This repository provides Terraform templates to deploy the CloudGuard Infinity Next Gateway VMSS in Azure.
- Terraform - Version 1.0.3 or later
- Terraform for Azure
- Check Point Infinity Portal Account
- VNETs and Subnets need to be pre-configured
- Azure Keyvault for HTTPS configuration is not yet included
-
Clone the repository
-
Configure the Terraform variables in the terraform.tfvars file
client_secret = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
client_id = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
tenant_id = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
subscription_id = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
source_image_vhd_uri = "noCustomUri"
resource_group_name = "rg-cpgw-appsec-vmss"
vmss_name = "cpgw-appsec-vmss"
location = "westeurope"
vnet_name = "VNET-North-Hub"
vnet_resource_group = "rg-North-Hub"
frontend_subnet_name = "Frontend"
backend_subnet_name = "Backend"
backend_lb_IP_address = "4"
admin_password = "xxxxxxxxxxxx"
sic_key = ""
vm_size = "Standard_DS2_v2"
disk_size = "100"
vm_os_sku = "infinity-img"
vm_os_offer = "infinity-gw"
os_version = "R80.40"
bootstrap_script = ""
allow_upload_download = "true"
authentication_type = "Password"
availability_zones_num = "1"
minimum_number_of_vm_instances = "2"
maximum_number_of_vm_instances = "2"
management_name = ""
management_IP = ""
management_interface = "eth0-private"
configuration_template_name = ""
notification_email = ""
frontend_load_distribution = "Default"
backend_load_distribution = "Default"
enable_custom_metrics = "false"
waapAgentToken = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
waapAgentFog = ""
-
Apply the template
cd azure/vmss-existing-vnet terraform init terraform apply