check_point.mgmt.checkpoint_access_rule – Manages access rules on Check Point over Web Services API

Note

This plugin is part of the check_point.mgmt collection (version 2.0.0).

To install it use: ansible-galaxy collection install check_point.mgmt.

To use it in a playbook, specify: check_point.mgmt.checkpoint_access_rule.

Synopsis

  • Manages access rules on Check Point devices including creating, updating, removing access rules objects, All operations are performed over Web Services API.

Parameters

Parameter Choices/Defaults Comments
action
string
Default:
"drop"
Action of the access rule (accept, drop, inform, etc).
auto_install_policy
boolean
    Choices:
  • no
  • yes ←
Install the package policy if changes have been performed after the task completes.
auto_publish_session
boolean
    Choices:
  • no
  • yes ←
Publish the current session if changes have been performed after task completes.
destination
string
Destination object of the access rule.
enabled
boolean
    Choices:
  • no
  • yes ←
Enabled or disabled flag.
layer
string
Layer to attach the access rule to.
name
string / required
Name of the access rule.
policy_package
string
Default:
"standard"
Package policy name to be installed.
position
string
Position of the access rule.
source
string
Source object of the access rule.
state
string
Default:
"present"
State of the access rule (present or absent). Defaults to present.
targets
list / elements=string
Targets to install the package policy on.

Examples

- name: Create access rule
  checkpoint_access_rule:
    layer: Network
    name: "Drop attacker"
    position: top
    source: attacker
    destination: Any
    action: Drop

- name: Delete access rule
  checkpoint_access_rule:
    layer: Network
    name: "Drop attacker"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
checkpoint_access_rules
list / elements=string
always, except when deleting the access rule.
The checkpoint access rule object created or updated.



Authors

  • Ansible by Red Hat (@rcarrillocruz)