check_point.mgmt.checkpoint_access_rule module – Manages access rules on Check Point over Web Services API

Note

This module is part of the check_point.mgmt collection (version 2.3.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install check_point.mgmt.

To use it in a playbook, specify: check_point.mgmt.checkpoint_access_rule.

Synopsis

  • Manages access rules on Check Point devices including creating, updating, removing access rules objects, All operations are performed over Web Services API.

Parameters

Parameter

Comments

action

string

Action of the access rule (accept, drop, inform, etc).

Default: “drop”

auto_install_policy

boolean

Install the package policy if changes have been performed after the task completes.

Choices:

  • no

  • yes ← (default)

auto_publish_session

boolean

Publish the current session if changes have been performed after task completes.

Choices:

  • no

  • yes ← (default)

destination

string

Destination object of the access rule.

enabled

boolean

Enabled or disabled flag.

Choices:

  • no

  • yes ← (default)

layer

string

Layer to attach the access rule to.

name

string / required

Name of the access rule.

policy_package

string

Package policy name to be installed.

Default: “standard”

position

string

Position of the access rule.

source

string

Source object of the access rule.

state

string

State of the access rule (present or absent). Defaults to present.

Default: “present”

targets

list / elements=string

Targets to install the package policy on.

Examples

- name: Create access rule
  checkpoint_access_rule:
    layer: Network
    name: "Drop attacker"
    position: top
    source: attacker
    destination: Any
    action: Drop

- name: Delete access rule
  checkpoint_access_rule:
    layer: Network
    name: "Drop attacker"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

checkpoint_access_rules

list / elements=string

The checkpoint access rule object created or updated.

Returned: always, except when deleting the access rule.

Authors

  • Ansible by Red Hat (@rcarrillocruz)