check_point / check_point.mgmt / 5.2.2 / module / cp_mgmt_lsm_cluster Manages lsm-cluster objects on Checkpoint over Web Services API | "added in version" 2.3.0 of check_point.mgmt" Authors: Shiran Golzar (@chkp-shirango) preview | supported by communitycheck_point.mgmt.cp_mgmt_lsm_cluster (5.2.2) — module
Install with ansible-galaxy collection install check_point.mgmt:==5.2.2
collections: - name: check_point.mgmt version: 5.2.2
Manages lsm-cluster objects on Checkpoint devices including creating, updating and removing objects.
All operations are performed over Web Services API.
- name: add-lsm-cluster cp_mgmt_lsm_cluster: interfaces: - ip_address_override: 192.168.8.197 member_network_override: 192.168.8.0 name: eth0 new_name: WAN - ip_address_override: 10.8.197.1 member_network_override: 10.8.197.0 name: eth1 new_name: LAN1 - member_network_override: 10.10.10.0 name: eth2 main_ip_address: 192.168.8.197 members: - name: Gaia_gw1 sic: ip_address: 192.168.8.200 one_time_password: aaaa - name: Gaia_gw2 sic: ip_address: 192.168.8.202 one_time_password: aaaa name_prefix: Gaia_ security_profile: gaia_cluster state: present
- name: set-lsm-cluster cp_mgmt_lsm_cluster: interfaces: - ip_address_override: 192.168.8.197 member_network_override: 192.168.8.0 name: eth0 new_name: WAN - ip_address_override: 10.8.197.1 member_network_override: 10.8.197.0 name: eth1 new_name: LAN1 - member_network_override: 10.10.10.0 name: eth2 members: - name: Gaia_gw1 sic: ip_address: 192.168.8.200 one_time_password: aaaa - name: Gaia_gw2 sic: ip_address: 192.168.8.202 one_time_password: aaaa name: Gaia_gaia_cluster state: present
- name: delete-lsm-cluster cp_mgmt_lsm_cluster: name: lsm_cluster state: absent
color: choices: - aquamarine - black - blue - crete blue - burlywood - cyan - dark green - khaki - orchid - dark orange - dark sea green - pink - turquoise - dark blue - firebrick - brown - forest green - gold - dark gold - gray - dark gray - light green - lemon chiffon - coral - sea green - sky blue - magenta - purple - slate blue - violet red - navy blue - olive - orange - red - sienna - yellow description: - Color of the object. Should be one of existing colors. type: str state: choices: - present - absent default: present description: - State of the access rule (present or absent). type: str members: description: - Members. elements: dict suboptions: color: choices: - aquamarine - black - blue - crete blue - burlywood - cyan - dark green - khaki - orchid - dark orange - dark sea green - pink - turquoise - dark blue - firebrick - brown - forest green - gold - dark gold - gray - dark gray - light green - lemon chiffon - coral - sea green - sky blue - magenta - purple - slate blue - violet red - navy blue - olive - orange - red - sienna - yellow description: - Color of the object. Should be one of existing colors. type: str comments: description: - Comments string. type: str name: description: - Object name. type: str provisioning_settings: description: - Provisioning settings. This field is relevant just for SMB clusters. suboptions: provisioning_profile: description: - Provisioning profile. type: str type: dict provisioning_state: choices: - 'off' - manual - using-profile description: - Provisioning state. This field is relevant just for SMB clusters. By default the state is 'manual'- enable provisioning but not attach to profile.If 'using-profile' state is provided a provisioning profile must be provided in provisioning-settings. type: str sic: description: - Secure Internal Communication. suboptions: ip_address: description: - IP address. When IP address is provided- initiate trusted communication immediately using this IP address. type: str one_time_password: description: - One-time password. When one-time password is provided without ip-address- trusted communication is automatically initiated when the gateway connects to the Security Management server for the first time. type: str type: dict tags: description: - Collection of tag identifiers. elements: str type: list type: list version: description: - Version of checkpoint. If not given one, the latest version taken. type: str comments: description: - Comments string. type: str interfaces: description: - Interfaces. elements: dict suboptions: ip_address_override: description: - IP address override. Net mask is defined by the attached LSM profile. type: str member_network_override: description: - Member network override. Net mask is defined by the attached LSM profile. type: str name: description: - Interface name. type: str type: list name_prefix: description: - A prefix added to the profile name and creates the LSM cluster name. type: str name_suffix: description: - A suffix added to the profile name and creates the LSM cluster name. type: str details_level: choices: - uid - standard - full description: - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed representation of the object. type: str ignore_errors: description: - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. type: bool wait_for_task: default: true description: - Wait for the task to end. Such as publish task. type: bool ignore_warnings: description: - Apply changes ignoring warnings. type: bool main_ip_address: description: - Main IP address. type: str security_profile: description: - LSM profile. required: true type: str auto_publish_session: default: false description: - Publish the current session if changes have been performed after task completes. type: bool wait_for_task_timeout: default: 30 description: - How many minutes to wait until throwing a timeout error. type: int
cp_mgmt_lsm_cluster: description: The checkpoint object created or updated. returned: always, except when deleting the object. type: dict