Try SpotterManages lsm-cluster objects on Checkpoint over Web Services API
| "added in version" 2.3.0 of check_point.mgmt"
Authors: Shiran Golzar (@chkp-shirango)
preview | supported by community
Install with ansible-galaxy collection install check_point.mgmt:==5.2.3
collections:
- name: check_point.mgmt
version: 5.2.3Manages lsm-cluster objects on Checkpoint devices including creating, updating and removing objects.
All operations are performed over Web Services API.
- name: add-lsm-cluster
cp_mgmt_lsm_cluster:
interfaces:
- ip_address_override: 192.168.8.197
member_network_override: 192.168.8.0
name: eth0
new_name: WAN
- ip_address_override: 10.8.197.1
member_network_override: 10.8.197.0
name: eth1
new_name: LAN1
- member_network_override: 10.10.10.0
name: eth2
main_ip_address: 192.168.8.197
members:
- name: Gaia_gw1
sic:
ip_address: 192.168.8.200
one_time_password: aaaa
- name: Gaia_gw2
sic:
ip_address: 192.168.8.202
one_time_password: aaaa
name_prefix: Gaia_
security_profile: gaia_cluster
state: present
- name: set-lsm-cluster
cp_mgmt_lsm_cluster:
interfaces:
- ip_address_override: 192.168.8.197
member_network_override: 192.168.8.0
name: eth0
new_name: WAN
- ip_address_override: 10.8.197.1
member_network_override: 10.8.197.0
name: eth1
new_name: LAN1
- member_network_override: 10.10.10.0
name: eth2
members:
- name: Gaia_gw1
sic:
ip_address: 192.168.8.200
one_time_password: aaaa
- name: Gaia_gw2
sic:
ip_address: 192.168.8.202
one_time_password: aaaa
name: Gaia_gaia_cluster
state: present
- name: delete-lsm-cluster
cp_mgmt_lsm_cluster:
name: lsm_cluster
state: absent
color:
choices:
- aquamarine
- black
- blue
- crete blue
- burlywood
- cyan
- dark green
- khaki
- orchid
- dark orange
- dark sea green
- pink
- turquoise
- dark blue
- firebrick
- brown
- forest green
- gold
- dark gold
- gray
- dark gray
- light green
- lemon chiffon
- coral
- sea green
- sky blue
- magenta
- purple
- slate blue
- violet red
- navy blue
- olive
- orange
- red
- sienna
- yellow
description:
- Color of the object. Should be one of existing colors.
type: str
state:
choices:
- present
- absent
default: present
description:
- State of the access rule (present or absent).
type: str
members:
description:
- Members.
elements: dict
suboptions:
color:
choices:
- aquamarine
- black
- blue
- crete blue
- burlywood
- cyan
- dark green
- khaki
- orchid
- dark orange
- dark sea green
- pink
- turquoise
- dark blue
- firebrick
- brown
- forest green
- gold
- dark gold
- gray
- dark gray
- light green
- lemon chiffon
- coral
- sea green
- sky blue
- magenta
- purple
- slate blue
- violet red
- navy blue
- olive
- orange
- red
- sienna
- yellow
description:
- Color of the object. Should be one of existing colors.
type: str
comments:
description:
- Comments string.
type: str
name:
description:
- Object name.
type: str
provisioning_settings:
description:
- Provisioning settings. This field is relevant just for SMB clusters.
suboptions:
provisioning_profile:
description:
- Provisioning profile.
type: str
type: dict
provisioning_state:
choices:
- 'off'
- manual
- using-profile
description:
- Provisioning state. This field is relevant just for SMB clusters. By default
the state is 'manual'- enable provisioning but not attach to profile.If 'using-profile'
state is provided a provisioning profile must be provided in provisioning-settings.
type: str
sic:
description:
- Secure Internal Communication.
suboptions:
ip_address:
description:
- IP address. When IP address is provided- initiate trusted communication
immediately using this IP address.
type: str
one_time_password:
description:
- One-time password. When one-time password is provided without ip-address-
trusted communication is automatically initiated when the gateway connects
to the Security Management server for the first time.
type: str
type: dict
tags:
description:
- Collection of tag identifiers.
elements: str
type: list
type: list
version:
description:
- Version of checkpoint. If not given one, the latest version taken.
type: str
comments:
description:
- Comments string.
type: str
interfaces:
description:
- Interfaces.
elements: dict
suboptions:
ip_address_override:
description:
- IP address override. Net mask is defined by the attached LSM profile.
type: str
member_network_override:
description:
- Member network override. Net mask is defined by the attached LSM profile.
type: str
name:
description:
- Interface name.
type: str
type: list
name_prefix:
description:
- A prefix added to the profile name and creates the LSM cluster name.
type: str
name_suffix:
description:
- A suffix added to the profile name and creates the LSM cluster name.
type: str
details_level:
choices:
- uid
- standard
- full
description:
- The level of detail for some of the fields in the response can vary from showing
only the UID value of the object to a fully detailed representation of the object.
type: str
ignore_errors:
description:
- Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings
flag was omitted - warnings will also be ignored.
type: bool
wait_for_task:
default: true
description:
- Wait for the task to end. Such as publish task.
type: bool
ignore_warnings:
description:
- Apply changes ignoring warnings.
type: bool
main_ip_address:
description:
- Main IP address.
type: str
security_profile:
description:
- LSM profile.
required: true
type: str
auto_publish_session:
default: false
description:
- Publish the current session if changes have been performed after task completes.
type: bool
wait_for_task_timeout:
default: 30
description:
- How many minutes to wait until throwing a timeout error.
type: int
cp_mgmt_lsm_cluster: description: The checkpoint object created or updated. returned: always, except when deleting the object. type: dict