Repository Gateway Script

In CME API v1.1, you can add a repository script to your configuration template that runs on the Security Gateways after the policy installation.

  1. Use the ⁠add-repository-script management API to add the script to the script repository on the Management ServerClosed Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server..

    For example:

    url: POST https://{{managementIP}}/web_api/v1.9/add-repository-script

    body: {"name": "create_route", "script-body": "#!/bin/bash clish -c lock database override clish -c set static-route 10.24.2.0/32 nexthop gateway address 10.24.0.0 on clish -c save config""}

    Note - For Multi-Domain Security Management server, add the script for each Domain.

    You can run the API call using the mgmt_cli tool, Web Services, SmartConsoleClosed Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on. CLI, or GaiaClosed Check Point security operating system that combines the strengths of both SecurePlatform and IPSO operating systems. CLI.

  2. Publish the session with the publish management API.

  3. After the script is successfully added to the script repository on the Management Server, you can add the repository script to your template. For more information, see CME API SwaggerHub documentation.

    For example:

    url: PUT https://{{managementIP}}/web_api/v1.8/cme-api/v1.1/gwConfigurations/<azure/gcp/aws>/<template-name>

    body: "repository_gateway_scripts": [{"name": "create_route"}]

    Script with parameters:

    url: PUT https://{{managementIP}}/web_api/v1.8/cme-api/v1.1/gwConfigurations/<azure/gcp/aws>/<template-name>

    body: "repository_gateway_scripts": [{"name": "repo_script", "parameters": "param1 param2"}]

Note - For CME API in Postman, you can use this Postman Collection.