checkpoint_access_rule – Manages access rules on Checkpoint over Web Services API¶
New in version 2.8.
Synopsis¶
Manages access rules on Checkpoint devices including creating, updating, removing access rules objects, All operations are performed over Web Services API.
Parameters¶
| Parameter | Choices/Defaults | Comments |
|---|---|---|
|
action
string
|
Default: "drop"
|
Action of the access rule (accept, drop, inform, etc).
|
|
auto_install_policy
boolean
|
|
Install the package policy if changes have been performed after the task completes.
|
|
auto_publish_session
boolean
|
|
Publish the current session if changes have been performed after task completes.
|
|
destination
string
|
Destionation object of the access rule.
|
|
|
enabled
boolean
|
|
Enabled or disabled flag.
|
|
layer
string
/ required
|
Layer to attach the access rule to.
|
|
|
name
string
|
Name of the access rule.
|
|
|
policy_package
string
|
Default: "standard"
|
Package policy name to be installed.
|
|
position
string
|
Position of the access rule.
|
|
|
source
string
|
Source object of the access rule.
|
|
|
state
string
|
Default: "present"
|
State of the access rule (present or absent). Defaults to present.
|
|
targets
list
|
Targets to install the package policy on.
|
Examples¶
- name: Create access rule
checkpoint_access_rule:
layer: Network
name: "Drop attacker"
position: top
source: attacker
destination: Any
action: Drop
- name: Delete access rule
checkpoint_access_rule:
layer: Network
name: "Drop attacker"
Return Values¶
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description |
|---|---|---|
|
checkpoint_access_rules
list
|
always, except when deleting the access rule. |
The checkpoint access rule object created or updated.
|
Status¶
This module is not guaranteed to have a backwards compatible interface. [preview]
This module is maintained by the Ansible Network Team. [network]
Red Hat Support¶
More information about Red Hat’s support of this module is available from this Red Hat Knowledge Base article.