From d37981147a79237b8507fc9171c876acb584417e Mon Sep 17 00:00:00 2001 From: tomerassa Date: Thu, 14 May 2026 14:02:05 +0300 Subject: [PATCH 1/2] Update docs HCL examples to v2 block syntax The SDK v2 upgrade changed TypeMap fields to TypeList with MaxItems: 1. Update example HCL in website/docs/{r,d}/ to use block syntax (field { ... }) instead of the old map literal syntax (field = { ... }). --- ...pp_control_advanced_settings.html.markdown | 4 +- ..._management_data_access_rule.html.markdown | 6 +-- ...nagement_data_access_section.html.markdown | 2 +- ...nagement_data_center_content.html.markdown | 2 +- ...t_management_data_https_rule.html.markdown | 2 +- ...anagement_data_https_section.html.markdown | 2 +- ...ement_data_opsec_application.html.markdown | 4 +- ...anagement_data_service_other.html.markdown | 2 +- ...ment_https_advanced_settings.html.markdown | 2 +- ...t_mobile_access_profile_rule.html.markdown | 2 +- ...obile_access_profile_section.html.markdown | 2 +- ...anagement_mobile_access_rule.html.markdown | 2 +- ...gement_mobile_access_section.html.markdown | 2 +- ...eckpoint_management_nat_rule.html.markdown | 2 +- ...point_management_nat_section.html.markdown | 2 +- ...int_management_network_probe.html.markdown | 2 +- ...int_management_resource_smtp.html.markdown | 2 +- ...oint_management_resource_uri.html.markdown | 4 +- ...point_management_service_gtp.html.markdown | 8 ++-- ...e_objects_repository_content.html.markdown | 2 +- ..._management_threat_exception.html.markdown | 4 +- ...point_management_threat_rule.html.markdown | 2 +- ...point_management_access_rule.html.markdown | 40 +++++++++---------- ...nt_management_access_section.html.markdown | 2 +- ...anagement_check_network_feed.html.markdown | 2 +- ...gement_check_threat_ioc_feed.html.markdown | 2 +- ...kpoint_management_https_rule.html.markdown | 2 +- ...int_management_https_section.html.markdown | 2 +- ...point_management_lsm_gateway.html.markdown | 2 +- ...t_mobile_access_profile_rule.html.markdown | 2 +- ...obile_access_profile_section.html.markdown | 2 +- ...anagement_mobile_access_rule.html.markdown | 2 +- ...gement_mobile_access_section.html.markdown | 2 +- ...eckpoint_management_nat_rule.html.markdown | 6 +-- ...point_management_nat_section.html.markdown | 2 +- ...int_management_network_probe.html.markdown | 2 +- ...int_management_resource_smtp.html.markdown | 2 +- ...oint_management_resource_uri.html.markdown | 4 +- ...point_management_service_gtp.html.markdown | 8 ++-- ...point_management_service_tcp.html.markdown | 2 +- ...point_management_service_udp.html.markdown | 2 +- ...pp_control_advanced_settings.html.markdown | 4 +- ...gement_set_global_properties.html.markdown | 4 +- ..._set_https_advanced_settings.html.markdown | 2 +- ..._management_threat_exception.html.markdown | 4 +- ...point_management_threat_rule.html.markdown | 2 +- 46 files changed, 83 insertions(+), 83 deletions(-) diff --git a/website/docs/d/checkpoint_management_app_control_advanced_settings.html.markdown b/website/docs/d/checkpoint_management_app_control_advanced_settings.html.markdown index 19b8047d..143bec5b 100644 --- a/website/docs/d/checkpoint_management_app_control_advanced_settings.html.markdown +++ b/website/docs/d/checkpoint_management_app_control_advanced_settings.html.markdown @@ -15,12 +15,12 @@ Use this data source to get information on an existing Check Point Set App Contr ```hcl resource "checkpoint_management_set_app_control_advanced_settings" "example" { - url_filtering_settings = { + url_filtering_settings { categorize_cached_and_translated_pages = "true" categorize_https_websites = "false" enforce_safe_search ="true" } - custom_categorization_settings = { + custom_categorization_settings { social_network_widgets_mode = "hold" url_filtering_mode = "background" } diff --git a/website/docs/d/checkpoint_management_data_access_rule.html.markdown b/website/docs/d/checkpoint_management_data_access_rule.html.markdown index 86b0ffe3..e323a895 100644 --- a/website/docs/d/checkpoint_management_data_access_rule.html.markdown +++ b/website/docs/d/checkpoint_management_data_access_rule.html.markdown @@ -15,14 +15,14 @@ Use this data source to get information on an existing Check Point Access Rule. resource "checkpoint_management_access_rule" "access_rule" { name = "My Rule" layer = "Network" - position = { top = "top" } + position { top = "top" } source = ["Any"] destination = ["Any"] service = ["Any"] content = ["Any"] time = ["Any"] install_on = ["Policy Targets"] - track = { + track { type = "Log" accounting = false alert = "none" @@ -30,7 +30,7 @@ resource "checkpoint_management_access_rule" "access_rule" { per_connection = true per_session = false } - custom_fields = {} + custom_fields {} vpn = "Any" } diff --git a/website/docs/d/checkpoint_management_data_access_section.html.markdown b/website/docs/d/checkpoint_management_data_access_section.html.markdown index 871f00c7..27633c87 100644 --- a/website/docs/d/checkpoint_management_data_access_section.html.markdown +++ b/website/docs/d/checkpoint_management_data_access_section.html.markdown @@ -23,7 +23,7 @@ resource "checkpoint_management_access_layer" "access_layer" { resource "checkpoint_management_access_section" "access_section" { name = "myaccesssection" layer = "${checkpoint_management_access_layer.access_layer.name}" - position = {top = "top"} + position {top = "top"} } data "checkpoint_management_data_access_section" "data_access_section" { diff --git a/website/docs/d/checkpoint_management_data_center_content.html.markdown b/website/docs/d/checkpoint_management_data_center_content.html.markdown index 53967516..afc858a0 100644 --- a/website/docs/d/checkpoint_management_data_center_content.html.markdown +++ b/website/docs/d/checkpoint_management_data_center_content.html.markdown @@ -14,7 +14,7 @@ Use this data source to get information on an existing Check Point data center c ```hcl data "checkpoint_management_data_center_content" "test" { name = "Network" - filter = { + filter { text = "TEXT_TO_FIND" uri = "DATA_CENTER_URI" } diff --git a/website/docs/d/checkpoint_management_data_https_rule.html.markdown b/website/docs/d/checkpoint_management_data_https_rule.html.markdown index 02d41ce5..90925ca6 100644 --- a/website/docs/d/checkpoint_management_data_https_rule.html.markdown +++ b/website/docs/d/checkpoint_management_data_https_rule.html.markdown @@ -16,7 +16,7 @@ Use this data source to get information on an existing Check Point Https Rule. ```hcl resource "checkpoint_management_https_rule" "https_rule" { name = "HTTPS Rule" - position = {top = "top"} + position {top = "top"} layer = "Default Layer" blade = ["IPS"] destination = ["Internet"] diff --git a/website/docs/d/checkpoint_management_data_https_section.html.markdown b/website/docs/d/checkpoint_management_data_https_section.html.markdown index 65f7e8c3..7f959c81 100644 --- a/website/docs/d/checkpoint_management_data_https_section.html.markdown +++ b/website/docs/d/checkpoint_management_data_https_section.html.markdown @@ -17,7 +17,7 @@ Use this data source to get information on an existing Check Point Https Section resource "checkpoint_management_https_section" "https_section" { name = "HTTPS section" layer = "Default Layer" - position = {top = "top"} + position {top = "top"} } data "checkpoint_management_data_https_section" "data_https_section" { diff --git a/website/docs/d/checkpoint_management_data_opsec_application.html.markdown b/website/docs/d/checkpoint_management_data_opsec_application.html.markdown index abdee682..b81e1d2d 100644 --- a/website/docs/d/checkpoint_management_data_opsec_application.html.markdown +++ b/website/docs/d/checkpoint_management_data_opsec_application.html.markdown @@ -22,12 +22,12 @@ resource "checkpoint_management_host" "myhost" { resource "checkpoint_management_opsec_application" "opsec_application" { name = "OPSEC application" host = "${checkpoint_management_host.myhost.name}" - cpmi = { + cpmi { enabled = true administrator_profile = "read only all" use_administrator_credentials = false } - lea = { + lea { enabled = true access_permissions = "show all" } diff --git a/website/docs/d/checkpoint_management_data_service_other.html.markdown b/website/docs/d/checkpoint_management_data_service_other.html.markdown index a517b1a6..d6e7c203 100644 --- a/website/docs/d/checkpoint_management_data_service_other.html.markdown +++ b/website/docs/d/checkpoint_management_data_service_other.html.markdown @@ -21,7 +21,7 @@ resource "checkpoint_management_service_other" "service_other" { match_for_any = true sync_connections_on_cluster = true ip_protocol = 51 - aggressive_aging = { + aggressive_aging { use_default_timeout = true enable = true default_timeout = 600 diff --git a/website/docs/d/checkpoint_management_https_advanced_settings.html.markdown b/website/docs/d/checkpoint_management_https_advanced_settings.html.markdown index c08000f5..d7446866 100644 --- a/website/docs/d/checkpoint_management_https_advanced_settings.html.markdown +++ b/website/docs/d/checkpoint_management_https_advanced_settings.html.markdown @@ -23,7 +23,7 @@ resource "checkpoint_management_set_https_advanced_settings" "example" { certificate_pinned_apps_action = "bypass" log_sessions = true retrieve_intermediate_ca_certificates = true - server_certificate_validation_actions = { + server_certificate_validation_actions { block_expired = true block_revoked = false block_untrusted = true diff --git a/website/docs/d/checkpoint_management_mobile_access_profile_rule.html.markdown b/website/docs/d/checkpoint_management_mobile_access_profile_rule.html.markdown index 533f5802..69c9dd7c 100644 --- a/website/docs/d/checkpoint_management_mobile_access_profile_rule.html.markdown +++ b/website/docs/d/checkpoint_management_mobile_access_profile_rule.html.markdown @@ -18,7 +18,7 @@ resource "checkpoint_management_mobile_access_profile_rule" "example" { name = "Rule 1" mobile_profile = "Default_Profile" user_groups = ["my_group",] - position = {top = "top"} + position {top = "top"} } data "checkpoint_management_mobile_access_profile_rule" "data" { diff --git a/website/docs/d/checkpoint_management_mobile_access_profile_section.html.markdown b/website/docs/d/checkpoint_management_mobile_access_profile_section.html.markdown index 01187518..0362ebc3 100644 --- a/website/docs/d/checkpoint_management_mobile_access_profile_section.html.markdown +++ b/website/docs/d/checkpoint_management_mobile_access_profile_section.html.markdown @@ -16,7 +16,7 @@ Use this data source to get information on an existing Check Point Mobile Access ```hcl resource "checkpoint_management_mobile_access_profile_section" "example" { name = "New Section 1" - position = {top = "top"} + position {top = "top"} } data "checkpoint_management_mobile_access_profile_section" "data" { uid = "${checkpoint_management_mobile_access_profile_section.example.id}" diff --git a/website/docs/d/checkpoint_management_mobile_access_rule.html.markdown b/website/docs/d/checkpoint_management_mobile_access_rule.html.markdown index e97f9a0b..34f317aa 100644 --- a/website/docs/d/checkpoint_management_mobile_access_rule.html.markdown +++ b/website/docs/d/checkpoint_management_mobile_access_rule.html.markdown @@ -18,7 +18,7 @@ resource "checkpoint_management_mobile_access_rule" "example" { name = "Rule 1" applications = ["N", "e", "w", " ", "A", "p", "p", "l", "i", "c", "a", "t", "i", "o", "n",] user_groups = ["my_group",] - position = {top = "top"} + position {top = "top"} } data "checkpoint_management_mobile_access_rule" "data" { uid = "${checkpoint_management_mobile_access_rule.example.id}" diff --git a/website/docs/d/checkpoint_management_mobile_access_section.html.markdown b/website/docs/d/checkpoint_management_mobile_access_section.html.markdown index d1b31469..77f83fe3 100644 --- a/website/docs/d/checkpoint_management_mobile_access_section.html.markdown +++ b/website/docs/d/checkpoint_management_mobile_access_section.html.markdown @@ -16,7 +16,7 @@ Use this data source to get information on an existing Check Point Mobile Access ```hcl resource "checkpoint_management_mobile_access_section" "example" { name = "New Section 1" - position = {top = "top"} + position {top = "top"} } data "checkpoint_management_mobile_access_section" "data" { name = "${checkpoint_management_mobile_access_section.example.name}" diff --git a/website/docs/d/checkpoint_management_nat_rule.html.markdown b/website/docs/d/checkpoint_management_nat_rule.html.markdown index dfa71ac8..d45bf747 100644 --- a/website/docs/d/checkpoint_management_nat_rule.html.markdown +++ b/website/docs/d/checkpoint_management_nat_rule.html.markdown @@ -17,7 +17,7 @@ This resource allows you to execute Check Point NAT Rule. resource "checkpoint_management_nat_rule" "test" { name = "natrule" package = "Standard" - position = {top = "top"} + position {top = "top"} } data "checkpoint_management_nat_rule" "test" { diff --git a/website/docs/d/checkpoint_management_nat_section.html.markdown b/website/docs/d/checkpoint_management_nat_section.html.markdown index 935c3bac..64aa041d 100644 --- a/website/docs/d/checkpoint_management_nat_section.html.markdown +++ b/website/docs/d/checkpoint_management_nat_section.html.markdown @@ -17,7 +17,7 @@ This resource allows you to execute Check Point NAT section. resource "checkpoint_management_nat_section" "test" { name = "nat section" package = "Standard" - position = {top = "top"} + position {top = "top"} } data "checkpoint_management_nat_section" "nat_section" { diff --git a/website/docs/d/checkpoint_management_network_probe.html.markdown b/website/docs/d/checkpoint_management_network_probe.html.markdown index 55fd626a..616e742c 100644 --- a/website/docs/d/checkpoint_management_network_probe.html.markdown +++ b/website/docs/d/checkpoint_management_network_probe.html.markdown @@ -16,7 +16,7 @@ Use this data source to get information on an existing Check Point Network Probe ```hcl resource "checkpoint_management_network_probe" "example" { name = "network1" - icmp_options = { + icmp_options { source = "host1" destination = "host2" } diff --git a/website/docs/d/checkpoint_management_resource_smtp.html.markdown b/website/docs/d/checkpoint_management_resource_smtp.html.markdown index fa4cfe7a..5bfc2b8f 100644 --- a/website/docs/d/checkpoint_management_resource_smtp.html.markdown +++ b/website/docs/d/checkpoint_management_resource_smtp.html.markdown @@ -19,7 +19,7 @@ resource "checkpoint_management_resource_smtp" "smtp" { name = "newSmtpResource" mail_delivery_server = "deliverServer" exception_track = "exception log" - match = { + match { sender = "expr1" recipient = "expr2" } diff --git a/website/docs/d/checkpoint_management_resource_uri.html.markdown b/website/docs/d/checkpoint_management_resource_uri.html.markdown index cb247735..2e87ba62 100644 --- a/website/docs/d/checkpoint_management_resource_uri.html.markdown +++ b/website/docs/d/checkpoint_management_resource_uri.html.markdown @@ -17,7 +17,7 @@ Use this data source to get information on an existing Check Point Resource Uri. resource "checkpoint_management_resource_uri" "uri" { name = "newUriResource" use_this_resource_to = "optimize_url_logging" - connection_methods = { + connection_methods { transparent = "false" tunneling = "true" proxy = false @@ -47,7 +47,7 @@ resource "checkpoint_management_resource_uri" "uri" { strip_script_tags = true } - soap = { + soap { inspection = "allow_all_soap_requests" file_id = "scheme1" track_connections = "mail_alert" diff --git a/website/docs/d/checkpoint_management_service_gtp.html.markdown b/website/docs/d/checkpoint_management_service_gtp.html.markdown index 8846055b..bb018e3a 100644 --- a/website/docs/d/checkpoint_management_service_gtp.html.markdown +++ b/website/docs/d/checkpoint_management_service_gtp.html.markdown @@ -19,11 +19,11 @@ Use this data source to get information on an existing Check Point Service Gtp. version = "v2" reverse_service = true trace_management = true - imsi_prefix = { + imsi_prefix { enable = true prefix = "123" } - interface_profile = { + interface_profile { profile = "Custom" custom_message_types = "32-35" } @@ -31,7 +31,7 @@ Use this data source to get information on an existing Check Point Service Gtp. enable = true mode = 1 } - ms_isdn= { + ms_isdn { enable = true ms_isdn = "312" } @@ -49,7 +49,7 @@ Use this data source to get information on an existing Check Point Service Gtp. types = "11-50" } } - ldap_group = { + ldap_group { enable = true group = "ldap_group_1" according_to = "MS-ISDN" diff --git a/website/docs/d/checkpoint_management_show_updatable_objects_repository_content.html.markdown b/website/docs/d/checkpoint_management_show_updatable_objects_repository_content.html.markdown index f2810c17..6ba244a5 100644 --- a/website/docs/d/checkpoint_management_show_updatable_objects_repository_content.html.markdown +++ b/website/docs/d/checkpoint_management_show_updatable_objects_repository_content.html.markdown @@ -15,7 +15,7 @@ This resource allows you to execute Check Point Show Updatable Objects Repositor ```hcl data "checkpoint_management_show_updatable_objects_repository_content" "query" { - filter = { + filter { text = "API Gateway" } } diff --git a/website/docs/d/checkpoint_management_threat_exception.html.markdown b/website/docs/d/checkpoint_management_threat_exception.html.markdown index ee7e1af4..115577b9 100644 --- a/website/docs/d/checkpoint_management_threat_exception.html.markdown +++ b/website/docs/d/checkpoint_management_threat_exception.html.markdown @@ -17,13 +17,13 @@ This resource allows you to execute Check Point Threat Exception. resource "checkpoint_management_threat_rule" "threat_rule" { name = "threat rule" layer = "Standard Threat Prevention" - position = {top = "top"} + position {top = "top"} } resource "checkpoint_management_threat_exception" "threat_exception" { name = "threat exception" layer = "Standard Threat Prevention" - position = {top = "top"} + position {top = "top"} rule_name = "${checkpoint_management_threat_rule.threat_rule.name}" } diff --git a/website/docs/d/checkpoint_management_threat_rule.html.markdown b/website/docs/d/checkpoint_management_threat_rule.html.markdown index d6585c07..a419c8cb 100644 --- a/website/docs/d/checkpoint_management_threat_rule.html.markdown +++ b/website/docs/d/checkpoint_management_threat_rule.html.markdown @@ -17,7 +17,7 @@ This resource allows you to execute Check Point Threat Rule. resource "checkpoint_management_threat_rule" "test" { name = "threat rule" layer = "Standard Threat Prevention" - position = {top = "top"} + position {top = "top"} } data "checkpoint_management_threat_rule" "test" { diff --git a/website/docs/r/checkpoint_management_access_rule.html.markdown b/website/docs/r/checkpoint_management_access_rule.html.markdown index b3dbff77..e2190df6 100644 --- a/website/docs/r/checkpoint_management_access_rule.html.markdown +++ b/website/docs/r/checkpoint_management_access_rule.html.markdown @@ -17,14 +17,14 @@ This resource allows you to add/update/delete Check Point Access Rule. resource "checkpoint_management_access_rule" "rule1" { name = "Rule 1" layer = "Network" - position = {top = "top"} + position {top = "top"} source = ["Any"] destination = ["Any"] service = ["Any"] content = ["Any"] time = ["Any"] install_on = ["Policy Targets"] - track = { + track { type = "Log" accounting = false alert = "none" @@ -32,15 +32,15 @@ resource "checkpoint_management_access_rule" "rule1" { per_connection = true per_session = false } - action_settings = {} - custom_fields = {} + action_settings {} + custom_fields {} vpn = "Any" } resource "checkpoint_management_access_rule" "rule2" { name = "Rule 2" layer = "Network" - position = {below = checkpoint_management_access_rule.rule1.name} + position {below = checkpoint_management_access_rule.rule1.name} enabled = true source = ["DMZNet", "DMZZone", "WirelessZone"] destination = ["InternalNet", "CPDShield"] @@ -49,7 +49,7 @@ resource "checkpoint_management_access_rule" "rule2" { content = ["Any"] time = ["Any"] install_on = ["Policy Targets"] - track = { + track { type = "Log" accounting = false alert = "none" @@ -57,17 +57,17 @@ resource "checkpoint_management_access_rule" "rule2" { per_connection = true per_session = false } - action_settings = {} - custom_fields = {} + action_settings {} + custom_fields {} vpn = "All_GwToGw" } resource "checkpoint_management_access_rule" "rule3" { name = "Rule 3" layer = "Network" - position = {below = checkpoint_management_access_rule.rule2.name} + position {below = checkpoint_management_access_rule.rule2.name} action = "Accept" - action_settings = { + action_settings { enable_identity_captive_portal = true } source = ["DMZNet"] @@ -78,7 +78,7 @@ resource "checkpoint_management_access_rule" "rule3" { content = ["Any"] time = ["Weekend"] install_on = ["Policy Targets"] - track = { + track { type = "Log" accounting = false alert = "none" @@ -86,14 +86,14 @@ resource "checkpoint_management_access_rule" "rule3" { per_connection = true per_session = false } - custom_fields = {} + custom_fields {} vpn_communities = ["StarCommunity", "MeshedCommunity"] } resource "checkpoint_management_access_rule" "rule4" { name = "Rule 4" layer = "Network" - position = {below = checkpoint_management_access_rule.rule3.name} + position {below = checkpoint_management_access_rule.rule3.name} enabled = false source = ["Any"] destination = ["Any"] @@ -101,7 +101,7 @@ resource "checkpoint_management_access_rule" "rule4" { content = ["Any"] time = ["Any"] install_on = ["Policy Targets"] - track = { + track { type = "Log" accounting = false alert = "none" @@ -109,8 +109,8 @@ resource "checkpoint_management_access_rule" "rule4" { per_connection = true per_session = false } - action_settings = {} - custom_fields = {} + action_settings {} + custom_fields {} vpn_directional { from = "StarVpn" to = "MeshedCommunity" @@ -120,9 +120,9 @@ resource "checkpoint_management_access_rule" "rule4" { resource "checkpoint_management_access_rule" "rule5" { name = "Rule 5" layer = "Network" - position = {below = checkpoint_management_access_rule.rule4.name} + position {below = checkpoint_management_access_rule.rule4.name} action = "Accept" - action_settings = { + action_settings { enable_identity_captive_portal = false } source = ["Any"] @@ -131,7 +131,7 @@ resource "checkpoint_management_access_rule" "rule5" { content = ["Any"] time = ["Any"] install_on = ["Policy Targets"] - track = { + track { type = "Log" accounting = false alert = "none" @@ -139,7 +139,7 @@ resource "checkpoint_management_access_rule" "rule5" { per_connection = true per_session = false } - custom_fields = {} + custom_fields {} vpn = "Any" } ``` diff --git a/website/docs/r/checkpoint_management_access_section.html.markdown b/website/docs/r/checkpoint_management_access_section.html.markdown index c1f05cea..3a84e725 100644 --- a/website/docs/r/checkpoint_management_access_section.html.markdown +++ b/website/docs/r/checkpoint_management_access_section.html.markdown @@ -16,7 +16,7 @@ This resource allows you to execute Check Point Access Section. ```hcl resource "checkpoint_management_access_section" "example" { name = "New Section 1" - position = {top = "top"} + position {top = "top"} layer = "Network" } ``` diff --git a/website/docs/r/checkpoint_management_check_network_feed.html.markdown b/website/docs/r/checkpoint_management_check_network_feed.html.markdown index 400a9a9b..45b52e21 100644 --- a/website/docs/r/checkpoint_management_check_network_feed.html.markdown +++ b/website/docs/r/checkpoint_management_check_network_feed.html.markdown @@ -13,7 +13,7 @@ This resource allows you to execute Check Point Check Network Feed. ```hcl resource "checkpoint_management_check_network_feed" "example" { - network_feed = { + network_feed { name = "existing_feed" } targets = ["corporate-gateway"] diff --git a/website/docs/r/checkpoint_management_check_threat_ioc_feed.html.markdown b/website/docs/r/checkpoint_management_check_threat_ioc_feed.html.markdown index 28d93b61..737b32a8 100644 --- a/website/docs/r/checkpoint_management_check_threat_ioc_feed.html.markdown +++ b/website/docs/r/checkpoint_management_check_threat_ioc_feed.html.markdown @@ -15,7 +15,7 @@ This resource allows you to execute Check Point Check Threat Ioc Feed. ```hcl resource "checkpoint_management_check_threat_ioc_feed" "example" { - ioc_feed = { + ioc_feed { name = "existing_feed" } targets = ["corporate-gateway"] diff --git a/website/docs/r/checkpoint_management_https_rule.html.markdown b/website/docs/r/checkpoint_management_https_rule.html.markdown index dd0fbd57..dbea9dbc 100644 --- a/website/docs/r/checkpoint_management_https_rule.html.markdown +++ b/website/docs/r/checkpoint_management_https_rule.html.markdown @@ -16,7 +16,7 @@ This resource allows you to execute Check Point Https Rule. ```hcl resource "checkpoint_management_https_rule" "example" { name = "FirstRule" - position = {top = "top"} + position {top = "top"} layer = "MyLayer" } ``` diff --git a/website/docs/r/checkpoint_management_https_section.html.markdown b/website/docs/r/checkpoint_management_https_section.html.markdown index e07e490b..8d4946ee 100644 --- a/website/docs/r/checkpoint_management_https_section.html.markdown +++ b/website/docs/r/checkpoint_management_https_section.html.markdown @@ -16,7 +16,7 @@ This resource allows you to execute Check Point Https Section. ```hcl resource "checkpoint_management_https_section" "example" { name = "New Section 1" - position = {top = "top"} + position {top = "top"} layer = "Network" } ``` diff --git a/website/docs/r/checkpoint_management_lsm_gateway.html.markdown b/website/docs/r/checkpoint_management_lsm_gateway.html.markdown index f656c604..c56c6873 100644 --- a/website/docs/r/checkpoint_management_lsm_gateway.html.markdown +++ b/website/docs/r/checkpoint_management_lsm_gateway.html.markdown @@ -18,7 +18,7 @@ resource "checkpoint_management_lsm_gateway" "lsm_gw" { name = "lsm_gateway" security_profile = "lsm_profile" provisioning_state = "using-profile" - provisioning_settings = { + provisioning_settings { "provisioning_profile" = "my_proviosioning_profile" } topology { diff --git a/website/docs/r/checkpoint_management_mobile_access_profile_rule.html.markdown b/website/docs/r/checkpoint_management_mobile_access_profile_rule.html.markdown index 4e66114c..fe04eeb4 100644 --- a/website/docs/r/checkpoint_management_mobile_access_profile_rule.html.markdown +++ b/website/docs/r/checkpoint_management_mobile_access_profile_rule.html.markdown @@ -18,7 +18,7 @@ resource "checkpoint_management_mobile_access_profile_rule" "example" { name = "Rule 1" mobile_profile = "Default_Profile" user_groups = ["my_group"] - position = {top = "top"} + position {top = "top"} } ``` diff --git a/website/docs/r/checkpoint_management_mobile_access_profile_section.html.markdown b/website/docs/r/checkpoint_management_mobile_access_profile_section.html.markdown index 94f5fcb1..b3b62ba0 100644 --- a/website/docs/r/checkpoint_management_mobile_access_profile_section.html.markdown +++ b/website/docs/r/checkpoint_management_mobile_access_profile_section.html.markdown @@ -16,7 +16,7 @@ This resource allows you to execute Check Point Mobile Access Profile Section. ```hcl resource "checkpoint_management_mobile_access_profile_section" "example" { name = "New Section 1" - position = {top = "top"} + position {top = "top"} } ``` diff --git a/website/docs/r/checkpoint_management_mobile_access_rule.html.markdown b/website/docs/r/checkpoint_management_mobile_access_rule.html.markdown index 1ba7f94d..bafbe40d 100644 --- a/website/docs/r/checkpoint_management_mobile_access_rule.html.markdown +++ b/website/docs/r/checkpoint_management_mobile_access_rule.html.markdown @@ -18,7 +18,7 @@ resource "checkpoint_management_mobile_access_rule" "example" { name = "Rule 1" applications = ["N", "e", "w", " ", "A", "p", "p", "l", "i", "c", "a", "t", "i", "o", "n",] user_groups = ["my_group",] - position = {top = "top"} + position {top = "top"} } ``` diff --git a/website/docs/r/checkpoint_management_mobile_access_section.html.markdown b/website/docs/r/checkpoint_management_mobile_access_section.html.markdown index 19682ce9..93ff25e3 100644 --- a/website/docs/r/checkpoint_management_mobile_access_section.html.markdown +++ b/website/docs/r/checkpoint_management_mobile_access_section.html.markdown @@ -16,7 +16,7 @@ This resource allows you to execute Check Point Mobile Access Section. ```hcl resource "checkpoint_management_mobile_access_section" "example" { name = "New Section 1" - position = {top = "top"} + position {top = "top"} } ``` diff --git a/website/docs/r/checkpoint_management_nat_rule.html.markdown b/website/docs/r/checkpoint_management_nat_rule.html.markdown index 0b9f8e9f..dba856b7 100644 --- a/website/docs/r/checkpoint_management_nat_rule.html.markdown +++ b/website/docs/r/checkpoint_management_nat_rule.html.markdown @@ -16,19 +16,19 @@ This resource allows you to add/update/delete Check Point NAT Rule. ```hcl resource "checkpoint_management_nat_rule" "rule1" { package = "Standard" - position = {top = "top"} + position {top = "top"} name = "rule1" } resource "checkpoint_management_nat_rule" "rule2" { package = "Standard" - position = {below = checkpoint_management_access_rule.rule1.name} + position {below = checkpoint_management_access_rule.rule1.name} name = "rule2" } resource "checkpoint_management_nat_rule" "rule3" { package = "Standard" - position = {below = checkpoint_management_access_rule.rule2.name} + position {below = checkpoint_management_access_rule.rule2.name} name = "rule3" } ``` diff --git a/website/docs/r/checkpoint_management_nat_section.html.markdown b/website/docs/r/checkpoint_management_nat_section.html.markdown index 43aaf8c3..663aab4e 100644 --- a/website/docs/r/checkpoint_management_nat_section.html.markdown +++ b/website/docs/r/checkpoint_management_nat_section.html.markdown @@ -17,7 +17,7 @@ This resource allows you to add/update/delete Check Point NAT section. resource "checkpoint_management_nat_section" "nat_section" { name = "nat section" package = "Standard" - position = { "top": "top" } + position { "top": "top" } } ``` diff --git a/website/docs/r/checkpoint_management_network_probe.html.markdown b/website/docs/r/checkpoint_management_network_probe.html.markdown index f48d3137..926f5cf6 100644 --- a/website/docs/r/checkpoint_management_network_probe.html.markdown +++ b/website/docs/r/checkpoint_management_network_probe.html.markdown @@ -16,7 +16,7 @@ This resource allows you to execute Check Point Network Probe. ```hcl resource "checkpoint_management_network_probe" "example" { name = "network1" - icmp_options = { + icmp_options { source = "host1" destination = "host2" } diff --git a/website/docs/r/checkpoint_management_resource_smtp.html.markdown b/website/docs/r/checkpoint_management_resource_smtp.html.markdown index 3f9aa082..f194f964 100644 --- a/website/docs/r/checkpoint_management_resource_smtp.html.markdown +++ b/website/docs/r/checkpoint_management_resource_smtp.html.markdown @@ -19,7 +19,7 @@ resource "checkpoint_management_resource_smtp" "smtp" { name = "newSmtpResource" mail_delivery_server = "deliverServer" exception_track = "exception log" - match = { + match { sender = "expr1" recipient = "expr2" } diff --git a/website/docs/r/checkpoint_management_resource_uri.html.markdown b/website/docs/r/checkpoint_management_resource_uri.html.markdown index beb0ec17..0e83416a 100644 --- a/website/docs/r/checkpoint_management_resource_uri.html.markdown +++ b/website/docs/r/checkpoint_management_resource_uri.html.markdown @@ -17,7 +17,7 @@ This resource allows you to execute Check Point Resource Uri. resource "checkpoint_management_resource_uri" "uri" { name = "newUriResource" use_this_resource_to = "optimize_url_logging" - connection_methods = { + connection_methods { transparent = "false" tunneling = "true" proxy = false @@ -47,7 +47,7 @@ resource "checkpoint_management_resource_uri" "uri" { strip_script_tags = true } - soap = { + soap { inspection = "allow_all_soap_requests" file_id = "scheme1" track_connections = "mail_alert" diff --git a/website/docs/r/checkpoint_management_service_gtp.html.markdown b/website/docs/r/checkpoint_management_service_gtp.html.markdown index d42ceda7..ebeda6f9 100644 --- a/website/docs/r/checkpoint_management_service_gtp.html.markdown +++ b/website/docs/r/checkpoint_management_service_gtp.html.markdown @@ -19,11 +19,11 @@ This resource allows you to execute Check Point Service Gtp. version = "v2" reverse_service = true trace_management = true - imsi_prefix = { + imsi_prefix { enable = true prefix = "123" } - interface_profile = { + interface_profile { profile = "Custom" custom_message_types = "32-35" } @@ -31,7 +31,7 @@ This resource allows you to execute Check Point Service Gtp. enable = true mode = 1 } - ms_isdn= { + ms_isdn { enable = true ms_isdn = "312" } @@ -49,7 +49,7 @@ This resource allows you to execute Check Point Service Gtp. types = "11-50" } } - ldap_group = { + ldap_group { enable = true group = "ldap_group_1" according_to = "MS-ISDN" diff --git a/website/docs/r/checkpoint_management_service_tcp.html.markdown b/website/docs/r/checkpoint_management_service_tcp.html.markdown index c06d9c03..05a36054 100644 --- a/website/docs/r/checkpoint_management_service_tcp.html.markdown +++ b/website/docs/r/checkpoint_management_service_tcp.html.markdown @@ -21,7 +21,7 @@ resource "checkpoint_management_service_tcp" "example" { session_timeout = 0 match_for_any = true sync_connections_on_cluster = true - aggressive_aging = { + aggressive_aging { enable = true timeout = 360 use_default_timeout = false diff --git a/website/docs/r/checkpoint_management_service_udp.html.markdown b/website/docs/r/checkpoint_management_service_udp.html.markdown index 827c80eb..f666fd84 100644 --- a/website/docs/r/checkpoint_management_service_udp.html.markdown +++ b/website/docs/r/checkpoint_management_service_udp.html.markdown @@ -21,7 +21,7 @@ resource "checkpoint_management_service_udp" "example" { session_timeout = 0 match_for_any = true sync_connections_on_cluster = true - aggressive_aging = { + aggressive_aging { enable = true timeout = 360 use_default_timeout = false diff --git a/website/docs/r/checkpoint_management_set_app_control_advanced_settings.html.markdown b/website/docs/r/checkpoint_management_set_app_control_advanced_settings.html.markdown index 9e80412f..23d9a5b5 100644 --- a/website/docs/r/checkpoint_management_set_app_control_advanced_settings.html.markdown +++ b/website/docs/r/checkpoint_management_set_app_control_advanced_settings.html.markdown @@ -15,12 +15,12 @@ This resource allows you to execute Check Point Set App Control Advanced Setting ```hcl resource "checkpoint_management_set_app_control_advanced_settings" "example" { - url_filtering_settings = { + url_filtering_settings { categorize_cached_and_translated_pages = "true" categorize_https_websites = "false" enforce_safe_search ="true" } - custom_categorization_settings = { + custom_categorization_settings { social_network_widgets_mode = "hold" url_filtering_mode = "background" } diff --git a/website/docs/r/checkpoint_management_set_global_properties.html.markdown b/website/docs/r/checkpoint_management_set_global_properties.html.markdown index 3d35b113..aaa6f9fe 100644 --- a/website/docs/r/checkpoint_management_set_global_properties.html.markdown +++ b/website/docs/r/checkpoint_management_set_global_properties.html.markdown @@ -15,10 +15,10 @@ This resource allows you to execute Check Point Set Global Properties. ```hcl resource "checkpoint_management_command_set_global_properties" "example" { - hit_count = { + hit_count { enable_hit_count = false } - data_access_control = { + data_access_control { auto_download_important_data = false } } diff --git a/website/docs/r/checkpoint_management_set_https_advanced_settings.html.markdown b/website/docs/r/checkpoint_management_set_https_advanced_settings.html.markdown index 25680346..a6991dea 100644 --- a/website/docs/r/checkpoint_management_set_https_advanced_settings.html.markdown +++ b/website/docs/r/checkpoint_management_set_https_advanced_settings.html.markdown @@ -23,7 +23,7 @@ resource "checkpoint_management_set_https_advanced_settings" "example" { certificate_pinned_apps_action = "bypass" log_sessions = true retrieve_intermediate_ca_certificates = true - server_certificate_validation_actions = { + server_certificate_validation_actions { block_expired = true block_revoked = false block_untrusted = true diff --git a/website/docs/r/checkpoint_management_threat_exception.html.markdown b/website/docs/r/checkpoint_management_threat_exception.html.markdown index a2652615..816fa5ab 100644 --- a/website/docs/r/checkpoint_management_threat_exception.html.markdown +++ b/website/docs/r/checkpoint_management_threat_exception.html.markdown @@ -17,13 +17,13 @@ This resource allows you to add/update/delete Check Point Threat Exception. resource "checkpoint_management_threat_rule" "test" { name = "threat rule" layer = "Standard Threat Prevention" - position = {top = "top"} + position {top = "top"} } resource "checkpoint_management_threat_exception" "test" { name = "threat exception" layer = "Standard Threat Prevention" - position = {top = "top"} + position {top = "top"} rule_name = "${checkpoint_management_threat_rule.test.name}" } ``` diff --git a/website/docs/r/checkpoint_management_threat_rule.html.markdown b/website/docs/r/checkpoint_management_threat_rule.html.markdown index 895ac702..9d6ecd84 100644 --- a/website/docs/r/checkpoint_management_threat_rule.html.markdown +++ b/website/docs/r/checkpoint_management_threat_rule.html.markdown @@ -17,7 +17,7 @@ This resource allows you to add/update/delete Check Point Threat Rule. resource "checkpoint_management_threat_rule" "test" { name = "threat rule" layer = "Standard Threat Prevention" - position = {top = "top"} + position {top = "top"} } ``` From 3087c58ec1f5dd554a454ef40a839b0b0310a5c6 Mon Sep 17 00:00:00 2001 From: tomerassa Date: Thu, 14 May 2026 17:22:08 +0300 Subject: [PATCH 2/2] Fix installation_targets empty list bug MLS-2467: Use GetRawConfig to distinguish an explicitly-empty installation_targets list from an unset field in the Create and Update paths of the package resource. Document the empty-list semantics. Note: existing resources created on the buggy version (state=[], management=all) cannot be migrated by refresh alone, because the SDK does not pass config to Read during refresh. To migrate, either: - Clear installation_targets in SmartConsole and publish, then run `terraform apply -refresh-only`; or - Toggle installation_targets to a real value, apply, then back to []. --- .../resource_checkpoint_management_package.go | 17 ++++++----------- .../checkpoint_management_package.html.markdown | 1 + 2 files changed, 7 insertions(+), 11 deletions(-) diff --git a/checkpoint/resource_checkpoint_management_package.go b/checkpoint/resource_checkpoint_management_package.go index df5c8cd5..322cc6b4 100644 --- a/checkpoint/resource_checkpoint_management_package.go +++ b/checkpoint/resource_checkpoint_management_package.go @@ -115,8 +115,8 @@ func createManagementPackage(d *schema.ResourceData, m interface{}) error { if v, ok := d.GetOkExists("desktop_security"); ok { _package["desktop-security"] = v.(bool) } - if v, ok := d.GetOk("installation_targets"); ok { - _package["installation-targets"] = v.(*schema.Set).List() + if rawConfig := d.GetRawConfig(); !rawConfig.IsNull() && !rawConfig.GetAttr("installation_targets").IsNull() { + _package["installation-targets"] = d.Get("installation_targets").(*schema.Set).List() } if v, ok := d.GetOkExists("qos"); ok { _package["qos"] = v.(bool) @@ -213,12 +213,7 @@ func readManagementPackage(d *schema.ResourceData, m interface{}) error { } } } - _, installationTargetsInConf := d.GetOk("installation_targets") - if len(installationTargetsIds) == 1 && installationTargetsIds[0] == "all" && !installationTargetsInConf { - _ = d.Set("installation_targets", []interface{}{}) - } else { - _ = d.Set("installation_targets", installationTargetsIds) - } + _ = d.Set("installation_targets", installationTargetsIds) } else { _ = d.Set("installation_targets", nil) @@ -302,9 +297,9 @@ func updateManagementPackage(d *schema.ResourceData, m interface{}) error { _package["desktop-security"] = d.Get("desktop_security") } - if ok := d.HasChange("installation_targets"); ok { - if v, ok := d.GetOk("installation_targets"); ok { - _package["installation-targets"] = v.(*schema.Set).List() + if d.HasChange("installation_targets") { + if rawConfig := d.GetRawConfig(); !rawConfig.IsNull() && !rawConfig.GetAttr("installation_targets").IsNull() { + _package["installation-targets"] = d.Get("installation_targets").(*schema.Set).List() } else { oldInstallationTargets, _ := d.GetChange("installation_targets") _package["installation-targets"] = map[string]interface{}{"remove": oldInstallationTargets.(*schema.Set).List()} diff --git a/website/docs/r/checkpoint_management_package.html.markdown b/website/docs/r/checkpoint_management_package.html.markdown index 9cb16c09..7069f457 100644 --- a/website/docs/r/checkpoint_management_package.html.markdown +++ b/website/docs/r/checkpoint_management_package.html.markdown @@ -29,6 +29,7 @@ The following arguments are supported: * `name` - (Required) Object name. Should be unique in the domain. * `access` - (Optional) True - enables, False - disables access & NAT policies, empty - nothing is changed. * `desktop_security` - (Optional) True - enables, False - disables Desktop security policy, empty - nothing is changed. +* `installation_targets` - (Optional) Which Gateways identified by the name or UID to install the policy on. "[]" - Empty the list of specified Gateways on which to install the policy. * `qos` - (Optional) True - enables, False - disables QoS policy, empty - nothing is changed. * `qos_policy_type` - (Optional) QoS policy type. * `threat_prevention` - (Optional) True - enables, False - disables Threat policy, empty - nothing is changed.