{"id":31584368,"url":"https://github.com/checkpointsw/terraform-gcp-cloudguard-network-security","last_synced_at":"2026-04-26T15:03:21.462Z","repository":{"id":309488570,"uuid":"894373606","full_name":"CheckPointSW/terraform-gcp-cloudguard-network-security","owner":"CheckPointSW","description":"Terraform modules for deploying Check Point CloudGuard Network Security in Google Cloud Platform (GCP).  These modules automate the creation of Virtual Private Clouds (VPCs), Security Gateways, High-Availability architectures, and more, enabling secure and scalable cloud deployments.","archived":false,"fork":false,"pushed_at":"2025-09-10T06:59:58.000Z","size":940,"stargazers_count":0,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-09-10T10:07:18.134Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/CheckPointSW.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2024-11-26T08:44:33.000Z","updated_at":"2025-09-09T11:30:41.000Z","dependencies_parsed_at":null,"dependency_job_id":"fc02798f-4f54-418a-91a8-cc8624ca4a55","html_url":"https://github.com/CheckPointSW/terraform-gcp-cloudguard-network-security","commit_stats":null,"previous_names":["checkpointsw/terraform-gcp-cloudguard-network-security"],"tags_count":7,"template":false,"template_full_name":null,"purl":"pkg:github/CheckPointSW/terraform-gcp-cloudguard-network-security","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CheckPointSW%2Fterraform-gcp-cloudguard-network-security","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CheckPointSW%2Fterraform-gcp-cloudguard-network-security/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CheckPointSW%2Fterraform-gcp-cloudguard-network-security/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CheckPointSW%2Fterraform-gcp-cloudguard-network-security/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/CheckPointSW","download_url":"https://codeload.github.com/CheckPointSW/terraform-gcp-cloudguard-network-security/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CheckPointSW%2Fterraform-gcp-cloudguard-network-security/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":278542665,"owners_count":26004061,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-05T02:00:06.059Z","response_time":54,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-10-06T01:00:37.292Z","updated_at":"2026-01-04T15:15:15.430Z","avatar_url":"https://github.com/CheckPointSW.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"![GitHub Wachers](https://img.shields.io/github/watchers/CheckPointSW/terraform-gcp-cloudguard-network-security)\n![GitHub Release](https://img.shields.io/github/v/release/CheckPointSW/terraform-gcp-cloudguard-network-security)\n![GitHub Commits Since Last Commit](https://img.shields.io/github/commits-since/CheckPointSW/terraform-gcp-cloudguard-network-security/latest/master)\n![GitHub Last Commit](https://img.shields.io/github/last-commit/CheckPointSW/terraform-gcp-cloudguard-network-security/master)\n![GitHub Repo Size](https://img.shields.io/github/repo-size/CheckPointSW/terraform-gcp-cloudguard-network-security)\n![GitHub Downloads](https://img.shields.io/github/downloads/CheckPointSW/terraform-gcp-cloudguard-network-security/total)\n\n# Terraform Modules for CloudGuard Network Security (CGNS) - GCP\n\n\n## Introduction\nThis repository provides a structured set of Terraform modules for deploying Check Point CloudGuard Network Security in GCP. These modules automate the creation of Virtual Networks, Security Gateways, High-Availability architectures, and more, enabling secure and scalable cloud deployments.\n\n\n## Before you begin\n1. Create a project in the [Google Cloud Console](https://console.cloud.google.com/) and set up billing on that project.\n2. [Install Terraform](https://learn.hashicorp.com/tutorials/terraform/install-cli) and read the Terraform getting started guide that follows. This guide will assume basic proficiency with Terraform - it is an introduction to the Google provider.\n\n### Configuring the Provider\n1. [Create a Service Account](https://cloud.google.com/docs/authentication/getting-started) (or use the existing one). Next, download the JSON key file. Name it something you can remember and store it somewhere secure on your machine. \u003cbr/\u003e\n2. Select \"Editor\" Role or verify you have the following permissions:\n   ```\n   compute.autoscalers.create\n   compute.autoscalers.delete\n   compute.autoscalers.get\n   compute.autoscalers.update\n   compute.disks.create\n   compute.firewalls.create\n   compute.firewalls.delete\n   compute.firewalls.get\n   compute.firewalls.update\n   compute.instanceGroupManagers.create\n   compute.instanceGroupManagers.delete\n   compute.instanceGroupManagers.get\n   compute.instanceGroupManagers.use\n   compute.instanceGroups.delete\n   compute.instanceTemplates.create\n   compute.instanceTemplates.delete\n   compute.instanceTemplates.get\n   compute.instanceTemplates.useReadOnly\n   compute.instances.create\n   compute.instances.setMetadata\n   compute.instances.setTags\n   compute.networks.get\n   compute.networks.updatePolicy\n   compute.regions.list\n   compute.subnetworks.get\n   compute.subnetworks.use\n   compute.subnetworks.useExternalIp\n   iam.serviceAccounts.actAs\n   ```\n3. Configure the provider in your `main.tf` file. Your service account key file is used to complete a two-legged OAuth 2.0 flow to obtain access tokens to authenticate with the GCP API as needed; Terraform will use it to reauthenticate automatically when tokens expire. \u003cbr/\u003e \nThe provider credentials can be provided either as static credentials or as [Environment Variables](https://www.terraform.io/docs/providers/google/guides/provider_reference.html#credentials-1).\n    - **Static credentials**: Specify the path to your service account key file in your `main.tf`:\n    \n        ```hcl\n        provider \"google\" {\n          credentials = \"path/to/service-account-key.json\"\n          project     = \"your-project-id\"\n          region      = \"your-region\"\n        }\n        ```\n    \n    - **Environment Variables**: If you prefer to use environment variables (e.g., `GOOGLE_APPLICATION_CREDENTIALS`, `GOOGLE_PROJECT`), you can omit credentials and project from the provider block:\n        \n        ```hcl\n        provider \"google\" {\n          region = \"your-region\"\n        }\n        ```\n\n## Repository Structure\n`Submodules:` Contains modular, reusable, production-grade Terraform components, each with its own documentation.\n\n`Examples:` Demonstrates how to use the modules.\n\n \n**Submodules:**\n* [`single`](https://registry.terraform.io/modules/CheckPointSW/cloudguard-network-security/gcp/latest/submodules/single) - Deploys a single Check Point Security Gateway or Management Server.\n* [`cluster`](https://registry.terraform.io/modules/CheckPointSW/cloudguard-network-security/gcp/latest/submodules/cluster) - Deploys a Check Point Security Gateway cluster (high availability).\n* [`autoscale`](https://registry.terraform.io/modules/CheckPointSW/cloudguard-network-security/gcp/latest/submodules/autoscale) - Deploys Check Point Security Gateways with auto-scaling capabilities.\n* [`network-security-integration`](https://registry.terraform.io/modules/CheckPointSW/cloudguard-network-security/gcp/latest/submodules/network-security-integration) - Deploys GCP Network Security Integration.\n\nInternal Submodules - \n\n* [`firewall-rule`](https://registry.terraform.io/modules/CheckPointSW/cloudguard-network-security/gcp/latest/submodules/firewall-rule) - Deploys firewall rules on GCP VPCs.\n* [`internal-load-balancer`](https://registry.terraform.io/modules/CheckPointSW/cloudguard-network-security/gcp/latest/submodules/internal-load-balancer) - Deploys internal load balanncer.\n* [`network-and-subnet`](https://registry.terraform.io/modules/CheckPointSW/cloudguard-network-security/gcp/latest/submodules/network-and-subnet) - Deploys VPC and subnetwork in the VPC.\n* [`network-security-integration-common`](https://registry.terraform.io/modules/CheckPointSW/cloudguard-network-security/gcp/latest/submodules/network-security-integration-common) - Deploys Network Security Integration.\n* [`compute-image`](https://registry.terraform.io/modules/CheckPointSW/cloudguard-network-security/gcp/latest/submodules/computes-image) - Deploy using last image to OS version.\n\n\n***\n\n# Best Practices for Using CloudGuard Modules\n\n## Step 1: Use the Required Module\nAdd the required module in your Terraform configuration file (`main.tf`) to deploy resources. For example:\n\n```hcl\nprovider \"google\" {\n  credentials = \"path/to/service-account-key.json\"\n  project     = \"your-project-id\"\n  region      = \"your-region\"\n}\n\nmodule \"example_module\" {\n  source  = \"CheckPointSW/cloudguard-network-security/gcp//modules/{module_name}\"\n  version = \"{chosen_version}\"\n  // Add the required inputs\n}\n```\n---\n\n## Step 2: Deploy with Terraform\nUse Terraform commands to deploy resources securely.\n\n### Initialize Terraform\nPrepare the working directory and download required provider plugins:\n```hcl\nterraform init\n```\n\n### Plan Deployment\nPreview the changes Terraform will make:\n```hcl\nterraform plan\n```\n### Apply Deployment\nApply the planned changes and deploy the resources:\n```hcl\nterraform apply\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcheckpointsw%2Fterraform-gcp-cloudguard-network-security","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcheckpointsw%2Fterraform-gcp-cloudguard-network-security","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcheckpointsw%2Fterraform-gcp-cloudguard-network-security/lists"}