4. Terraform

Introduction

DevOps teams can automate their security and transform it into DevSecOps workflows using Ansible and Terraform.

Automate security responses to threats, provision both physical and virtualized next-generation firewalls and automate routine configuration tasks, saving time and reducing configuration errors.

For more information about Check Point Terraform provider see Check Point Terraform Provider.

Instructions

Step

Instructions

1

From the Jump-Server , SSH into the Ubuntu-Orchestrator (root / Cpwins1! ) using MobaXterm.

2

Change to the following directory on the Ubuntu Orchestrator :

cd /root/Terraform

3

Run the following command to initialize Terraform and the Check Point POC provider for Terraform.

terraform init

This will download the latest Check Point Terraform provider from Hashicorp.

4

Next, we will run a plan to see what would actually be done to build the objects that are described in the Simple Example directory.

terraform plan

5

Now we can apply our configuration. Run the following:

terraform apply

Type 'yes' and Click Enter.

Note - if you receive timeout error (Client Timeout exceeded) during the command run ,

Please delete the api management session from SmartConsole ('Discard & Disconnect') and rerun the 'terraform apply' command.

6

Once the apply is complete run the follow to publish the changes with the python script:

python3 publish.py

7

Verify that the objects are in the .tf files were created in the R81 SmartConsole.

New Policy created : demo2021:

8

Now delete the entire configuration using the following command :

terraform destroy

Type 'yes' and Click Enter.

9

Once the destroy is complete run the follow to publish the changes with the python script :

python3 publish.py