This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Marcel_M
Contributor
‎2021-04-30 01:27 AM

azure terraform standalone deployment

Hello,

I would like to deploy standalone Check Point cloud guard iaas standalone firewall with terraform.

In the official github of check point I just found vmss and ha deployments:

CloudGuardIaaS/terraform/azure at master · CheckPointSW/CloudGuardIaaS (github.com)

 

Has anyone a stanalone terraform script and can share it? 

Or can someone of Check Point maybe upload a stanalone terraform file ?

Some help here would be very nice.

10 Replies
_Val_
Admin
Admin
‎2021-04-30 07:43 AM

@Shay_Levin anything you can think of?

0 Kudos
Shay_Levin
Admin
Admin
‎2021-05-02 04:40 AM

Hi, 

We don't have one yet, but i will work on it.

Can't commit to a delivery date, I will publish it by the end of the month.

(1)
Shay_Levin
Admin
Admin
‎2021-05-10 05:22 AM

Hi Marcel, 

As I promised, the terraform for standalone/gateway is ready and attached to this reply.

It will be added to the official GitHub once it would be verified by R&D.

Just change the credentials in the terraform.tfstate file and give it a try.

 

 

checkpoint-single.zip
Marcel_M
Contributor
‎2021-05-10 05:25 AM
In response to Shay_Levin

Great thank you very much @Shay_Levin . I will try it and let you know how it worked.

THX alot

0 Kudos
Marcel_M
Contributor
‎2021-05-16 12:47 PM
In response to Shay_Levin

Hi,

I added the following lines, to accept the Marketplace agreement, without the deployment failed:

resource "azurerm_marketplace_agreement" "checkpoint" {
  publisher = "checkpoint"
  offer     = "check-point-cg-r8040"
  plan      = "sg-byol"
}

resource "azurerm_virtual_machine" "sg-vm-instance" {
  depends_on = [
    azurerm_marketplace_agreement.checkpoint,
    azurerm_network_interface.nic1,
Marcel_M
Contributor
‎2021-05-25 11:03 AM
In response to Marcel_M

also 

 

  enable_ip_forwarding          = true
Brede_Jensen
Explorer
Explorer
‎2023-03-01 12:11 PM
In response to Shay_Levin

I am not able to get this deployment of a singel gateway to work.

Error: Unsupported attribute

  on modules/vnet/main.tf line 48, in resource "azurerm_route_table" "frontend":

  48:     address_prefix = azurerm_subnet.subnet[0].address_prefix

This object has no argument, nested block, or exported attribute named "address_prefix". Did you mean "address_prefixes"?

 

And there is no new update in the official github of check point

Is there planed to add a update that will work on R81.10 deployment ?

0 Kudos
Dmitrytc
Employee
Employee
‎2023-03-06 12:32 AM
In response to Brede_Jensen

Hi @Brede_Jensen ,

I managed to get the attached template working by the versions.tf that we support currently (Can be obtained from GitHub as well):

terraform {
  required_version = ">= 0.14.3"
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "~> 2.92.0"
    }
    random = {
      version = "~> 2.2.1"
    }
  }
}

After changing the file as above, run the terraform init -upgrade command.

We plan to release in the near future a single gateway template, and the supported versions will be the same as the rest of the templates. 

Best regards,

Dima.

 

 

Daniel_Kavan
MVP Gold
MVP Gold
‎2024-06-12 08:17 AM

Thanks, I was under the impression you couldn't have a consolidated standalone (manager & gw) on the cloud.

0 Kudos
the_rock
MVP Gold
MVP Gold
‎2024-06-12 10:18 AM
In response to Daniel_Kavan

Its is definitely supported. I would not recommend it personally.

Best,
Andy
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
UPCOMING CLOUDMATES EVENTS
    All CloudMates Events