check_point.mgmt.cp_mgmt_install_policy – install policy on Check Point over Web Services API

Note

This plugin is part of the check_point.mgmt collection (version 2.0.0).

To install it use: ansible-galaxy collection install check_point.mgmt.

To use it in a playbook, specify: check_point.mgmt.cp_mgmt_install_policy.

New in version 2.9: of check_point.mgmt

Synopsis

  • install policy on Check Point over Web Services API

  • All operations are performed over Web Services API.

Parameters

Parameter Choices/Defaults Comments
access
boolean
    Choices:
  • no
  • yes
Set to be true in order to install the Access Control policy. By default, the value is true if Access Control policy is enabled on the input policy package, otherwise false.
desktop_security
boolean
    Choices:
  • no
  • yes
Set to be true in order to install the Desktop Security policy. By default, the value is true if desktop security policy is enabled on the input policy package, otherwise false.
install_on_all_cluster_members_or_fail
boolean
    Choices:
  • no
  • yes
Relevant for the gateway clusters. If true, the policy is installed on all the cluster members. If the installation on a cluster member fails, don't install on that cluster.
policy_package
string
The name of the Policy Package to be installed.
prepare_only
boolean
    Choices:
  • no
  • yes
If true, prepares the policy for the installation, but doesn't install it on an installation target.
qos
boolean
    Choices:
  • no
  • yes
Set to be true in order to install the QoS policy. By default, the value is true if Quality-of-Service policy is enabled on the input policy package, otherwise false.
revision
string
The UID of the revision of the policy to install.
targets
list / elements=string
On what targets to execute this command. Targets may be identified by their name, or object unique identifier.
threat_prevention
boolean
    Choices:
  • no
  • yes
Set to be true in order to install the Threat Prevention policy. By default, the value is true if Threat Prevention policy is enabled on the input policy package, otherwise false.
version
string
Version of checkpoint. If not given one, the latest version taken.
wait_for_task
boolean
    Choices:
  • no
  • yes ←
Wait for the task to end. Such as publish task.
wait_for_task_timeout
integer
Default:
30
How many minutes to wait until throwing a timeout error.

Examples

- name: install-policy
  cp_mgmt_install_policy:
    access: true
    policy_package: standard
    targets:
    - corporate-gateway
    threat_prevention: true

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
cp_mgmt_install_policy
dictionary
always.
The checkpoint install-policy output.



Authors

  • Or Soffer (@chkp-orso)