CheckPointSW
no way to export current configuration from checkpoint and import to terraform.
Hi @acirami , Thanks for posting this issue. Can you please explain which configuration you want to export? If other providers support that feature, please mention them.
Thanks, Roy
We would like to export objects like hosts/dynamic/network/groups/sections/layers/etc… and most important rules. Basically anything we would need to build a policy in terraform.
Make it easy for customers to use terraform and checkpoint. Currently we would have a hybrid configuration some policy we would have to use smartconsole and any new we would use terraform.
Other providers supporting this feature is Aviatrix; https://docs.aviatrix.com/HowTos/tf_export.html?highlight=terraform#aviatrix-terraform-export
Aviatrix provides an export in the UI to download terraform files with import commands in a shell script. See examples below with pictures.
e.g.
user.tf resource "aviatrix_account_user" "account_user_1" { username = "acirami" account_name = "admin" email = "[email protected]" password = "" }
Import.sh terraform import "aviatrix_account_user.account_user_1" "acirami"
Thanks,
TonyCirami Senior Architect, Information Technology Centene Technologies | technologies.centene.comhttps://cnet.centene.com/company/technologies
[awsdigital badge]https://www.certmetrics.com/amazon/public/badge.aspx?i=1&t=c&d=2019-06-28&ci=AWS00640530[signature_995783308]https://www.youracclaim.com/badges/76ab6c5c-320d-4632-843d-539d362f6a47/public_url
[cid:[email protected]] 12800 Corporate Hill Dr. Des Peres, MO 63131 Direct – 314.505.6136 Internal – 8025136 Mobile – 314.520.8067 [email protected]mailto:[email protected] | centene.comhttp://www.centene.com/
Transforming the health of the community, one person at a time
[signature_1124981211]
[signature_87914395]
[signature_1756074797]
©2019, 2020 FORTUNE Media IP Limited. Used under license.
From: chkp-royl [email protected] Reply-To: CheckPointSW/terraform-provider-checkpoint [email protected] Date: Wednesday, October 28, 2020 at 3:45 AM To: CheckPointSW/terraform-provider-checkpoint [email protected] Cc: Tony Cirami [email protected], Mention [email protected] Subject: Re: [CheckPointSW/terraform-provider-checkpoint] no way to export current configuration from checkpoint and import to terraform. (#46)
Caution: External Email
Do not click on links or open any attachments unless you recognize the sender and know the contents are safe. Think before you click!
Hi @aciramihttps://urldefense.com/v3/__https:/github.com/acirami__;!!Js732Vmb!4lImuN0a47CjgysnU4snlzxj5PKCkc5QjWkbJ6zZoHaOLceo5YO8BqgkXCWubw$ , Thanks for posting this issue. Can you please explain which configuration you want to export? If other providers support that feature, please mention them.
Thanks, Roy
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://urldefense.com/v3/__https:/github.com/CheckPointSW/terraform-provider-checkpoint/issues/46*issuecomment-717786263__;Iw!!Js732Vmb!4lImuN0a47CjgysnU4snlzxj5PKCkc5QjWkbJ6zZoHaOLceo5YO8BqiSFlb98Q$, or unsubscribehttps://urldefense.com/v3/__https:/github.com/notifications/unsubscribe-auth/ARL7MFEBZVLGCYBJVH54XILSM7KY5ANCNFSM4S7UGE3A__;!!Js732Vmb!4lImuN0a47CjgysnU4snlzxj5PKCkc5QjWkbJ6zZoHaOLceo5YO8BqgjRPRg1Q$.
CONFIDENTIALITY NOTICE: This communication contains information intended for the use of the individuals to whom it is addressed and may contain information that is privileged, confidential or exempt from other disclosure under applicable law. If you are not the intended recipient, you are notified that any disclosure, printing, copying, distribution or use of the contents is prohibited. If you have received this in error, please notify the sender immediately by telephone or by returning it by return mail and then permanently delete the communication from your system. Thank you.
You can import Check Point resources using the 'terraform import' command. The current implementation of Terraform import can only import resources into the state. It does not generate configuration. A future version of Terraform will also generate configuration. Read here for more details: https://www.terraform.io/docs/import/index.html#currently-state-only
Thanks, Roy
Yes I’m aware of that. But I have to build the resources we have 10000’s of objects and rules. Are you suggesting the customer manually write 10000’s of code to import into terraform? Good luck with that. We will just move to another provider that supports export.
I’m suggesting you provide an export to build the tf files for import. Make it easy for customers to use checkpoint and terraform.
Thanks,
TonyCirami Senior Architect, Information Technology Centene Technologies | technologies.centene.comhttps://cnet.centene.com/company/technologies
[awsdigital badge]https://www.certmetrics.com/amazon/public/badge.aspx?i=1&t=c&d=2019-06-28&ci=AWS00640530[signature_2075527334]https://www.youracclaim.com/badges/76ab6c5c-320d-4632-843d-539d362f6a47/public_url
[cid:[email protected]] 12800 Corporate Hill Dr. Des Peres, MO 63131 Direct – 314.505.6136 Internal – 8025136 Mobile – 314.520.8067 [email protected]mailto:[email protected] | centene.comhttp://www.centene.com/
Transforming the health of the community, one person at a time
[signature_535874207]
[signature_828205428]
[signature_2052493915]
©2019, 2020 FORTUNE Media IP Limited. Used under license.
From: chkp-royl [email protected] Reply-To: CheckPointSW/terraform-provider-checkpoint [email protected] Date: Wednesday, October 28, 2020 at 8:25 AM To: CheckPointSW/terraform-provider-checkpoint [email protected] Cc: Tony Cirami [email protected], Mention [email protected] Subject: Re: [CheckPointSW/terraform-provider-checkpoint] no way to export current configuration from checkpoint and import to terraform. (#46)
Caution: External Email
Do not click on links or open any attachments unless you recognize the sender and know the contents are safe. Think before you click!
You can import Check Point resources using the 'terraform import' command. The current implementation of Terraform import can only import resources into the state. It does not generate configuration. A future version of Terraform will also generate configuration. Read here for more details: https://www.terraform.io/docs/import/index.html#currently-state-onlyhttps://urldefense.com/v3/__https:/www.terraform.io/docs/import/index.html*currently-state-only__;Iw!!Js732Vmb!4nGGm5l2ieqb4unv4T56ckuaKapiuqHEnDd5mRZZH7chydDI-CSWPnEJrfls-w$
Thanks, Roy
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://urldefense.com/v3/__https:/github.com/CheckPointSW/terraform-provider-checkpoint/issues/46*issuecomment-717930443__;Iw!!Js732Vmb!4nGGm5l2ieqb4unv4T56ckuaKapiuqHEnDd5mRZZH7chydDI-CSWPnEEughSxQ$, or unsubscribehttps://urldefense.com/v3/__https:/github.com/notifications/unsubscribe-auth/ARL7MFDWGMROEH445RHJ55LSNALUDANCNFSM4S7UGE3A__;!!Js732Vmb!4nGGm5l2ieqb4unv4T56ckuaKapiuqHEnDd5mRZZH7chydDI-CSWPnFdYxGhQg$.
CONFIDENTIALITY NOTICE: This communication contains information intended for the use of the individuals to whom it is addressed and may contain information that is privileged, confidential or exempt from other disclosure under applicable law. If you are not the intended recipient, you are notified that any disclosure, printing, copying, distribution or use of the contents is prohibited. If you have received this in error, please notify the sender immediately by telephone or by returning it by return mail and then permanently delete the communication from your system. Thank you.