create the rules for this layer in that terraform if I have multiple policy packages in the domain/smartcenter.
There is no way to add a layer to any policy either, which is the preferred way; create an empty policy package, then add the access layer as a separate operation.
Every resource has to have some UID, unique name or other way of referencing it dynamically.
This lack of glue makes it impossible to create a single terraform.
Example:
resource "checkpoint_management_package" "cloudPolicy" {
name = "cloudPolicy"
comments = "Automated by Terraform"
threat_prevention = false
access = false
}
resource "checkpoint_management_access_layer" "cloudLayer" {
name = "cloudLayer"
package = checkpoint_management_package.uid
...
}
resource "checkpoint_management_access_rule" "cloudRule1" {
layer = checkpoint_management_access_layer.cloudLayer.uid
position = {top = "top"}
name = "test1"
}
Without the UID I cannot glue together the TF above.
I suggest you take a look at a relatively mature provider, like azurerm, for inspiration. I can write large terraforms without relying on depends_on, which is bad practice, and there are multiple options for creating resources.