Try SpotterManages access rules on Check Point over Web Services API
Authors: Ansible by Red Hat (@rcarrillocruz)
preview | supported by network
Install with ansible-galaxy collection install community.general:==0.1.1
collections:
- name: community.general
version: 0.1.1Manages access rules on Check Point devices including creating, updating, removing access rules objects, All operations are performed over Web Services API.
- name: Create access rule
checkpoint_access_rule:
layer: Network
name: "Drop attacker"
position: top
source: attacker
destination: Any
action: Drop
- name: Delete access rule
checkpoint_access_rule:
layer: Network
name: "Drop attacker"
name:
description:
- Name of the access rule.
type: str
layer:
description:
- Layer to attach the access rule to.
required: true
type: str
state:
default: present
description:
- State of the access rule (present or absent). Defaults to present.
type: str
action:
default: drop
description:
- Action of the access rule (accept, drop, inform, etc).
type: str
source:
description:
- Source object of the access rule.
type: str
enabled:
default: true
description:
- Enabled or disabled flag.
type: bool
targets:
description:
- Targets to install the package policy on.
type: list
position:
description:
- Position of the access rule.
type: str
destination:
description:
- Destination object of the access rule.
type: str
policy_package:
default: standard
description:
- Package policy name to be installed.
type: str
auto_install_policy:
default: 'yes'
description:
- Install the package policy if changes have been performed after the task completes.
type: bool
auto_publish_session:
default: 'yes'
description:
- Publish the current session if changes have been performed after task completes.
type: bool
checkpoint_access_rules: description: The checkpoint access rule object created or updated. returned: always, except when deleting the access rule. type: list