Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FAST] TLS inspection support for NGFW Enterprise #2484

Merged
merged 20 commits into from
Aug 30, 2024
Merged

[FAST] TLS inspection support for NGFW Enterprise #2484

merged 20 commits into from
Aug 30, 2024

Conversation

LucaPrete
Copy link
Member

@LucaPrete LucaPrete commented Aug 8, 2024
edited
Loading

Adds TLS inspection support for NGFW Enterprise.

  • Creates in stage 2-security: CA configurations (CAS), Certificate Manager trust-configs, TLS inspection policies
  • References in stage 3-network-security the TLS inspection policies created in stage-2 security from the firewall endpoint associations

Checklist

I applicable, I acknowledge that I have:

  • Read the contributing guide
  • Ran terraform fmt on all modified files
  • Regenerated the relevant README.md files using tools/tfdoc.py
  • Made sure all relevant tests pass

@LucaPrete LucaPrete requested a review from ludoo August 8, 2024 16:15
@LucaPrete LucaPrete force-pushed the ngfwTls branch 3 times, most recently from 64da753 to a44bfa4 Compare August 9, 2024 16:54
@LucaPrete LucaPrete marked this pull request as ready for review August 13, 2024 16:16
@LucaPrete LucaPrete requested a review from ludoo August 13, 2024 16:16
sruffilli
sruffilli reviewed Aug 22, 2024
View reviewed changes
fast/stages/2-security/outputs.tf Outdated Show resolved Hide resolved
fast/stages/2-security/outputs.tf Outdated Show resolved Hide resolved
fast/stages/2-security/outputs.tf Outdated Show resolved Hide resolved
fast/stages/3-network-security/README.md Outdated Show resolved Hide resolved
@LucaPrete LucaPrete requested a review from sruffilli August 28, 2024 08:55
@LucaPrete LucaPrete changed the title [FAST] TLS inspection support for NGFW Enterprise (WIP) [FAST] TLS inspection support for NGFW Enterprise Aug 28, 2024
@LucaPrete LucaPrete requested a review from juliocc August 28, 2024 13:02
sruffilli
sruffilli reviewed Aug 29, 2024
View reviewed changes
Copy link
Collaborator

@sruffilli sruffilli left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"Syntax" review done :)
Give me some more time to digest the architecture.

fast/stages/0-bootstrap/data/custom-roles/ngfw_enterprise_admin.yaml Show resolved Hide resolved
fast/stages/2-security/diagram.png Outdated Show resolved Hide resolved
fast/stages/2-security/diagram.svg Outdated Show resolved Hide resolved
fast/stages/2-security/main.tf Show resolved Hide resolved
fast/stages/2-security/variables.tf Show resolved Hide resolved
fast/stages/3-network-security/data/firewall-policy-rules/dev/egress.yaml Show resolved Hide resolved
@LucaPrete LucaPrete requested a review from sruffilli August 29, 2024 09:22
@LucaPrete LucaPrete merged commit 3ca0525 into master Aug 30, 2024
18 checks passed
@LucaPrete LucaPrete deleted the ngfwTls branch August 30, 2024 07:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sruffilli sruffilli sruffilli approved these changes

@ludoo ludoo Awaiting requested review from ludoo

@juliocc juliocc Awaiting requested review from juliocc

Assignees
No one assigned
Labels
on:FAST
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@LucaPrete @ludoo @sruffilli