Re: azure terraform standalone deployment

Marcel_M · ‎2021-04-30

Hello,

I would like to deploy standalone Check Point cloud guard iaas standalone firewall with terraform.

In the official github of check point I just found vmss and ha deployments:

CloudGuardIaaS/terraform/azure at master · CheckPointSW/CloudGuardIaaS (github.com)

Has anyone a stanalone terraform script and can share it?

Or can someone of Check Point maybe upload a stanalone terraform file ?

Some help here would be very nice.

_Val_ · ‎2021-04-30

@Shay_Levin anything you can think of?

Shay_Levin · ‎2021-05-02

Hi,

We don't have one yet, but i will work on it.

Can't commit to a delivery date, I will publish it by the end of the month.

Shay_Levin · ‎2021-05-10

Hi Marcel,

As I promised, the terraform for standalone/gateway is ready and attached to this reply.

It will be added to the official GitHub once it would be verified by R&D.

Just change the credentials in the terraform.tfstate file and give it a try.

Marcel_M · ‎2021-05-10

Great thank you very much @Shay_Levin . I will try it and let you know how it worked.

THX alot

Marcel_M · ‎2021-05-16

Hi,

I added the following lines, to accept the Marketplace agreement, without the deployment failed:

resource "azurerm_marketplace_agreement" "checkpoint" {
  publisher = "checkpoint"
  offer     = "check-point-cg-r8040"
  plan      = "sg-byol"
}

resource "azurerm_virtual_machine" "sg-vm-instance" {
  depends_on = [
    azurerm_marketplace_agreement.checkpoint,
    azurerm_network_interface.nic1,

Marcel_M · ‎2021-05-25

also

  enable_ip_forwarding          = true

Brede_Jensen · ‎2023-03-01

I am not able to get this deployment of a singel gateway to work.

Error: Unsupported attribute

on modules/vnet/main.tf line 48, in resource "azurerm_route_table" "frontend":

48: address_prefix = azurerm_subnet.subnet[0].address_prefix

This object has no argument, nested block, or exported attribute named "address_prefix". Did you mean "address_prefixes"?

And there is no new update in the official github of check point

Is there planed to add a update that will work on R81.10 deployment ?

Dmitrytc · ‎2023-03-06

Hi @Brede_Jensen ,

I managed to get the attached template working by the versions.tf that we support currently (Can be obtained from GitHub as well):

terraform {
  required_version = ">= 0.14.3"
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "~> 2.92.0"
    }
    random = {
      version = "~> 2.2.1"
    }
  }
}

After changing the file as above, run the terraform init -upgrade command.

We plan to release in the near future a single gateway template, and the supported versions will be the same as the rest of the templates.

Best regards,

Dima.

Daniel_Kavan · ‎2024-06-12

Thanks, I was under the impression you couldn't have a consolidated standalone (manager & gw) on the cloud.

the_rock · ‎2024-06-12

Its is definitely supported. I would not recommend it personally.

Are you a member of CheckMates?

azure terraform standalone deployment