From 6584e810f6ce9604b8bdf22630d685c561bcc047 Mon Sep 17 00:00:00 2001 From: nimrodgab Date: Mon, 18 Nov 2024 16:58:01 +0200 Subject: [PATCH 1/7] Added support for IDA settings attribute in gw config for v1.2.2 --- checkpoint/cme_utils.go | 2 +- ...kpoint_management_cme_gw_configurations.go | 35 ++++++++++ ...nt_management_cme_gw_configurations_aws.go | 37 +++++++++++ ...nagement_cme_gw_configurations_aws_test.go | 8 ++- ..._management_cme_gw_configurations_azure.go | 37 +++++++++++ ...gement_cme_gw_configurations_azure_test.go | 10 ++- ...nt_management_cme_gw_configurations_gcp.go | 37 +++++++++++ ...nagement_cme_gw_configurations_gcp_test.go | 8 ++- ...nt_management_cme_gw_configurations_aws.go | 64 ++++++++++++++++++- ...nagement_cme_gw_configurations_aws_test.go | 22 +++++-- ..._management_cme_gw_configurations_azure.go | 64 ++++++++++++++++++- ...gement_cme_gw_configurations_azure_test.go | 24 +++++-- ...nt_management_cme_gw_configurations_gcp.go | 64 ++++++++++++++++++- ...nagement_cme_gw_configurations_gcp_test.go | 12 +++- ...gement_cme_gw_configurations.html.markdown | 3 + ...nt_cme_gw_configurations_aws.html.markdown | 3 + ..._cme_gw_configurations_azure.html.markdown | 3 + ...nt_cme_gw_configurations_gcp.html.markdown | 3 + website/docs/index.html.markdown | 1 + ...nt_cme_gw_configurations_aws.html.markdown | 9 ++- ..._cme_gw_configurations_azure.html.markdown | 9 ++- ...nt_cme_gw_configurations_gcp.html.markdown | 9 ++- 22 files changed, 437 insertions(+), 27 deletions(-) diff --git a/checkpoint/cme_utils.go b/checkpoint/cme_utils.go index 474a8d38..702b0e9b 100755 --- a/checkpoint/cme_utils.go +++ b/checkpoint/cme_utils.go @@ -6,7 +6,7 @@ import ( ) const ( - CmeApiVersion = "v1.2" + CmeApiVersion = "v1.2.2" CmeApiPath = "cme-api/" + CmeApiVersion ) diff --git a/checkpoint/data_source_checkpoint_management_cme_gw_configurations.go b/checkpoint/data_source_checkpoint_management_cme_gw_configurations.go index 803c06c6..b7fdb7b3 100755 --- a/checkpoint/data_source_checkpoint_management_cme_gw_configurations.go +++ b/checkpoint/data_source_checkpoint_management_cme_gw_configurations.go @@ -134,6 +134,31 @@ func dataSourceManagementCMEGWConfigurations() *schema.Resource { }, }, }, + "identity_awareness_settings": { + Type: schema.TypeList, + MaxItems: 1, + Computed: true, + Description: "Dictionary of identity awareness settings that can be configured by CME: " + + "enable_cloudguard_controller (enabling IDA Web API) and receive_identities_from (list of PDP gateway to" + + "receive identities from through identity sharing feature)", + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "enable_cloudguard_controller": { + Type: schema.TypeBool, + Computed: true, + Description: "Enabling Web API identity source for CloudGuard Controller", + }, + "receive_identities_from": { + Type: schema.TypeList, + Computed: true, + Description: "List of PDP gateways names to receive identities from through identity sharing", + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + }, + }, + }, "repository_gateway_scripts": { Type: schema.TypeList, Computed: true, @@ -261,6 +286,16 @@ func dataSourceManagementCMEGWConfigurationsRead(d *schema.ResourceData, m inter bladesListToReturn = append(bladesListToReturn, bladesMapToAdd) tempObject["blades"] = bladesListToReturn + var IDASettingsListToReturn []map[string]interface{} + IDASettingsMapToAdd := make(map[string]interface{}) + if singleGWConfiguration["identity-awareness-settings"] != nil { + IDASettingsMap := singleGWConfiguration["identity-awareness-settings"].(map[string]interface{}) + IDASettingsMapToAdd["enable_cloudguard_controller"] = IDASettingsMap["enable-cloudguard-controller"] + IDASettingsMapToAdd["receive_identities_from"] = IDASettingsMap["receive-identities-from"] + IDASettingsListToReturn = append(IDASettingsListToReturn, IDASettingsMapToAdd) + } + tempObject["identity_awareness_settings"] = IDASettingsListToReturn + if singleGWConfiguration["repository-gateway-scripts"] != nil { scriptsList := singleGWConfiguration["repository-gateway-scripts"].([]interface{}) if len(scriptsList) > 0 { diff --git a/checkpoint/data_source_checkpoint_management_cme_gw_configurations_aws.go b/checkpoint/data_source_checkpoint_management_cme_gw_configurations_aws.go index 3a245144..9e0c06a8 100644 --- a/checkpoint/data_source_checkpoint_management_cme_gw_configurations_aws.go +++ b/checkpoint/data_source_checkpoint_management_cme_gw_configurations_aws.go @@ -129,6 +129,31 @@ func dataSourceManagementCMEGWConfigurationsAWS() *schema.Resource { }, }, }, + "identity_awareness_settings": { + Type: schema.TypeList, + MaxItems: 1, + Computed: true, + Description: "Dictionary of identity awareness settings that can be configured by CME: " + + "enable_cloudguard_controller (enabling IDA Web API) and receive_identities_from (list of PDP gateway to" + + "receive identities from through identity sharing feature)", + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "enable_cloudguard_controller": { + Type: schema.TypeBool, + Computed: true, + Description: "Enabling Web API identity source for CloudGuard Controller", + }, + "receive_identities_from": { + Type: schema.TypeList, + Computed: true, + Description: "List of PDP gateways names to receive identities from through identity sharing", + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + }, + }, + }, "repository_gateway_scripts": { Type: schema.TypeList, Computed: true, @@ -289,6 +314,18 @@ func dataSourceManagementCMEGWConfigurationsAWSRead(d *schema.ResourceData, m in bladesListToReturn = append(bladesListToReturn, bladesMapToAdd) _ = d.Set("blades", bladesListToReturn) + var IDASettingsListToReturn []map[string]interface{} + IDASettingsMapToAdd := make(map[string]interface{}) + if AWSGWConfiguration["identity-awareness-settings"] != nil { + IDASettingsMap := AWSGWConfiguration["identity-awareness-settings"].(map[string]interface{}) + IDASettingsMapToAdd["enable_cloudguard_controller"] = IDASettingsMap["enable-cloudguard-controller"] + IDASettingsMapToAdd["receive_identities_from"] = IDASettingsMap["receive-identities-from"] + IDASettingsListToReturn = append(IDASettingsListToReturn, IDASettingsMapToAdd) + _ = d.Set("identity_awareness_settings", IDASettingsListToReturn) + } else { + _ = d.Set("identity_awareness_settings", nil) + } + if AWSGWConfiguration["repository-gateway-scripts"] != nil { scriptsList := AWSGWConfiguration["repository-gateway-scripts"].([]interface{}) if len(scriptsList) > 0 { diff --git a/checkpoint/data_source_checkpoint_management_cme_gw_configurations_aws_test.go b/checkpoint/data_source_checkpoint_management_cme_gw_configurations_aws_test.go index 194c1ee6..69fab4d3 100644 --- a/checkpoint/data_source_checkpoint_management_cme_gw_configurations_aws_test.go +++ b/checkpoint/data_source_checkpoint_management_cme_gw_configurations_aws_test.go @@ -33,6 +33,7 @@ func TestAccDataSourceCheckpointManagementCMEGWConfigurationsAWS_basic(t *testin resource.TestCheckResourceAttrPair(dataSourceName, "color", resourceName, "color"), resource.TestCheckResourceAttrPair(dataSourceName, "x_forwarded_for", resourceName, "x_forwarded_for"), resource.TestCheckResourceAttrPair(dataSourceName, "communication_with_servers_behind_nat", resourceName, "communication_with_servers_behind_nat"), + resource.TestCheckResourceAttrPair(dataSourceName, "identity_awareness_settings", resourceName, "identity_awareness_settings"), ), }, }, @@ -50,7 +51,7 @@ resource "checkpoint_management_cme_accounts_aws" "aws_account" { resource "checkpoint_management_cme_gw_configurations_aws" "test" { name = "%s" related_account = "${checkpoint_management_cme_accounts_aws.aws_account.name}" - version = "R81" + version = "R82" base64_sic_key = "MTIzNDU2Nzg=" policy = "Standard" x_forwarded_for = true @@ -64,12 +65,15 @@ resource "checkpoint_management_cme_gw_configurations_aws" "test" { application_control = false autonomous_threat_prevention = false content_awareness = false - identity_awareness = false + identity_awareness = true ipsec_vpn = false threat_emulation = false url_filtering = false vpn = false } + identity_awareness_settings { + enable_cloudguard_controller = true + } } data "checkpoint_management_cme_gw_configurations_aws" "data_test" { diff --git a/checkpoint/data_source_checkpoint_management_cme_gw_configurations_azure.go b/checkpoint/data_source_checkpoint_management_cme_gw_configurations_azure.go index 9af782dd..012816f5 100644 --- a/checkpoint/data_source_checkpoint_management_cme_gw_configurations_azure.go +++ b/checkpoint/data_source_checkpoint_management_cme_gw_configurations_azure.go @@ -107,6 +107,31 @@ func dataSourceManagementCMEGWConfigurationsAzure() *schema.Resource { }, }, }, + "identity_awareness_settings": { + Type: schema.TypeList, + MaxItems: 1, + Computed: true, + Description: "Dictionary of identity awareness settings that can be configured by CME: " + + "enable_cloudguard_controller (enabling IDA Web API) and receive_identities_from (list of PDP gateway to" + + "receive identities from through identity sharing feature)", + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "enable_cloudguard_controller": { + Type: schema.TypeBool, + Computed: true, + Description: "Enabling Web API identity source for CloudGuard Controller", + }, + "receive_identities_from": { + Type: schema.TypeList, + Computed: true, + Description: "List of PDP gateways names to receive identities from through identity sharing", + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + }, + }, + }, "repository_gateway_scripts": { Type: schema.TypeList, Computed: true, @@ -258,6 +283,18 @@ func dataSourceManagementCMEGWConfigurationsAzureRead(d *schema.ResourceData, m bladesListToReturn = append(bladesListToReturn, bladesMapToAdd) _ = d.Set("blades", bladesListToReturn) + var IDASettingsListToReturn []map[string]interface{} + IDASettingsMapToAdd := make(map[string]interface{}) + if AzureGWConfiguration["identity-awareness-settings"] != nil { + IDASettingsMap := AzureGWConfiguration["identity-awareness-settings"].(map[string]interface{}) + IDASettingsMapToAdd["enable_cloudguard_controller"] = IDASettingsMap["enable-cloudguard-controller"] + IDASettingsMapToAdd["receive_identities_from"] = IDASettingsMap["receive-identities-from"] + IDASettingsListToReturn = append(IDASettingsListToReturn, IDASettingsMapToAdd) + _ = d.Set("identity_awareness_settings", IDASettingsListToReturn) + } else { + _ = d.Set("identity_awareness_settings", nil) + } + if AzureGWConfiguration["repository-gateway-scripts"] != nil { scriptsList := AzureGWConfiguration["repository-gateway-scripts"].([]interface{}) if len(scriptsList) > 0 { diff --git a/checkpoint/data_source_checkpoint_management_cme_gw_configurations_azure_test.go b/checkpoint/data_source_checkpoint_management_cme_gw_configurations_azure_test.go index f32f6dcb..b912b521 100644 --- a/checkpoint/data_source_checkpoint_management_cme_gw_configurations_azure_test.go +++ b/checkpoint/data_source_checkpoint_management_cme_gw_configurations_azure_test.go @@ -34,6 +34,7 @@ func TestAccDataSourceCheckpointManagementCMEGWConfigurationsAzure_basic(t *test resource.TestCheckResourceAttrPair(dataSourceName, "color", resourceName, "color"), resource.TestCheckResourceAttrPair(dataSourceName, "x_forwarded_for", resourceName, "x_forwarded_for"), resource.TestCheckResourceAttrPair(dataSourceName, "communication_with_servers_behind_nat", resourceName, "communication_with_servers_behind_nat"), + resource.TestCheckResourceAttrPair(dataSourceName, "identity_awareness_settings", resourceName, "identity_awareness_settings"), ), }, }, @@ -46,14 +47,14 @@ resource "checkpoint_management_cme_accounts_azure" "azure_account" { name = "%s" directory_id = "46707d92-02f4-4817-8116-a4c3b23e6266" application_id = "46707d92-02f4-4817-8116-a4c3b23e6266" - client_secret = "mySecret" + client_secret = "abcdef-123456" subscription = "46707d92-02f4-4817-8116-a4c3b23e6267" } resource "checkpoint_management_cme_gw_configurations_azure" "test" { name = "%s" related_account = "${checkpoint_management_cme_accounts_azure.azure_account.name}" - version = "R81" + version = "R82" base64_sic_key = "MTIzNDU2Nzg=" policy = "Standard" ipv6 = true @@ -68,12 +69,15 @@ resource "checkpoint_management_cme_gw_configurations_azure" "test" { application_control = false autonomous_threat_prevention = false content_awareness = false - identity_awareness = false + identity_awareness = true ipsec_vpn = false threat_emulation = false url_filtering = false vpn = false } + identity_awareness_settings { + enable_cloudguard_controller = true + } } data "checkpoint_management_cme_gw_configurations_azure" "data_test" { diff --git a/checkpoint/data_source_checkpoint_management_cme_gw_configurations_gcp.go b/checkpoint/data_source_checkpoint_management_cme_gw_configurations_gcp.go index 9c021dd9..70307c3f 100644 --- a/checkpoint/data_source_checkpoint_management_cme_gw_configurations_gcp.go +++ b/checkpoint/data_source_checkpoint_management_cme_gw_configurations_gcp.go @@ -128,6 +128,31 @@ func dataSourceManagementCMEGWConfigurationsGCP() *schema.Resource { }, }, }, + "identity_awareness_settings": { + Type: schema.TypeList, + MaxItems: 1, + Computed: true, + Description: "Dictionary of identity awareness settings that can be configured by CME: " + + "enable_cloudguard_controller (enabling IDA Web API) and receive_identities_from (list of PDP gateway to" + + "receive identities from through identity sharing feature)", + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "enable_cloudguard_controller": { + Type: schema.TypeBool, + Computed: true, + Description: "Enabling Web API identity source for CloudGuard Controller", + }, + "receive_identities_from": { + Type: schema.TypeList, + Computed: true, + Description: "List of PDP gateways names to receive identities from through identity sharing", + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + }, + }, + }, "repository_gateway_scripts": { Type: schema.TypeList, Computed: true, @@ -253,6 +278,18 @@ func dataSourceManagementCMEGWConfigurationsGCPRead(d *schema.ResourceData, m in bladesListToReturn = append(bladesListToReturn, bladesMapToAdd) _ = d.Set("blades", bladesListToReturn) + var IDASettingsListToReturn []map[string]interface{} + IDASettingsMapToAdd := make(map[string]interface{}) + if GCPGWConfiguration["identity-awareness-settings"] != nil { + IDASettingsMap := GCPGWConfiguration["identity-awareness-settings"].(map[string]interface{}) + IDASettingsMapToAdd["enable_cloudguard_controller"] = IDASettingsMap["enable-cloudguard-controller"] + IDASettingsMapToAdd["receive_identities_from"] = IDASettingsMap["receive-identities-from"] + IDASettingsListToReturn = append(IDASettingsListToReturn, IDASettingsMapToAdd) + _ = d.Set("identity_awareness_settings", IDASettingsListToReturn) + } else { + _ = d.Set("identity_awareness_settings", nil) + } + if GCPGWConfiguration["repository-gateway-scripts"] != nil { scriptsList := GCPGWConfiguration["repository-gateway-scripts"].([]interface{}) if len(scriptsList) > 0 { diff --git a/checkpoint/data_source_checkpoint_management_cme_gw_configurations_gcp_test.go b/checkpoint/data_source_checkpoint_management_cme_gw_configurations_gcp_test.go index c7001ecc..324fc485 100644 --- a/checkpoint/data_source_checkpoint_management_cme_gw_configurations_gcp_test.go +++ b/checkpoint/data_source_checkpoint_management_cme_gw_configurations_gcp_test.go @@ -33,6 +33,7 @@ func TestAccDataSourceCheckpointManagementCMEGWConfigurationsGCP_basic(t *testin resource.TestCheckResourceAttrPair(dataSourceName, "color", resourceName, "color"), resource.TestCheckResourceAttrPair(dataSourceName, "x_forwarded_for", resourceName, "x_forwarded_for"), resource.TestCheckResourceAttrPair(dataSourceName, "communication_with_servers_behind_nat", resourceName, "communication_with_servers_behind_nat"), + resource.TestCheckResourceAttrPair(dataSourceName, "identity_awareness_settings", resourceName, "identity_awareness_settings"), ), }, }, @@ -50,7 +51,7 @@ resource "checkpoint_management_cme_accounts_gcp" "gcp_account" { resource "checkpoint_management_cme_gw_configurations_gcp" "test" { name = "%s" related_account = "${checkpoint_management_cme_accounts_gcp.gcp_account.name}" - version = "R81" + version = "R82" base64_sic_key = "MTIzNDU2Nzg=" policy = "Standard" x_forwarded_for = true @@ -64,12 +65,15 @@ resource "checkpoint_management_cme_gw_configurations_gcp" "test" { application_control = false autonomous_threat_prevention = false content_awareness = false - identity_awareness = false + identity_awareness = true ipsec_vpn = false threat_emulation = false url_filtering = false vpn = false } + identity_awareness_settings { + enable_cloudguard_controller = true + } } data "checkpoint_management_cme_gw_configurations_gcp" "data_test" { diff --git a/checkpoint/resource_checkpoint_management_cme_gw_configurations_aws.go b/checkpoint/resource_checkpoint_management_cme_gw_configurations_aws.go index 777f7318..e7a986b7 100644 --- a/checkpoint/resource_checkpoint_management_cme_gw_configurations_aws.go +++ b/checkpoint/resource_checkpoint_management_cme_gw_configurations_aws.go @@ -136,6 +136,31 @@ func resourceManagementCMEGWConfigurationsAWS() *schema.Resource { }, }, }, + "identity_awareness_settings": { + Type: schema.TypeList, + MaxItems: 1, + Optional: true, + Description: "Dictionary of identity awareness settings that can be configured by CME: " + + "enable_cloudguard_controller (enabling IDA Web API) and receive_identities_from (list of PDP gateway to" + + "receive identities from through identity sharing feature)", + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "enable_cloudguard_controller": { + Type: schema.TypeBool, + Required: true, + Description: "Enabling Web API identity source for CloudGuard Controller", + }, + "receive_identities_from": { + Type: schema.TypeList, + Optional: true, + Description: "List of PDP gateways names to receive identities from through identity sharing", + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + }, + }, + }, "repository_gateway_scripts": { Type: schema.TypeList, Optional: true, @@ -295,6 +320,18 @@ func readManagementCMEGWConfigurationsAWS(d *schema.ResourceData, m interface{}) bladesListToReturn = append(bladesListToReturn, bladesMapToAdd) _ = d.Set("blades", bladesListToReturn) + var IDASettingsListToReturn []map[string]interface{} + IDASettingsMapToAdd := make(map[string]interface{}) + if AWSGWConfiguration["identity-awareness-settings"] != nil { + IDASettingsMap := AWSGWConfiguration["identity-awareness-settings"].(map[string]interface{}) + IDASettingsMapToAdd["enable_cloudguard_controller"] = IDASettingsMap["enable-cloudguard-controller"] + IDASettingsMapToAdd["receive_identities_from"] = IDASettingsMap["receive-identities-from"] + IDASettingsListToReturn = append(IDASettingsListToReturn, IDASettingsMapToAdd) + _ = d.Set("identity_awareness_settings", IDASettingsListToReturn) + } else { + _ = d.Set("identity_awareness_settings", nil) + } + if AWSGWConfiguration["repository-gateway-scripts"] != nil { scriptsList := AWSGWConfiguration["repository-gateway-scripts"].([]interface{}) if len(scriptsList) > 0 { @@ -464,7 +501,22 @@ func createManagementCMEGWConfigurationsAWS(d *schema.ResourceData, m interface{ } payload["blades"] = tempObject } - + if _, ok := d.GetOk("identity_awareness_settings"); ok { + tempObject := make(map[string]interface{}) + if v := d.Get("identity_awareness_settings.0.enable_cloudguard_controller"); v != nil { + tempObject["enable_cloudguard_controller"] = v.(bool) + } + if v, ok := d.GetOk("identity_awareness_settings.0.receive_identities_from"); ok { + tempObject["receive_identities_from"] = v.([]interface{}) + } + payload["identity_awareness_settings"] = tempObject + } else { + if blades, ok := payload["blades"].(map[string]interface{}); ok { + if identityAwareness, ok := blades["identity-awareness"].(bool); ok && identityAwareness { + return fmt.Errorf("'identity_awareness_settings' must be set when 'identity_awareness' blade is enabled") + } + } + } log.Println("Create cme AWS GW configuration - name = ", payload["name"]) url := CmeApiPath + "/gwConfigurations/aws" @@ -605,6 +657,16 @@ func updateManagementCMEGWConfigurationsAWS(d *schema.ResourceData, m interface{ } payload["blades"] = tempObject } + if d.HasChange("identity_awareness_settings") { + tempObject := make(map[string]interface{}) + if d.HasChange("identity_awareness_settings.0.enable_cloudguard_controller") { + tempObject["enable_cloudguard_controller"] = d.Get("identity_awareness_settings.0.enable_cloudguard_controller") + } + if d.HasChange("identity_awareness_settings.0.receive_identities_from") { + tempObject["receive_identities_from"] = d.Get("identity_awareness_settings.0.receive_identities_from") + } + payload["identity_awareness_settings"] = tempObject + } var name string if v, ok := d.GetOk("name"); ok { diff --git a/checkpoint/resource_checkpoint_management_cme_gw_configurations_aws_test.go b/checkpoint/resource_checkpoint_management_cme_gw_configurations_aws_test.go index c91177cd..7165e750 100644 --- a/checkpoint/resource_checkpoint_management_cme_gw_configurations_aws_test.go +++ b/checkpoint/resource_checkpoint_management_cme_gw_configurations_aws_test.go @@ -14,7 +14,7 @@ func TestAccCheckpointManagementCMEGWConfigurationsAWS_basic(t *testing.T) { resourceName := "checkpoint_management_cme_gw_configurations_aws.gw_configuration_test" accountName := "test-account" gwConfigurationName := "test-gw-configuration" - gwConfigurationVersion := "R81" + gwConfigurationVersion := "R82" gwConfigurationBase64SIC := "MTIzNDU2Nzg=" gwConfigurationPolicy := "Standard" gwConfigurationXForwardedFor := true @@ -41,7 +41,7 @@ func TestAccCheckpointManagementCMEGWConfigurationsAWS_basic(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckCheckpointManagementCMEGWConfigurationsAWSExists(resourceName, &awsGWConfiguration), testAccCheckCheckpointManagementCMEGWConfigurationsAWSAttributes(&awsGWConfiguration, gwConfigurationName, accountName, gwConfigurationVersion, - gwConfigurationPolicy, true, true, gwConfigurationXForwardedFor, + gwConfigurationPolicy, true, true, true, gwConfigurationXForwardedFor, gwConfigurationColor, gwConfigurationCommunicationWithServersBehindNAT), ), }, @@ -97,12 +97,15 @@ resource "checkpoint_management_cme_gw_configurations_aws" "gw_configuration_tes application_control = false autonomous_threat_prevention = false content_awareness = false - identity_awareness = false + identity_awareness = true ipsec_vpn = false threat_emulation = false url_filtering = false vpn = false } + identity_awareness_settings { + enable_cloudguard_controller = true + } } `, accountName, gwConfigurationName, gwConfigurationVersion, gwConfigurationBase64SIC, gwConfigurationPolicy, gwConfigurationXForwardedFor, gwConfigurationColor, gwConfigurationCommunicationWithServersBehindNAT) @@ -137,7 +140,7 @@ func testAccCheckCheckpointManagementCMEGWConfigurationsAWSExists(resourceTfName func testAccCheckCheckpointManagementCMEGWConfigurationsAWSAttributes(awsGWConfiguration *map[string]interface{}, gwConfigurationName string, accountName string, gwConfigurationVersion string, gwConfigurationPolicyName string, ipsFlag bool, - antiBotFlag bool, gwConfigurationXForwardedFor bool, gwConfigurationColor string, gwConfigurationCommunicationWithServersBehindNAT string) resource.TestCheckFunc { + antiBotFlag bool, IDAFlag bool, gwConfigurationXForwardedFor bool, gwConfigurationColor string, gwConfigurationCommunicationWithServersBehindNAT string) resource.TestCheckFunc { return func(s *terraform.State) error { gwConfiguration := (*awsGWConfiguration)["result"].(map[string]interface{}) if gwConfiguration["name"] != gwConfigurationName { @@ -155,19 +158,28 @@ func testAccCheckCheckpointManagementCMEGWConfigurationsAWSAttributes(awsGWConfi blades := gwConfiguration["blades"].(map[string]interface{}) ips := blades["ips"] antiBot := blades["anti-bot"] + IDA := blades["identity-awareness"] if ips != ipsFlag { return fmt.Errorf("ips is %t, expected %t", ips, ipsFlag) } if antiBot != antiBotFlag { return fmt.Errorf("anti bot is %t, expected %t", antiBot, antiBotFlag) } + if IDA != IDAFlag { + return fmt.Errorf("identity awareness is %t, expected %t", IDA, IDAFlag) + } + IDASettings := gwConfiguration["identity-awareness-settings"].(map[string]interface{}) + enableCgController := IDASettings["enable-cloudguard-controller"] + if enableCgController != IDAFlag{ + return fmt.Errorf("enable-cloudguard-controller identity source is %t, expected %t", enableCgController, IDAFlag) + } if gwConfiguration["x_forwarded_for"] != gwConfigurationXForwardedFor { return fmt.Errorf("x_forwarded_for is %t, expected %t", gwConfiguration["x_forwarded_for"], gwConfigurationXForwardedFor) } if gwConfiguration["color"] != gwConfigurationColor { return fmt.Errorf("color is %s, expected %s", gwConfiguration["color"], gwConfigurationColor) } - if gwConfiguration["communication_with_servers_behind_nat"] != gwConfigurationCommunicationWithServersBehindNAT { + if gwConfiguration["communication-with-servers-behind-nat"] != gwConfigurationCommunicationWithServersBehindNAT { return fmt.Errorf("communication_with_servers_behind_nat is %s, expected %s", gwConfiguration["communication_with_servers_behind_nat"], gwConfigurationCommunicationWithServersBehindNAT) } return nil diff --git a/checkpoint/resource_checkpoint_management_cme_gw_configurations_azure.go b/checkpoint/resource_checkpoint_management_cme_gw_configurations_azure.go index e0f8373c..3fdf9512 100644 --- a/checkpoint/resource_checkpoint_management_cme_gw_configurations_azure.go +++ b/checkpoint/resource_checkpoint_management_cme_gw_configurations_azure.go @@ -135,6 +135,31 @@ func resourceManagementCMEGWConfigurationsAzure() *schema.Resource { }, }, }, + "identity_awareness_settings": { + Type: schema.TypeList, + MaxItems: 1, + Optional: true, + Description: "Dictionary of identity awareness settings that can be configured by CME: " + + "enable_cloudguard_controller (enabling IDA Web API) and receive_identities_from (list of PDP gateway to" + + "receive identities from through identity sharing feature)", + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "enable_cloudguard_controller": { + Type: schema.TypeBool, + Required: true, + Description: "Enabling Web API identity source for CloudGuard Controller", + }, + "receive_identities_from": { + Type: schema.TypeList, + Optional: true, + Description: "List of PDP gateways names to receive identities from through identity sharing", + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + }, + }, + }, "repository_gateway_scripts": { Type: schema.TypeList, Optional: true, @@ -265,6 +290,18 @@ func readManagementCMEGWConfigurationsAzure(d *schema.ResourceData, m interface{ bladesListToReturn = append(bladesListToReturn, bladesMapToAdd) _ = d.Set("blades", bladesListToReturn) + var IDASettingsListToReturn []map[string]interface{} + IDASettingsMapToAdd := make(map[string]interface{}) + if AzureGWConfiguration["identity-awareness-settings"] != nil { + IDASettingsMap := AzureGWConfiguration["identity-awareness-settings"].(map[string]interface{}) + IDASettingsMapToAdd["enable_cloudguard_controller"] = IDASettingsMap["enable-cloudguard-controller"] + IDASettingsMapToAdd["receive_identities_from"] = IDASettingsMap["receive-identities-from"] + IDASettingsListToReturn = append(IDASettingsListToReturn, IDASettingsMapToAdd) + _ = d.Set("identity_awareness_settings", IDASettingsListToReturn) + } else { + _ = d.Set("identity_awareness_settings", nil) + } + if AzureGWConfiguration["repository-gateway-scripts"] != nil { scriptsList := AzureGWConfiguration["repository-gateway-scripts"].([]interface{}) if len(scriptsList) > 0 { @@ -411,7 +448,22 @@ func createManagementCMEGWConfigurationsAzure(d *schema.ResourceData, m interfac } payload["blades"] = tempObject } - + if _, ok := d.GetOk("identity_awareness_settings"); ok { + tempObject := make(map[string]interface{}) + if v := d.Get("identity_awareness_settings.0.enable_cloudguard_controller"); v != nil { + tempObject["enable_cloudguard_controller"] = v.(bool) + } + if v, ok := d.GetOk("identity_awareness_settings.0.receive_identities_from"); ok { + tempObject["receive_identities_from"] = v.([]interface{}) + } + payload["identity_awareness_settings"] = tempObject + } else { + if blades, ok := payload["blades"].(map[string]interface{}); ok { + if identityAwareness, ok := blades["identity-awareness"].(bool); ok && identityAwareness { + return fmt.Errorf("'identity_awareness_settings' must be set when 'identity_awareness' blade is enabled") + } + } + } log.Println("Create cme Azure GW configuration - name = ", payload["name"]) url := CmeApiPath + "/gwConfigurations/azure" @@ -540,6 +592,16 @@ func updateManagementCMEGWConfigurationsAzure(d *schema.ResourceData, m interfac } payload["blades"] = tempObject } + if d.HasChange("identity_awareness_settings") { + tempObject := make(map[string]interface{}) + if d.HasChange("identity_awareness_settings.0.enable_cloudguard_controller") { + tempObject["enable_cloudguard_controller"] = d.Get("identity_awareness_settings.0.enable_cloudguard_controller") + } + if d.HasChange("identity_awareness_settings.0.receive_identities_from") { + tempObject["receive_identities_from"] = d.Get("identity_awareness_settings.0.receive_identities_from") + } + payload["identity_awareness_settings"] = tempObject + } var name string if v, ok := d.GetOk("name"); ok { diff --git a/checkpoint/resource_checkpoint_management_cme_gw_configurations_azure_test.go b/checkpoint/resource_checkpoint_management_cme_gw_configurations_azure_test.go index 7f267000..c1cdd503 100644 --- a/checkpoint/resource_checkpoint_management_cme_gw_configurations_azure_test.go +++ b/checkpoint/resource_checkpoint_management_cme_gw_configurations_azure_test.go @@ -14,7 +14,7 @@ func TestAccCheckpointManagementCMEGWConfigurationsAzure_basic(t *testing.T) { resourceName := "checkpoint_management_cme_gw_configurations_azure.gw_configuration_test" accountName := "test-account" gwConfigurationName := "test-gw-configuration" - gwConfigurationVersion := "R81.10" + gwConfigurationVersion := "R82" gwConfigurationBase64SIC := "MTIzNDU2Nzg=" gwConfigurationPolicy := "Standard" gwConfigurationIpv6 := true @@ -43,7 +43,7 @@ func TestAccCheckpointManagementCMEGWConfigurationsAzure_basic(t *testing.T) { Check: resource.ComposeTestCheckFunc( testAccCheckCheckpointManagementCMEGWConfigurationsAzureExists(resourceName, &azureGWConfiguration), testAccCheckCheckpointManagementCMEGWConfigurationsAzureAttributes(&azureGWConfiguration, gwConfigurationName, accountName, gwConfigurationVersion, - gwConfigurationPolicy, true, true, gwConfigurationIpv6, gwConfigurationXForwardedFor, + gwConfigurationPolicy, true, true, true, gwConfigurationIpv6, gwConfigurationXForwardedFor, gwConfigurationColor, gwConfigurationCommunicationWithServersBehindNAT), ), }, @@ -80,7 +80,7 @@ resource "checkpoint_management_cme_accounts_azure" "account_test" { name = "%s" directory_id = "46707d92-02f4-4817-8116-a4c3b23e6266" application_id = "46707d92-02f4-4817-8116-a4c3b23e6266" - client_secret = "mySecret" + client_secret = "abcdef-123456" subscription = "46707d92-02f4-4817-8116-a4c3b23e6266" } @@ -98,12 +98,15 @@ resource "checkpoint_management_cme_gw_configurations_azure" "gw_configuration_t anti_virus = false autonomous_threat_prevention = false content_awareness = false - identity_awareness = false + identity_awareness = true ipsec_vpn = false threat_emulation = false url_filtering = false vpn = false } + identity_awareness_settings { + enable_cloudguard_controller = true + } ipv6 = %t x_forwarded_for = %t color = "%s" @@ -142,7 +145,7 @@ func testAccCheckCheckpointManagementCMEGWConfigurationsAzureExists(resourceTfNa func testAccCheckCheckpointManagementCMEGWConfigurationsAzureAttributes(azureGWConfiguration *map[string]interface{}, gwConfigurationName string, accountName string, gwConfigurationVersion string, gwConfigurationPolicyName string, httpsInspectionFlag bool, - applicationControlFlag bool, gwConfigurationIpv6 bool, gwConfigurationXForwardedFor bool, + applicationControlFlag bool, IDAFlag bool, gwConfigurationIpv6 bool, gwConfigurationXForwardedFor bool, gwConfigurationColor string, gwConfigurationCommunicationWithServersBehindNAT string) resource.TestCheckFunc { return func(s *terraform.State) error { gwConfiguration := (*azureGWConfiguration)["result"].(map[string]interface{}) @@ -161,12 +164,21 @@ func testAccCheckCheckpointManagementCMEGWConfigurationsAzureAttributes(azureGWC blades := gwConfiguration["blades"].(map[string]interface{}) httpsInspection := blades["https-inspection"] applicationControl := blades["application-control"] + IDA := blades["identity-awareness"] if httpsInspection != httpsInspectionFlag { return fmt.Errorf("https inspection is %t, expected %t", httpsInspection, httpsInspectionFlag) } if applicationControl != applicationControlFlag { return fmt.Errorf("application control is %t, expected %t", applicationControl, applicationControlFlag) } + if IDA != IDAFlag { + return fmt.Errorf("identity awareness is %t, expected %t", IDA, IDAFlag) + } + IDASettings := gwConfiguration["identity-awareness-settings"].(map[string]interface{}) + enableCgController := IDASettings["enable-cloudguard-controller"] + if enableCgController != IDAFlag{ + return fmt.Errorf("enable-cloudguard-controller identity source is %t, expected %t", enableCgController, IDAFlag) + } if gwConfiguration["ipv6"] != gwConfigurationIpv6 { return fmt.Errorf("ipv6 is %t, expected %t", gwConfiguration["ipv6"], gwConfigurationIpv6) } @@ -176,7 +188,7 @@ func testAccCheckCheckpointManagementCMEGWConfigurationsAzureAttributes(azureGWC if gwConfiguration["color"] != gwConfigurationColor { return fmt.Errorf("color is %s, expected %s", gwConfiguration["color"], gwConfigurationColor) } - if gwConfiguration["communication_with_servers_behind_nat"] != gwConfigurationCommunicationWithServersBehindNAT { + if gwConfiguration["communication-with-servers-behind-nat"] != gwConfigurationCommunicationWithServersBehindNAT { return fmt.Errorf("communication_with_servers_behind_nat is %s, expected %s", gwConfiguration["communication_with_servers_behind_nat"], gwConfigurationCommunicationWithServersBehindNAT) } return nil diff --git a/checkpoint/resource_checkpoint_management_cme_gw_configurations_gcp.go b/checkpoint/resource_checkpoint_management_cme_gw_configurations_gcp.go index a65a116f..3f0e7499 100644 --- a/checkpoint/resource_checkpoint_management_cme_gw_configurations_gcp.go +++ b/checkpoint/resource_checkpoint_management_cme_gw_configurations_gcp.go @@ -135,6 +135,31 @@ func resourceManagementCMEGWConfigurationsGCP() *schema.Resource { }, }, }, + "identity_awareness_settings": { + Type: schema.TypeList, + MaxItems: 1, + Optional: true, + Description: "Dictionary of identity awareness settings that can be configured by CME: " + + "enable_cloudguard_controller (enabling IDA Web API) and receive_identities_from (list of PDP gateway to" + + "receive identities from through identity sharing feature)", + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "enable_cloudguard_controller": { + Type: schema.TypeBool, + Required: true, + Description: "Enabling Web API identity source for CloudGuard Controller", + }, + "receive_identities_from": { + Type: schema.TypeList, + Optional: true, + Description: "List of PDP gateways names to receive identities from through identity sharing", + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + }, + }, + }, "repository_gateway_scripts": { Type: schema.TypeList, Optional: true, @@ -260,6 +285,18 @@ func readManagementCMEGWConfigurationsGCP(d *schema.ResourceData, m interface{}) bladesListToReturn = append(bladesListToReturn, bladesMapToAdd) _ = d.Set("blades", bladesListToReturn) + var IDASettingsListToReturn []map[string]interface{} + IDASettingsMapToAdd := make(map[string]interface{}) + if GCPGWConfiguration["identity-awareness-settings"] != nil { + IDASettingsMap := GCPGWConfiguration["identity-awareness-settings"].(map[string]interface{}) + IDASettingsMapToAdd["enable_cloudguard_controller"] = IDASettingsMap["enable-cloudguard-controller"] + IDASettingsMapToAdd["receive_identities_from"] = IDASettingsMap["receive-identities-from"] + IDASettingsListToReturn = append(IDASettingsListToReturn, IDASettingsMapToAdd) + _ = d.Set("identity_awareness_settings", IDASettingsListToReturn) + } else { + _ = d.Set("identity_awareness_settings", nil) + } + if GCPGWConfiguration["repository-gateway-scripts"] != nil { scriptsList := GCPGWConfiguration["repository-gateway-scripts"].([]interface{}) if len(scriptsList) > 0 { @@ -401,7 +438,22 @@ func createManagementCMEGWConfigurationsGCP(d *schema.ResourceData, m interface{ } payload["blades"] = tempObject } - + if _, ok := d.GetOk("identity_awareness_settings"); ok { + tempObject := make(map[string]interface{}) + if v := d.Get("identity_awareness_settings.0.enable_cloudguard_controller"); v != nil { + tempObject["enable_cloudguard_controller"] = v.(bool) + } + if v, ok := d.GetOk("identity_awareness_settings.0.receive_identities_from"); ok { + tempObject["receive_identities_from"] = v.([]interface{}) + } + payload["identity_awareness_settings"] = tempObject + } else { + if blades, ok := payload["blades"].(map[string]interface{}); ok { + if identityAwareness, ok := blades["identity-awareness"].(bool); ok && identityAwareness { + return fmt.Errorf("'identity_awareness_settings' must be set when 'identity_awareness' blade is enabled") + } + } + } log.Println("Create cme GCP GW configuration - name = ", payload["name"]) url := CmeApiPath + "/gwConfigurations/gcp" @@ -527,6 +579,16 @@ func updateManagementCMEGWConfigurationsGCP(d *schema.ResourceData, m interface{ } payload["blades"] = tempObject } + if d.HasChange("identity_awareness_settings") { + tempObject := make(map[string]interface{}) + if d.HasChange("identity_awareness_settings.0.enable_cloudguard_controller") { + tempObject["enable_cloudguard_controller"] = d.Get("identity_awareness_settings.0.enable_cloudguard_controller") + } + if d.HasChange("identity_awareness_settings.0.receive_identities_from") { + tempObject["receive_identities_from"] = d.Get("identity_awareness_settings.0.receive_identities_from") + } + payload["identity_awareness_settings"] = tempObject + } var name string if v, ok := d.GetOk("name"); ok { diff --git a/checkpoint/resource_checkpoint_management_cme_gw_configurations_gcp_test.go b/checkpoint/resource_checkpoint_management_cme_gw_configurations_gcp_test.go index e98831e4..09fabac3 100644 --- a/checkpoint/resource_checkpoint_management_cme_gw_configurations_gcp_test.go +++ b/checkpoint/resource_checkpoint_management_cme_gw_configurations_gcp_test.go @@ -14,7 +14,7 @@ func TestAccCheckpointManagementCMEGWConfigurationsGCP_basic(t *testing.T) { resourceName := "checkpoint_management_cme_gw_configurations_gcp.gw_configuration_test" accountName := "test-account" gwConfigurationName := "test-gw-configuration" - gwConfigurationVersion := "R81.20" + gwConfigurationVersion := "R82" gwConfigurationBase64SIC := "MTIzNDU2Nzg=" gwConfigurationPolicy := "Standard" gwConfigurationColor := "blue" @@ -103,6 +103,9 @@ resource "checkpoint_management_cme_gw_configurations_gcp" "gw_configuration_tes url_filtering = false vpn = false } + identity_awareness_settings { + enable_cloudguard_controller = true + } } `, accountName, gwConfigurationName, gwConfigurationVersion, gwConfigurationBase64SIC, gwConfigurationPolicy, gwConfigurationXForwardedFor, gwConfigurationColor, gwConfigurationCommunicationWithServersBehindNAT) @@ -162,13 +165,18 @@ func testAccCheckCheckpointManagementCMEGWConfigurationsGCPAttributes(gcpGWConfi if identityAwareness != identityAwarenessFlag { return fmt.Errorf("identity awareness is %t, expected %t", identityAwareness, identityAwarenessFlag) } + IDASettings := gwConfiguration["identity-awareness-settings"].(map[string]interface{}) + enableCgController := IDASettings["enable-cloudguard-controller"] + if enableCgController != identityAwarenessFlag{ + return fmt.Errorf("enable-cloudguard-controller identity source is %t, expected %t", enableCgController, identityAwarenessFlag) + } if gwConfiguration["x_forwarded_for"] != gwConfigurationXForwardedFor { return fmt.Errorf("x_forwarded_for is %t, expected %t", gwConfiguration["x_forwarded_for"], gwConfigurationXForwardedFor) } if gwConfiguration["color"] != gwConfigurationColor { return fmt.Errorf("color is %s, expected %s", gwConfiguration["color"], gwConfigurationColor) } - if gwConfiguration["communication_with_servers_behind_nat"] != gwConfigurationCommunicationWithServersBehindNAT { + if gwConfiguration["communication-with-servers-behind-nat"] != gwConfigurationCommunicationWithServersBehindNAT { return fmt.Errorf("communication_with_servers_behind_nat is %s, expected %s", gwConfiguration["communication_with_servers_behind_nat"], gwConfigurationCommunicationWithServersBehindNAT) } return nil diff --git a/website/docs/d/checkpoint_management_cme_gw_configurations.html.markdown b/website/docs/d/checkpoint_management_cme_gw_configurations.html.markdown index 01325e39..b4bbf763 100644 --- a/website/docs/d/checkpoint_management_cme_gw_configurations.html.markdown +++ b/website/docs/d/checkpoint_management_cme_gw_configurations.html.markdown @@ -42,6 +42,9 @@ These arguments are supported: * `threat_emulation` - Threat Emulation blade. * `url_filtering` - URL Filtering blade. * `vpn` - VPN blade. + * `identity_awareness_settings` - Dictionary of Identity Awareness settings that can be configured by CME: + * `enable_cloudguard_controller` - Enabling Web API identity source for CloudGuard Controller. + * `receive_identities_from` - List of PDP gateways names to receive identities from through Identity Sharing. * `repository_gateway_scripts` - List of objects that each contain the name/UID of a script that exists in the scripts repository on the Management server. Supports these parameters: * `name` - The name of the script. diff --git a/website/docs/d/checkpoint_management_cme_gw_configurations_aws.html.markdown b/website/docs/d/checkpoint_management_cme_gw_configurations_aws.html.markdown index 8c87627a..f58186ba 100644 --- a/website/docs/d/checkpoint_management_cme_gw_configurations_aws.html.markdown +++ b/website/docs/d/checkpoint_management_cme_gw_configurations_aws.html.markdown @@ -42,6 +42,9 @@ These arguments are supported: * `threat_emulation` - Threat Emulation blade. * `url_filtering` - URL Filtering blade. * `vpn` - VPN blade. +* `identity_awareness_settings` - Dictionary of Identity Awareness settings that can be configured by CME: + * `enable_cloudguard_controller` - Enabling Web API identity source for CloudGuard Controller. + * `receive_identities_from` - List of PDP gateways names to receive identities from through Identity Sharing. * `repository_gateway_scripts` - List of objects that each contain the name/UID of a script that exists in the scripts repository on the Management server. Supports these parameters: * `name` - The name of the script. diff --git a/website/docs/d/checkpoint_management_cme_gw_configurations_azure.html.markdown b/website/docs/d/checkpoint_management_cme_gw_configurations_azure.html.markdown index 491693c5..153f7fb1 100644 --- a/website/docs/d/checkpoint_management_cme_gw_configurations_azure.html.markdown +++ b/website/docs/d/checkpoint_management_cme_gw_configurations_azure.html.markdown @@ -42,6 +42,9 @@ These arguments are supported: * `threat_emulation` - Threat Emulation blade. * `url_filtering` - URL Filtering blade. * `vpn` - VPN blade. +* `identity_awareness_settings` - Dictionary of Identity Awareness settings that can be configured by CME: + * `enable_cloudguard_controller` - Enabling Web API identity source for CloudGuard Controller. + * `receive_identities_from` - List of PDP gateways names to receive identities from through Identity Sharing. * `repository_gateway_scripts` - List of objects that each contain the name/UID of a script that exists in the scripts repository on the Management server. Supports these parameters: * `name` - The name of the script. diff --git a/website/docs/d/checkpoint_management_cme_gw_configurations_gcp.html.markdown b/website/docs/d/checkpoint_management_cme_gw_configurations_gcp.html.markdown index 1405a6a0..5142e15f 100644 --- a/website/docs/d/checkpoint_management_cme_gw_configurations_gcp.html.markdown +++ b/website/docs/d/checkpoint_management_cme_gw_configurations_gcp.html.markdown @@ -42,6 +42,9 @@ These arguments are supported: * `threat_emulation` - Threat Emulation blade. * `url_filtering` - URL Filtering blade. * `vpn` - VPN blade. +* `identity_awareness_settings` - Dictionary of Identity Awareness settings that can be configured by CME: + * `enable_cloudguard_controller` - Enabling Web API identity source for CloudGuard Controller. + * `receive_identities_from` - List of PDP gateways names to receive identities from through Identity Sharing. * `repository_gateway_scripts` - List of objects that each contain the name/UID of a script that exists in the scripts repository on the Management server. Supports these parameters: * `name` - The name of the script. diff --git a/website/docs/index.html.markdown b/website/docs/index.html.markdown index ef259689..ae22056f 100644 --- a/website/docs/index.html.markdown +++ b/website/docs/index.html.markdown @@ -398,6 +398,7 @@ The table below shows the compatibility between the Terraform Release version an | Terraform Release version | CME API version | CME Take | |---------------------------|-----------------|----------------| +| | v1.2.2 | | | v2.8.0 | v1.2 | 279 and higher | | v2.7.0 | v1.1 | 255 and higher | diff --git a/website/docs/r/checkpoint_management_cme_gw_configurations_aws.html.markdown b/website/docs/r/checkpoint_management_cme_gw_configurations_aws.html.markdown index c18e824f..dd47263d 100644 --- a/website/docs/r/checkpoint_management_cme_gw_configurations_aws.html.markdown +++ b/website/docs/r/checkpoint_management_cme_gw_configurations_aws.html.markdown @@ -42,12 +42,16 @@ resource "checkpoint_management_cme_gw_configurations_aws" "gw_config_aws" { application_control = false autonomous_threat_prevention = false content_awareness = false - identity_awareness = false + identity_awareness = true ipsec_vpn = false threat_emulation = false url_filtering = false vpn = false } + identity_awareness_settings { + enable_cloudguard_controller = false + receive_identities_from = ["PDP1", "PDP2"] + } } ``` @@ -73,6 +77,9 @@ These arguments are supported: * `threat_emulation` - (Required) Threat Emulation blade. * `url_filtering` - (Required) URL Filtering blade. * `vpn` - (Required) VPN blade. +* `identity_awareness_settings` - Dictionary of Identity Awareness settings that can be configured by CME: + * `enable_cloudguard_controller` - Enabling Web API identity source for CloudGuard Controller. + * `receive_identities_from` - List of PDP gateways names to receive identities from through Identity Sharing. * `repository_gateway_scripts` - (Optional) List of objects that each contain the name/UID of a script that exists in the scripts repository on the Management server. Supports these parameters: * `name` - (Required) The name of the script. diff --git a/website/docs/r/checkpoint_management_cme_gw_configurations_azure.html.markdown b/website/docs/r/checkpoint_management_cme_gw_configurations_azure.html.markdown index 7e6f8eaf..1a150e74 100644 --- a/website/docs/r/checkpoint_management_cme_gw_configurations_azure.html.markdown +++ b/website/docs/r/checkpoint_management_cme_gw_configurations_azure.html.markdown @@ -42,12 +42,16 @@ resource "checkpoint_management_cme_gw_configurations_azure" "gw_config_azure" { application_control = false autonomous_threat_prevention = false content_awareness = false - identity_awareness = false + identity_awareness = true ipsec_vpn = false threat_emulation = false url_filtering = false vpn = false } + identity_awareness_settings { + enable_cloudguard_controller = false + receive_identities_from = ["PDP1", "PDP2"] + } } ``` @@ -73,6 +77,9 @@ These arguments are supported: * `threat_emulation` - (Required) Threat Emulation blade. * `url_filtering` - (Required) URL Filtering blade. * `vpn` - (Required) VPN blade. +* `identity_awareness_settings` - Dictionary of Identity Awareness settings that can be configured by CME: + * `enable_cloudguard_controller` - Enabling Web API identity source for CloudGuard Controller. + * `receive_identities_from` - List of PDP gateways names to receive identities from through Identity Sharing. * `repository_gateway_scripts` - (Optional) List of objects that each contain the name/UID of a script that exists in the scripts repository on the Management server. Supports these parameters: * `name` - (Required) The name of the script. diff --git a/website/docs/r/checkpoint_management_cme_gw_configurations_gcp.html.markdown b/website/docs/r/checkpoint_management_cme_gw_configurations_gcp.html.markdown index 6e5365c7..3247aaa4 100644 --- a/website/docs/r/checkpoint_management_cme_gw_configurations_gcp.html.markdown +++ b/website/docs/r/checkpoint_management_cme_gw_configurations_gcp.html.markdown @@ -40,12 +40,16 @@ resource "checkpoint_management_cme_gw_configurations_gcp" "gw_config_gcp" { application_control = false autonomous_threat_prevention = false content_awareness = false - identity_awareness = false + identity_awareness = true ipsec_vpn = false threat_emulation = false url_filtering = false vpn = false } + identity_awareness_settings { + enable_cloudguard_controller = false + receive_identities_from = ["PDP1", "PDP2"] + } } ``` @@ -71,6 +75,9 @@ These arguments are supported: * `threat_emulation` - (Required) Threat Emulation blade. * `url_filtering` - (Required) URL Filtering blade. * `vpn` - (Required) VPN blade. +* `identity_awareness_settings` - Dictionary of Identity Awareness settings that can be configured by CME: + * `enable_cloudguard_controller` - Enabling Web API identity source for CloudGuard Controller. + * `receive_identities_from` - List of PDP gateways names to receive identities from through Identity Sharing. * `repository_gateway_scripts` - (Optional) List of objects that each contain the name/UID of a script that exists in the scripts repository on the Management server. Supports these parameters: * `name` - (Required) The name of the script. From 3de4bd08c6d8cfd69928e414dfbe47d81d68702e Mon Sep 17 00:00:00 2001 From: nimrodgab Date: Tue, 19 Nov 2024 18:27:54 +0200 Subject: [PATCH 2/7] Updated documentation --- .../data_source_checkpoint_management_cme_gw_configurations.go | 2 +- ...ta_source_checkpoint_management_cme_gw_configurations_aws.go | 2 +- ..._source_checkpoint_management_cme_gw_configurations_azure.go | 2 +- ...ta_source_checkpoint_management_cme_gw_configurations_gcp.go | 2 +- .../resource_checkpoint_management_cme_gw_configurations_aws.go | 2 +- ...esource_checkpoint_management_cme_gw_configurations_azure.go | 2 +- .../resource_checkpoint_management_cme_gw_configurations_gcp.go | 2 +- .../d/checkpoint_management_cme_gw_configurations.html.markdown | 2 +- ...heckpoint_management_cme_gw_configurations_aws.html.markdown | 2 +- ...ckpoint_management_cme_gw_configurations_azure.html.markdown | 2 +- ...heckpoint_management_cme_gw_configurations_gcp.html.markdown | 2 +- ...heckpoint_management_cme_gw_configurations_aws.html.markdown | 2 +- ...ckpoint_management_cme_gw_configurations_azure.html.markdown | 2 +- ...heckpoint_management_cme_gw_configurations_gcp.html.markdown | 2 +- 14 files changed, 14 insertions(+), 14 deletions(-) diff --git a/checkpoint/data_source_checkpoint_management_cme_gw_configurations.go b/checkpoint/data_source_checkpoint_management_cme_gw_configurations.go index b7fdb7b3..79f72756 100755 --- a/checkpoint/data_source_checkpoint_management_cme_gw_configurations.go +++ b/checkpoint/data_source_checkpoint_management_cme_gw_configurations.go @@ -138,7 +138,7 @@ func dataSourceManagementCMEGWConfigurations() *schema.Resource { Type: schema.TypeList, MaxItems: 1, Computed: true, - Description: "Dictionary of identity awareness settings that can be configured by CME: " + + Description: "Dictionary of identity awareness settings that can be configured on the gateway: " + "enable_cloudguard_controller (enabling IDA Web API) and receive_identities_from (list of PDP gateway to" + "receive identities from through identity sharing feature)", Elem: &schema.Resource{ diff --git a/checkpoint/data_source_checkpoint_management_cme_gw_configurations_aws.go b/checkpoint/data_source_checkpoint_management_cme_gw_configurations_aws.go index 9e0c06a8..2d38e80f 100644 --- a/checkpoint/data_source_checkpoint_management_cme_gw_configurations_aws.go +++ b/checkpoint/data_source_checkpoint_management_cme_gw_configurations_aws.go @@ -133,7 +133,7 @@ func dataSourceManagementCMEGWConfigurationsAWS() *schema.Resource { Type: schema.TypeList, MaxItems: 1, Computed: true, - Description: "Dictionary of identity awareness settings that can be configured by CME: " + + Description: "Dictionary of identity awareness settings that can be configured on the gateway: " + "enable_cloudguard_controller (enabling IDA Web API) and receive_identities_from (list of PDP gateway to" + "receive identities from through identity sharing feature)", Elem: &schema.Resource{ diff --git a/checkpoint/data_source_checkpoint_management_cme_gw_configurations_azure.go b/checkpoint/data_source_checkpoint_management_cme_gw_configurations_azure.go index 012816f5..7e9dfea0 100644 --- a/checkpoint/data_source_checkpoint_management_cme_gw_configurations_azure.go +++ b/checkpoint/data_source_checkpoint_management_cme_gw_configurations_azure.go @@ -111,7 +111,7 @@ func dataSourceManagementCMEGWConfigurationsAzure() *schema.Resource { Type: schema.TypeList, MaxItems: 1, Computed: true, - Description: "Dictionary of identity awareness settings that can be configured by CME: " + + Description: "Dictionary of identity awareness settings that can be configured on the gateway: " + "enable_cloudguard_controller (enabling IDA Web API) and receive_identities_from (list of PDP gateway to" + "receive identities from through identity sharing feature)", Elem: &schema.Resource{ diff --git a/checkpoint/data_source_checkpoint_management_cme_gw_configurations_gcp.go b/checkpoint/data_source_checkpoint_management_cme_gw_configurations_gcp.go index 70307c3f..d683ce2e 100644 --- a/checkpoint/data_source_checkpoint_management_cme_gw_configurations_gcp.go +++ b/checkpoint/data_source_checkpoint_management_cme_gw_configurations_gcp.go @@ -132,7 +132,7 @@ func dataSourceManagementCMEGWConfigurationsGCP() *schema.Resource { Type: schema.TypeList, MaxItems: 1, Computed: true, - Description: "Dictionary of identity awareness settings that can be configured by CME: " + + Description: "Dictionary of identity awareness settings that can be configured on the gateway: " + "enable_cloudguard_controller (enabling IDA Web API) and receive_identities_from (list of PDP gateway to" + "receive identities from through identity sharing feature)", Elem: &schema.Resource{ diff --git a/checkpoint/resource_checkpoint_management_cme_gw_configurations_aws.go b/checkpoint/resource_checkpoint_management_cme_gw_configurations_aws.go index e7a986b7..b57a7d52 100644 --- a/checkpoint/resource_checkpoint_management_cme_gw_configurations_aws.go +++ b/checkpoint/resource_checkpoint_management_cme_gw_configurations_aws.go @@ -140,7 +140,7 @@ func resourceManagementCMEGWConfigurationsAWS() *schema.Resource { Type: schema.TypeList, MaxItems: 1, Optional: true, - Description: "Dictionary of identity awareness settings that can be configured by CME: " + + Description: "Dictionary of identity awareness settings that can be configured on the gateway: " + "enable_cloudguard_controller (enabling IDA Web API) and receive_identities_from (list of PDP gateway to" + "receive identities from through identity sharing feature)", Elem: &schema.Resource{ diff --git a/checkpoint/resource_checkpoint_management_cme_gw_configurations_azure.go b/checkpoint/resource_checkpoint_management_cme_gw_configurations_azure.go index 3fdf9512..86af7eab 100644 --- a/checkpoint/resource_checkpoint_management_cme_gw_configurations_azure.go +++ b/checkpoint/resource_checkpoint_management_cme_gw_configurations_azure.go @@ -139,7 +139,7 @@ func resourceManagementCMEGWConfigurationsAzure() *schema.Resource { Type: schema.TypeList, MaxItems: 1, Optional: true, - Description: "Dictionary of identity awareness settings that can be configured by CME: " + + Description: "Dictionary of identity awareness settings that can be configured on the gateway: " + "enable_cloudguard_controller (enabling IDA Web API) and receive_identities_from (list of PDP gateway to" + "receive identities from through identity sharing feature)", Elem: &schema.Resource{ diff --git a/checkpoint/resource_checkpoint_management_cme_gw_configurations_gcp.go b/checkpoint/resource_checkpoint_management_cme_gw_configurations_gcp.go index 3f0e7499..4ed0dd7b 100644 --- a/checkpoint/resource_checkpoint_management_cme_gw_configurations_gcp.go +++ b/checkpoint/resource_checkpoint_management_cme_gw_configurations_gcp.go @@ -139,7 +139,7 @@ func resourceManagementCMEGWConfigurationsGCP() *schema.Resource { Type: schema.TypeList, MaxItems: 1, Optional: true, - Description: "Dictionary of identity awareness settings that can be configured by CME: " + + Description: "Dictionary of identity awareness settings that can be configured on the gateway: " + "enable_cloudguard_controller (enabling IDA Web API) and receive_identities_from (list of PDP gateway to" + "receive identities from through identity sharing feature)", Elem: &schema.Resource{ diff --git a/website/docs/d/checkpoint_management_cme_gw_configurations.html.markdown b/website/docs/d/checkpoint_management_cme_gw_configurations.html.markdown index b4bbf763..9a82e222 100644 --- a/website/docs/d/checkpoint_management_cme_gw_configurations.html.markdown +++ b/website/docs/d/checkpoint_management_cme_gw_configurations.html.markdown @@ -42,7 +42,7 @@ These arguments are supported: * `threat_emulation` - Threat Emulation blade. * `url_filtering` - URL Filtering blade. * `vpn` - VPN blade. - * `identity_awareness_settings` - Dictionary of Identity Awareness settings that can be configured by CME: + * `identity_awareness_settings` - Dictionary of Identity Awareness settings that can be configured on the gateway: * `enable_cloudguard_controller` - Enabling Web API identity source for CloudGuard Controller. * `receive_identities_from` - List of PDP gateways names to receive identities from through Identity Sharing. * `repository_gateway_scripts` - List of objects that each contain the name/UID of a script that exists in the diff --git a/website/docs/d/checkpoint_management_cme_gw_configurations_aws.html.markdown b/website/docs/d/checkpoint_management_cme_gw_configurations_aws.html.markdown index f58186ba..dd35291b 100644 --- a/website/docs/d/checkpoint_management_cme_gw_configurations_aws.html.markdown +++ b/website/docs/d/checkpoint_management_cme_gw_configurations_aws.html.markdown @@ -42,7 +42,7 @@ These arguments are supported: * `threat_emulation` - Threat Emulation blade. * `url_filtering` - URL Filtering blade. * `vpn` - VPN blade. -* `identity_awareness_settings` - Dictionary of Identity Awareness settings that can be configured by CME: +* `identity_awareness_settings` - Dictionary of Identity Awareness settings that can be configured on the gateway: * `enable_cloudguard_controller` - Enabling Web API identity source for CloudGuard Controller. * `receive_identities_from` - List of PDP gateways names to receive identities from through Identity Sharing. * `repository_gateway_scripts` - List of objects that each contain the name/UID of a script that exists in the scripts diff --git a/website/docs/d/checkpoint_management_cme_gw_configurations_azure.html.markdown b/website/docs/d/checkpoint_management_cme_gw_configurations_azure.html.markdown index 153f7fb1..166a73af 100644 --- a/website/docs/d/checkpoint_management_cme_gw_configurations_azure.html.markdown +++ b/website/docs/d/checkpoint_management_cme_gw_configurations_azure.html.markdown @@ -42,7 +42,7 @@ These arguments are supported: * `threat_emulation` - Threat Emulation blade. * `url_filtering` - URL Filtering blade. * `vpn` - VPN blade. -* `identity_awareness_settings` - Dictionary of Identity Awareness settings that can be configured by CME: +* `identity_awareness_settings` - Dictionary of Identity Awareness settings that can be configured on the gateway: * `enable_cloudguard_controller` - Enabling Web API identity source for CloudGuard Controller. * `receive_identities_from` - List of PDP gateways names to receive identities from through Identity Sharing. * `repository_gateway_scripts` - List of objects that each contain the name/UID of a script that exists in the scripts diff --git a/website/docs/d/checkpoint_management_cme_gw_configurations_gcp.html.markdown b/website/docs/d/checkpoint_management_cme_gw_configurations_gcp.html.markdown index 5142e15f..9292042d 100644 --- a/website/docs/d/checkpoint_management_cme_gw_configurations_gcp.html.markdown +++ b/website/docs/d/checkpoint_management_cme_gw_configurations_gcp.html.markdown @@ -42,7 +42,7 @@ These arguments are supported: * `threat_emulation` - Threat Emulation blade. * `url_filtering` - URL Filtering blade. * `vpn` - VPN blade. -* `identity_awareness_settings` - Dictionary of Identity Awareness settings that can be configured by CME: +* `identity_awareness_settings` - Dictionary of Identity Awareness settings that can be configured on the gateway: * `enable_cloudguard_controller` - Enabling Web API identity source for CloudGuard Controller. * `receive_identities_from` - List of PDP gateways names to receive identities from through Identity Sharing. * `repository_gateway_scripts` - List of objects that each contain the name/UID of a script that exists in the scripts diff --git a/website/docs/r/checkpoint_management_cme_gw_configurations_aws.html.markdown b/website/docs/r/checkpoint_management_cme_gw_configurations_aws.html.markdown index dd47263d..34994674 100644 --- a/website/docs/r/checkpoint_management_cme_gw_configurations_aws.html.markdown +++ b/website/docs/r/checkpoint_management_cme_gw_configurations_aws.html.markdown @@ -77,7 +77,7 @@ These arguments are supported: * `threat_emulation` - (Required) Threat Emulation blade. * `url_filtering` - (Required) URL Filtering blade. * `vpn` - (Required) VPN blade. -* `identity_awareness_settings` - Dictionary of Identity Awareness settings that can be configured by CME: +* `identity_awareness_settings` - Dictionary of Identity Awareness settings that can be configured on the gateway: * `enable_cloudguard_controller` - Enabling Web API identity source for CloudGuard Controller. * `receive_identities_from` - List of PDP gateways names to receive identities from through Identity Sharing. * `repository_gateway_scripts` - (Optional) List of objects that each contain the name/UID of a script that exists in diff --git a/website/docs/r/checkpoint_management_cme_gw_configurations_azure.html.markdown b/website/docs/r/checkpoint_management_cme_gw_configurations_azure.html.markdown index 1a150e74..8460d276 100644 --- a/website/docs/r/checkpoint_management_cme_gw_configurations_azure.html.markdown +++ b/website/docs/r/checkpoint_management_cme_gw_configurations_azure.html.markdown @@ -77,7 +77,7 @@ These arguments are supported: * `threat_emulation` - (Required) Threat Emulation blade. * `url_filtering` - (Required) URL Filtering blade. * `vpn` - (Required) VPN blade. -* `identity_awareness_settings` - Dictionary of Identity Awareness settings that can be configured by CME: +* `identity_awareness_settings` - Dictionary of Identity Awareness settings that can be configured on the gateway: * `enable_cloudguard_controller` - Enabling Web API identity source for CloudGuard Controller. * `receive_identities_from` - List of PDP gateways names to receive identities from through Identity Sharing. * `repository_gateway_scripts` - (Optional) List of objects that each contain the name/UID of a script that exists in diff --git a/website/docs/r/checkpoint_management_cme_gw_configurations_gcp.html.markdown b/website/docs/r/checkpoint_management_cme_gw_configurations_gcp.html.markdown index 3247aaa4..ab1e8b9e 100644 --- a/website/docs/r/checkpoint_management_cme_gw_configurations_gcp.html.markdown +++ b/website/docs/r/checkpoint_management_cme_gw_configurations_gcp.html.markdown @@ -75,7 +75,7 @@ These arguments are supported: * `threat_emulation` - (Required) Threat Emulation blade. * `url_filtering` - (Required) URL Filtering blade. * `vpn` - (Required) VPN blade. -* `identity_awareness_settings` - Dictionary of Identity Awareness settings that can be configured by CME: +* `identity_awareness_settings` - Dictionary of Identity Awareness settings that can be configured on the gateway: * `enable_cloudguard_controller` - Enabling Web API identity source for CloudGuard Controller. * `receive_identities_from` - List of PDP gateways names to receive identities from through Identity Sharing. * `repository_gateway_scripts` - (Optional) List of objects that each contain the name/UID of a script that exists in From b76ec29712054ba75ba59b0c339566f5be2e17d3 Mon Sep 17 00:00:00 2001 From: nimrodgab Date: Wed, 20 Nov 2024 14:38:28 +0200 Subject: [PATCH 3/7] Updated documentation --- ...ta_source_checkpoint_management_cme_gw_configurations.go | 4 ++-- ...ource_checkpoint_management_cme_gw_configurations_aws.go | 4 ++-- ...rce_checkpoint_management_cme_gw_configurations_azure.go | 4 ++-- ...ource_checkpoint_management_cme_gw_configurations_gcp.go | 4 ++-- ...ource_checkpoint_management_cme_gw_configurations_aws.go | 4 ++-- ...rce_checkpoint_management_cme_gw_configurations_azure.go | 4 ++-- ...ource_checkpoint_management_cme_gw_configurations_gcp.go | 4 ++-- ...heckpoint_management_cme_gw_configurations.html.markdown | 4 ++-- ...point_management_cme_gw_configurations_aws.html.markdown | 4 ++-- ...int_management_cme_gw_configurations_azure.html.markdown | 4 ++-- ...point_management_cme_gw_configurations_gcp.html.markdown | 4 ++-- ...point_management_cme_gw_configurations_aws.html.markdown | 6 +++--- ...int_management_cme_gw_configurations_azure.html.markdown | 6 +++--- ...point_management_cme_gw_configurations_gcp.html.markdown | 6 +++--- 14 files changed, 31 insertions(+), 31 deletions(-) diff --git a/checkpoint/data_source_checkpoint_management_cme_gw_configurations.go b/checkpoint/data_source_checkpoint_management_cme_gw_configurations.go index 79f72756..d3e51aa7 100755 --- a/checkpoint/data_source_checkpoint_management_cme_gw_configurations.go +++ b/checkpoint/data_source_checkpoint_management_cme_gw_configurations.go @@ -146,12 +146,12 @@ func dataSourceManagementCMEGWConfigurations() *schema.Resource { "enable_cloudguard_controller": { Type: schema.TypeBool, Computed: true, - Description: "Enabling Web API identity source for CloudGuard Controller", + Description: "Enable the Web API identity source for CloudGuard Controller", }, "receive_identities_from": { Type: schema.TypeList, Computed: true, - Description: "List of PDP gateways names to receive identities from through identity sharing", + Description: "List of PDP gateway names from which to receive identities through Identity Sharing", Elem: &schema.Schema{ Type: schema.TypeString, }, diff --git a/checkpoint/data_source_checkpoint_management_cme_gw_configurations_aws.go b/checkpoint/data_source_checkpoint_management_cme_gw_configurations_aws.go index 2d38e80f..6a1bce21 100644 --- a/checkpoint/data_source_checkpoint_management_cme_gw_configurations_aws.go +++ b/checkpoint/data_source_checkpoint_management_cme_gw_configurations_aws.go @@ -141,12 +141,12 @@ func dataSourceManagementCMEGWConfigurationsAWS() *schema.Resource { "enable_cloudguard_controller": { Type: schema.TypeBool, Computed: true, - Description: "Enabling Web API identity source for CloudGuard Controller", + Description: "Enable the Web API identity source for CloudGuard Controller", }, "receive_identities_from": { Type: schema.TypeList, Computed: true, - Description: "List of PDP gateways names to receive identities from through identity sharing", + Description: "List of PDP gateway names from which to receive identities through Identity Sharing", Elem: &schema.Schema{ Type: schema.TypeString, }, diff --git a/checkpoint/data_source_checkpoint_management_cme_gw_configurations_azure.go b/checkpoint/data_source_checkpoint_management_cme_gw_configurations_azure.go index 7e9dfea0..b051ecda 100644 --- a/checkpoint/data_source_checkpoint_management_cme_gw_configurations_azure.go +++ b/checkpoint/data_source_checkpoint_management_cme_gw_configurations_azure.go @@ -119,12 +119,12 @@ func dataSourceManagementCMEGWConfigurationsAzure() *schema.Resource { "enable_cloudguard_controller": { Type: schema.TypeBool, Computed: true, - Description: "Enabling Web API identity source for CloudGuard Controller", + Description: "Enable the Web API identity source for CloudGuard Controller", }, "receive_identities_from": { Type: schema.TypeList, Computed: true, - Description: "List of PDP gateways names to receive identities from through identity sharing", + Description: "List of PDP gateway names from which to receive identities through Identity Sharing", Elem: &schema.Schema{ Type: schema.TypeString, }, diff --git a/checkpoint/data_source_checkpoint_management_cme_gw_configurations_gcp.go b/checkpoint/data_source_checkpoint_management_cme_gw_configurations_gcp.go index d683ce2e..7f3de4d3 100644 --- a/checkpoint/data_source_checkpoint_management_cme_gw_configurations_gcp.go +++ b/checkpoint/data_source_checkpoint_management_cme_gw_configurations_gcp.go @@ -140,12 +140,12 @@ func dataSourceManagementCMEGWConfigurationsGCP() *schema.Resource { "enable_cloudguard_controller": { Type: schema.TypeBool, Computed: true, - Description: "Enabling Web API identity source for CloudGuard Controller", + Description: "Enable the Web API identity source for CloudGuard Controller", }, "receive_identities_from": { Type: schema.TypeList, Computed: true, - Description: "List of PDP gateways names to receive identities from through identity sharing", + Description: "List of PDP gateway names from which to receive identities through Identity Sharing", Elem: &schema.Schema{ Type: schema.TypeString, }, diff --git a/checkpoint/resource_checkpoint_management_cme_gw_configurations_aws.go b/checkpoint/resource_checkpoint_management_cme_gw_configurations_aws.go index b57a7d52..c0993e6a 100644 --- a/checkpoint/resource_checkpoint_management_cme_gw_configurations_aws.go +++ b/checkpoint/resource_checkpoint_management_cme_gw_configurations_aws.go @@ -148,12 +148,12 @@ func resourceManagementCMEGWConfigurationsAWS() *schema.Resource { "enable_cloudguard_controller": { Type: schema.TypeBool, Required: true, - Description: "Enabling Web API identity source for CloudGuard Controller", + Description: "Enable the Web API identity source for CloudGuard Controller", }, "receive_identities_from": { Type: schema.TypeList, Optional: true, - Description: "List of PDP gateways names to receive identities from through identity sharing", + Description: "List of PDP gateway names from which to receive identities through Identity Sharing", Elem: &schema.Schema{ Type: schema.TypeString, }, diff --git a/checkpoint/resource_checkpoint_management_cme_gw_configurations_azure.go b/checkpoint/resource_checkpoint_management_cme_gw_configurations_azure.go index 86af7eab..ce9103d9 100644 --- a/checkpoint/resource_checkpoint_management_cme_gw_configurations_azure.go +++ b/checkpoint/resource_checkpoint_management_cme_gw_configurations_azure.go @@ -147,12 +147,12 @@ func resourceManagementCMEGWConfigurationsAzure() *schema.Resource { "enable_cloudguard_controller": { Type: schema.TypeBool, Required: true, - Description: "Enabling Web API identity source for CloudGuard Controller", + Description: "Enable the Web API identity source for CloudGuard Controller", }, "receive_identities_from": { Type: schema.TypeList, Optional: true, - Description: "List of PDP gateways names to receive identities from through identity sharing", + Description: "List of PDP gateway names from which to receive identities through Identity Sharing", Elem: &schema.Schema{ Type: schema.TypeString, }, diff --git a/checkpoint/resource_checkpoint_management_cme_gw_configurations_gcp.go b/checkpoint/resource_checkpoint_management_cme_gw_configurations_gcp.go index 4ed0dd7b..7f1f9ee9 100644 --- a/checkpoint/resource_checkpoint_management_cme_gw_configurations_gcp.go +++ b/checkpoint/resource_checkpoint_management_cme_gw_configurations_gcp.go @@ -147,12 +147,12 @@ func resourceManagementCMEGWConfigurationsGCP() *schema.Resource { "enable_cloudguard_controller": { Type: schema.TypeBool, Required: true, - Description: "Enabling Web API identity source for CloudGuard Controller", + Description: "Enable the Web API identity source for CloudGuard Controller", }, "receive_identities_from": { Type: schema.TypeList, Optional: true, - Description: "List of PDP gateways names to receive identities from through identity sharing", + Description: "List of PDP gateway names from which to receive identities through Identity Sharing", Elem: &schema.Schema{ Type: schema.TypeString, }, diff --git a/website/docs/d/checkpoint_management_cme_gw_configurations.html.markdown b/website/docs/d/checkpoint_management_cme_gw_configurations.html.markdown index 9a82e222..c512c6b4 100644 --- a/website/docs/d/checkpoint_management_cme_gw_configurations.html.markdown +++ b/website/docs/d/checkpoint_management_cme_gw_configurations.html.markdown @@ -43,8 +43,8 @@ These arguments are supported: * `url_filtering` - URL Filtering blade. * `vpn` - VPN blade. * `identity_awareness_settings` - Dictionary of Identity Awareness settings that can be configured on the gateway: - * `enable_cloudguard_controller` - Enabling Web API identity source for CloudGuard Controller. - * `receive_identities_from` - List of PDP gateways names to receive identities from through Identity Sharing. + * `enable_cloudguard_controller` - Enable the Web API identity source for CloudGuard Controller. + * `receive_identities_from` - List of PDP gateway names from which to receive identities through Identity Sharing. * `repository_gateway_scripts` - List of objects that each contain the name/UID of a script that exists in the scripts repository on the Management server. Supports these parameters: * `name` - The name of the script. diff --git a/website/docs/d/checkpoint_management_cme_gw_configurations_aws.html.markdown b/website/docs/d/checkpoint_management_cme_gw_configurations_aws.html.markdown index dd35291b..3c445ba2 100644 --- a/website/docs/d/checkpoint_management_cme_gw_configurations_aws.html.markdown +++ b/website/docs/d/checkpoint_management_cme_gw_configurations_aws.html.markdown @@ -43,8 +43,8 @@ These arguments are supported: * `url_filtering` - URL Filtering blade. * `vpn` - VPN blade. * `identity_awareness_settings` - Dictionary of Identity Awareness settings that can be configured on the gateway: - * `enable_cloudguard_controller` - Enabling Web API identity source for CloudGuard Controller. - * `receive_identities_from` - List of PDP gateways names to receive identities from through Identity Sharing. + * `enable_cloudguard_controller` - Enable the Web API identity source for CloudGuard Controller. + * `receive_identities_from` - List of PDP gateway names from which to receive identities through Identity Sharing. * `repository_gateway_scripts` - List of objects that each contain the name/UID of a script that exists in the scripts repository on the Management server. Supports these parameters: * `name` - The name of the script. diff --git a/website/docs/d/checkpoint_management_cme_gw_configurations_azure.html.markdown b/website/docs/d/checkpoint_management_cme_gw_configurations_azure.html.markdown index 166a73af..cd51ef8a 100644 --- a/website/docs/d/checkpoint_management_cme_gw_configurations_azure.html.markdown +++ b/website/docs/d/checkpoint_management_cme_gw_configurations_azure.html.markdown @@ -43,8 +43,8 @@ These arguments are supported: * `url_filtering` - URL Filtering blade. * `vpn` - VPN blade. * `identity_awareness_settings` - Dictionary of Identity Awareness settings that can be configured on the gateway: - * `enable_cloudguard_controller` - Enabling Web API identity source for CloudGuard Controller. - * `receive_identities_from` - List of PDP gateways names to receive identities from through Identity Sharing. + * `enable_cloudguard_controller` - Enable the Web API identity source for CloudGuard Controller. + * `receive_identities_from` - List of PDP gateway names from which to receive identities through Identity Sharing. * `repository_gateway_scripts` - List of objects that each contain the name/UID of a script that exists in the scripts repository on the Management server. Supports these parameters: * `name` - The name of the script. diff --git a/website/docs/d/checkpoint_management_cme_gw_configurations_gcp.html.markdown b/website/docs/d/checkpoint_management_cme_gw_configurations_gcp.html.markdown index 9292042d..b15a9bd7 100644 --- a/website/docs/d/checkpoint_management_cme_gw_configurations_gcp.html.markdown +++ b/website/docs/d/checkpoint_management_cme_gw_configurations_gcp.html.markdown @@ -43,8 +43,8 @@ These arguments are supported: * `url_filtering` - URL Filtering blade. * `vpn` - VPN blade. * `identity_awareness_settings` - Dictionary of Identity Awareness settings that can be configured on the gateway: - * `enable_cloudguard_controller` - Enabling Web API identity source for CloudGuard Controller. - * `receive_identities_from` - List of PDP gateways names to receive identities from through Identity Sharing. + * `enable_cloudguard_controller` - Enable the Web API identity source for CloudGuard Controller. + * `receive_identities_from` - List of PDP gateway names from which to receive identities through Identity Sharing. * `repository_gateway_scripts` - List of objects that each contain the name/UID of a script that exists in the scripts repository on the Management server. Supports these parameters: * `name` - The name of the script. diff --git a/website/docs/r/checkpoint_management_cme_gw_configurations_aws.html.markdown b/website/docs/r/checkpoint_management_cme_gw_configurations_aws.html.markdown index 34994674..92786649 100644 --- a/website/docs/r/checkpoint_management_cme_gw_configurations_aws.html.markdown +++ b/website/docs/r/checkpoint_management_cme_gw_configurations_aws.html.markdown @@ -77,9 +77,9 @@ These arguments are supported: * `threat_emulation` - (Required) Threat Emulation blade. * `url_filtering` - (Required) URL Filtering blade. * `vpn` - (Required) VPN blade. -* `identity_awareness_settings` - Dictionary of Identity Awareness settings that can be configured on the gateway: - * `enable_cloudguard_controller` - Enabling Web API identity source for CloudGuard Controller. - * `receive_identities_from` - List of PDP gateways names to receive identities from through Identity Sharing. +* `identity_awareness_settings` - (Optional) Dictionary of Identity Awareness settings that can be configured on the gateway: + * `enable_cloudguard_controller` - (Required) Enable the Web API identity source for CloudGuard Controller. + * `receive_identities_from` - (Optional) List of PDP gateway names from which to receive identities through Identity Sharing. * `repository_gateway_scripts` - (Optional) List of objects that each contain the name/UID of a script that exists in the scripts repository on the Management server. Supports these parameters: * `name` - (Required) The name of the script. diff --git a/website/docs/r/checkpoint_management_cme_gw_configurations_azure.html.markdown b/website/docs/r/checkpoint_management_cme_gw_configurations_azure.html.markdown index 8460d276..ff47a43f 100644 --- a/website/docs/r/checkpoint_management_cme_gw_configurations_azure.html.markdown +++ b/website/docs/r/checkpoint_management_cme_gw_configurations_azure.html.markdown @@ -77,9 +77,9 @@ These arguments are supported: * `threat_emulation` - (Required) Threat Emulation blade. * `url_filtering` - (Required) URL Filtering blade. * `vpn` - (Required) VPN blade. -* `identity_awareness_settings` - Dictionary of Identity Awareness settings that can be configured on the gateway: - * `enable_cloudguard_controller` - Enabling Web API identity source for CloudGuard Controller. - * `receive_identities_from` - List of PDP gateways names to receive identities from through Identity Sharing. +* `identity_awareness_settings` - (Optional) Dictionary of Identity Awareness settings that can be configured on the gateway: + * `enable_cloudguard_controller` - (Required) Enable the Web API identity source for CloudGuard Controller. + * `receive_identities_from` - (Optional) List of PDP gateway names from which to receive identities through Identity Sharing. * `repository_gateway_scripts` - (Optional) List of objects that each contain the name/UID of a script that exists in the scripts repository on the Management server. Supports these parameters: * `name` - (Required) The name of the script. diff --git a/website/docs/r/checkpoint_management_cme_gw_configurations_gcp.html.markdown b/website/docs/r/checkpoint_management_cme_gw_configurations_gcp.html.markdown index ab1e8b9e..83c410e1 100644 --- a/website/docs/r/checkpoint_management_cme_gw_configurations_gcp.html.markdown +++ b/website/docs/r/checkpoint_management_cme_gw_configurations_gcp.html.markdown @@ -75,9 +75,9 @@ These arguments are supported: * `threat_emulation` - (Required) Threat Emulation blade. * `url_filtering` - (Required) URL Filtering blade. * `vpn` - (Required) VPN blade. -* `identity_awareness_settings` - Dictionary of Identity Awareness settings that can be configured on the gateway: - * `enable_cloudguard_controller` - Enabling Web API identity source for CloudGuard Controller. - * `receive_identities_from` - List of PDP gateways names to receive identities from through Identity Sharing. +* `identity_awareness_settings` - (Optional) Dictionary of Identity Awareness settings that can be configured on the gateway: + * `enable_cloudguard_controller` - (Required) Enable the Web API identity source for CloudGuard Controller. + * `receive_identities_from` - (Optional) List of PDP gateway names from which to receive identities through Identity Sharing. * `repository_gateway_scripts` - (Optional) List of objects that each contain the name/UID of a script that exists in the scripts repository on the Management server. Supports these parameters: * `name` - (Required) The name of the script. From 2dea7677e2d6f9eb2abfd9c893b6e8ec30d74f7c Mon Sep 17 00:00:00 2001 From: nimrodgab Date: Tue, 26 Nov 2024 09:14:18 +0200 Subject: [PATCH 4/7] Updated documentation for CME --- website/docs/index.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/index.html.markdown b/website/docs/index.html.markdown index ae22056f..f6fe7544 100644 --- a/website/docs/index.html.markdown +++ b/website/docs/index.html.markdown @@ -398,7 +398,7 @@ The table below shows the compatibility between the Terraform Release version an | Terraform Release version | CME API version | CME Take | |---------------------------|-----------------|----------------| -| | v1.2.2 | | +| v2.9.0 | v1.2.2 | 289 and higher | | v2.8.0 | v1.2 | 279 and higher | | v2.7.0 | v1.1 | 255 and higher | From fd7aee55630579d2a4d4882b782859ed58708b6c Mon Sep 17 00:00:00 2001 From: nimrodgab Date: Thu, 28 Nov 2024 09:35:40 +0200 Subject: [PATCH 5/7] Fix CR comments --- ...rce_checkpoint_management_cme_gw_configurations_aws.go | 8 +------- ...e_checkpoint_management_cme_gw_configurations_azure.go | 8 +------- ...rce_checkpoint_management_cme_gw_configurations_gcp.go | 8 +------- .../d/checkpoint_management_cme_accounts.html.markdown | 2 +- .../checkpoint_management_cme_accounts_aws.html.markdown | 2 +- ...checkpoint_management_cme_accounts_azure.html.markdown | 2 +- .../checkpoint_management_cme_accounts_gcp.html.markdown | 2 +- .../checkpoint_management_cme_api_versions.html.markdown | 2 +- .../d/checkpoint_management_cme_delay_cycle.html.markdown | 2 +- ...ckpoint_management_cme_gw_configurations.html.markdown | 2 +- ...int_management_cme_gw_configurations_aws.html.markdown | 2 +- ...t_management_cme_gw_configurations_azure.html.markdown | 2 +- ...int_management_cme_gw_configurations_gcp.html.markdown | 2 +- .../d/checkpoint_management_cme_management.html.markdown | 2 +- .../d/checkpoint_management_cme_version.html.markdown | 2 +- .../checkpoint_management_cme_accounts_aws.html.markdown | 2 +- ...checkpoint_management_cme_accounts_azure.html.markdown | 2 +- .../checkpoint_management_cme_accounts_gcp.html.markdown | 2 +- .../r/checkpoint_management_cme_delay_cycle.html.markdown | 2 +- ...int_management_cme_gw_configurations_aws.html.markdown | 4 ++-- ...t_management_cme_gw_configurations_azure.html.markdown | 4 ++-- ...int_management_cme_gw_configurations_gcp.html.markdown | 4 ++-- .../r/checkpoint_management_cme_management.html.markdown | 2 +- 23 files changed, 26 insertions(+), 44 deletions(-) diff --git a/checkpoint/resource_checkpoint_management_cme_gw_configurations_aws.go b/checkpoint/resource_checkpoint_management_cme_gw_configurations_aws.go index c0993e6a..887a43dc 100644 --- a/checkpoint/resource_checkpoint_management_cme_gw_configurations_aws.go +++ b/checkpoint/resource_checkpoint_management_cme_gw_configurations_aws.go @@ -147,7 +147,7 @@ func resourceManagementCMEGWConfigurationsAWS() *schema.Resource { Schema: map[string]*schema.Schema{ "enable_cloudguard_controller": { Type: schema.TypeBool, - Required: true, + Optional: true, Description: "Enable the Web API identity source for CloudGuard Controller", }, "receive_identities_from": { @@ -510,12 +510,6 @@ func createManagementCMEGWConfigurationsAWS(d *schema.ResourceData, m interface{ tempObject["receive_identities_from"] = v.([]interface{}) } payload["identity_awareness_settings"] = tempObject - } else { - if blades, ok := payload["blades"].(map[string]interface{}); ok { - if identityAwareness, ok := blades["identity-awareness"].(bool); ok && identityAwareness { - return fmt.Errorf("'identity_awareness_settings' must be set when 'identity_awareness' blade is enabled") - } - } } log.Println("Create cme AWS GW configuration - name = ", payload["name"]) diff --git a/checkpoint/resource_checkpoint_management_cme_gw_configurations_azure.go b/checkpoint/resource_checkpoint_management_cme_gw_configurations_azure.go index ce9103d9..d3f2e488 100644 --- a/checkpoint/resource_checkpoint_management_cme_gw_configurations_azure.go +++ b/checkpoint/resource_checkpoint_management_cme_gw_configurations_azure.go @@ -146,7 +146,7 @@ func resourceManagementCMEGWConfigurationsAzure() *schema.Resource { Schema: map[string]*schema.Schema{ "enable_cloudguard_controller": { Type: schema.TypeBool, - Required: true, + Optional: true, Description: "Enable the Web API identity source for CloudGuard Controller", }, "receive_identities_from": { @@ -457,12 +457,6 @@ func createManagementCMEGWConfigurationsAzure(d *schema.ResourceData, m interfac tempObject["receive_identities_from"] = v.([]interface{}) } payload["identity_awareness_settings"] = tempObject - } else { - if blades, ok := payload["blades"].(map[string]interface{}); ok { - if identityAwareness, ok := blades["identity-awareness"].(bool); ok && identityAwareness { - return fmt.Errorf("'identity_awareness_settings' must be set when 'identity_awareness' blade is enabled") - } - } } log.Println("Create cme Azure GW configuration - name = ", payload["name"]) diff --git a/checkpoint/resource_checkpoint_management_cme_gw_configurations_gcp.go b/checkpoint/resource_checkpoint_management_cme_gw_configurations_gcp.go index 7f1f9ee9..c09bb4e7 100644 --- a/checkpoint/resource_checkpoint_management_cme_gw_configurations_gcp.go +++ b/checkpoint/resource_checkpoint_management_cme_gw_configurations_gcp.go @@ -146,7 +146,7 @@ func resourceManagementCMEGWConfigurationsGCP() *schema.Resource { Schema: map[string]*schema.Schema{ "enable_cloudguard_controller": { Type: schema.TypeBool, - Required: true, + Optional: true, Description: "Enable the Web API identity source for CloudGuard Controller", }, "receive_identities_from": { @@ -447,12 +447,6 @@ func createManagementCMEGWConfigurationsGCP(d *schema.ResourceData, m interface{ tempObject["receive_identities_from"] = v.([]interface{}) } payload["identity_awareness_settings"] = tempObject - } else { - if blades, ok := payload["blades"].(map[string]interface{}); ok { - if identityAwareness, ok := blades["identity-awareness"].(bool); ok && identityAwareness { - return fmt.Errorf("'identity_awareness_settings' must be set when 'identity_awareness' blade is enabled") - } - } } log.Println("Create cme GCP GW configuration - name = ", payload["name"]) diff --git a/website/docs/d/checkpoint_management_cme_accounts.html.markdown b/website/docs/d/checkpoint_management_cme_accounts.html.markdown index 916cdf0b..15bf7e7f 100644 --- a/website/docs/d/checkpoint_management_cme_accounts.html.markdown +++ b/website/docs/d/checkpoint_management_cme_accounts.html.markdown @@ -9,7 +9,7 @@ description: |- Use this data source to get information on all Check Point CME A Use this data source to get information on all Check Point CME Accounts. -For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](../index.html.markdown#compatibility-with-cme). +For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](https://registry.terraform.io/providers/CheckPointSW/checkpoint/latest/docs#compatibility-with-cme). ## Example Usage diff --git a/website/docs/d/checkpoint_management_cme_accounts_aws.html.markdown b/website/docs/d/checkpoint_management_cme_accounts_aws.html.markdown index ab04baef..e1f327ff 100644 --- a/website/docs/d/checkpoint_management_cme_accounts_aws.html.markdown +++ b/website/docs/d/checkpoint_management_cme_accounts_aws.html.markdown @@ -9,7 +9,7 @@ description: |- Use this data source to get information on an existing Check Poi Use this data source to get information on an existing Check Point CME AWS Account. -For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](../index.html.markdown#compatibility-with-cme). +For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](https://registry.terraform.io/providers/CheckPointSW/checkpoint/latest/docs#compatibility-with-cme). ## Example Usage diff --git a/website/docs/d/checkpoint_management_cme_accounts_azure.html.markdown b/website/docs/d/checkpoint_management_cme_accounts_azure.html.markdown index df03bcf6..bb33d6f4 100644 --- a/website/docs/d/checkpoint_management_cme_accounts_azure.html.markdown +++ b/website/docs/d/checkpoint_management_cme_accounts_azure.html.markdown @@ -9,7 +9,7 @@ description: |- Use this data source to get information on an existing Check Poi Use this data source to get information on an existing Check Point CME Azure Account. -For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](../index.html.markdown#compatibility-with-cme). +For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](https://registry.terraform.io/providers/CheckPointSW/checkpoint/latest/docs#compatibility-with-cme). ## Example Usage diff --git a/website/docs/d/checkpoint_management_cme_accounts_gcp.html.markdown b/website/docs/d/checkpoint_management_cme_accounts_gcp.html.markdown index dc8b3753..b04c0707 100644 --- a/website/docs/d/checkpoint_management_cme_accounts_gcp.html.markdown +++ b/website/docs/d/checkpoint_management_cme_accounts_gcp.html.markdown @@ -9,7 +9,7 @@ description: |- Use this data source to get information on an existing Check Poi Use this data source to get information on an existing Check Point CME GCP Account. -For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](../index.html.markdown#compatibility-with-cme). +For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](https://registry.terraform.io/providers/CheckPointSW/checkpoint/latest/docs#compatibility-with-cme). ## Example Usage diff --git a/website/docs/d/checkpoint_management_cme_api_versions.html.markdown b/website/docs/d/checkpoint_management_cme_api_versions.html.markdown index 366e805d..9acc6f9d 100644 --- a/website/docs/d/checkpoint_management_cme_api_versions.html.markdown +++ b/website/docs/d/checkpoint_management_cme_api_versions.html.markdown @@ -9,7 +9,7 @@ description: |- Use this data source to get information on existing Check Point Use this data source to get information on existing Check Point CME API versions. -For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](../index.html.markdown#compatibility-with-cme). +For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](https://registry.terraform.io/providers/CheckPointSW/checkpoint/latest/docs#compatibility-with-cme). ## Example Usage diff --git a/website/docs/d/checkpoint_management_cme_delay_cycle.html.markdown b/website/docs/d/checkpoint_management_cme_delay_cycle.html.markdown index d974ec2c..6963375f 100644 --- a/website/docs/d/checkpoint_management_cme_delay_cycle.html.markdown +++ b/website/docs/d/checkpoint_management_cme_delay_cycle.html.markdown @@ -9,7 +9,7 @@ description: |- Use this data source to get information on existing Check Point Use this data source to get information on existing Check Point CME Delay Cycle. -For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](../index.html.markdown#compatibility-with-cme). +For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](https://registry.terraform.io/providers/CheckPointSW/checkpoint/latest/docs#compatibility-with-cme). ## Example Usage diff --git a/website/docs/d/checkpoint_management_cme_gw_configurations.html.markdown b/website/docs/d/checkpoint_management_cme_gw_configurations.html.markdown index c512c6b4..09c6e427 100644 --- a/website/docs/d/checkpoint_management_cme_gw_configurations.html.markdown +++ b/website/docs/d/checkpoint_management_cme_gw_configurations.html.markdown @@ -9,7 +9,7 @@ description: |- Use this data source to get information on all Check Point CME G Use this data source to get information on all Check Point CME Gateway Configurations. -For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](../index.html.markdown#compatibility-with-cme). +For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](https://registry.terraform.io/providers/CheckPointSW/checkpoint/latest/docs#compatibility-with-cme). ## Example Usage diff --git a/website/docs/d/checkpoint_management_cme_gw_configurations_aws.html.markdown b/website/docs/d/checkpoint_management_cme_gw_configurations_aws.html.markdown index 3c445ba2..f98e5cfd 100644 --- a/website/docs/d/checkpoint_management_cme_gw_configurations_aws.html.markdown +++ b/website/docs/d/checkpoint_management_cme_gw_configurations_aws.html.markdown @@ -9,7 +9,7 @@ description: |- Use this data source to get information on an existing Check Poi Use this data source to get information on an existing Check Point CME AWS Gateway Configurations. -For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](../index.html.markdown#compatibility-with-cme). +For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](https://registry.terraform.io/providers/CheckPointSW/checkpoint/latest/docs#compatibility-with-cme). ## Example Usage diff --git a/website/docs/d/checkpoint_management_cme_gw_configurations_azure.html.markdown b/website/docs/d/checkpoint_management_cme_gw_configurations_azure.html.markdown index cd51ef8a..52158bed 100644 --- a/website/docs/d/checkpoint_management_cme_gw_configurations_azure.html.markdown +++ b/website/docs/d/checkpoint_management_cme_gw_configurations_azure.html.markdown @@ -9,7 +9,7 @@ description: |- Use this data source to get information on an existing Check Poi Use this data source to get information on an existing Check Point CME Azure Gateway Configurations. -For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](../index.html.markdown#compatibility-with-cme). +For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](https://registry.terraform.io/providers/CheckPointSW/checkpoint/latest/docs#compatibility-with-cme). ## Example Usage diff --git a/website/docs/d/checkpoint_management_cme_gw_configurations_gcp.html.markdown b/website/docs/d/checkpoint_management_cme_gw_configurations_gcp.html.markdown index b15a9bd7..c21e127d 100644 --- a/website/docs/d/checkpoint_management_cme_gw_configurations_gcp.html.markdown +++ b/website/docs/d/checkpoint_management_cme_gw_configurations_gcp.html.markdown @@ -9,7 +9,7 @@ description: |- Use this data source to get information on an existing Check Poi Use this data source to get information on an existing Check Point CME GCP Gateway Configurations. -For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](../index.html.markdown#compatibility-with-cme). +For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](https://registry.terraform.io/providers/CheckPointSW/checkpoint/latest/docs#compatibility-with-cme). ## Example Usage diff --git a/website/docs/d/checkpoint_management_cme_management.html.markdown b/website/docs/d/checkpoint_management_cme_management.html.markdown index c3192fa3..d7b4acfc 100644 --- a/website/docs/d/checkpoint_management_cme_management.html.markdown +++ b/website/docs/d/checkpoint_management_cme_management.html.markdown @@ -9,7 +9,7 @@ description: |- Use this data source to get information on existing Check Point Use this data source to get information on existing Check Point CME Management. -For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](../index.html.markdown#compatibility-with-cme). +For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](https://registry.terraform.io/providers/CheckPointSW/checkpoint/latest/docs#compatibility-with-cme). ## Example Usage diff --git a/website/docs/d/checkpoint_management_cme_version.html.markdown b/website/docs/d/checkpoint_management_cme_version.html.markdown index c255355d..e976c609 100644 --- a/website/docs/d/checkpoint_management_cme_version.html.markdown +++ b/website/docs/d/checkpoint_management_cme_version.html.markdown @@ -9,7 +9,7 @@ description: |- Use this data source to get information on existing Check Point Use this data source to get information on existing Check Point CME version. -For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](../index.html.markdown#compatibility-with-cme). +For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](https://registry.terraform.io/providers/CheckPointSW/checkpoint/latest/docs#compatibility-with-cme). ## Example Usage diff --git a/website/docs/r/checkpoint_management_cme_accounts_aws.html.markdown b/website/docs/r/checkpoint_management_cme_accounts_aws.html.markdown index a9ec455d..e5ca0c33 100644 --- a/website/docs/r/checkpoint_management_cme_accounts_aws.html.markdown +++ b/website/docs/r/checkpoint_management_cme_accounts_aws.html.markdown @@ -9,7 +9,7 @@ description: |- This resource allows you to add/update/delete Check Point CME AW This resource allows you to add/update/delete Check Point CME AWS Account. -For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](../index.html.markdown#compatibility-with-cme). +For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](https://registry.terraform.io/providers/CheckPointSW/checkpoint/latest/docs#compatibility-with-cme). ## Example Usage diff --git a/website/docs/r/checkpoint_management_cme_accounts_azure.html.markdown b/website/docs/r/checkpoint_management_cme_accounts_azure.html.markdown index 47a9bf7d..f98e23da 100644 --- a/website/docs/r/checkpoint_management_cme_accounts_azure.html.markdown +++ b/website/docs/r/checkpoint_management_cme_accounts_azure.html.markdown @@ -9,7 +9,7 @@ description: |- This resource allows you to add/update/delete Check Point CME Az This resource allows you to add/update/delete Check Point CME Azure Account. -For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](../index.html.markdown#compatibility-with-cme). +For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](https://registry.terraform.io/providers/CheckPointSW/checkpoint/latest/docs#compatibility-with-cme). ## Example Usage diff --git a/website/docs/r/checkpoint_management_cme_accounts_gcp.html.markdown b/website/docs/r/checkpoint_management_cme_accounts_gcp.html.markdown index 075f7516..aab3776e 100644 --- a/website/docs/r/checkpoint_management_cme_accounts_gcp.html.markdown +++ b/website/docs/r/checkpoint_management_cme_accounts_gcp.html.markdown @@ -9,7 +9,7 @@ description: |- This resource allows you to add/update/delete Check Point CME GC This resource allows you to add/update/delete Check Point CME GCP Account. -For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](../index.html.markdown#compatibility-with-cme). +For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](https://registry.terraform.io/providers/CheckPointSW/checkpoint/latest/docs#compatibility-with-cme). ## Example Usage diff --git a/website/docs/r/checkpoint_management_cme_delay_cycle.html.markdown b/website/docs/r/checkpoint_management_cme_delay_cycle.html.markdown index 5f283de9..db85e501 100644 --- a/website/docs/r/checkpoint_management_cme_delay_cycle.html.markdown +++ b/website/docs/r/checkpoint_management_cme_delay_cycle.html.markdown @@ -9,7 +9,7 @@ description: |- This resource allows you to update an existing Check Point CME D This resource allows you to update an existing Check Point CME Delay Cycle. -For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](../index.html.markdown#compatibility-with-cme). +For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](https://registry.terraform.io/providers/CheckPointSW/checkpoint/latest/docs#compatibility-with-cme). ## Example Usage diff --git a/website/docs/r/checkpoint_management_cme_gw_configurations_aws.html.markdown b/website/docs/r/checkpoint_management_cme_gw_configurations_aws.html.markdown index 92786649..c610d8c5 100644 --- a/website/docs/r/checkpoint_management_cme_gw_configurations_aws.html.markdown +++ b/website/docs/r/checkpoint_management_cme_gw_configurations_aws.html.markdown @@ -9,7 +9,7 @@ description: |- This resource allows you to add/update/delete Check Point CME AW This resource allows you to add/update/delete Check Point CME AWS Gateway Configurations. -For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](../index.html.markdown#compatibility-with-cme). +For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](https://registry.terraform.io/providers/CheckPointSW/checkpoint/latest/docs#compatibility-with-cme). ## Example Usage @@ -78,7 +78,7 @@ These arguments are supported: * `url_filtering` - (Required) URL Filtering blade. * `vpn` - (Required) VPN blade. * `identity_awareness_settings` - (Optional) Dictionary of Identity Awareness settings that can be configured on the gateway: - * `enable_cloudguard_controller` - (Required) Enable the Web API identity source for CloudGuard Controller. + * `enable_cloudguard_controller` - (Optional) Enable the Web API identity source for CloudGuard Controller. * `receive_identities_from` - (Optional) List of PDP gateway names from which to receive identities through Identity Sharing. * `repository_gateway_scripts` - (Optional) List of objects that each contain the name/UID of a script that exists in the scripts repository on the Management server. Supports these parameters: diff --git a/website/docs/r/checkpoint_management_cme_gw_configurations_azure.html.markdown b/website/docs/r/checkpoint_management_cme_gw_configurations_azure.html.markdown index ff47a43f..3abf13a1 100644 --- a/website/docs/r/checkpoint_management_cme_gw_configurations_azure.html.markdown +++ b/website/docs/r/checkpoint_management_cme_gw_configurations_azure.html.markdown @@ -9,7 +9,7 @@ description: |- This resource allows you to add/update/delete Check Point CME Az This resource allows you to add/update/delete Check Point CME Azure Gateway Configurations. -For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](../index.html.markdown#compatibility-with-cme). +For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](https://registry.terraform.io/providers/CheckPointSW/checkpoint/latest/docs#compatibility-with-cme). ## Example Usage @@ -78,7 +78,7 @@ These arguments are supported: * `url_filtering` - (Required) URL Filtering blade. * `vpn` - (Required) VPN blade. * `identity_awareness_settings` - (Optional) Dictionary of Identity Awareness settings that can be configured on the gateway: - * `enable_cloudguard_controller` - (Required) Enable the Web API identity source for CloudGuard Controller. + * `enable_cloudguard_controller` - (Optional) Enable the Web API identity source for CloudGuard Controller. * `receive_identities_from` - (Optional) List of PDP gateway names from which to receive identities through Identity Sharing. * `repository_gateway_scripts` - (Optional) List of objects that each contain the name/UID of a script that exists in the scripts repository on the Management server. Supports these parameters: diff --git a/website/docs/r/checkpoint_management_cme_gw_configurations_gcp.html.markdown b/website/docs/r/checkpoint_management_cme_gw_configurations_gcp.html.markdown index 83c410e1..218a33c5 100644 --- a/website/docs/r/checkpoint_management_cme_gw_configurations_gcp.html.markdown +++ b/website/docs/r/checkpoint_management_cme_gw_configurations_gcp.html.markdown @@ -9,7 +9,7 @@ description: |- This resource allows you to add/update/delete Check Point CME GC This resource allows you to add/update/delete Check Point CME GCP Gateway Configurations. -For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](../index.html.markdown#compatibility-with-cme). +For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](https://registry.terraform.io/providers/CheckPointSW/checkpoint/latest/docs#compatibility-with-cme). ## Example Usage @@ -76,7 +76,7 @@ These arguments are supported: * `url_filtering` - (Required) URL Filtering blade. * `vpn` - (Required) VPN blade. * `identity_awareness_settings` - (Optional) Dictionary of Identity Awareness settings that can be configured on the gateway: - * `enable_cloudguard_controller` - (Required) Enable the Web API identity source for CloudGuard Controller. + * `enable_cloudguard_controller` - (Optional) Enable the Web API identity source for CloudGuard Controller. * `receive_identities_from` - (Optional) List of PDP gateway names from which to receive identities through Identity Sharing. * `repository_gateway_scripts` - (Optional) List of objects that each contain the name/UID of a script that exists in the scripts repository on the Management server. Supports these parameters: diff --git a/website/docs/r/checkpoint_management_cme_management.html.markdown b/website/docs/r/checkpoint_management_cme_management.html.markdown index 9c566182..02a72358 100644 --- a/website/docs/r/checkpoint_management_cme_management.html.markdown +++ b/website/docs/r/checkpoint_management_cme_management.html.markdown @@ -9,7 +9,7 @@ description: |- This resource allows you to update an existing Check Point CME M This resource allows you to update an existing Check Point CME Management. -For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](../index.html.markdown#compatibility-with-cme). +For details about the compatibility between the Terraform Release version and the CME API version, please refer to the section [Compatibility with CME](https://registry.terraform.io/providers/CheckPointSW/checkpoint/latest/docs#compatibility-with-cme). ## Example Usage From 1596733e208fa190a6ed9b6c5588f1ac2f57657f Mon Sep 17 00:00:00 2001 From: nimrodgab Date: Thu, 28 Nov 2024 17:55:58 +0200 Subject: [PATCH 6/7] Fix CR comments --- ..._checkpoint_management_cme_gw_configurations_aws.go | 10 +++++----- ...heckpoint_management_cme_gw_configurations_azure.go | 10 +++++----- ..._checkpoint_management_cme_gw_configurations_gcp.go | 10 +++++----- 3 files changed, 15 insertions(+), 15 deletions(-) diff --git a/checkpoint/resource_checkpoint_management_cme_gw_configurations_aws.go b/checkpoint/resource_checkpoint_management_cme_gw_configurations_aws.go index 887a43dc..31f0050c 100644 --- a/checkpoint/resource_checkpoint_management_cme_gw_configurations_aws.go +++ b/checkpoint/resource_checkpoint_management_cme_gw_configurations_aws.go @@ -503,7 +503,7 @@ func createManagementCMEGWConfigurationsAWS(d *schema.ResourceData, m interface{ } if _, ok := d.GetOk("identity_awareness_settings"); ok { tempObject := make(map[string]interface{}) - if v := d.Get("identity_awareness_settings.0.enable_cloudguard_controller"); v != nil { + if v, ok := d.GetOkExists("identity_awareness_settings.0.enable_cloudguard_controller"); ok { tempObject["enable_cloudguard_controller"] = v.(bool) } if v, ok := d.GetOk("identity_awareness_settings.0.receive_identities_from"); ok { @@ -653,11 +653,11 @@ func updateManagementCMEGWConfigurationsAWS(d *schema.ResourceData, m interface{ } if d.HasChange("identity_awareness_settings") { tempObject := make(map[string]interface{}) - if d.HasChange("identity_awareness_settings.0.enable_cloudguard_controller") { - tempObject["enable_cloudguard_controller"] = d.Get("identity_awareness_settings.0.enable_cloudguard_controller") + if v, ok := d.GetOkExists("identity_awareness_settings.0.enable_cloudguard_controller"); ok { + tempObject["enable_cloudguard_controller"] = v.(bool) } - if d.HasChange("identity_awareness_settings.0.receive_identities_from") { - tempObject["receive_identities_from"] = d.Get("identity_awareness_settings.0.receive_identities_from") + if v, ok := d.GetOkExists("identity_awareness_settings.0.receive_identities_from"); ok { + tempObject["receive_identities_from"] = v.([]interface{}) } payload["identity_awareness_settings"] = tempObject } diff --git a/checkpoint/resource_checkpoint_management_cme_gw_configurations_azure.go b/checkpoint/resource_checkpoint_management_cme_gw_configurations_azure.go index d3f2e488..e1f3a1f4 100644 --- a/checkpoint/resource_checkpoint_management_cme_gw_configurations_azure.go +++ b/checkpoint/resource_checkpoint_management_cme_gw_configurations_azure.go @@ -450,7 +450,7 @@ func createManagementCMEGWConfigurationsAzure(d *schema.ResourceData, m interfac } if _, ok := d.GetOk("identity_awareness_settings"); ok { tempObject := make(map[string]interface{}) - if v := d.Get("identity_awareness_settings.0.enable_cloudguard_controller"); v != nil { + if v, ok := d.GetOkExists("identity_awareness_settings.0.enable_cloudguard_controller"); ok { tempObject["enable_cloudguard_controller"] = v.(bool) } if v, ok := d.GetOk("identity_awareness_settings.0.receive_identities_from"); ok { @@ -588,11 +588,11 @@ func updateManagementCMEGWConfigurationsAzure(d *schema.ResourceData, m interfac } if d.HasChange("identity_awareness_settings") { tempObject := make(map[string]interface{}) - if d.HasChange("identity_awareness_settings.0.enable_cloudguard_controller") { - tempObject["enable_cloudguard_controller"] = d.Get("identity_awareness_settings.0.enable_cloudguard_controller") + if v, ok := d.GetOkExists("identity_awareness_settings.0.enable_cloudguard_controller"); ok { + tempObject["enable_cloudguard_controller"] = v.(bool) } - if d.HasChange("identity_awareness_settings.0.receive_identities_from") { - tempObject["receive_identities_from"] = d.Get("identity_awareness_settings.0.receive_identities_from") + if v, ok := d.GetOkExists("identity_awareness_settings.0.receive_identities_from"); ok { + tempObject["receive_identities_from"] = v.([]interface{}) } payload["identity_awareness_settings"] = tempObject } diff --git a/checkpoint/resource_checkpoint_management_cme_gw_configurations_gcp.go b/checkpoint/resource_checkpoint_management_cme_gw_configurations_gcp.go index c09bb4e7..bf69a06b 100644 --- a/checkpoint/resource_checkpoint_management_cme_gw_configurations_gcp.go +++ b/checkpoint/resource_checkpoint_management_cme_gw_configurations_gcp.go @@ -440,7 +440,7 @@ func createManagementCMEGWConfigurationsGCP(d *schema.ResourceData, m interface{ } if _, ok := d.GetOk("identity_awareness_settings"); ok { tempObject := make(map[string]interface{}) - if v := d.Get("identity_awareness_settings.0.enable_cloudguard_controller"); v != nil { + if v, ok := d.GetOkExists("identity_awareness_settings.0.enable_cloudguard_controller"); ok { tempObject["enable_cloudguard_controller"] = v.(bool) } if v, ok := d.GetOk("identity_awareness_settings.0.receive_identities_from"); ok { @@ -575,11 +575,11 @@ func updateManagementCMEGWConfigurationsGCP(d *schema.ResourceData, m interface{ } if d.HasChange("identity_awareness_settings") { tempObject := make(map[string]interface{}) - if d.HasChange("identity_awareness_settings.0.enable_cloudguard_controller") { - tempObject["enable_cloudguard_controller"] = d.Get("identity_awareness_settings.0.enable_cloudguard_controller") + if v, ok := d.GetOkExists("identity_awareness_settings.0.enable_cloudguard_controller"); ok { + tempObject["enable_cloudguard_controller"] = v.(bool) } - if d.HasChange("identity_awareness_settings.0.receive_identities_from") { - tempObject["receive_identities_from"] = d.Get("identity_awareness_settings.0.receive_identities_from") + if v, ok := d.GetOkExists("identity_awareness_settings.0.receive_identities_from"); ok { + tempObject["receive_identities_from"] = v.([]interface{}) } payload["identity_awareness_settings"] = tempObject } From 9c831fa0ca17c4a8ca68f72d009afd3b44cc9bbc Mon Sep 17 00:00:00 2001 From: nimrodgab Date: Sun, 1 Dec 2024 10:21:06 +0200 Subject: [PATCH 7/7] Fix use of d.GetOkExists in receive_identities_from --- ...esource_checkpoint_management_cme_gw_configurations_aws.go | 4 +--- ...ource_checkpoint_management_cme_gw_configurations_azure.go | 4 +--- ...esource_checkpoint_management_cme_gw_configurations_gcp.go | 4 +--- 3 files changed, 3 insertions(+), 9 deletions(-) diff --git a/checkpoint/resource_checkpoint_management_cme_gw_configurations_aws.go b/checkpoint/resource_checkpoint_management_cme_gw_configurations_aws.go index 31f0050c..9cd33b4d 100644 --- a/checkpoint/resource_checkpoint_management_cme_gw_configurations_aws.go +++ b/checkpoint/resource_checkpoint_management_cme_gw_configurations_aws.go @@ -656,9 +656,7 @@ func updateManagementCMEGWConfigurationsAWS(d *schema.ResourceData, m interface{ if v, ok := d.GetOkExists("identity_awareness_settings.0.enable_cloudguard_controller"); ok { tempObject["enable_cloudguard_controller"] = v.(bool) } - if v, ok := d.GetOkExists("identity_awareness_settings.0.receive_identities_from"); ok { - tempObject["receive_identities_from"] = v.([]interface{}) - } + tempObject["receive_identities_from"] = d.Get("identity_awareness_settings.0.receive_identities_from") payload["identity_awareness_settings"] = tempObject } var name string diff --git a/checkpoint/resource_checkpoint_management_cme_gw_configurations_azure.go b/checkpoint/resource_checkpoint_management_cme_gw_configurations_azure.go index e1f3a1f4..2e67873e 100644 --- a/checkpoint/resource_checkpoint_management_cme_gw_configurations_azure.go +++ b/checkpoint/resource_checkpoint_management_cme_gw_configurations_azure.go @@ -591,9 +591,7 @@ func updateManagementCMEGWConfigurationsAzure(d *schema.ResourceData, m interfac if v, ok := d.GetOkExists("identity_awareness_settings.0.enable_cloudguard_controller"); ok { tempObject["enable_cloudguard_controller"] = v.(bool) } - if v, ok := d.GetOkExists("identity_awareness_settings.0.receive_identities_from"); ok { - tempObject["receive_identities_from"] = v.([]interface{}) - } + tempObject["receive_identities_from"] = d.Get("identity_awareness_settings.0.receive_identities_from") payload["identity_awareness_settings"] = tempObject } var name string diff --git a/checkpoint/resource_checkpoint_management_cme_gw_configurations_gcp.go b/checkpoint/resource_checkpoint_management_cme_gw_configurations_gcp.go index bf69a06b..802061c1 100644 --- a/checkpoint/resource_checkpoint_management_cme_gw_configurations_gcp.go +++ b/checkpoint/resource_checkpoint_management_cme_gw_configurations_gcp.go @@ -578,9 +578,7 @@ func updateManagementCMEGWConfigurationsGCP(d *schema.ResourceData, m interface{ if v, ok := d.GetOkExists("identity_awareness_settings.0.enable_cloudguard_controller"); ok { tempObject["enable_cloudguard_controller"] = v.(bool) } - if v, ok := d.GetOkExists("identity_awareness_settings.0.receive_identities_from"); ok { - tempObject["receive_identities_from"] = v.([]interface{}) - } + tempObject["receive_identities_from"] = d.Get("identity_awareness_settings.0.receive_identities_from") payload["identity_awareness_settings"] = tempObject } var name string