support smart-1 cloud

Author: chkp-royl

checkpoint/data_source_checkpoint_management_cloud_services.go

@@ -67,15 +67,16 @@ func dataSourceManagementCloudServicesRead(d *schema.ResourceData, m interface{}
 	}
 
 	if v := showCloudServicesRes["connected-at"]; v != nil {
-		connectedAtShow := showCloudServicesRes["connected-at"].(map[string]interface{})
-		connectedAtState := make(map[string]interface{})
-		if v := connectedAtShow["iso-8601"]; v != nil {
-			connectedAtState["iso_8601"] = v
+		if connectedAtShow, ok := showCloudServicesRes["connected-at"].(map[string]interface{}); ok {
+			connectedAtState := make(map[string]interface{})
+			if v := connectedAtShow["iso-8601"]; v != nil {
+				connectedAtState["iso_8601"] = v
+			}
+			if v := connectedAtShow["posix"]; v != nil {
+				connectedAtState["posix"] = v
+			}
+			_ = d.Set("connected_at", connectedAtState)
 		}
-		if v := connectedAtShow["posix"]; v != nil {
-			connectedAtState["posix"] = v
-		}
-		_ = d.Set("connected_at", connectedAtState)
 	}else{
 		_ = d.Set("connected_at", nil)
 	}

checkpoint/data_source_checkpoint_management_network_feed.go

@@ -52,6 +52,7 @@ func dataSourceManagementNetworkFeed() *schema.Resource {
 			"username": {
 				Type:        schema.TypeString,
 				Computed:    true,
+				Sensitive:   true,
 				Description: "username for authenticating with the URL.",
 			},
 			"custom_header": {

checkpoint/data_source_checkpoint_management_vpn_community_meshed.go

@@ -6,6 +6,7 @@ import (
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
 	"log"
 	"reflect"
+	"strconv"
 )
 
 func dataSourceManagementVpnCommunityMeshed() *schema.Resource {
@@ -136,6 +137,7 @@ func dataSourceManagementVpnCommunityMeshed() *schema.Resource {
 						"shared_secret": {
 							Type:        schema.TypeString,
 							Computed:    true,
+							Sensitive:   true,
 							Description: "Shared secret.",
 						},
 					},
@@ -390,59 +392,64 @@ func dataSourceManagementVpnCommunityMeshedRead(d *schema.ResourceData, m interf
 	}
 
 	if vpnCommunityMeshed["override-vpn-domains"] != nil {
+		overrideVpnDomainsList := vpnCommunityMeshed["override-vpn-domains"].([]interface{})
+		var overrideVpnDomainsListToReturn []map[string]interface{}
+		if len(overrideVpnDomainsList) > 0 {
+			for i := range overrideVpnDomainsList {
 
-		overrideVpnDomainsList, ok := vpnCommunityMeshed["override-vpn-domains"].([]interface{})
+				overrideVpnDomainsMap := overrideVpnDomainsList[i].(map[string]interface{})
 
-		if ok {
-
-			if len(overrideVpnDomainsList) > 0 {
-
-				var overrideVpnDomainsListToReturn []map[string]interface{}
-
-				for i := range overrideVpnDomainsList {
-
-					overrideVpnDomainsMap := overrideVpnDomainsList[i].(map[string]interface{})
-
-					overrideVpnDomainsMapToAdd := make(map[string]interface{})
+				overrideVpnDomainsMapToAdd := make(map[string]interface{})
 
-					if v, _ := overrideVpnDomainsMap["gateway"]; v != nil {
-						overrideVpnDomainsMapToAdd["gateway"] = v
-					}
-					if v, _ := overrideVpnDomainsMap["vpn-domain"]; v != nil {
-						overrideVpnDomainsMapToAdd["vpn_domain"] = v
-					}
-					overrideVpnDomainsListToReturn = append(overrideVpnDomainsListToReturn, overrideVpnDomainsMapToAdd)
+				if v, _ := overrideVpnDomainsMap["gateway"]; v != nil {
+					overrideVpnDomainsMapToAdd["gateway"] = v.(map[string]interface{})["name"].(string)
+				}
+				if v, _ := overrideVpnDomainsMap["vpn-domain"]; v != nil {
+					overrideVpnDomainsMapToAdd["vpn_domain"] = v.(map[string]interface{})["name"].(string)
 				}
+				overrideVpnDomainsListToReturn = append(overrideVpnDomainsListToReturn, overrideVpnDomainsMapToAdd)
 			}
 		}
+		_ = d.Set("override_vpn_domains", overrideVpnDomainsListToReturn)
+	}else{
+		_ = d.Set("override_vpn_domains", nil)
 	}
 
 	if vpnCommunityMeshed["shared-secrets"] != nil {
-
-		sharedSecretsList, ok := vpnCommunityMeshed["shared-secrets"].([]interface{})
-
-		if ok {
-
-			if len(sharedSecretsList) > 0 {
-
-				var sharedSecretsListToReturn []map[string]interface{}
-
-				for i := range sharedSecretsList {
-
-					sharedSecretsMap := sharedSecretsList[i].(map[string]interface{})
-
-					sharedSecretsMapToAdd := make(map[string]interface{})
-
-					if v, _ := sharedSecretsMap["external-gateway"]; v != nil {
-						sharedSecretsMapToAdd["external_gateway"] = v
-					}
-					if v, _ := sharedSecretsMap["shared-secret"]; v != nil {
-						sharedSecretsMapToAdd["shared_secret"] = v
+		sharedSecretsList := vpnCommunityMeshed["shared-secrets"].([]interface{})
+		var sharedSecretsListToReturn []map[string]interface{}
+		if len(sharedSecretsList) > 0 {
+			for i := range sharedSecretsList {
+				sharedSecretsMap := sharedSecretsList[i].(map[string]interface{})
+				externalGateway := ""
+				sharedSecret := "N/A"
+				if v, _ := sharedSecretsMap["external-gateway"]; v != nil {
+					externalGateway = v.(map[string]interface{})["name"].(string)
+					if val, ok := d.GetOk("shared_secrets"); ok {
+						sharedSecretsList := val.([]interface{})
+						if len(sharedSecretsList) > 0 {
+							for i := range sharedSecretsList {
+								if v, ok := d.GetOk("shared_secrets." + strconv.Itoa(i) + ".external_gateway"); ok {
+									if externalGateway == v.(string) {
+										sharedSecret = d.Get("shared_secrets." + strconv.Itoa(i) + ".shared_secret").(string)
+										break
+									}
+								}
+							}
+						}
 					}
+				}
+				if externalGateway != "" {
+					sharedSecretsMapToAdd := make(map[string]interface{})
+					sharedSecretsMapToAdd["external_gateway"] = externalGateway
+					sharedSecretsMapToAdd["shared_secret"] = sharedSecret
 					sharedSecretsListToReturn = append(sharedSecretsListToReturn, sharedSecretsMapToAdd)
 				}
 			}
 		}
+		_ = d.Set("shared_secrets", sharedSecretsListToReturn)
+	}else{
+		_ = d.Set("shared_secrets", nil)
 	}
 
 	if v := vpnCommunityMeshed["tunnel-granularity"]; v != nil {

checkpoint/data_source_checkpoint_management_vpn_community_star.go

@@ -6,6 +6,7 @@ import (
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
 	"log"
 	"reflect"
+	"strconv"
 )
 
 func dataSourceManagementVpnCommunityStar() *schema.Resource {
@@ -149,6 +150,7 @@ func dataSourceManagementVpnCommunityStar() *schema.Resource {
 						"shared_secret": {
 							Type:        schema.TypeString,
 							Computed:    true,
+							Sensitive:   true,
 							Description: "Shared secret.",
 						},
 					},
@@ -313,8 +315,8 @@ func dataSourceManagementVpnCommunityStarRead(d *schema.ResourceData, m interfac
 		_ = d.Set("name", v)
 	}
 
-	if vpnCommunityStar["center_gateways"] != nil {
-		centerGatewaysJson, ok := vpnCommunityStar["center_gateways"].([]interface{})
+	if vpnCommunityStar["center-gateways"] != nil {
+		centerGatewaysJson, ok := vpnCommunityStar["center-gateways"].([]interface{})
 		if ok {
 			centerGatewaysIds := make([]string, 0)
 			if len(centerGatewaysJson) > 0 {
@@ -405,35 +407,31 @@ func dataSourceManagementVpnCommunityStarRead(d *schema.ResourceData, m interfac
 	}
 
 	if vpnCommunityStar["override-vpn-domains"] != nil {
+		overrideVpnDomainsList := vpnCommunityStar["override-vpn-domains"].([]interface{})
+		var overrideVpnDomainsListToReturn []map[string]interface{}
+		if len(overrideVpnDomainsList) > 0 {
+			for i := range overrideVpnDomainsList {
 
-		overrideVpnDomainsList, ok := vpnCommunityStar["override-vpn-domains"].([]interface{})
+				overrideVpnDomainsMap := overrideVpnDomainsList[i].(map[string]interface{})
 
-		if ok {
-
-			if len(overrideVpnDomainsList) > 0 {
-
-				var overrideVpnDomainsListToReturn []map[string]interface{}
-
-				for i := range overrideVpnDomainsList {
-
-					overrideVpnDomainsMap := overrideVpnDomainsList[i].(map[string]interface{})
-
-					overrideVpnDomainsMapToAdd := make(map[string]interface{})
+				overrideVpnDomainsMapToAdd := make(map[string]interface{})
 
-					if v, _ := overrideVpnDomainsMap["gateway"]; v != nil {
-						overrideVpnDomainsMapToAdd["gateway"] = v
-					}
-					if v, _ := overrideVpnDomainsMap["vpn-domain"]; v != nil {
-						overrideVpnDomainsMapToAdd["vpn_domain"] = v
-					}
-					overrideVpnDomainsListToReturn = append(overrideVpnDomainsListToReturn, overrideVpnDomainsMapToAdd)
+				if v, _ := overrideVpnDomainsMap["gateway"]; v != nil {
+					overrideVpnDomainsMapToAdd["gateway"] = v.(map[string]interface{})["name"].(string)
+				}
+				if v, _ := overrideVpnDomainsMap["vpn-domain"]; v != nil {
+					overrideVpnDomainsMapToAdd["vpn_domain"] = v.(map[string]interface{})["name"].(string)
 				}
+				overrideVpnDomainsListToReturn = append(overrideVpnDomainsListToReturn, overrideVpnDomainsMapToAdd)
 			}
 		}
+		_ = d.Set("override_vpn_domains", overrideVpnDomainsListToReturn)
+	}else{
+		_ = d.Set("override_vpn_domains", nil)
 	}
 
-	if vpnCommunityStar["satellite_gateways"] != nil {
-		satelliteGatewaysJson, ok := vpnCommunityStar["satellite_gateways"].([]interface{})
+	if vpnCommunityStar["satellite-gateways"] != nil {
+		satelliteGatewaysJson, ok := vpnCommunityStar["satellite-gateways"].([]interface{})
 		if ok {
 			satelliteGatewaysIds := make([]string, 0)
 			if len(satelliteGatewaysJson) > 0 {
@@ -449,31 +447,40 @@ func dataSourceManagementVpnCommunityStarRead(d *schema.ResourceData, m interfac
 	}
 
 	if vpnCommunityStar["shared-secrets"] != nil {
-
-		sharedSecretsList, ok := vpnCommunityStar["shared-secrets"].([]interface{})
-
-		if ok {
-
-			if len(sharedSecretsList) > 0 {
-
-				var sharedSecretsListToReturn []map[string]interface{}
-
-				for i := range sharedSecretsList {
-
-					sharedSecretsMap := sharedSecretsList[i].(map[string]interface{})
-
-					sharedSecretsMapToAdd := make(map[string]interface{})
-
-					if v, _ := sharedSecretsMap["external-gateway"]; v != nil {
-						sharedSecretsMapToAdd["external_gateway"] = v
-					}
-					if v, _ := sharedSecretsMap["shared-secret"]; v != nil {
-						sharedSecretsMapToAdd["shared_secret"] = v
+		sharedSecretsList := vpnCommunityStar["shared-secrets"].([]interface{})
+		var sharedSecretsListToReturn []map[string]interface{}
+		if len(sharedSecretsList) > 0 {
+			for i := range sharedSecretsList {
+				sharedSecretsMap := sharedSecretsList[i].(map[string]interface{})
+				externalGateway := ""
+				sharedSecret := "N/A"
+				if v, _ := sharedSecretsMap["external-gateway"]; v != nil {
+					externalGateway = v.(map[string]interface{})["name"].(string)
+					if val, ok := d.GetOk("shared_secrets"); ok {
+						sharedSecretsList := val.([]interface{})
+						if len(sharedSecretsList) > 0 {
+							for i := range sharedSecretsList {
+								if v, ok := d.GetOk("shared_secrets." + strconv.Itoa(i) + ".external_gateway"); ok {
+									if externalGateway == v.(string) {
+										sharedSecret = d.Get("shared_secrets." + strconv.Itoa(i) + ".shared_secret").(string)
+										break
+									}
+								}
+							}
+						}
 					}
+				}
+				if externalGateway != "" {
+					sharedSecretsMapToAdd := make(map[string]interface{})
+					sharedSecretsMapToAdd["external_gateway"] = externalGateway
+					sharedSecretsMapToAdd["shared_secret"] = sharedSecret
 					sharedSecretsListToReturn = append(sharedSecretsListToReturn, sharedSecretsMapToAdd)
 				}
 			}
 		}
+		_ = d.Set("shared_secrets", sharedSecretsListToReturn)
+	}else{
+		_ = d.Set("shared_secrets", nil)
 	}
 
 	if v := vpnCommunityStar["tunnel-granularity"]; v != nil {

checkpoint/provider.go

@@ -85,6 +85,12 @@ func Provider() terraform.ResourceProvider {
 				DefaultFunc: schema.EnvDefaultFunc("CHECKPOINT_SESSION_NAME", ""),
 				Description: "Session unique name.",
 			},
+			"cloud_mgmt_id": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				DefaultFunc: schema.EnvDefaultFunc("CHECKPOINT_CLOUD_MGMT_ID", ""),
+				Description: "Smart-1 Cloud management UID",
+			},
 		},
 		ResourcesMap: map[string]*schema.Resource{
 			"checkpoint_management_host":                                           resourceManagementHost(),
@@ -337,6 +343,7 @@ func providerConfigure(data *schema.ResourceData) (interface{}, error) {
 	proxyPort := data.Get("proxy_port").(int)
 	apiKey := data.Get("api_key").(string)
 	sessionName := data.Get("session_name").(string)
+	cloudMgmtId := data.Get("cloud_mgmt_id").(string)
 
 	if server == "" || ((username == "" || password == "") && apiKey == "") {
 		return nil, fmt.Errorf("checkpoint-provider missing parameters to initialize (server, (username and password) OR api_key)")
@@ -357,6 +364,7 @@ func providerConfigure(data *schema.ResourceData) (interface{}, error) {
 		Timeout:                 time.Duration(timeout),
 		Sleep:                   checkpoint.SleepTime,
 		UserAgent:               "Terraform",
+		CloudMgmtId:             cloudMgmtId,
 	}
 
 	switch context {

checkpoint/resource_checkpoint_management_aci_data_center_server.go

@@ -35,16 +35,19 @@ func resourceManagementAciDataCenterServer() *schema.Resource {
 			"username": {
 				Type:        schema.TypeString,
 				Required:    true,
+				Sensitive:   true,
 				Description: "User ID of the Cisco APIC server.\nWhen using commonLoginLogic Domains use the following syntax:\napic:<domain>\\<username>.",
 			},
 			"password": {
 				Type:        schema.TypeString,
 				Optional:    true,
+				Sensitive:   true,
 				Description: "Password of the Cisco APIC server.",
 			},
 			"password_base64": {
 				Type:        schema.TypeString,
 				Optional:    true,
+				Sensitive:   true,
 				Description: "Password of the Cisco APIC server encoded in Base64.",
 			},
 			"certificate_fingerprint": {

checkpoint/resource_checkpoint_management_aws_data_center_server.go

@@ -33,11 +33,13 @@ func resourceManagementAwsDataCenterServer() *schema.Resource {
 			"access_key_id": {
 				Type:        schema.TypeString,
 				Optional:    true,
+				Sensitive:   true,
 				Description: "Access key ID for the AWS account.\nRequired for authentication-method: user-authentication.",
 			},
 			"secret_access_key": {
 				Type:        schema.TypeString,
 				Optional:    true,
+				Sensitive:   true,
 				Description: "Secret access key for the AWS account.\nRequired for authentication-method: user-authentication.",
 			},
 			"region": {

checkpoint/resource_checkpoint_management_azure_data_center_server.go

@@ -31,16 +31,19 @@ func resourceManagementAzureDataCenterServer() *schema.Resource {
 			"username": {
 				Type:        schema.TypeString,
 				Optional:    true,
+				Sensitive:   true,
 				Description: "An Azure Active Directory user Format <username>@<domain>.\nRequired for authentication-method: user-authentication.",
 			},
 			"password": {
 				Type:        schema.TypeString,
 				Optional:    true,
+				Sensitive:   true,
 				Description: "Password of the Azure account.\nRequired for authentication-method: user-authentication.",
 			},
 			"password_base64": {
 				Type:        schema.TypeString,
 				Optional:    true,
+				Sensitive:   true,
 				Description: "Password of the Azure account encoded in Base64.\nRequired for authentication-method: user-authentication.",
 			},
 			"application_id": {

checkpoint/resource_checkpoint_management_checkpoint_host.go

@@ -137,6 +137,7 @@ func resourceManagementCheckpointHost() *schema.Resource {
 			"one_time_password": {
 				Type:        schema.TypeString,
 				Optional:    true,
+				Sensitive:   true,
 				Description: "Secure internal connection one time password.",
 			},
 			"sic_name": {

checkpoint/resource_checkpoint_management_command_add_api_key.go

@@ -28,6 +28,7 @@ func resourceManagementAddApiKey() *schema.Resource {
 			"api_key": {
 				Type:        schema.TypeString,
 				Computed:    true,
+				Sensitive:   true,
 				Description: "Represents the API Key to be used for commonLoginLogic.",
 			},
 		},