Try SpotterManages smart-task objects on Checkpoint over Web Services API
| "added in version" 5.0.0 of check_point.mgmt"
Authors: Eden Brillant (@chkp-edenbr)
preview | supported by community
Install with ansible-galaxy collection install check_point.mgmt:==5.2.3
collections:
- name: check_point.mgmt
version: 5.2.3Manages smart-task objects on Checkpoint devices including creating, updating and removing objects.
All operations are performed over Web Services API.
- name: add-smart-task
cp_mgmt_smart_task:
action:
run_script:
repository_script: Session Name Validation Script
time_out: 30
custom_data: '{"session-name-format": "CR"}'
description: Run a validation script that ensures that the a session name matches the expected name format as described in the Custom Data field.
enabled: true
name: Validate Session Name Before Publish
state: present
trigger: Before Publish
- name: set-smart-task
cp_mgmt_smart_task:
action:
send_web_request:
fingerprint: 3FDD902286DBF130EF4CEC7939EF81060AB0FEB6
url: https://demo.example.com/policy-installation-reports
custom_data: '{"mail-address": "example-admin@example-corp.com"}'
description: Send policy installation results to the mail address specified in the Custom Data field using the corporate's dedicated web server.
enabled: true
name: Send Policy Installation Reports
state: present
trigger: After Install Policy
- name: delete-smart-task
cp_mgmt_smart_task:
name: Validate Session Name Before Publish
state: absent
name:
description:
- Object name.
required: true
type: str
tags:
description:
- Collection of tag identifiers.
elements: str
type: list
color:
choices:
- aquamarine
- black
- blue
- crete blue
- burlywood
- cyan
- dark green
- khaki
- orchid
- dark orange
- dark sea green
- pink
- turquoise
- dark blue
- firebrick
- brown
- forest green
- gold
- dark gold
- gray
- dark gray
- light green
- lemon chiffon
- coral
- sea green
- sky blue
- magenta
- purple
- slate blue
- violet red
- navy blue
- olive
- orange
- red
- sienna
- yellow
description:
- Color of the object. Should be one of existing colors.
type: str
state:
choices:
- present
- absent
default: present
description:
- State of the access rule (present or absent).
type: str
action:
description:
- The action to be run when the trigger is fired.
suboptions:
run_script:
description:
- When the trigger is fired, runs the configured Repository Script on the defined
targets.<br>The trigger data is then passed to the script as the first parameter.
The parameter is JSON encoded in Base64 format.
suboptions:
repository_script:
description:
- Repository script that is executed when the trigger is fired., identified
by the name or UID.
type: str
targets:
description:
- Targets to execute the script on.
elements: str
type: list
time_out:
description:
- Script execution time-out in seconds.
type: int
type: dict
send_mail:
description:
- When the trigger is fired, sends the configured email to the defined recipients.
suboptions:
mail_settings:
description:
- The required settings to send the mail by.
suboptions:
attachment:
choices:
- no attachment
- changes report
- policy installation report
description:
- What file should be attached to the mail.
type: str
bcc_recipients:
description:
- A comma separated list of bcc recipient mail addresses.
type: str
body:
description:
- The email body.
type: str
cc_recipients:
description:
- A comma separated list of cc recipient mail addresses.
type: str
recipients:
description:
- A comma separated list of recipient mail addresses.
type: str
sender_email:
description:
- An email address to send the mail from.
type: str
subject:
description:
- The email subject.
type: str
type: dict
smtp_server:
description:
- The UID or the name a preconfigured SMTP server object.
type: str
type: dict
send_web_request:
description:
- When the trigger is fired, sends an HTTPS POST web request to the configured
URL.<br>The trigger data will be passed along with the SmartTask's custom data
in the request's payload.
suboptions:
fingerprint:
description:
- The SHA1 fingerprint of the URL's SSL certificate. Used to trust servers
with self-signed SSL certificates.
type: str
override_proxy:
description:
- Option to send to the web request via a proxy other than the Management's
Server proxy (if defined).
type: bool
proxy_url:
description:
- URL of the proxy used to send the request.
type: str
shared_secret:
description:
- Shared secret that can be used by the target server to identify the Management
Server.<br>The value will be sent as part of the request in the "X-chkp-shared-secret"
header.
type: str
time_out:
description:
- Web Request time-out in seconds.
type: int
url:
description:
- URL used for the web request.
type: str
type: dict
type: dict
enabled:
description:
- Whether the SmartTask is enabled and will run when triggered.
type: bool
trigger:
description:
- Trigger type associated with the SmartTask.
type: str
version:
description:
- Version of checkpoint. If not given one, the latest version taken.
type: str
comments:
description:
- Comments string.
type: str
fail_open:
description:
- If the action fails to execute, whether to treat the execution failure as an error,
or continue.
type: bool
custom_data:
description:
- Per SmartTask custom data in JSON format.<br>When the trigger is fired, the trigger
data is converted to JSON. The custom data is then concatenated to the trigger data
JSON.
type: str
description:
description:
- Description of the SmartTask's functionality and options.
type: str
details_level:
choices:
- uid
- standard
- full
description:
- The level of detail for some of the fields in the response can vary from showing
only the UID value of the object to a fully detailed representation of the object.
type: str
ignore_errors:
description:
- Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings
flag was omitted - warnings will also be ignored.
type: bool
wait_for_task:
default: true
description:
- Wait for the task to end. Such as publish task.
type: bool
ignore_warnings:
description:
- Apply changes ignoring warnings.
type: bool
auto_publish_session:
default: false
description:
- Publish the current session if changes have been performed after task completes.
type: bool
wait_for_task_timeout:
default: 30
description:
- How many minutes to wait until throwing a timeout error.
type: int
cp_mgmt_smart_task: description: The checkpoint object created or updated. returned: always, except when deleting the object. type: dict