Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Azure-templates | Enhance UI #462

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
736 changes: 381 additions & 355 deletions azure/templates/marketplace-gateway-load-balancer/createUiDefinition.json

Large diffs are not rendered by default.

279 changes: 149 additions & 130 deletions azure/templates/marketplace-ha/createUiDefinition.json

Large diffs are not rendered by default.

1 change: 1 addition & 0 deletions azure/templates/marketplace-ha/mainTemplate.json
Original file line number Diff line number Diff line change
Expand Up @@ -135,6 +135,7 @@
},
"sicKey": {
"type": "securestring",
"defaultValue": "",
"metadata": {
"description": "One time key for Secure Internal Communication"
}
Expand Down
239 changes: 131 additions & 108 deletions azure/templates/marketplace-management/createUiDefinition.json
Original file line number Diff line number Diff line change
Expand Up @@ -53,19 +53,28 @@
"steps": [
{
"name": "chkp",
"label": "Check Point Security Management Server settings",
"label": "CloudGuard Security Management Server settings",
"subLabel": {
"preValidation": "Configure additional settings",
"postValidation": "Done"
},
"bladeTitle": "Security Management settings",
"elements": [
{
"name": "InfoAzureAdminGuide",
"type": "Microsoft.Common.InfoBox",
"visible": "true",
"options": {
"icon": "Info",
"text": "See <a href='https://support.checkpoint.com/results/sk/sk109360' target='_blank'>CloudGuard Network for Azure administration guide</a> for detailed deployment and configuration steps "
}
},
{
"name": "cloudGuardVersion",
"type": "Microsoft.Common.DropDown",
"label": "Check Point CloudGuard version",
"label": "Version",
"defaultValue": "R81.20",
"toolTip": "The version of Check Point CloudGuard.",
"toolTip": "Check Point Recommended version for all deployments is R81.20",
"constraints": {
"allowedValues": [
{
Expand All @@ -88,7 +97,7 @@
"type": "Microsoft.Common.DropDown",
"label": "License type",
"toolTip": "The type of license.",
"defaultValue": "Bring Your Own License",
"defaultValue": "Pay As You Go (MGMT25)",
"visible": true,
"constraints": {
"allowedValues": [
Expand All @@ -103,6 +112,15 @@
]
}
},
{
"name": "InfoVMSize",
"type": "Microsoft.Common.InfoBox",
"visible": "true",
"options": {
"icon": "Info",
"text": "Check Point recommends a minimum of 4 vCores for optimal operation"
}
},
{
"name": "R8110vmSizeUiBYOL",
"type": "Microsoft.Compute.SizeSelector",
Expand Down Expand Up @@ -277,6 +295,84 @@
},
"count": 1
},
{
"name": "managementGUIClientNetwork",
"type": "Microsoft.Common.TextBox",
"label": "Allow SmartConsole connections from these networks",
"toolTip": "Allow SmartConsole connections from the following CIDR networks, for example: 192.168.1.0/26",
"constraints": {
"required": true,
"regex": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/([0-9]|[1-2][0-9]|3[0-2]))$",
"validationMessage": "Enter a valid IPv4 network CIDR"
},
"visible": "[equals(steps('chkp').installationType, 'management')]"
}
]
},
{
"name": "chkp-advanced",
"label": "CloudGuard Advanced settings",
"subLabel": {
"preValidation": "Configure additional settings",
"postValidation": "Done"
},
"bladeTitle": "Security Management settings",
"elements": [
{
"name": "InfoAdvanced",
"type": "Microsoft.Common.InfoBox",
"visible": "true",
"options": {
"icon": "Info",
"text": "This section includes OPTIONAL advanced configuration.\nTo proceed with Check Point default settings, click Next"
}
},
{
"name": "installationType",
"type": "Microsoft.Common.DropDown",
"label": "Installation type",
"defaultValue": "Management",
"toolTip": "Select the type of deployment",
"constraints": {
"allowedValues": [
{
"label": "Management",
"value": "management"
},
{
"label": "Configure manually",
"value": "custom"
}
]
}
},
{
"name": "adminShell",
"type": "Microsoft.Common.DropDown",
"label": "Default shell for the admin user",
"defaultValue": "/etc/cli.sh",
"toolTip": "The default shell for the admin user",
"constraints": {
"allowedValues": [
{
"label": "/etc/cli.sh",
"value": "/etc/cli.sh"
},
{
"label": "/bin/bash",
"value": "/bin/bash"
},
{
"label": "/bin/csh",
"value": "/bin/csh"
},
{
"label": "/bin/tcsh",
"value": "/bin/tcsh"
}
]
}
},
{
"name": "SerialPasswordInfoBox",
"type": "Microsoft.Common.InfoBox",
Expand All @@ -287,11 +383,11 @@
}
},
{
"visible": "[bool(basics('auth').sshPublicKey)]",
"visible": "[bool(basics('auth').sshPublicKey)]",
"name": "EnableSerialConsolePassword",
"type": "Microsoft.Common.OptionsGroup",
"label": "Enable Serial console password",
"defaultValue": "Yes",
"defaultValue": "No",
"toolTip": "A unique password hash to enable VM connection via serial console.",
"constraints": {
"allowedValues": [
Expand All @@ -310,7 +406,7 @@
"name": "AdditionalPassword",
"type": "Microsoft.Common.PasswordBox",
"toolTip": "Serial console password hash, used to enable password authentication (using serial console). To generate password hash use the command 'openssl passwd -6 PASSWORD'",
"visible": "[and(bool(basics('auth').sshPublicKey), steps('chkp').EnableSerialConsolePassword)]",
"visible": "[and(bool(basics('auth').sshPublicKey), steps('chkp-advanced').EnableSerialConsolePassword)]",
"label": {
"password": "Password hash",
"confirmPassword": "Confirm password"
Expand All @@ -335,26 +431,6 @@
},
{
"visible": "[not(contains('R81.10', steps('chkp').cloudGuardVersion))]",
"name": "EnableMaintenanceMode",
"type": "Microsoft.Common.OptionsGroup",
"label": "Enable Maintenance Mode",
"defaultValue": "Yes",
"toolTip": "A unique password hash to enable VM maintenance mode.",
"constraints": {
"allowedValues": [
{
"label": "Yes",
"value": true
},
{
"label": "No",
"value": false
}
]
}
},
{
"visible": "[and(not(contains('R81.10', steps('chkp').cloudGuardVersion)), steps('chkp').EnableMaintenanceMode)]",
"name": "MaintenanceModePassword",
"type": "Microsoft.Common.PasswordBox",
"defaultValue": "",
Expand All @@ -364,71 +440,12 @@
"confirmPassword": "Confirm Password"
},
"constraints": {
"required": true,
"validationMessage": "The value must be the output of the hash command."
},
"options": {
"hideConfirmation": false
}
},
{
"name": "installationType",
"type": "Microsoft.Common.DropDown",
"label": "Installation type",
"defaultValue": "Management",
"toolTip": "Select the type of deployment",
"constraints": {
"allowedValues": [
{
"label": "Management",
"value": "management"
},
{
"label": "Configure manually",
"value": "custom"
}
]
}
},
{
"name": "adminShell",
"type": "Microsoft.Common.DropDown",
"label": "Default shell for the admin user",
"defaultValue": "/etc/cli.sh",
"toolTip": "The default shell for the admin user",
"constraints": {
"allowedValues": [
{
"label": "/etc/cli.sh",
"value": "/etc/cli.sh"
},
{
"label": "/bin/bash",
"value": "/bin/bash"
},
{
"label": "/bin/csh",
"value": "/bin/csh"
},
{
"label": "/bin/tcsh",
"value": "/bin/tcsh"
}
]
}
},
{
"name": "managementGUIClientNetwork",
"type": "Microsoft.Common.TextBox",
"label": "Allowed GUI clients",
"toolTip": "GUI clients network CIDR",
"constraints": {
"required": true,
"regex": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/([0-9]|[1-2][0-9]|3[0-2]))$",
"validationMessage": "Enter a valid IPv4 network CIDR"
},
"visible": "[equals(steps('chkp').installationType, 'management')]"
},
{
"name": "bootstrapScript",
"type": "Microsoft.Common.FileUpload",
Expand Down Expand Up @@ -498,7 +515,7 @@
"value": "management_only"
},
{
"label": "All IP Addresses that can be used for GUI clients",
"label": "All IP addresses that are allowed for SmartConsole connections",
"value": "gui_clients"
},
{
Expand All @@ -510,7 +527,7 @@
"visible": true
},
{
"visible": "[equals(steps('chkp').installationType, 'management')]",
"visible": "[equals(steps('chkp-advanced').installationType, 'management')]",
"name": "allowUploadDownload",
"type": "Microsoft.Common.OptionsGroup",
"label": "Automatically download updates and share statistical data for product improvement purpose",
Expand All @@ -530,15 +547,12 @@
}
},
{
"name": "basics settings text block",
"type": "Microsoft.Common.TextBlock",
"visible": true,
"name": "InfoVMDiskSpace",
"type": "Microsoft.Common.InfoBox",
"visible": "true",
"options": {
"text": "Please follow the Check Point referenced guide for adding disk space.",
"link": {
"label": "Additional disk space in CloudGuard",
"uri": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk156552"
}
"icon": "Info",
"text": "See <a href='https://support.checkpoint.com/results/sk/sk156552' target='_blank'>Adding disk space in CloudGuard</a> for instructions on adding additional disk space "
}
},
{
Expand Down Expand Up @@ -579,11 +593,11 @@
"label": "Development Image URI",
"toolTip": "The URI of the blob containing the development image",
"constraints": {
"required": "[equals(steps('chkp').useCustomImageUri, 'Yes')]",
"required": "[equals(steps('chkp-advanced').useCustomImageUri, 'Yes')]",
"regex": "^[a-z0-9A-Z_\\-\\.\\:\\/]{1,500}.vhd$",
"validationMessage": "Only alphanumeric characters and '_','-','.',':','/' are allowed, the value must be 1-500 characters long and must end with .vhd. "
},
"visible": "[equals(steps('chkp').useCustomImageUri, 'Yes')]"
"visible": "[equals(steps('chkp-advanced').useCustomImageUri, 'Yes')]"
}
]
},
Expand Down Expand Up @@ -711,6 +725,15 @@
"name": "tags",
"label": "Tags",
"elements": [
{
"name": "InfoTags",
"type": "Microsoft.Common.InfoBox",
"visible": "true",
"options": {
"icon": "Info",
"text": "Check Point automatically configures all tags required by the solution\nOPTIONAL: Additional tags can be added below"
}
},
{
"name": "tagsByResource",
"type": "Microsoft.Common.TagsByResource",
Expand Down Expand Up @@ -744,21 +767,21 @@
"vnetNewOrExisting": "[steps('network').virtualNetwork.newOrExisting]",
"virtualNetworkExistingRGName": "[steps('network').virtualNetwork.resourceGroup]",
"managementGUIClientNetwork": "[steps('chkp').managementGUIClientNetwork]",
"installationType": "[steps('chkp').installationType]",
"bootstrapScript": "[steps('chkp').bootstrapScript]",
"allowDownloadFromUploadToCheckPoint": "[coalesce(steps('chkp').allowUploadDownload, 'true')]",
"additionalDiskSizeGB": "[int(steps('chkp').additionalDiskSizeGB)]",
"diskType": "[if(contains('R81.10' , steps('chkp').cloudGuardVersion) , steps('chkp').VMDiskTypeOldVersions , steps('chkp').VMDiskType)]",
"sourceImageVhdUri": "[coalesce(steps('chkp').sourceImageVhdUri, 'noCustomUri')]",
"enableApi": "[steps('chkp').enableApi]",
"adminShell": "[steps('chkp').adminShell]",
"installationType": "[steps('chkp-advanced').installationType]",
"bootstrapScript": "[steps('chkp-advanced').bootstrapScript]",
"allowDownloadFromUploadToCheckPoint": "[coalesce(steps('chkp-advanced').allowUploadDownload, 'true')]",
"additionalDiskSizeGB": "[int(steps('chkp-advanced').additionalDiskSizeGB)]",
"diskType": "[if(contains('R81.10' , steps('chkp-advanced').cloudGuardVersion) , steps('chkp-advanced').VMDiskTypeOldVersions , steps('chkp-advanced').VMDiskType)]",
"sourceImageVhdUri": "[coalesce(steps('chkp-advanced').sourceImageVhdUri, 'noCustomUri')]",
"enableApi": "[steps('chkp-advanced').enableApi]",
"adminShell": "[steps('chkp-advanced').adminShell]",
"tagsByResource": "[steps('tags').tagsByResource]",
"deployNewNSG": "[steps('network').NSG]",
"ExistingNSG": "[steps('network').nsgSelector]",
"NewNsgName": "[steps('network').NSGName]",
"addStorageAccountIpRules": "[steps('network').addStorageAccountIpRules]",
"SerialConsolePasswordHash": "[steps('chkp').AdditionalPassword]",
"MaintenanceModePasswordHash": "[steps('chkp').MaintenanceModePassword]"
"SerialConsolePasswordHash": "[steps('chkp-advanced').AdditionalPassword]",
"MaintenanceModePasswordHash": "[steps('chkp-advanced').MaintenanceModePassword]"
}
}
}
Loading
Loading