Try SpotterManages package objects on Check Point over Web Services API
| "added in version" 2.9 of ansible.builtin"
Authors: Or Soffer (@chkp-orso)
preview | supported by community
pipInstall with pip install ansible==2.9.17
Manages package objects on Check Point devices including creating, updating and removing objects.
All operations are performed over Web Services API.
- name: add-package
cp_mgmt_package:
access: true
color: green
comments: My Comments
name: New_Standard_Package_1
state: present
threat_prevention: false
- name: set-package
cp_mgmt_package:
access_layers:
add:
- name: New Access Layer 1
position: 1
name: Standard
state: present
threat_layers:
add:
- name: New Layer 1
position: 2
- name: delete-package
cp_mgmt_package:
name: New Standard Package 1
state: absent
qos:
description:
- True - enables, False - disables QoS policy, empty - nothing is changed.
type: bool
name:
description:
- Object name.
required: true
type: str
tags:
description:
- Collection of tag identifiers.
type: list
color:
choices:
- aquamarine
- black
- blue
- crete blue
- burlywood
- cyan
- dark green
- khaki
- orchid
- dark orange
- dark sea green
- pink
- turquoise
- dark blue
- firebrick
- brown
- forest green
- gold
- dark gold
- gray
- dark gray
- light green
- lemon chiffon
- coral
- sea green
- sky blue
- magenta
- purple
- slate blue
- violet red
- navy blue
- olive
- orange
- red
- sienna
- yellow
description:
- Color of the object. Should be one of existing colors.
type: str
state:
choices:
- present
- absent
default: present
description:
- State of the access rule (present or absent).
type: str
access:
description:
- True - enables, False - disables access & NAT policies, empty - nothing is changed.
type: bool
version:
description:
- Version of checkpoint. If not given one, the latest version taken.
type: str
comments:
description:
- Comments string.
type: str
access_layers:
description:
- Access policy layers.
suboptions:
add:
description:
- Collection of Access layer objects to be added identified by the name or UID.
suboptions:
name:
description:
- Layer name or UID.
type: str
position:
description:
- Layer position.
type: int
type: list
remove:
description:
- Collection of Access layer objects to be removed identified by the name or UID.
type: list
value:
description:
- Collection of Access layer objects to be set identified by the name or UID.
Replaces existing Access layers.
type: list
type: dict
details_level:
choices:
- uid
- standard
- full
description:
- The level of detail for some of the fields in the response can vary from showing
only the UID value of the object to a fully detailed representation of the object.
type: str
ignore_errors:
description:
- Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings
flag was omitted - warnings will also be ignored.
type: bool
threat_layers:
description:
- Threat policy layers.
suboptions:
add:
description:
- Collection of Threat layer objects to be added identified by the name or UID.
suboptions:
name:
description:
- Layer name or UID.
type: str
position:
description:
- Layer position.
type: int
type: list
remove:
description:
- Collection of Threat layer objects to be removed identified by the name or UID.
type: list
value:
description:
- Collection of Threat layer objects to be set identified by the name or UID.
Replaces existing Threat layers.
type: list
type: dict
wait_for_task:
default: true
description:
- Wait for the task to end. Such as publish task.
type: bool
ignore_warnings:
description:
- Apply changes ignoring warnings.
type: bool
qos_policy_type:
choices:
- recommended
- express
description:
- QoS policy type.
type: str
desktop_security:
description:
- True - enables, False - disables Desktop security policy, empty - nothing is changed.
type: bool
threat_prevention:
description:
- True - enables, False - disables Threat policy, empty - nothing is changed.
type: bool
auto_publish_session:
default: false
description:
- Publish the current session if changes have been performed after task completes.
type: bool
installation_targets:
description:
- Which Gateways identified by the name or UID to install the policy on.
type: list
vpn_traditional_mode:
description:
- True - enables, False - disables VPN traditional mode, empty - nothing is changed.
type: bool
wait_for_task_timeout:
default: 30
description:
- How many minutes to wait until throwing a timeout error.
type: int
cp_mgmt_package: description: The checkpoint object created or updated. returned: always, except when deleting the object. type: dict