check_point.mgmt.cp_mgmt_threat_rule module – Manages threat-rule objects on Check Point over Web Services API

Note

This module is part of the check_point.mgmt collection (version 2.3.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install check_point.mgmt.

To use it in a playbook, specify: check_point.mgmt.cp_mgmt_threat_rule.

New in version 2.9: of check_point.mgmt

Synopsis

  • Manages threat-rule objects on Check Point devices including creating, updating and removing objects.

  • All operations are performed over Web Services API.

Parameters

Parameter

Comments

action

string

Action-the enforced profile.

auto_publish_session

boolean

Publish the current session if changes have been performed after task completes.

Choices:

  • no

  • yes

comments

string

Comments string.

destination

list / elements=string

Collection of Network objects identified by the name or UID.

destination_negate

boolean

True if negate is set for destination.

Choices:

  • no

  • yes

details_level

string

The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed representation of the object.

Choices:

  • uid

  • standard

  • full

enabled

boolean

Enable/Disable the rule.

Choices:

  • no

  • yes

ignore_errors

boolean

Apply changes ignoring errors. You won’t be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.

Choices:

  • no

  • yes

ignore_warnings

boolean

Apply changes ignoring warnings.

Choices:

  • no

  • yes

install_on

list / elements=string

Which Gateways identified by the name or UID to install the policy on.

layer

string

Layer that the rule belongs to identified by the name or UID.

name

string / required

Object name.

position

string

Position in the rulebase.

protected_scope

list / elements=string

Collection of objects defining Protected Scope identified by the name or UID.

protected_scope_negate

boolean

True if negate is set for Protected Scope.

Choices:

  • no

  • yes

service

list / elements=string

Collection of Network objects identified by the name or UID.

service_negate

boolean

True if negate is set for Service.

Choices:

  • no

  • yes

source

list / elements=string

Collection of Network objects identified by the name or UID.

source_negate

boolean

True if negate is set for source.

Choices:

  • no

  • yes

state

string

State of the access rule (present or absent). Defaults to present.

Choices:

  • present ← (default)

  • absent

track

string

Packet tracking.

track_settings

dictionary

Threat rule track settings.

packet_capture

boolean

Packet capture.

Choices:

  • no

  • yes

version

string

Version of checkpoint. If not given one, the latest version taken.

wait_for_task

boolean

Wait for the task to end. Such as publish task.

Choices:

  • no

  • yes ← (default)

wait_for_task_timeout

integer

How many minutes to wait until throwing a timeout error.

Default: 30

Examples

- name: add-threat-rule
  cp_mgmt_threat_rule:
    comments: ''
    install_on: Policy Targets
    layer: New Layer 1
    name: First threat rule
    position: 1
    protected_scope: All_Internet
    state: present
    track: None

- name: set-threat-rule
  cp_mgmt_threat_rule:
    action: New Profile 1
    comments: commnet for the first rule
    install_on: Policy Targets
    layer: New Layer 1
    name: Rule Name
    position: 1
    protected_scope: All_Internet
    state: present

- name: delete-threat-rule
  cp_mgmt_threat_rule:
    layer: New Layer 1
    name: Rule Name
    state: absent

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

cp_mgmt_threat_rule

dictionary

The checkpoint object created or updated.

Returned: always, except when deleting the object.

Authors

  • Or Soffer (@chkp-orso)