check_point.mgmt.cp_mgmt_delete_rules_batch module – Delete rules in batch from the same layer. Use this API to achieve optimum performance when removing more than one rule.

Note

This module is part of the check_point.mgmt collection (version 6.5.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install check_point.mgmt.

To use it in a playbook, specify: check_point.mgmt.cp_mgmt_delete_rules_batch.

New in check_point.mgmt 3.0.0

Synopsis

• Delete rules in batch from the same layer. Use this API to achieve optimum performance when removing more than one rule.

• Warnings are ignored when using this API, operation will apply changes while ignoring warnings.

• Supported rules types are access-rule, nat-rule, https-rule and threat-exception.

• This module is not idempotent.

• All operations are performed over Web Services API.

• Available from R81.10 JHF management version.

Parameters

Parameter	Comments
auto_publish_session boolean	Publish the current session if changes have been performed after task completes. Choices: false ← (default) true
objects list / elements=dictionary	Batch of rules separated by types.
layer string	Layer name or uid.
list list / elements=dictionary	List of rules from the same type to be deleted. <br>Use the “delete” API reference documentation for a single rule command to find the expected fields for the request.<br>For example, to delete access-rule, use the “delete-access-rule” command found in the API reference documentation (under Access Control & NAT). <br>Note, “ignore-errors”, “ignore-warnings” and “details-level” options are not supported when deleting a batch of objects.
type string	Type of rules to be deleted. <br>Only types from above are supported.
version string	Version of checkpoint. If not given one, the latest version taken.
wait_for_task boolean	Wait for the task to end. Such as publish task. Choices: false true ← (default)
wait_for_task_timeout integer	How many minutes to wait until throwing a timeout error. Default: 30

Examples

- name: delete-rules-batch
  cp_mgmt_delete_rules_batch:
    objects:
      - layer: Network
        list:
          - rule_number: 1
          - rule_number: 2
        type: access-rule
      - layer: Standard
        list:
          - rule_number: 1
          - rule_number: 2
        type: nat-rule
      - layer: Default Layer
        list:
          - rule_number: 1
          - rule_number: 2
        type: https-rule

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Description
cp_mgmt_delete_rules_batch dictionary	The checkpoint delete-rules-batch output. Returned: always.

Authors

• Eden Brillant (@chkp-edenbr)

Collection links

• Issue Tracker
• Repository (Sources)