This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Daniel_
Advisor
2 weeks ago
Jump to solution

ansible-playbook --diff --check parameters are not working

Hello ansible users!

I used --check for an ansible-playbook (check_point.gaia.cp_gaia_password_policy). Ansible should just check it and not change anything. I was surprised that the configuration has been changed.

Also --diff didn't show any changes.

Are those parameters not available? How can we use ansible in production if you can not check which changes will be made during the next run?

Bye

0 Kudos
1 Solution

Accepted Solutions
Majd_Sharkia
Employee
Employee
2 weeks ago
Jump to solution

Hi Daniel, From a quick check, it seems that Gaia Collection doesn't support that, although it's documented as it's supported. (Sorry for that)

We will check that and add it to our roadmap for adding/fixing this support in the next releases.

 

View solution in original post

7 Replies
PhoneBoy
Admin
Admin
2 weeks ago
Jump to solution

What is the playbook you were running?

0 Kudos
Daniel_
Advisor
2 weeks ago
In response to PhoneBoy
Jump to solution

I tried it with

- name: OS Modification
  gather_facts: false
  hosts: all
  connection: httpapi
  tasks:
    - name: Change password policy
      check_point.gaia.cp_gaia_password_policy:
        lock_settings: {
          'password_expiration_days': 60
        }
0 Kudos
PhoneBoy
Admin
Admin
2 weeks ago
In response to Daniel_
Jump to solution

Maybe @Eden_Brillant has a suggestion here, but it seems like this might be a bug.
What version of management is involved here as well as the version of the Ansible Gaia Collection used.

0 Kudos
Daniel_
Advisor
2 weeks ago
In response to PhoneBoy
Jump to solution

@PhoneBoy wrote:

What version of management is involved here as well as the version of the Ansible Gaia Collection used.

The gateway is R81.20. Or which version do you mean with management? I use check_point.gaia....

Ansible collections are

$ ansible-galaxy collection list |grep check
check_point.gaia                         7.0.0  
check_point.mgmt                         6.3.0

 

0 Kudos
Daniel_
Advisor
2 weeks ago
In response to Eden_Brillant
Jump to solution

From the source --check should be supported
https://github.com/CheckPointSW/CheckPointAnsibleGAIACollection/blob/v7.0.0/plugins/modules/cp_gaia_...

And cp_gaia_snmp_user is also not working (and documented with cp_snmp_gaia_user) 😪

0 Kudos
Majd_Sharkia
Employee
Employee
2 weeks ago
Jump to solution

Hi Daniel, From a quick check, it seems that Gaia Collection doesn't support that, although it's documented as it's supported. (Sorry for that)

We will check that and add it to our roadmap for adding/fixing this support in the next releases.

 

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    li.common.scroll-to.top