Try SpotterManages trusted-client objects on Checkpoint over Web Services API
| "added in version" 2.1.0 of check_point.mgmt"
Authors: Or Soffer (@chkp-orso)
preview | supported by community
Install with ansible-galaxy collection install check_point.mgmt:==5.2.3
collections:
- name: check_point.mgmt
version: 5.2.3Manages trusted-client objects on Checkpoint devices including creating, updating and removing objects.
All operations are performed over Web Services API.
- name: add-trusted-client
cp_mgmt_trusted_client:
name: my client
state: present
type: ANY
- name: set-trusted-client
cp_mgmt_trusted_client:
ip_address: 192.0.2.1
mask_length: '24'
name: my client
state: present
type: NETMASK
- name: delete-trusted-client
cp_mgmt_trusted_client:
name: my client
state: absent
name:
description:
- Object name.
required: true
type: str
tags:
description:
- Collection of tag identifiers.
elements: str
type: list
type:
choices:
- any
- domain
- ipv4 address
- ipv4 address range
- ipv4 netmask
- ipv6 address
- ipv6 address range
- ipv6 netmask
- name
- wild cards (ip only)
description:
- Trusted client type.
type: str
color:
choices:
- aquamarine
- black
- blue
- crete blue
- burlywood
- cyan
- dark green
- khaki
- orchid
- dark orange
- dark sea green
- pink
- turquoise
- dark blue
- firebrick
- brown
- forest green
- gold
- dark gold
- gray
- dark gray
- light green
- lemon chiffon
- coral
- sea green
- sky blue
- magenta
- purple
- slate blue
- violet red
- navy blue
- olive
- orange
- red
- sienna
- yellow
description:
- Color of the object. Should be one of existing colors.
type: str
state:
choices:
- present
- absent
default: present
description:
- State of the access rule (present or absent).
type: str
version:
description:
- Version of checkpoint. If not given one, the latest version taken.
type: str
comments:
description:
- Comments string.
type: str
wild_card:
description:
- IP wild card (e.g. 192.0.2.*).
type: str
ip_address:
description:
- IPv4 or IPv6 address. If both addresses are required use ipv4-address and ipv6-address
fields explicitly.
type: str
mask_length:
description:
- IPv4 or IPv6 mask length. If both masks are required use mask-length4 and mask-length6
fields explicitly.
type: int
ipv4_address:
description:
- IPv4 address.
type: str
ipv6_address:
description:
- IPv6 address.
type: str
mask_length4:
description:
- IPv4 mask length.
type: int
mask_length6:
description:
- IPv6 mask length.
type: int
details_level:
choices:
- uid
- standard
- full
description:
- The level of detail for some of the fields in the response can vary from showing
only the UID value of the object to a fully detailed representation of the object.
type: str
ignore_errors:
description:
- Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings
flag was omitted - warnings will also be ignored.
type: bool
wait_for_task:
default: true
description:
- Wait for the task to end. Such as publish task.
type: bool
ignore_warnings:
description:
- Apply changes ignoring warnings.
type: bool
ip_address_last:
description:
- Last IP address in the range. If both IPv4 and IPv6 address ranges are required,
use the ipv4-address-first and the ipv6-address-first fields instead.
type: str
ip_address_first:
description:
- First IP address in the range. If both IPv4 and IPv6 address ranges are required,
use the ipv4-address-first and the ipv6-address-first fields instead.
type: str
ipv4_address_last:
description:
- Last IPv4 address in the range.
type: str
ipv6_address_last:
description:
- Last IPv6 address in the range.
type: str
domains_assignment:
description:
- Domains to be added to this profile. Use domain name only. See example below, "add-trusted-client
(with domain)".
elements: str
type: list
ipv4_address_first:
description:
- First IPv4 address in the range.
type: str
ipv6_address_first:
description:
- First IPv6 address in the range.
type: str
auto_publish_session:
default: false
description:
- Publish the current session if changes have been performed after task completes.
type: bool
wait_for_task_timeout:
default: 30
description:
- How many minutes to wait until throwing a timeout error.
type: int
multi_domain_server_trusted_client:
description:
- Let this trusted client connect to all Multi-Domain Servers in the deployment.
type: bool
cp_mgmt_trusted_client: description: The checkpoint object created or updated. returned: always, except when deleting the object. type: dict