check and update rulename
Description
This Ansible playbook sets and translates variables like rule_code, action_code, and type_code based on rule properties. It uses conditional tasks to modify these codes and predefined translation tables to convert them into a specific Prefix like X_XXX_XXX. Finally, it appends the prefix to the rulename an stores it in a list for further processing.
Use in a parent script like: - name: Check and replace rulenames include_tasks: PA/check_rulename.yml loop: "{{ sec_rule_cleaned_name_list | zip(sec_rule_action_list,sec_rule_application_list, sec_rule_category_list, sec_rule_destination_list, sec_rule_service_list, sec_rule_source_ip_list, sec_rule_source_user_list) | list }}" loop_control: loop_var: rule_properties
Credentials
Input
| Variable | Description |
|---|---|
| rule_properties | list with (sub)values |
| .0 Name | proposed firewall rule name |
| .1 Action | string (allow/deny/drop) |
| .2 Action | list with subvalues |
| .3 URL Categoryn | list with URL cat valuess |
| .4 Destinations | list GRP_xxx values |
| .5 Service | list with SG_XXX values |
| .6 Source | list GRP_xxx values |
| .7 Users | list with user groups from AD |
None
Output
| Variable | Description |
|---|---|
sec_rule_cleaned_name_list |
list of firewall rules with X_XXX_XXX prefix |
Example: sec_rule_cleaned_name_list: - A_SDB_L7D_Rule-that-allows-some-traffic