check_point / check_point.mgmt / 5.2.2 / module / cp_mgmt_checkpoint_host Manages checkpoint-host objects on Checkpoint over Web Services API | "added in version" 5.0.0 of check_point.mgmt" Authors: Eden Brillant (@chkp-edenbr) preview | supported by communitycheck_point.mgmt.cp_mgmt_checkpoint_host (5.2.2) — module
Install with ansible-galaxy collection install check_point.mgmt:==5.2.2
collections: - name: check_point.mgmt version: 5.2.2
Manages checkpoint-host objects on Checkpoint devices including creating, updating and removing objects.
All operations are performed over Web Services API.
- name: add-checkpoint-host cp_mgmt_checkpoint_host: ipv4_address: 5.5.5.5 management_blades: logging_and_status: true network_policy_management: true name: secondarylogserver state: present
- name: set-checkpoint-host cp_mgmt_checkpoint_host: hardware: Smart-1 management_blades: compliance: true network_policy_management: true user_directory: true name: secondarylogserver os: Linux state: present
- name: delete-checkpoint-host cp_mgmt_checkpoint_host: name: secondarylogserver state: absent
os: description: - Operating system name. type: str name: description: - Object name. required: true type: str tags: description: - Collection of tag identifiers. elements: str type: list color: choices: - aquamarine - black - blue - crete blue - burlywood - cyan - dark green - khaki - orchid - dark orange - dark sea green - pink - turquoise - dark blue - firebrick - brown - forest green - gold - dark gold - gray - dark gray - light green - lemon chiffon - coral - sea green - sky blue - magenta - purple - slate blue - violet red - navy blue - olive - orange - red - sienna - yellow description: - Color of the object. Should be one of existing colors. type: str state: choices: - present - absent default: present description: - State of the access rule (present or absent). type: str groups: description: - Collection of group identifiers. elements: str type: list version: description: - Version of checkpoint. If not given one, the latest version taken. type: str comments: description: - Comments string. type: str hardware: description: - Hardware name. type: str interfaces: description: - Check Point host interfaces. elements: dict suboptions: color: choices: - aquamarine - black - blue - crete blue - burlywood - cyan - dark green - khaki - orchid - dark orange - dark sea green - pink - turquoise - dark blue - firebrick - brown - forest green - gold - dark gold - gray - dark gray - light green - lemon chiffon - coral - sea green - sky blue - magenta - purple - slate blue - violet red - navy blue - olive - orange - red - sienna - yellow description: - Color of the object. Should be one of existing colors. type: str comments: description: - Comments string. type: str details_level: choices: - uid - standard - full description: - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed representation of the object. type: str ignore_errors: description: - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. type: bool ignore_warnings: description: - Apply changes ignoring warnings. type: bool mask_length: description: - IPv4 or IPv6 network mask length. If both masks are required use mask-length4 and mask-length6 fields explicitly. Instead of IPv4 mask length it is possible to specify IPv4 mask itself in subnet-mask field. type: int mask_length4: description: - IPv4 network mask length. type: int mask_length6: description: - IPv6 network mask length. type: int name: description: - Interface name. type: str subnet: description: - IPv4 or IPv6 network address. If both addresses are required use subnet4 and subnet6 fields explicitly. type: str subnet4: description: - IPv4 network address. type: str subnet6: description: - IPv6 network address. type: str subnet_mask: description: - IPv4 network mask. type: str type: list ip_address: description: - IPv4 or IPv6 address. If both addresses are required use ipv4-address and ipv6-address fields explicitly. type: str ipv4_address: description: - IPv4 address. type: str ipv6_address: description: - IPv6 address. type: str nat_settings: description: - NAT settings. suboptions: auto_rule: description: - Whether to add automatic address translation rules. type: bool hide_behind: choices: - gateway - ip-address description: - Hide behind method. This parameter is forbidden in case "method" parameter is "static". type: str install_on: description: - Which gateway should apply the NAT translation. type: str ip_address: description: - IPv4 or IPv6 address. If both addresses are required use ipv4-address and ipv6-address fields explicitly. This parameter is not required in case "method" parameter is "hide" and "hide-behind" parameter is "gateway". type: str ipv4_address: description: - IPv4 address. type: str ipv6_address: description: - IPv6 address. type: str method: choices: - hide - static description: - NAT translation method. type: str type: dict details_level: choices: - uid - standard - full description: - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed representation of the object. type: str ignore_errors: description: - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. type: bool logs_settings: description: - Logs settings. suboptions: accept_syslog_messages: description: - Enable accept syslog messages. type: bool alert_when_free_disk_space_below: description: - Enable alert when free disk space is below threshold. type: bool alert_when_free_disk_space_below_threshold: description: - Alert when free disk space below threshold. type: int alert_when_free_disk_space_below_type: choices: - none - log - popup alert - mail alert - snmp trap alert - user defined alert no.1 - user defined alert no.2 - user defined alert no.3 description: - Alert when free disk space below type. type: str before_delete_keep_logs_from_the_last_days: description: - Enable before delete keep logs from the last days. type: bool before_delete_keep_logs_from_the_last_days_threshold: description: - Before delete keep logs from the last days threshold. type: int before_delete_run_script: description: - Enable Before delete run script. type: bool before_delete_run_script_command: description: - Before delete run script command. type: str delete_index_files_older_than_days: description: - Enable delete index files older than days. type: bool delete_index_files_older_than_days_threshold: description: - Delete index files older than days threshold. type: int delete_when_free_disk_space_below: description: - Enable delete when free disk space below. type: bool delete_when_free_disk_space_below_threshold: description: - Delete when free disk space below threshold. type: int detect_new_citrix_ica_application_names: description: - Enable detect new Citrix ICA application names. type: bool distribute_logs_between_all_active_servers: description: - Distribute logs between all active servers. type: bool enable_log_indexing: description: - Enable log indexing. type: bool forward_logs_to_log_server: description: - Enable forward logs to log server. type: bool forward_logs_to_log_server_name: description: - Forward logs to log server name. type: str forward_logs_to_log_server_schedule_name: description: - Forward logs to log server schedule name. type: str free_disk_space_metrics: choices: - mbytes - percent description: - Free disk space metrics. type: str rotate_log_by_file_size: description: - Enable rotate log by file size. type: bool rotate_log_file_size_threshold: description: - Log file size threshold. type: int rotate_log_on_schedule: description: - Enable rotate log on schedule. type: bool rotate_log_schedule_name: description: - Rotate log schedule name. type: str smart_event_intro_correletion_unit: description: - Enable SmartEvent intro correlation unit. type: bool stop_logging_when_free_disk_space_below: description: - Enable stop logging when free disk space below. type: bool stop_logging_when_free_disk_space_below_threshold: description: - Stop logging when free disk space below threshold. type: int turn_on_qos_logging: description: - Enable turn on QoS Logging. type: bool update_account_log_every: description: - Update account log in every amount of seconds. type: int type: dict wait_for_task: default: true description: - Wait for the task to end. Such as publish task. type: bool ignore_warnings: description: - Apply changes ignoring warnings. type: bool management_blades: description: - Management blades. suboptions: compliance: description: - Compliance blade. Can be set when 'network-policy-management' was selected to be True. type: bool endpoint_policy: description: - Enable Endpoint Policy. </br>To complete Endpoint Security Management configuration, perform Install Database on your Endpoint Management Server. </br>Field is not supported on Multi Domain Server environment. type: bool logging_and_status: description: - Enable Logging & Status. type: bool network_policy_management: description: - Enable Network Policy Management. type: bool smart_event_correlation: description: - Enable SmartEvent Correlation Unit. type: bool smart_event_server: description: - Enable SmartEvent server. </br>When activating SmartEvent server, blades 'logging-and-status' and 'smart-event-correlation' should be set to True. </br>To complete SmartEvent configuration, perform Install Database or Install Policy on your Security Management servers and Log servers. </br>Activating SmartEvent Server is not recommended in Management High Availability environment. For more information refer to sk25164. type: bool user_directory: description: - Enable User Directory. Can be set when 'network-policy-management' was selected to be True. type: bool type: dict one_time_password: description: - Secure internal connection one time password. type: str save_logs_locally: description: - Enable save logs locally. type: bool send_logs_to_server: description: - Collection of Server(s) to send logs to identified by the name or UID. elements: str type: list auto_publish_session: default: false description: - Publish the current session if changes have been performed after task completes. type: bool send_alerts_to_server: description: - Collection of Server(s) to send alerts to identified by the name or UID. elements: str type: list wait_for_task_timeout: default: 30 description: - How many minutes to wait until throwing a timeout error. type: int check_point_host_version: description: - Check Point host platform version. type: str send_logs_to_backup_server: description: - Collection of Backup server(s) to send logs to identified by the name or UID. elements: str type: list
cp_mgmt_checkpoint_host: description: The checkpoint object created or updated. returned: always, except when deleting the object. type: dict