Terraform Modules for CloudGuard Network Security (CGNS) — Nutanix

Introduction

This repository provides a structured set of Terraform modules for deploying Check Point CloudGuard Network Security in Nutanix.
These modules automate the creation of Security Gateways and Management servers.
The repository contains:

• Terraform modules
• Community-supported content

Prerequisites

• Terraform version v1.10.5 or later 64bit version.
• Nutanix Prism Central 7.0 or later.
• Nutanix Terraform Provider v2.0.0 or later.
• Check Point CloudGuard Network Security QCOWs images from CloudGuard Network for Private Cloud images R81.20 or later.

Repository Structure

Submodules: Contains modular, reusable, production-grade Terraform components, each with its own documentation.

Examples: Demonstrates how to use the modules.

Submodules:

• CloudGuard Management - Existing Subnet: Deploys a CloudGuard Management Server VM into an existing Nutanix subnet.
• CloudGuard Gateway - Existing Subnet: Deploys a CloudGuard Security Gateway VM into an existing Nutanix subnet.

Examples:

• Tenant-VPC: Deploys a complete CloudGuard Network Security setup with Management and Gateway in a tenant VPC.
• Transit-VPC: Deploys a CloudGuard Network Security Gateway in a transit VPC setup.

---

Best Practices for Using CloudGuard Modules

Step 1: Use the Required Module

Add the required module in your Terraform configuration file to deploy resources. For example:

provider "nutanix" {}

module "example_module" {
  source  = "CheckPointSW/cloudguard-network-security/nutanix//modules/{module_name}"
  version = "{chosen_version}"
  # Add the required inputs
}

---

Step 2: Open the Terminal

Ensure you have Terraform installed and navigate to the directory where your Terraform configuration file is located using the appropriate terminal:

• Linux: Terminal.
• Windows: PowerShell or Command Prompt.

---

Step 3: Set Environment Variables

Set the required environment variables, See Nutanix Argument Reference.

Linux

export NUTANIX_USERNAME="your_nutanix_username"
export NUTANIX_PASSWORD="your_nutanix_password"
export NUTANIX_ENDPOINT="your_prism_central_server"

PowerShell (Windows)

$env:NUTANIX_USERNAME="your_nutanix_username"
$env:NUTANIX_PASSWORD="your_nutanix_password"
$env:NUTANIX_ENDPOINT="your_prism_central_server"

Command Prompt (Windows)

set NUTANIX_USERNAME=your_nutanix_username
set NUTANIX_PASSWORD=your_nutanix_password
set NUTANIX_ENDPOINT=your_prism_central_server

---

Step 4: Deploy with Terraform

Use Terraform commands to deploy resources securely.

Initialize Terraform

Prepare the working directory and download required provider plugins:

terraform init

Plan Deployment

Preview the changes Terraform will make:

terraform plan

Apply Deployment

Apply the planned changes and deploy the resources:

terraform apply

Notes:

1. Type yes when prompted to confirm the deployment.
2. The deployment takes a few minutes to complete (depending on the deployment size, can take ~30 minutes).

Related Products and Solutions

• CloudGuard Network Security for VMware
• CloudGuard Network Security for AWS
• CloudGuard Network Security for Azure

References

• For more information about Check Point CloudGuard for Public Cloud, see https://www.checkpoint.com/products/iaas-public-cloud-security/
• CloudGuard documentation is available at https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk132552&
• CloudGuard Network CheckMates community is available at https://community.checkpoint.com/t5/CloudGuard-IaaS/bd-p/cloudguard-iaas