This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
khillock_px
Explorer
‎2020-12-03 11:50 AM

threat protection overrides in Ansible

I'm trying to use the override.remove command in Ansible to remove overrides for threat protections in a list.

If I run the following from CLI, it removes the override from the Basic profile:

set threat-protection uid 98969b14-2d75-0141-a880-5d1f5350e815 overrides.remove.1 "Basic"

 

However, when I try to run it from Ansible I get a message  "Unrecognized parameter [overrides.remove.1]"

 

Here's my config:

uri:
url: "{{ checkpoint_api_root }}/set-threat-protection"
method: POST
headers:
Content-Type: application/json
Accept: application/json
X-chkp-sid: "{{ checkpoint_auth_sid }}"
body: '{"uid": "98969b14-2d75-0141-a880-5d1f5350e815", "overrides.remove.1": "Basic"}'
body_format: json
status_code: 200

 

Based on this postI tried breaking the command into brackets, but that usually resulted in an invalid JSON message.

 

I'm fairly new to Ansible and Check Point API, so there may be something obvious I'm missing. Any help is greatly appreciated!

0 Kudos
2 Replies
Jim_Oqvist
Employee
Employee
‎2020-12-03 12:44 PM

The correct json format of the payload is this:

{
   "overrides":{
      "remove":[
         "Basic"
      ]
   },
   "uid":"98969b14-2d75-0141-a880-5d1f5350e815"
}

 

Can you tell me why you are not using the Check Point collection of modules for ansible to do this?

The latest collection is available here:
https://galaxy.ansible.com/check_point/mgmt

The documentation is available here:
https://docs.ansible.com/ansible/latest/collections/check_point/mgmt/index.html#plugins-in-check-poi...

The module to use for what you want to do is this one:
https://docs.ansible.com/ansible/latest/collections/check_point/mgmt/cp_mgmt_threat_protection_overr...

khillock_px
Explorer
‎2020-12-11 01:49 PM

Thanks @Jim_Oqvist ; I ended up finding the same solution in another article prior to seeing your reply, but I appreciate the help.

I don't have an answer as to why we're not using the Check Point modules, but I'll review the links provided. 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events