Try Spotterinstall policy on Check Point over Web Services API
| "added in version" 2.9 of ansible.builtin"
Authors: Or Soffer (@chkp-orso)
preview | supported by community
pipInstall with pip install ansible==2.9.17
install policy on Check Point over Web Services API
All operations are performed over Web Services API.
- name: install-policy
cp_mgmt_install_policy:
access: true
policy_package: standard
targets:
- corporate-gateway
threat_prevention: true
qos:
description:
- Set to be true in order to install the QoS policy. By default, the value is true
if Quality-of-Service policy is enabled on the input policy package, otherwise false.
type: bool
access:
description:
- Set to be true in order to install the Access Control policy. By default, the value
is true if Access Control policy is enabled on the input policy package, otherwise
false.
type: bool
targets:
description:
- On what targets to execute this command. Targets may be identified by their name,
or object unique identifier.
type: list
version:
description:
- Version of checkpoint. If not given one, the latest version taken.
type: str
revision:
description:
- The UID of the revision of the policy to install.
type: str
prepare_only:
description:
- If true, prepares the policy for the installation, but doesn't install it on an
installation target.
type: bool
wait_for_task:
default: true
description:
- Wait for the task to end. Such as publish task.
type: bool
policy_package:
description:
- The name of the Policy Package to be installed.
type: str
desktop_security:
description:
- Set to be true in order to install the Desktop Security policy. By default, the
value is true if desktop security policy is enabled on the input policy package,
otherwise false.
type: bool
threat_prevention:
description:
- Set to be true in order to install the Threat Prevention policy. By default, the
value is true if Threat Prevention policy is enabled on the input policy package,
otherwise false.
type: bool
auto_publish_session:
default: false
description:
- Publish the current session if changes have been performed after task completes.
type: bool
wait_for_task_timeout:
default: 30
description:
- How many minutes to wait until throwing a timeout error.
type: int
install_on_all_cluster_members_or_fail:
description:
- Relevant for the gateway clusters. If true, the policy is installed on all the cluster
members. If the installation on a cluster member fails, don't install on that cluster.
type: bool
cp_mgmt_install_policy: description: The checkpoint install-policy output. returned: always. type: dict