- Products
- Learn
- Local User Groups
- Partners
- More
Access Control and Threat Prevention Best Practices
5 November @ 5pm CET / 11am ET
Ask Check Point Threat Intelligence Anything!
October 28th, 9am ET / 3pm CET
Check Point Named Leader
2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall
HTTPS Inspection
Help us to understand your needs better
CheckMates Go:
Spark Management Portal and More!
Hi,
Want to implement automation in our environment, so i have implementing scripts.
I am new to Ansible Playbook, 
below is the my simple Ansible script. 
- hosts:  172.31.37.222
vars_files:
 - vars.yml
connection: httpapi
tasks:
- name: Create host object
   cp_mgmt_host:
       name: prod_host
       ip_address: 192.168.1.1
       color: blue
Below is my vars.yml
---
ansible_network_os: checkpoint
mgmt_user: admin
mgmt_password: password@1234
mgmt_server: 172.31.37.222
mgmt_fingerprint: BEAK ROWE CRAB SANE COOL CLOD TIP SILK WAYS HOLD AJAR GOLF
policy_name: Standard
I am getting below error
TASK [Create host object] **********************************************************************************************************************************************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: ansible.module_utils.connection.ConnectionError: 'Connection' object has no attribute '_session_uid'
fatal: [172.31.37.222]: FAILED! => {"changed": false, "module_stderr": "Traceback (most recent call last):\n File \"/root/.ansible/tmp/ansible-local-2020txphrfve/ansible-tmp-1589191649.730437-2075-182082441282010/AnsiballZ_cp_mgmt_host.py\", line 102, in <module>\n _ansiballz_main()\n File \"/root/.ansible/tmp/ansible-local-2020txphrfve/ansible-tmp-1589191649.730437-2075-182082441282010/AnsiballZ_cp_mgmt_host.py\", line 94, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File \"/root/.ansible/tmp/ansible-local-2020txphrfve/ansible-tmp-1589191649.730437-2075-182082441282010/AnsiballZ_cp_mgmt_host.py\", line 40, in invoke_module\n runpy.run_module(mod_name='ansible.modules.network.check_point.cp_mgmt_host', init_globals=None, run_name='__main__', alter_sys=True)\n File \"/usr/lib64/python3.6/runpy.py\", line 205, in run_module\n return _run_module_code(code, init_globals, run_name, mod_spec)\n File \"/usr/lib64/python3.6/runpy.py\", line 96, in _run_module_code\n mod_name, mod_spec, pkg_name, script_name)\n File \"/usr/lib64/python3.6/runpy.py\", line 85, in _run_code\n exec(code, run_globals)\n File \"/tmp/ansible_cp_mgmt_host_payload_uo74bntw/ansible_cp_mgmt_host_payload.zip/ansible/modules/network/check_point/cp_mgmt_host.py\", line 333, in <module>\n File \"/tmp/ansible_cp_mgmt_host_payload_uo74bntw/ansible_cp_mgmt_host_payload.zip/ansible/modules/network/check_point/cp_mgmt_host.py\", line 328, in main\n File \"/tmp/ansible_cp_mgmt_host_payload_uo74bntw/ansible_cp_mgmt_host_payload.zip/ansible/module_utils/network/checkpoint/checkpoint.py\", line 201, in api_call\n File \"/tmp/ansible_cp_mgmt_host_payload_uo74bntw/ansible_cp_mgmt_host_payload.zip/ansible/module_utils/connection.py\", line 185, in __rpc__\nansible.module_utils.connection.ConnectionError: 'Connection' object has no attribute '_session_uid'\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}
PLAY RECAP *************************************************************************************************************************************************************************************
172.31.37.222 : ok=1 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
Please let me know if you need any other details.
Kindly suggest me a solution.
Best Regards,
Shyam
Check if the API is enabled on your management, and Ansible server is in the GUI clients list. make sure you use Ansible 2.9 with the latest modules.
If still failing, run playbook with -dddd flag to ensure it is not a connectivity problem.
Hi,
Thank you for your replay.
API is enabled on Management for all IP's.
I am using ansible 2.9 +
kindly let me know, how to install module on my ansible server and how to check modules.
I have tested, it is not a connectivity problem between Ansible Server and Management.
Thanks In Advance !
Best Regards,
Shyam
You have to use the appropriate attributes for the httpapi plugin:
https://docs.ansible.com/ansible/latest/plugins/connection/httpapi.html
E.g.:
ansible_user: admin
ansible_password: password@1234
ansible_network_os: checkpoint
ansible_httpapi_use_ssl: yes
ansible_httpapi_validate_certs: no
Hi
I have used appropriate attributes, please find the below full error message which is i am getting.
TASK [Create host object] **********************************************************************************************************************************************************************
task path: /etc/ansible/cp-tes.yml:7
<172.31.37.222> ESTABLISH LOCAL CONNECTION FOR USER: root
<172.31.37.222> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-local-1540p8hj6toz `"&& mkdir /root/.ansible/tmp/ansible-local-1540p8hj6toz/ansible-tmp-1589207536.623636-1595-254398751069871 && echo ansible-tmp-1589207536.623636-1595-254398751069871="` echo /root/.ansible/tmp/ansible-local-1540p8hj6toz/ansible-tmp-1589207536.623636-1595-254398751069871 `" ) && sleep 0'
Using module file /usr/local/lib/python3.6/site-packages/ansible/modules/network/check_point/cp_mgmt_host.py
<172.31.37.222> PUT /root/.ansible/tmp/ansible-local-1540p8hj6toz/tmp7h7gg62s TO /root/.ansible/tmp/ansible-local-1540p8hj6toz/ansible-tmp-1589207536.623636-1595-254398751069871/AnsiballZ_cp_mgmt_host.py
<172.31.37.222> EXEC /bin/sh -c 'chmod u+x /root/.ansible/tmp/ansible-local-1540p8hj6toz/ansible-tmp-1589207536.623636-1595-254398751069871/ /root/.ansible/tmp/ansible-local-1540p8hj6toz/ansible-tmp-1589207536.623636-1595-254398751069871/AnsiballZ_cp_mgmt_host.py && sleep 0'
<172.31.37.222> EXEC /bin/sh -c '/usr/libexec/platform-python /root/.ansible/tmp/ansible-local-1540p8hj6toz/ansible-tmp-1589207536.623636-1595-254398751069871/AnsiballZ_cp_mgmt_host.py && sleep 0'
<172.31.37.222> EXEC /bin/sh -c 'rm -f -r /root/.ansible/tmp/ansible-local-1540p8hj6toz/ansible-tmp-1589207536.623636-1595-254398751069871/ > /dev/null 2>&1 && sleep 0'
The full traceback is:
Traceback (most recent call last):
File "/root/.ansible/tmp/ansible-local-1540p8hj6toz/ansible-tmp-1589207536.623636-1595-254398751069871/AnsiballZ_cp_mgmt_host.py", line 102, in <module>
_ansiballz_main()
File "/root/.ansible/tmp/ansible-local-1540p8hj6toz/ansible-tmp-1589207536.623636-1595-254398751069871/AnsiballZ_cp_mgmt_host.py", line 94, in _ansiballz_main
invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
File "/root/.ansible/tmp/ansible-local-1540p8hj6toz/ansible-tmp-1589207536.623636-1595-254398751069871/AnsiballZ_cp_mgmt_host.py", line 40, in invoke_module
runpy.run_module(mod_name='ansible.modules.network.check_point.cp_mgmt_host', init_globals=None, run_name='__main__', alter_sys=True)
File "/usr/lib64/python3.6/runpy.py", line 205, in run_module
return _run_module_code(code, init_globals, run_name, mod_spec)
File "/usr/lib64/python3.6/runpy.py", line 96, in _run_module_code
mod_name, mod_spec, pkg_name, script_name)
File "/usr/lib64/python3.6/runpy.py", line 85, in _run_code
exec(code, run_globals)
File "/tmp/ansible_cp_mgmt_host_payload_iey_wfae/ansible_cp_mgmt_host_payload.zip/ansible/modules/network/check_point/cp_mgmt_host.py", line 333, in <module>
File "/tmp/ansible_cp_mgmt_host_payload_iey_wfae/ansible_cp_mgmt_host_payload.zip/ansible/modules/network/check_point/cp_mgmt_host.py", line 328, in main
File "/tmp/ansible_cp_mgmt_host_payload_iey_wfae/ansible_cp_mgmt_host_payload.zip/ansible/module_utils/network/checkpoint/checkpoint.py", line 201, in api_call
File "/tmp/ansible_cp_mgmt_host_payload_iey_wfae/ansible_cp_mgmt_host_payload.zip/ansible/module_utils/connection.py", line 185, in __rpc__
ansible.module_utils.connection.ConnectionError: 'Connection' object has no attribute '_session_uid'
fatal: [172.31.37.222]: FAILED! => {
"changed": false,
"module_stderr": "Traceback (most recent call last):\n File \"/root/.ansible/tmp/ansible-local-1540p8hj6toz/ansible-tmp-1589207536.623636-1595-254398751069871/AnsiballZ_cp_mgmt_host.py\", line 102, in <module>\n _ansiballz_main()\n File \"/root/.ansible/tmp/ansible-local-1540p8hj6toz/ansible-tmp-1589207536.623636-1595-254398751069871/AnsiballZ_cp_mgmt_host.py\", line 94, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File \"/root/.ansible/tmp/ansible-local-1540p8hj6toz/ansible-tmp-1589207536.623636-1595-254398751069871/AnsiballZ_cp_mgmt_host.py\", line 40, in invoke_module\n runpy.run_module(mod_name='ansible.modules.network.check_point.cp_mgmt_host', init_globals=None, run_name='__main__', alter_sys=True)\n File \"/usr/lib64/python3.6/runpy.py\", line 205, in run_module\n return _run_module_code(code, init_globals, run_name, mod_spec)\n File \"/usr/lib64/python3.6/runpy.py\", line 96, in _run_module_code\n mod_name, mod_spec, pkg_name, script_name)\n File \"/usr/lib64/python3.6/runpy.py\", line 85, in _run_code\n exec(code, run_globals)\n File \"/tmp/ansible_cp_mgmt_host_payload_iey_wfae/ansible_cp_mgmt_host_payload.zip/ansible/modules/network/check_point/cp_mgmt_host.py\", line 333, in <module>\n File \"/tmp/ansible_cp_mgmt_host_payload_iey_wfae/ansible_cp_mgmt_host_payload.zip/ansible/modules/network/check_point/cp_mgmt_host.py\", line 328, in main\n File \"/tmp/ansible_cp_mgmt_host_payload_iey_wfae/ansible_cp_mgmt_host_payload.zip/ansible/module_utils/network/checkpoint/checkpoint.py\", line 201, in api_call\n File \"/tmp/ansible_cp_mgmt_host_payload_iey_wfae/ansible_cp_mgmt_host_payload.zip/ansible/module_utils/connection.py\", line 185, in __rpc__\nansible.module_utils.connection.ConnectionError: 'Connection' object has no attribute '_session_uid'\n",
"module_stdout": "",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 1
}
Thanks In Advance !
Best Regards,
Shyam
Error message sounds like sk114661
Which Check Point version / which Jumbo?
Hi,
When i running a playbook script for R80.40, the script is running without error but the host is not creating on management server.
Playbook Script
- hosts: "172.31.35.106"
   vars_files:
       - vars.yml
   connection: httpapi
   tasks:
   - name: Create host object
      cp_mgmt_host:
          name: prod_host
          ip_address: 192.168.1.1
          color: blue
Below is Vars file:
---
ansible_network_os: checkpoint
mgmt_user: admin
mgmt_password: passwod12$#
mgmt_server: 172.31.35.106
mgmt_fingerprint: DANE RUNG GRIN GLEE ECHO LAND REEL DEAD HUM LEO GERM AUTO
policy_name: Standard
ansible_httpapi_validate_certs: no
ansible_httpapi_use_ssl: yes
i am running playbook using below command
ansible-playbook file_name.yml
Please find the full logs.
TASK [Create host object] **********************************************************************************************************************************************************************
task path: /etc/ansible/cp-tes.yml:7
<172.31.35.106> ESTABLISH LOCAL CONNECTION FOR USER: root
<172.31.35.106> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-local-1681qxco2c0d `"&& mkdir /root/.ansible/tmp/ansible-local-1681qxco2c0d/ansible-tmp-1589294878.1862984-1736-201143778510016 && echo ansible-tmp-1589294878.1862984-1736-201143778510016="` echo /root/.ansible/tmp/ansible-local-1681qxco2c0d/ansible-tmp-1589294878.1862984-1736-201143778510016 `" ) && sleep 0'
Using module file /usr/local/lib/python3.6/site-packages/ansible/modules/network/check_point/cp_mgmt_host.py
<172.31.35.106> PUT /root/.ansible/tmp/ansible-local-1681qxco2c0d/tmpy7ufmo7m TO /root/.ansible/tmp/ansible-local-1681qxco2c0d/ansible-tmp-1589294878.1862984-1736-201143778510016/AnsiballZ_cp_mgmt_host.py
<172.31.35.106> EXEC /bin/sh -c 'chmod u+x /root/.ansible/tmp/ansible-local-1681qxco2c0d/ansible-tmp-1589294878.1862984-1736-201143778510016/ /root/.ansible/tmp/ansible-local-1681qxco2c0d/ansible-tmp-1589294878.1862984-1736-201143778510016/AnsiballZ_cp_mgmt_host.py && sleep 0'
<172.31.35.106> EXEC /bin/sh -c '/usr/libexec/platform-python /root/.ansible/tmp/ansible-local-1681qxco2c0d/ansible-tmp-1589294878.1862984-1736-201143778510016/AnsiballZ_cp_mgmt_host.py && sleep 0'
<172.31.35.106> EXEC /bin/sh -c 'rm -f -r /root/.ansible/tmp/ansible-local-1681qxco2c0d/ansible-tmp-1589294878.1862984-1736-201143778510016/ > /dev/null 2>&1 && sleep 0'
changed: [172.31.35.106] => {
"changed": true,
"checkpoint_session_uid": "76909390-fefa-4afe-9041-9c6d491e269c",
"host": {
"color": "blue",
"comments": "",
"domain": {
"domain-type": "domain",
"name": "SMC User",
"uid": "41e821a0-3720-11e3-aa6e-0800200c9fde"
},
"groups": [],
"icon": "Objects/host",
"interfaces": [],
"ipv4-address": "192.168.1.1",
"meta-info": {
"creation-time": {
"iso-8601": "2020-05-12T20:17+0530",
"posix": 1589294879039
},
"creator": "admin",
"last-modifier": "admin",
"last-modify-time": {
"iso-8601": "2020-05-12T20:17+0530",
"posix": 1589294879039
},
"lock": "unlocked",
"validation-state": "ok"
},
"name": "prod_host",
"nat-settings": {
"auto-rule": false
},
"read-only": true,
"tags": [],
"type": "host",
"uid": "6d0fe570-550d-4f93-9bce-5f74d6772359"
},
"invocation": {
"module_args": {
"auto_publish_session": null,
"color": "blue",
"comments": null,
"details_level": null,
"groups": null,
"host_servers": null,
"ignore_errors": null,
"ignore_warnings": null,
"interfaces": null,
"ip_address": "192.168.1.1",
"ipv4_address": null,
"ipv6_address": null,
"name": "prod_host",
"nat_settings": null,
"state": "present",
"tags": null,
"version": null,
"wait_for_task": true
}
}
}
META: ran handlers
META: ran handlers
PLAY RECAP *************************************************************************************************************************************************************************************
172.31.35.106 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Kindly suggest me, what to do.
Best Regards,
Shyam
Did you forget to publish?
Hi ,
Thank you for your replay.
how do i add rule section using Ansible playbook, i am using below checkpoint module.
cp_mgmt_*
as per the official Ansible checkpoint documentation, not mentioned how to add section.
Kindly suggest me a solution.
Thanks In Advance !
Best Regards,
Shyam
You are able to use "access sections" since galaxy collection version 1.0.5
To be honest if you wanna do rulebase automation you won't need access sections. It will be much more complicated to handle your automation.
 
					
				
				
			
		
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
| User | Count | 
|---|---|
| 1 | |
| 1 | |
| 1 | |
| 1 | 
Tue 28 Oct 2025 @ 11:00 AM (EDT)
Under the Hood: CloudGuard Network Security for Google Cloud Network Security Integration - OverviewTue 28 Oct 2025 @ 12:30 PM (EDT)
Check Point & AWS Virtual Immersion Day: Web App ProtectionTue 28 Oct 2025 @ 11:00 AM (EDT)
Under the Hood: CloudGuard Network Security for Google Cloud Network Security Integration - OverviewTue 28 Oct 2025 @ 12:30 PM (EDT)
Check Point & AWS Virtual Immersion Day: Web App ProtectionThu 30 Oct 2025 @ 03:00 PM (CET)
Cloud Security Under Siege: Critical Insights from the 2025 Security Landscape - EMEAThu 30 Oct 2025 @ 11:00 AM (EDT)
Tips and Tricks 2025 #15: Become a Threat Exposure Management Power User!About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY