Try SpotterManages access-rules objects on Check Point over Web Services API
| "added in version" 1.0 of octupus.o4n_checkpoint"
Authors: Randy Rozo
preview | supported by octupus
Install with ansible-galaxy collection install octupus.o4n_checkpoint:==1.1.11
collections:
- name: octupus.o4n_checkpoint
version: 1.1.11Manages access rule objects in Check Point devices, including creation and updating if the rule to be created matches another,
it will add missing sources or destinations
All operations are performed over Web Services API.
layers:
description:
- Layer that the rule belongs to identified by the name or UID.
elements: dict
required: true
suboptions:
name:
description:
- Object name.
required: true
type: str
rules:
description:
- List of rules.
elements: dict
required: true
suboptions:
action:
description:
- a "Accept", "Drop", "Ask", "Inform", "Reject", "User Auth", "Client Auth",
"Apply Layer".
type: str
comments:
description:
- Comments string.
type: str
destination:
description:
- Collection of Network objects identified by the name or UID.
elements: str
type: list
enabled:
description:
- Enable/Disable the rule.
type: bool
inline_layer:
description:
- Inline Layer identified by the name or UID. Relevant only if "Action" was
set to "Apply Layer".
type: str
install_on:
description:
- Which Gateways identified by the name or UID to install the policy on.
elements: str
type: list
name:
description:
- Object name.
required: true
type: str
service:
description:
- Collection of Network objects identified by the name or UID.
elements: str
type: list
source:
description:
- Collection of Network objects identified by the name or UID.
elements: str
type: list
state:
choices:
- present
- absent
default: present
description:
- State of the access rule (present or absent). Defaults to present.
type: str
time:
description:
- List of time objects. For example, "Weekend", "Off-Work", "Every-Day".
elements: str
type: list
track:
description:
- Track Settings.
suboptions:
accounting:
description:
- Turns accounting for track on and off.
type: bool
type:
description:
- a "Log", "Extended Log", "Detailed Log", "None".
type: str
type: dict
vpn:
choices:
- Any
- All_GwToGw
description:
- Any or All_GwToGw.
type: str
type: list
type: list
provider:
elements: dict
required: true
suboptions:
domain:
required: true
type: str
host:
required: true
type: str
password:
required: true
type: str
port:
required: true
type: integer
user:
required: true
type: str
validate_certs:
required: true
type: boolean
type: dic
output:
description: The checkpoint add access rules output
returned: allways
sample:
output:
changed: false
content:
- layer_name:
- action: Accept
destination:
- Any
enabled: false
install-on:
- Cluster-TEST
number: ''
section: REGLA ACCESO
service:
- Any
source:
- Any
time:
- Any
track: Log
vpn:
- Any
discard: []
failed: false
logout: OK
msg:
layer_name: Se han agregado 1 reglas.
publish:
progress-percentage: 100
status: succeeded
suppressed: false
task-details:
- publishResponse:
mode: async
numberOfPublishedChanges: 1
revision: 4330f-0ddf-4bb4-92a6-1d73b9f
task-id: 04567-89ab-cdef-87f4-5730958
task-name: Publish operation
type: dict