check_point / check_point.mgmt / 5.2.2 / module / cp_mgmt_interoperable_device Manages interoperable-device objects on Checkpoint over Web Services API | "added in version" 3.0.0 of check_point.mgmt" Authors: Eden Brillant (@chkp-edenbr) preview | supported by communitycheck_point.mgmt.cp_mgmt_interoperable_device (5.2.2) — module
Install with ansible-galaxy collection install check_point.mgmt:==5.2.2
collections: - name: check_point.mgmt version: 5.2.2
Manages interoperable-device objects on Checkpoint devices including creating, updating and removing objects.
All operations are performed over Web Services API.
- name: add-interoperable-device cp_mgmt_interoperable_device: ip_address: 192.168.1.6 name: NewInteroperableDevice state: present
- name: set-interoperable-device cp_mgmt_interoperable_device: ip_address: 192.168.1.6 name: NewInteroperableDevice state: present
- name: delete-interoperable-device cp_mgmt_interoperable_device: name: NewInteroperableDevice state: absent
name: description: - Object name. required: true type: str tags: description: - Collection of tag identifiers. elements: str type: list color: choices: - aquamarine - black - blue - crete blue - burlywood - cyan - dark green - khaki - orchid - dark orange - dark sea green - pink - turquoise - dark blue - firebrick - brown - forest green - gold - dark gold - gray - dark gray - light green - lemon chiffon - coral - sea green - sky blue - magenta - purple - slate blue - violet red - navy blue - olive - orange - red - sienna - yellow description: - Color of the object. Should be one of existing colors. type: str state: choices: - present - absent default: present description: - State of the access rule (present or absent). type: str groups: description: - Collection of group identifiers. elements: str type: list version: description: - Version of checkpoint. If not given one, the latest version taken. type: str comments: description: - Comments string. type: str interfaces: description: - Network interfaces. elements: dict suboptions: color: choices: - aquamarine - black - blue - crete blue - burlywood - cyan - dark green - khaki - orchid - dark orange - dark sea green - pink - turquoise - dark blue - firebrick - brown - forest green - gold - dark gold - gray - dark gray - light green - lemon chiffon - coral - sea green - sky blue - magenta - purple - slate blue - violet red - navy blue - olive - orange - red - sienna - yellow description: - Color of the object. Should be one of existing colors. type: str comments: description: - Comments string. type: str details_level: choices: - uid - standard - full description: - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed representation of the object. type: str domains_to_process: description: - Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and with ignore-warnings true. Valid values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER. elements: str type: list ignore_errors: description: - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. type: bool ignore_warnings: description: - Apply changes ignoring warnings. type: bool ip_address: description: - IPv4 or IPv6 address. If both addresses are required use ipv4-address and ipv6-address fields explicitly. type: str ipv4_address: description: - IPv4 address. type: str ipv4_mask_length: description: - IPv4 network mask length. type: str ipv4_network_mask: description: - IPv4 network address. type: str ipv6_address: description: - IPv6 address. type: str ipv6_mask_length: description: - IPv6 network mask length. type: str ipv6_network_mask: description: - IPv6 network address. type: str mask_length: description: - IPv4 or IPv6 network mask length. type: str name: description: - Object name. Must be unique in the domain. type: str network_mask: description: - IPv4 or IPv6 network mask. If both masks are required use ipv4-network-mask and ipv6-network-mask fields explicitly. Instead of providing mask itself it is possible to specify IPv4 or IPv6 mask length in mask-length field. If both masks length are required use ipv4-mask-length and ipv6-mask-length fields explicitly. type: str tags: description: - Collection of tag identifiers. elements: str type: list topology: choices: - external - internal description: - Topology configuration. type: str topology_settings: description: - Internal topology settings. suboptions: interface_leads_to_dmz: description: - Whether this interface leads to demilitarized zone (perimeter network). type: bool ip_address_behind_this_interface: choices: - not defined - network defined by the interface ip and net mask - network defined by routing - specific description: - Network settings behind this interface. type: str specific_network: description: - Network behind this interface. type: str type: dict type: list ip_address: description: - IPv4 or IPv6 address. type: str ipv4_address: description: - IPv4 address of the Interoperable Device. type: str ipv6_address: description: - IPv6 address of the Interoperable Device. type: str vpn_settings: description: - VPN domain properties for the Interoperable Device. suboptions: vpn_domain: description: - Network group representing the customized encryption domain. Must be set when vpn-domain-type is set to 'manual' option. type: str vpn_domain_exclude_external_ip_addresses: description: - Exclude the external IP addresses from the VPN domain of this Interoperable device. type: bool vpn_domain_type: choices: - manual - addresses_behind_gw description: - Indicates the encryption domain. type: str type: dict details_level: choices: - uid - standard - full description: - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed representation of the object. type: str ignore_errors: description: - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. type: bool wait_for_task: default: true description: - Wait for the task to end. Such as publish task. type: bool ignore_warnings: description: - Apply changes ignoring warnings. type: bool domains_to_process: description: - Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and with ignore-warnings true. Valid values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER. elements: str type: list auto_publish_session: default: false description: - Publish the current session if changes have been performed after task completes. type: bool wait_for_task_timeout: default: 30 description: - How many minutes to wait until throwing a timeout error. type: int
cp_mgmt_interoperable_device: description: The checkpoint object created or updated. returned: always, except when deleting the object. type: dict