This repository contains the Ansible roles and playbooks used to demonstrate the following use cases at AnsibleFest 2020
- UseCaseA.yml - DevOps pets vs cattle concept for the service model
- UsecaseB.yml - Security Orchestration, Automation and Response (SOAR)
- UsecaseC.yml - DevSecOps model to accelerate application deployment
- UsecaseD.yml - Automate repetitive and time-consuming maintenance tasks
The Ansible playbooks leverage the Check Point modules for Ansible to embrace the DevSecOps mindset to accelerate secure application deployment and automate various tasks for the identification, search, and response to security events
The Ansible playbooks will also consume the same modules in automated workflows to support the deployment and maintenance of both physical and virtualized next-generation firewalls
- Ansible - Version 2.9 or later
- Ansible check_point.mgmt collection - Included by default from version Ansible 2.9
- Note: It is recommended to download the latest version from galaxy
- Check Point Security Management and Gateway - Version R80.40 or later
- Clone the repository
- Create a set_env_var.sh file with content like this (use your details):
export VAR_mgmt_api_user="Check Point Admin User"
export VAR_mgmt_api_password="Check Point Admin User"
export VAR_mgmt_api_key="Check Point Admin API Key"
export VAR_mgmt_hostname="Check Secuity Management Hostname"
export VAR_mgmt_IP="Check Secuity Management IP"
- From a command line, export your mgmt variables
source ./set_env_var.sh
- From a command line, execute the playbooks
ansible-playbook UseCaseA.yml ansible-playbook UseCaseB.yml ansible-playbook UseCaseC.yml ansible-playbook UseCaseD.yml