Modules¶
Modules provide the functionality to add, modify, and remove elements within the SMC. Each module focuses on a specific functionality, allowing playbooks to be designed in a modular way. Not all modules provide the ability to modify elements. Be sure to review the documentation.
There are a variety of functions provided by the custom modules. Some of the features include:
Create Firewalls and Firewall Clusters
Add / Remove Tunnel and Physical Interfaces
Create and delete network and service elements
Configure Policy-based VPN and related elements
Configure dynamic routing (BGP)
Modules by default will preset the state to ‘present’ indicating a create operation. To remove, modify the state to ‘absent’.
When modules are run, the state attribute will return the current state of the element. Check the module documentation to verify if this is a dict format or list.
- bgp_element - BGP Elements for BGP configuratons
- engine_action - Node-level actions on an NGFW Engine
- engine - Operations on single firewall or firewall cluster
- engine_routing - Routing configurations on NGFW Engines
- external_gateway - Represents a VPN gateway that is not managed by this Management Server
- firewall_nat_rule - Create, modify or delete a firewall NAT rule
- firewall_rule - Create, modify or delete a firewall access rule
- generic_element - Create, modify or delete elements inheriting from Element
- l3fw_cluster - Create or delete firewall clusters
- l3fw - Create or delete a single firewall
- l3fw_policy - Create or delete Firewall policies
- network_element - Create, modify or delete network elements
- ospf_element - OSPF Elements used in engine configurations
- policy_push - Install a policy on an NGFW Engine
- policy_vpn - Create, modify or delete policy-based VPNs
- route_map - Create or delete Route Map and rule configurations
- route_vpn - Create a route-based VPN
- service_element - Create, modify or delete service elements