Who rated this post

Showing results for 
Search instead for 
Did you mean: 


When you are working with Terraform you can handle the installation as well as the publish of the changes made by Terraform.

I would simply use the resources you can find inside "checkpoint" provider in the registry, my suggestion would also be to use the latest version (as per today 1.3.0) of the provider. So you would set your provider like this: 

terraform {
  required_providers {
    checkpoint = {
      source = "CheckPointSW/checkpoint"
      version = ">= 1.3.0"

Then in the main you would just need to add the resources to publish the changes at the end, be careful to use the right dependency for that one since you want to be executed after all the changes.

So the policy install would be something like

resource "checkpoint_management_install_policy" "example" {
  policy_package = "standard"
  targets = ["corporate-gateway"]

And the publish would be something like, with some "depends_on" statement inside,

resource "checkpoint_management_publish" "example" { }


These examples are the ones in the public documentation of our provider that you can find here: https://registry.terraform.io/providers/CheckPointSW/checkpoint/latest/docs

If you want to see a real example here is a Terraform that I have created to make few action: such as creating few objects, a policy package, connect a datacenter object, install the CME, patch to a certain Jumbo Hotfix, etc https://github.com/gbrembati/terraform/blob/master/azure/mgmt-configuration/mgmtcfg-main.tf


Hope it helps,


View solution in original post

Who rated this post