Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Rene_v_A
Explorer

Rule / Section position

We are looking at implementing some automation around our access-section and access-rule creation and seem to be running into a limitation of the ansible module. Specifically: On creation we want to set the position of a section relative to another section (above or below) and add a rule to the bottom of a specific section. For now we don't really care what the position is if the rule has already been created.

Looking at the module there are numerous reports for this missing functionality (even though this is perfectly supported through the API):
https://github.com/CheckPointSW/CheckPointAnsibleMgmtCollection/issues/33
https://github.com/CheckPointSW/CheckPointAnsibleMgmtCollection/issues/30
https://github.com/CheckPointSW/CheckPointAnsibleMgmtCollection/issues/22
https://github.com/CheckPointSW/CheckPointAnsibleMgmtCollection/issues/7
https://github.com/CheckPointSW/CheckPointAnsibleMgmtCollection/issues/5

Are there any recommendations on how to get this to work using ansible?

0 Kudos
2 Replies
PhoneBoy
Admin
Admin

As noted in the bug reports you linked, this was removed because the functionality goes against Ansible’s idemoptency requirements.

0 Kudos
Rene_v_A
Explorer

I agree, updating existing sections or rules with a relative would indeed break idempotency. However on creation it's impossible to properly structure the rulebase without.

Maybe my question wasn't completely clear: How do you create rules and sections in the rulebase and keep it structured using ansible?

0 Kudos