check_point.mgmt.cp_mgmt_best_practice_facts module – Get best-practice objects facts on Checkpoint over Web Services API

Note

This module is part of the check_point.mgmt collection (version 6.7.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install check_point.mgmt.

To use it in a playbook, specify: check_point.mgmt.cp_mgmt_best_practice_facts.

New in check_point.mgmt 6.7.0

Synopsis

  • Get best-practice objects facts on Checkpoint devices.

  • All operations are performed over Web Services API.

  • This module handles both operations, get a specific object and get several objects, For getting a specific object use the parameter ‘name’ or ‘best_practice_id’.

  • Available from R82.10 management version.

Parameters

Parameter

Comments

best_practice_id

string

Best Practice ID.

blade

list / elements=string

Returns all the relevant Best Practices of the selected Software Blades. When empty will return all the Best Practices.

Choices:

  • "firewall"

  • "gaia-os"

  • "anti-bot"

  • "anti-spam-and-mail"

  • "anti-virus"

  • "application-control"

  • "data-loss-prevention"

  • "identity-awareness"

  • "ips"

  • "ipsec-vpn"

  • "mobile-access"

  • "threat-emulation"

  • "url-filtering"

  • "threat-prevention"

defined_by

string

Returns all the relevant Best Practices of the selected type.

Choices:

  • "user-defined"

  • "system-defined"

  • "any"

details_level

string

The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed representation of the object.

Choices:

  • "uid"

  • "standard"

  • "full"

gateway_name

string

Returns all the relevant Best Practices of the selected Security Gateway object.

limit

integer

The maximal number of returned results. This parameter is relevant only for getting few objects.

Valid values are between 1 and 500.

name

string

Best Practice Name. This parameter is relevant only for getting a specific object.

offset

integer

Number of the results to initially skip. This parameter is relevant only for getting few objects.

show_only_local_domain

boolean

Indicates whether the query should return only objects from the current local domain. This parameter is only valid for local domain.

Choices:

  • false

  • true

show_regulations

boolean

Show the applicable regulations of the Best Practice.

Choices:

  • false

  • true

status

list / elements=string

Returns all the relevant best practices with the selected statuses. When empty will return all best practices.

Choices:

  • "secure"

  • "good"

  • "medium"

  • "poor"

  • "n/a"

version

string

Version of checkpoint. If not given one, the latest version taken.

Examples

- name: show-best-practice
  cp_mgmt_best_practice_facts:
    best_practice_id: FW183

- name: show-best-practices
  cp_mgmt_best_practice_facts:
    limit: '5'

Authors

  • Eden Brillant (@chkp-edenbr)