check_point / check_point.gaia / 5.0.1 / module / cp_gaia_password_policy Setting password policy configuration. | "added in version" 3.0.0 of check_point.gaia" Authors: Ameer Asli (@chkp-ameera)check_point.gaia.cp_gaia_password_policy (5.0.1) — module
Install with ansible-galaxy collection install check_point.gaia:==5.0.1
collections: - name: check_point.gaia version: 5.0.1
Setting password policy configuration.
- name: Change password policy check_point.gaia.cp_gaia_password_policy: lock_settings: {'failed_attempts_settings': {'failed_attempts_allowed': 10, 'failed_lock_duration_seconds': 1200, 'failed_lock_enabled': False, 'failed_lock_enforced_on_admin': False}, 'inactivity_settings': {'inactivity_threshold_days': 365, 'lock_unused_accounts_enabled': False}, 'must_one_time_password_enabled': False, 'password_expiration_days': 60, 'password_expiration_maximum_days_before_lock': 1000, 'password_expiration_warning_days': 7} password_history: {'check_history_enabled': True, 'repeated_history_length': 10} password_strength: {'complexity': 2, 'minimum_length': 6, 'palindrome_check_enabled': True}
version: description: Gaia API version for example 1.6. required: false type: str lock_settings: description: Password change configuration. required: false suboptions: failed_attempts_settings: description: Failed attempts configuration. required: false suboptions: failed_attempts_allowed: default: 10 description: Amount of login attempts allowed before lockout, Valid values are 2-1000. required: false type: int failed_lock_duration_seconds: default: 1200 description: Password failed logging lockout duration, Valid values are 60-604800. required: false type: int failed_lock_enabled: default: false description: Lock user after exceeded maximum allowed login attempts. required: false type: bool failed_lock_enforced_on_admin: default: false description: Enforce failed lockout on admin user. required: false type: bool type: dict inactivity_settings: description: Inactivity configuration. required: false suboptions: inactivity_threshold_days: default: 365 description: Inactivity days to password expiration lockout, Valid values are 1-1827. required: false type: int lock_unused_accounts_enabled: default: false description: Password lock unused accounts. required: false type: bool type: dict must_one_time_password_enabled: default: false description: Forces a user to change their password after it has been set via "User Management" (but not via "Self Password Change" or forced change at login). Use this command to set the value. required: false type: bool password_expiration_days: description: Password expiration lifetime, Valid values are 60-604800. required: false type: int password_expiration_maximum_days_before_lock: description: Password expiration lockout in days, Valid values are 1-1827. required: false type: int password_expiration_warning_days: default: 7 description: Number of days before a password expires that the user gets warned, Valid values are 1-366. required: false type: int type: dict password_history: description: Password history configuration. required: false suboptions: check_history_enabled: default: false description: Password history check. required: false type: bool repeated_history_length: default: 10 description: Password history length. required: false type: int type: dict password_strength: description: Password history configuration. required: false suboptions: complexity: default: 2 description: Password complexity, Valid values are 1-4. required: false type: int minimum_length: default: 6 description: Password minimum length, Valid values are 6-128. required: false type: int palindrome_check_enabled: default: true description: Password palindrome check. required: false type: bool type: dict
password_policy: description: The checkpoint object updated. returned: always. type: dict