Showing results for 
Search instead for 
Did you mean: 
Post a Question

How to add host to existing rule via ansible

Hey Guys,

I'm starting with checkpoint automatization with ansible, and I'm facing following issue.

API command for adding host (source/destination) is source.add.

I tried it from mgmt_cli and it worked fine:

[Expert@checkpoint:0]# mgmt_cli set access-rule layer "Network" rule-number 2 source.add test
Username: guoth

Time: [10:38:57] 25/1/2019
"Publish operation" succeeded (100%)

However, when I got command source.add in ansible, it comes with error, that source.add is not valid parameter:

fatal: [localhost]: FAILED! => {"changed": false, "msg": "Command 'set-access-rule {u'layer': u'Network', u'source.add': u'source3', u'rule-position': 2}' failed with error message: Unrecognized parameter [source.add]. All changes are discarded and the session is invalidated."}

my task in ansible:

- name: adding host
    command: set-access-rule
      rule-position: 2
      layer: Network
      source.add: source3

    session-data: "{{ login_response }}"

Thank you for help in advance! 

Labels (1)
2 Replies

Re: How to add host to existing rule via ansible

Not sure how Ansible works, but source can be an object {} list [] or string "".

In mgmt_cli we deal with objects like you already found source.add test, which in JSON would be {"source": {"add": "test"}}. Need to understand the Ansible interpretation of the same.

0 Kudos

Re: How to add host to existing rule via ansible

Thank you Joshua, it worked like:
source: {"add": "source3"}