chittick_projects/sophos-xgs-ansible/roles/sophos_firewall_rules/templates/firewall_rule.json.j2

<Request>
  <Login>
    <Username>{{ sophos_api_username }}</Username>
    <Password>{{ sophos_api_password }}</Password>
  </Login>
  <Set operation="{% if item.name in existing_firewall_rules %}update{% else %}add{% endif %}">
    <FirewallRule>
      <Name>{{ item.name }}</Name>
      <Description>{{ item.description | default('') }}</Description>
      <Status>{{ 'Enable' if item.enabled | default(true) else 'Disable' }}</Status>
      <Action>{{ item.action | upper }}</Action>
      <LogTraffic>{{ 'Enable' if item.log | default(false) else 'Disable' }}</LogTraffic>
      <SourceZones>
        {% for zone in item.source_zones %}
        <Zone>{{ zone }}</Zone>
        {% endfor %}
      </SourceZones>
      <DestinationZones>
        {% for zone in item.dest_zones %}
        <Zone>{{ zone }}</Zone>
        {% endfor %}
      </DestinationZones>
      <SourceNetworks>
        {% for network in item.source_networks %}
        <Network>{{ network }}</Network>
        {% endfor %}
      </SourceNetworks>
      <DestinationNetworks>
        {% for network in item.dest_networks %}
        <Network>{{ network }}</Network>
        {% endfor %}
      </DestinationNetworks>
      <Services>
        {% for service in item.services %}
        <Service>{{ service }}</Service>
        {% endfor %}
      </Services>
      {% if item.position is defined %}
      <Position>{{ item.position }}</Position>
      {% endif %}
    </FirewallRule>
  </Set>
</Request>