ansible / ansible.builtin / v2.9.0 / module / cp_mgmt_simple_gateway Manages simple-gateway objects on Check Point over Web Services API | "added in version" 2.9 of ansible.builtin" Authors: Or Soffer (@chkp-orso) preview | supported by communityansible.builtin.cp_mgmt_simple_gateway (v2.9.0) — module
pip
Install with pip install ansible==2.9.0
Manages simple-gateway objects on Check Point devices including creating, updating and removing objects.
All operations are performed over Web Services API.
- name: add-simple-gateway cp_mgmt_simple_gateway: ip_address: 192.0.2.1 name: gw1 state: present
- name: set-simple-gateway cp_mgmt_simple_gateway: anti_bot: true anti_virus: true application_control: true ips: true name: test_gateway state: present threat_emulation: true url_filtering: true
- name: delete-simple-gateway cp_mgmt_simple_gateway: name: gw1 state: absent
ips: description: - Intrusion Prevention System blade enabled. type: bool vpn: description: - VPN blade enabled. type: bool name: description: - Object name. required: true type: str tags: description: - Collection of tag identifiers. type: list color: choices: - aquamarine - black - blue - crete blue - burlywood - cyan - dark green - khaki - orchid - dark orange - dark sea green - pink - turquoise - dark blue - firebrick - brown - forest green - gold - dark gold - gray - dark gray - light green - lemon chiffon - coral - sea green - sky blue - magenta - purple - slate blue - violet red - navy blue - olive - orange - red - sienna - yellow description: - Color of the object. Should be one of existing colors. type: str state: choices: - present - absent default: present description: - State of the access rule (present or absent). Defaults to present. type: str groups: description: - Collection of group identifiers. type: list os_name: description: - Gateway platform operating system. type: str version: description: - Gateway platform version. type: str anti_bot: description: - Anti-Bot blade enabled. type: bool comments: description: - Comments string. type: str firewall: description: - Firewall blade enabled. type: bool anti_virus: description: - Anti-Virus blade enabled. type: bool interfaces: description: - Network interfaces. When a gateway is updated with a new interfaces, the existing interfaces are removed. suboptions: anti_spoofing: description: - N/A type: bool anti_spoofing_settings: description: - N/A suboptions: action: choices: - prevent - detect description: - If packets will be rejected (the Prevent option) or whether the packets will be monitored (the Detect option). type: str type: dict color: choices: - aquamarine - black - blue - crete blue - burlywood - cyan - dark green - khaki - orchid - dark orange - dark sea green - pink - turquoise - dark blue - firebrick - brown - forest green - gold - dark gold - gray - dark gray - light green - lemon chiffon - coral - sea green - sky blue - magenta - purple - slate blue - violet red - navy blue - olive - orange - red - sienna - yellow description: - Color of the object. Should be one of existing colors. type: str comments: description: - Comments string. type: str details_level: choices: - uid - standard - full description: - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed representation of the object. type: str ignore_errors: description: - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. type: bool ignore_warnings: description: - Apply changes ignoring warnings. type: bool ip_address: description: - IPv4 or IPv6 address. If both addresses are required use ipv4-address and ipv6-address fields explicitly. type: str ipv4_address: description: - IPv4 address. type: str ipv4_mask_length: description: - IPv4 network mask length. type: str ipv4_network_mask: description: - IPv4 network address. type: str ipv6_address: description: - IPv6 address. type: str ipv6_mask_length: description: - IPv6 network mask length. type: str ipv6_network_mask: description: - IPv6 network address. type: str mask_length: description: - IPv4 or IPv6 network mask length. type: str name: description: - Object name. type: str network_mask: description: - IPv4 or IPv6 network mask. If both masks are required use ipv4-network-mask and ipv6-network-mask fields explicitly. Instead of providing mask itself it is possible to specify IPv4 or IPv6 mask length in mask-length field. If both masks length are required use ipv4-mask-length and ipv6-mask-length fields explicitly. type: str security_zone: description: - N/A type: bool security_zone_settings: description: - N/A suboptions: auto_calculated: description: - Security Zone is calculated according to where the interface leads to. type: bool specific_zone: description: - Security Zone specified manually. type: str type: dict tags: description: - Collection of tag identifiers. type: list topology: choices: - automatic - external - internal description: - N/A type: str topology_settings: description: - N/A suboptions: interface_leads_to_dmz: description: - Whether this interface leads to demilitarized zone (perimeter network). type: bool ip_address_behind_this_interface: choices: - not defined - network defined by the interface ip and net mask - network defined by routing - specific description: - N/A type: str specific_network: description: - Network behind this interface. type: str type: dict type: list ip_address: description: - IPv4 or IPv6 address. If both addresses are required use ipv4-address and ipv6-address fields explicitly. type: str ipv4_address: description: - IPv4 address. type: str ipv6_address: description: - IPv6 address. type: str vpn_settings: description: - Gateway VPN settings. suboptions: maximum_concurrent_ike_negotiations: description: - N/A type: int maximum_concurrent_tunnels: description: - N/A type: int type: dict details_level: choices: - uid - standard - full description: - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed representation of the object. type: str ignore_errors: description: - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. type: bool logs_settings: description: - N/A suboptions: alert_when_free_disk_space_below: description: - N/A type: bool alert_when_free_disk_space_below_threshold: description: - N/A type: int alert_when_free_disk_space_below_type: choices: - none - log - popup alert - mail alert - snmp trap alert - user defined alert no.1 - user defined alert no.2 - user defined alert no.3 description: - N/A type: str before_delete_keep_logs_from_the_last_days: description: - N/A type: bool before_delete_keep_logs_from_the_last_days_threshold: description: - N/A type: int before_delete_run_script: description: - N/A type: bool before_delete_run_script_command: description: - N/A type: str delete_index_files_older_than_days: description: - N/A type: bool delete_index_files_older_than_days_threshold: description: - N/A type: int delete_index_files_when_index_size_above: description: - N/A type: bool delete_index_files_when_index_size_above_threshold: description: - N/A type: int delete_when_free_disk_space_below: description: - N/A type: bool delete_when_free_disk_space_below_threshold: description: - N/A type: int detect_new_citrix_ica_application_names: description: - N/A type: bool forward_logs_to_log_server: description: - N/A type: bool forward_logs_to_log_server_name: description: - N/A type: str forward_logs_to_log_server_schedule_name: description: - N/A type: str free_disk_space_metrics: choices: - mbytes - percent description: - N/A type: str perform_log_rotate_before_log_forwarding: description: - N/A type: bool reject_connections_when_free_disk_space_below_threshold: description: - N/A type: bool reserve_for_packet_capture_metrics: choices: - percent - mbytes description: - N/A type: str reserve_for_packet_capture_threshold: description: - N/A type: int rotate_log_by_file_size: description: - N/A type: bool rotate_log_file_size_threshold: description: - N/A type: int rotate_log_on_schedule: description: - N/A type: bool rotate_log_schedule_name: description: - N/A type: str stop_logging_when_free_disk_space_below: description: - N/A type: bool stop_logging_when_free_disk_space_below_threshold: description: - N/A type: int turn_on_qos_logging: description: - N/A type: bool update_account_log_every: description: - N/A type: int type: dict url_filtering: description: - URL Filtering blade enabled. type: bool wait_for_task: default: true description: - Wait for the task to end. Such as publish task. type: bool ignore_warnings: description: - Apply changes ignoring warnings. type: bool threat_emulation: description: - Threat Emulation blade enabled. type: bool content_awareness: description: - Content Awareness blade enabled. type: bool firewall_settings: description: - N/A suboptions: auto_calculate_connections_hash_table_size_and_memory_pool: description: - N/A type: bool auto_maximum_limit_for_concurrent_connections: description: - N/A type: bool connections_hash_size: description: - N/A type: int maximum_limit_for_concurrent_connections: description: - N/A type: int maximum_memory_pool_size: description: - N/A type: int memory_pool_size: description: - N/A type: int type: dict one_time_password: description: - N/A type: str save_logs_locally: description: - Save logs locally on the gateway. type: bool threat_extraction: description: - Threat Extraction blade enabled. type: bool application_control: description: - Application Control blade enabled. type: bool send_logs_to_server: description: - Server(s) to send logs to. type: list auto_publish_session: description: - Publish the current session if changes have been performed after task completes. type: bool send_alerts_to_server: description: - Server(s) to send alerts to. type: list wait_for_task_timeout: default: 30 description: - How many minutes to wait until throwing a timeout error. type: int send_logs_to_backup_server: description: - Backup server(s) to send logs to. type: list
cp_mgmt_simple_gateway: description: The checkpoint object created or updated. returned: always, except when deleting the object. type: dict