/checkup

deploy a cloud checkup environment with the latest Check Point Version using AWX Server to execute Job and git as CI/CD repository. credentials and keys are all managed by AWX

About
Create Management Server, Security Gateway and Honey Pot over AWX.
all parameter has to be defined in AWX Workflow Survey

Overview
This repository contains all ansible scripts to .
zerops.ps1

Requirements
AWX Server

Usage
create a AWX Workflow

define survey Variables in your Workflow

cp_version , Type text, Default R81
vpc_title, Type text, Default CloudCheckup
vpc_name, Type text, Default CloudCheckupVPC
igw_name, Type text, Default CloudCheckupIGW
route_name, Type text, Default CloudCheckupRouteName
subnet_name1, Type text, Default CloudCheckupExternalSubnet
subnet_name2, Type text, Default CloudCheckupInternalSubnet
subnet_name3, Typetext, Default CloudCheckupHoneyPotSubnet
acl_name, Type text, Default CloudCheckupACL
security_group_name, Type text, Default CloudCheckupSecurity Group
route_table_name, Type text, Default CloudCheckuproute table
vpc_cidr, Type text, Default 10.5.0.0/16
subnet_cidr1, Type text, Default 10.5.1.0/24
subnet_cidr2, Type text, Default 10.5.2.0/24
subnet_cidr3, Type text, Default 10.5.3.0/24
port22CidrBlock, Type text, Default 0.0.0.0/0
destinationCidrBlock, Type text, Default 0.0.0.0/0
mgmt_hw, Type text, Default m5.xlarge
mgmt_net1_ip, Type text, Default 10.5.1.11
mgmt_passwd, Type text, Default
mgmt_server_name, Type text, Defaul tmgmt1
mgmt_sic_key, Type text, Default vpn123
gateway_hw, Type text, Default c5.large
gateway_net1_ip, Type text, Default 10.5.1.10
gateway_net2_ip, Type text, Default 10.5.2.10
gateway_passwd, Type text, Default
gateway_Name, Type text, Default vsecgwr80
gateway_sic_key, Type text, Default vpn123
hp_hw, Type text, Default t2.medium
hp_net3_ip, Type text, Default 10.5.3.33
state, Type text, Default present
region, Type text, Default eu-central-1
keypairName, Type text, Default aws-key

and put the git yaml files in flowing order in your workflow

  • createVPC.yml -(on-success)-> createIGWandNetworks.yml -(on-success)-> createSecurityGroups.yml -(on-success)-> (parallel start launchManagement.yml, launchHoneyPot.yml, launchGateway.yml)