Support Center > Search Results > SecureKnowledge Details
Automate your management server using "Ansible" Technical Level

This article describes how to automate your management server using "Ansible".

Ansible ( is a popular automation tool.

The "Ansible Check Point Management" module lets you automate Check Point management tasks (e.g. add objects, manipulate the Rule Base, install policy) into the Ansible automation platform.


Provide Ansible "playbooks" with simple access to Check Point Management APIs.

The ansible module is written in Python and its source code is available. You are welcome to review code, suggest enhancements or modify it by opening a issue or send a pull request to:


To enable the integration, install the necessary Hotfix, based on your Management Server version:

Management Server Version Hotfix information

Available from R80.10 JHF take 270


Available from R80.20 JHF take 134

R80.30 Available from R80.30 JHF take 135
R80.40 and later Integrated. No JHF installation required.


We recommend that you download the latest Check Point management collection from Ansible Galaxy, available here:

The Ansible inventory (for example /etc/ansible/hosts needs to contain a section similar to this:
Note - The example uses the collection from Ansible Galaxy.

# Check Point Security Management server's IP address

# If the Gaia web portal on your Security Management server is not setup with proper CA certificates that can be verified from the Ansible server, then it is necessary to disable validation of these certificates by using the ansible_httpapi_validate_certs. To do this you need to set ansible_httpapi_validate_certs=False in your inventory.

ansible_user=[Check Point admin username]
ansible_password=[Check Point admin password]

The playbook needs to use "connection httpapi"

connection: httpapi

# Add or delete host object in Check Point management server
- name: add-host or delete-host
      color: red
      name: My test host

For more information on the community supported Check Point network modules in Ansible, refer to

Latest version of Check Point management collection for Ansible and examples

For more information and installation instructions, refer to the Read Me under:
The source code an be found in Check Points official GitHub account:

Use case example in a playbook can be found in Check Points community GitHub account:


Sensitive fields, such as vpn-community shared-secret, or lsm-gateway sic, cannot be updated via Ansible.


Give us Feedback
Please rate this document