summaryrefslogtreecommitdiffstats
path: root/ansible_collections/check_point/mgmt/plugins
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-18 05:52:22 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-18 05:52:22 +0000
commit38b7c80217c4e72b1d8988eb1e60bb6e77334114 (patch)
tree356e9fd3762877d07cde52d21e77070aeff7e789 /ansible_collections/check_point/mgmt/plugins
parentAdding upstream version 7.7.0+dfsg. (diff)
downloadansible-38b7c80217c4e72b1d8988eb1e60bb6e77334114.tar.xz
ansible-38b7c80217c4e72b1d8988eb1e60bb6e77334114.zip
Adding upstream version 9.4.0+dfsg.upstream/9.4.0+dfsg
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'ansible_collections/check_point/mgmt/plugins')
-rw-r--r--ansible_collections/check_point/mgmt/plugins/action/cp_mgmt_access_layers.py268
-rw-r--r--ansible_collections/check_point/mgmt/plugins/action/cp_mgmt_access_rules.py91
-rw-r--r--ansible_collections/check_point/mgmt/plugins/action/cp_mgmt_hosts.py281
-rw-r--r--ansible_collections/check_point/mgmt/plugins/action/cp_mgmt_threat_layers.py264
-rw-r--r--ansible_collections/check_point/mgmt/plugins/doc_fragments/checkpoint_commands.py12
-rw-r--r--ansible_collections/check_point/mgmt/plugins/doc_fragments/checkpoint_facts.py7
-rw-r--r--ansible_collections/check_point/mgmt/plugins/doc_fragments/checkpoint_objects.py17
-rw-r--r--ansible_collections/check_point/mgmt/plugins/doc_fragments/checkpoint_objects_action_module.py8
-rw-r--r--ansible_collections/check_point/mgmt/plugins/httpapi/checkpoint.py55
-rw-r--r--ansible_collections/check_point/mgmt/plugins/module_utils/checkpoint.py1703
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_abort_get_interfaces.py83
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_layer.py101
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_layer_facts.py45
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_layers.py456
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_point_name.py165
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_point_name_facts.py144
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_role.py125
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_role_facts.py45
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_rule.py214
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_rule_facts.py100
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_rules.py215
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_section.py35
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_api_key.py21
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_central_license.py78
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_data_center_object.py86
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_domain.py102
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_nat_rule.py52
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_repository_package.py92
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_rules_batch.py35
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_updatable_object.py116
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_address_range.py118
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_address_range_facts.py47
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_administrator.py133
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_administrator_facts.py45
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site.py95
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site_category.py85
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site_category_facts.py45
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site_facts.py49
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site_group.py85
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site_group_facts.py49
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_approve_session.py21
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_assign_global_assignment.py23
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_central_license_facts.py86
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_check_network_feed.py80
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_check_threat_ioc_feed.py102
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_checkpoint_host.py528
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_checkpoint_host_facts.py144
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_cluster_members_facts.py53
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_connect_cloud_services.py21
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_data_center_object_facts.py47
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_api_key.py24
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_central_license.py77
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_data_center_object.py26
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_domain.py27
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_nat_rule.py28
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_repository_package.py79
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_rules_batch.py34
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_updatable_object.py94
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_discard.py21
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_disconnect_cloud_services.py21
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_distribute_cloud_licenses.py82
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_dns_domain.py83
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_dns_domain_facts.py47
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_domain_facts.py47
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_domain_permissions_profile.py351
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_domain_permissions_profile_facts.py49
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_dynamic_global_network_object.py136
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_dynamic_global_network_object_facts.py144
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_dynamic_object.py81
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_dynamic_object_facts.py47
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_exception_group.py115
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_exception_group_facts.py45
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_export_management.py131
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_export_smart_task.py85
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_get_attachment.py82
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_get_interfaces.py99
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_get_platform.py20
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_global_assignment.py39
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_global_assignment_facts.py47
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_group.py85
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_group_facts.py51
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_group_with_exclusion.py87
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_group_with_exclusion_facts.py47
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_gsn_handover_group.py155
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_gsn_handover_group_facts.py149
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_ha_full_sync.py83
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_host.py235
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_host_facts.py47
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_hosts.py581
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_https_layer.py134
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_https_layer_facts.py141
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_https_section.py35
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_identity_tag.py83
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_identity_tag_facts.py49
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_idp_administrator_group.py94
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_idp_administrator_group_facts.py49
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_idp_to_domain_assignment_facts.py45
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_import_management.py139
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_import_smart_task.py79
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_install_database.py21
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_install_lsm_policy.py21
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_install_lsm_settings.py21
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_install_policy.py35
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_install_software_package.py40
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_interoperable_device.py218
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_interoperable_device_facts.py49
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_ips_protection_extended_attribute_facts.py131
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lock_object.py96
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_cluster.py193
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_cluster_facts.py51
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_cluster_profile_facts.py51
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_gateway.py102
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_gateway_facts.py51
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_gateway_profile_facts.py51
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_run_script.py23
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsv_profile.py173
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsv_profile_facts.py141
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_md_permissions_profile.py111
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_md_permissions_profile_facts.py49
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_mds.py112
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_mds_facts.py45
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_multicast_address_range.py101
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_multicast_address_range_facts.py47
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_nat_rule.py227
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_nat_rule_facts.py88
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_nat_section.py35
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_network.py122
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_network_facts.py47
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_network_feed.py120
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_network_feed_facts.py51
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_objects_facts.py59
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_package.py139
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_package_facts.py45
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_provisioning_profile_facts.py51
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_publish.py20
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_put_file.py27
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_radius_group.py150
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_radius_group_facts.py157
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_radius_server.py192
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_radius_server_facts.py147
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_reject_session.py22
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_repository_package_facts.py135
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_repository_script.py85
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_repository_script_facts.py45
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_reset_sic.py20
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_run_ips_update.py21
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_run_script.py27
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_security_zone.py81
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_security_zone_facts.py47
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_citrix_tcp.py135
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_citrix_tcp_facts.py144
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_compound_tcp.py150
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_compound_tcp_facts.py144
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_dce_rpc.py87
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_dce_rpc_facts.py47
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_group.py85
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_group_facts.py51
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_icmp.py89
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_icmp6.py89
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_icmp6_facts.py47
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_icmp_facts.py47
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_other.py118
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_other_facts.py47
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_rpc.py87
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_rpc_facts.py47
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_sctp.py112
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_sctp_facts.py47
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_tcp.py118
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_tcp_facts.py47
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_udp.py120
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_udp_facts.py47
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_session_facts.py45
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_api_settings.py78
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_cloud_services.py114
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_domain.py111
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_global_domain.py143
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_global_properties.py1380
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_ha_state.py84
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_idp_default_assignment.py27
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_idp_to_domain_assignment.py31
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_ips_update_schedule.py114
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_login_message.py102
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_nat_rule.py54
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_policy_settings.py111
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_session.py78
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_threat_advanced_settings.py69
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_vpn_community_remote_access.py133
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_access_section.py23
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_api_settings.py71
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_api_versions.py71
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_azure_ad_content.py152
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_changes.py125
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_cloud_licenses_usage.py71
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_cloud_services.py20
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_commands.py76
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_gateways_and_servers.py119
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_global_domain.py85
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_global_properties.py20
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_ha_state.py71
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_ha_status.py71
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_https_section.py23
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_idp_default_assignment.py19
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_ips_status.py71
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_ips_update_schedule.py71
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_layer_structure.py104
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_login_message.py79
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_logs.py80
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_nat_section.py23
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_place_holder.py84
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_policy_settings.py71
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_servers_and_processes.py20
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_software_package_details.py21
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_software_packages_per_targets.py109
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_task.py25
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_tasks.py49
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_threat_advanced_settings.py20
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_unused_objects.py138
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_updatable_objects_repository_content.py143
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_validations.py71
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_simple_cluster.py851
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_simple_cluster_facts.py55
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_simple_gateway.py391
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_simple_gateway_facts.py47
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_smart_task.py295
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_smart_task_facts.py141
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_smart_task_trigger_facts.py141
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_smtp_server.py95
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_smtp_server_facts.py49
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_submit_session.py21
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_tacacs_group.py146
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_tacacs_group_facts.py141
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_tacacs_server.py171
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_tacacs_server_facts.py141
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_tag.py81
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_tag_facts.py45
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_task_facts.py150
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_test_sic_status.py21
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_exception.py72
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_exception_facts.py89
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_indicator.py150
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_indicator_facts.py45
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_layer.py87
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_layer_facts.py45
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_layers.py423
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_profile.py250
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_profile_facts.py45
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_protection_override.py62
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_rule.py70
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_rule_facts.py83
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_time.py148
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_time_facts.py45
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_time_group.py148
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_time_group_facts.py141
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_trusted_client.py128
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_trusted_client_facts.py47
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_uninstall_software_package.py34
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_unlock_administrator.py85
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_unlock_object.py96
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_updatable_object_facts.py143
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_update_provisioned_satellites.py21
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_update_updatable_objects_repository_content.py71
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_user_group.py149
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_user_group_facts.py149
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_verify_policy.py21
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_verify_software_package.py29
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_vpn_community_meshed.py176
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_vpn_community_meshed_facts.py45
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_vpn_community_remote_access_facts.py138
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_vpn_community_star.py362
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_vpn_community_star_facts.py45
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_vsx_run_operation.py242
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_where_used.py116
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_wildcard.py91
-rw-r--r--ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_wildcard_facts.py45
274 files changed, 24577 insertions, 4810 deletions
diff --git a/ansible_collections/check_point/mgmt/plugins/action/cp_mgmt_access_layers.py b/ansible_collections/check_point/mgmt/plugins/action/cp_mgmt_access_layers.py
new file mode 100644
index 000000000..f48a8b353
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/action/cp_mgmt_access_layers.py
@@ -0,0 +1,268 @@
+# -*- coding: utf-8 -*-
+# Copyright 2022 Red Hat
+# GNU General Public License v3.0+
+# (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+"""
+The module file for cp_mgmt_add_access_layers
+"""
+
+from __future__ import absolute_import, division, print_function
+
+__metaclass__ = type
+
+from ansible.plugins.action import ActionBase
+from ansible.module_utils.connection import Connection
+
+from ansible_collections.ansible.netcommon.plugins.module_utils.network.common import (
+ utils,
+)
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ CheckPointRequest,
+ map_params_to_obj,
+ map_obj_to_params,
+ sync_show_params_with_add_params,
+ remove_unwanted_key,
+ contains_show_identifier_param,
+)
+from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import (
+ AnsibleArgSpecValidator,
+)
+from ansible_collections.check_point.mgmt.plugins.modules.cp_mgmt_access_layers import (
+ DOCUMENTATION,
+)
+
+
+class ActionModule(ActionBase):
+ """action module"""
+
+ def __init__(self, *args, **kwargs):
+ super(ActionModule, self).__init__(*args, **kwargs)
+ self._result = None
+ self.api_call_object = "access-layer"
+ self.api_call_object_plural_version = "access-layers"
+ self.module_return = "mgmt_access_layers"
+ self.key_transform = {
+ "add_default_rule": "add-default-rule",
+ "applications_and_url_filtering": "applications-and-url-filtering",
+ "content_awareness": "content-awareness",
+ "detect_using_x_forward_for": "detect-using-x-forward-for",
+ "implicit_cleanup_action": "implicit-cleanup-action",
+ "mobile_access": "mobile-access",
+ "details_level": "details-level",
+ "ignore_warnings": "ignore-warnings",
+ "ignore_errors": "ignore-errors",
+ }
+
+ def _check_argspec(self):
+ aav = AnsibleArgSpecValidator(
+ data=self._task.args,
+ schema=DOCUMENTATION,
+ schema_format="doc",
+ name=self._task.action,
+ )
+ valid, errors, self._task.args = aav.validate()
+ if not valid:
+ self._result["failed"] = True
+ self._result["msg"] = errors
+
+ def search_for_existing_rules(
+ self, conn_request, api_call_object, search_payload=None, state=None
+ ):
+ result = conn_request.post(api_call_object, state, data=search_payload)
+ return result
+
+ def search_for_resource_name(self, conn_request, payload):
+ search_result = []
+ round_trip = False
+ search_payload = utils.remove_empties(payload)
+ if search_payload.get("round_trip"):
+ round_trip = True
+ if search_payload.get("round_trip") is not None:
+ del search_payload["round_trip"]
+
+ search_payload = map_params_to_obj(search_payload, self.key_transform)
+ if not contains_show_identifier_param(search_payload):
+ search_result = self.search_for_existing_rules(
+ conn_request,
+ self.api_call_object_plural_version,
+ search_payload,
+ "gathered",
+ )
+ if search_result.get("code") == 200:
+ search_result = search_result["response"][
+ self.api_call_object_plural_version
+ ]
+ return search_result
+ else:
+ search_result = self.search_for_existing_rules(
+ conn_request, self.api_call_object, search_payload, "gathered"
+ )
+ if round_trip:
+ search_result = sync_show_params_with_add_params(
+ search_result["response"], self.key_transform
+ )
+ elif search_result.get("code") and search_result["code"] == 200:
+ search_result = search_result["response"]
+ search_result = map_obj_to_params(
+ search_result,
+ self.key_transform,
+ self.module_return,
+ )
+ if search_result.get("code") and search_result["code"] != 200:
+ if (
+ search_result.get("response")
+ and "object_not_found" in search_result["response"]["code"]
+ and "not found" in search_result["response"]["message"]
+ ):
+ search_result = {}
+ elif "object_not_found" in search_result.get(
+ "code"
+ ) and "not found" in search_result.get("message"):
+ search_result = {}
+ return search_result
+
+ def delete_module_api_config(self, conn_request, module_config_params):
+ config = {}
+ before = {}
+ after = {}
+ result = {}
+ changed = False
+ round_trip = False
+ ckp_session_uid = None
+ payload = utils.remove_empties(module_config_params)
+ if payload.get("round_trip"):
+ round_trip = True
+ del payload["round_trip"]
+ remove_from_response = ["uid", "read-only", "domain"]
+ if round_trip:
+ search_payload = {"name": payload["name"], "round_trip": True}
+ else:
+ search_payload = {"name": payload["name"]}
+ search_result = self.search_for_resource_name(
+ conn_request, search_payload
+ )
+ if search_result:
+ if round_trip:
+ search_result = remove_unwanted_key(
+ search_result, remove_from_response
+ )
+ before = search_result
+ result = conn_request.post(
+ self.api_call_object, self._task.args["state"], data=payload
+ )
+ if before:
+ config.update({"before": before, "after": after})
+ else:
+ config.update({"before": before})
+ if result.get("changed"):
+ changed = True
+ ckp_session_uid = result["checkpoint_session_uid"]
+ return config, changed, ckp_session_uid
+
+ def configure_module_api(self, conn_request, module_config_params):
+ config = {}
+ before = {}
+ after = {}
+ result = {}
+ changed = False
+ round_trip = False
+ ckp_session_uid = None
+ # Add to the THIS list for the value which needs to be excluded
+ # from HAVE params when compared to WANT param like 'ID' can be
+ # part of HAVE param but may not be part of your WANT param
+ remove_from_response = ["uid", "read-only", "domain"]
+ remove_from_set = ["add-default-rule"]
+ payload = utils.remove_empties(module_config_params)
+ if payload.get("round_trip"):
+ round_trip = True
+ del payload["round_trip"]
+ if payload.get("name"):
+ if round_trip:
+ search_payload = {"name": payload["name"], "round_trip": True}
+ else:
+ search_payload = {"name": payload["name"]}
+ search_result = self.search_for_resource_name(
+ conn_request, search_payload
+ )
+ if search_result:
+ if round_trip:
+ search_result = remove_unwanted_key(
+ search_result, remove_from_response
+ )
+ before = search_result
+ payload = map_params_to_obj(payload, self.key_transform)
+ delete_params = {
+ "name": payload["name"],
+ }
+ result = conn_request.post(
+ self.api_call_object,
+ self._task.args["state"],
+ data=payload,
+ remove_keys=remove_from_set,
+ delete_params=delete_params,
+ )
+ if result.get("changed"):
+ if round_trip:
+ search_result = sync_show_params_with_add_params(
+ result["response"], self.key_transform
+ )
+ else:
+ search_result = map_obj_to_params(
+ result["response"],
+ self.key_transform,
+ self.module_return,
+ )
+ if round_trip:
+ search_result = remove_unwanted_key(
+ search_result, remove_from_response
+ )
+ after = search_result
+ ckp_session_uid = result["checkpoint_session_uid"]
+ changed = True
+ config.update({"before": before, "after": after})
+
+ return config, changed, ckp_session_uid
+
+ def run(self, tmp=None, task_vars=None):
+ self._supports_check_mode = True
+ self._result = super(ActionModule, self).run(tmp, task_vars)
+ self._check_argspec()
+ self._result["checkpoint_session_uid"] = None
+ if self._result.get("failed"):
+ return self._result
+ conn = Connection(self._connection.socket_path)
+ conn_request = CheckPointRequest(connection=conn, task_vars=task_vars)
+ if self._task.args["state"] == "gathered":
+ if self._task.args.get("config"):
+ self._result["gathered"] = self.search_for_resource_name(
+ conn_request, self._task.args["config"]
+ )
+ else:
+ self._result["gathered"] = self.search_for_resource_name(
+ conn_request, dict()
+ )
+ elif (
+ self._task.args["state"] == "merged"
+ or self._task.args["state"] == "replaced"
+ ):
+ if self._task.args.get("config"):
+ (
+ self._result[self.module_return],
+ self._result["changed"],
+ self._result["checkpoint_session_uid"],
+ ) = self.configure_module_api(
+ conn_request, self._task.args["config"]
+ )
+ elif self._task.args["state"] == "deleted":
+ if self._task.args.get("config"):
+ (
+ self._result[self.module_return],
+ self._result["changed"],
+ self._result["checkpoint_session_uid"],
+ ) = self.delete_module_api_config(
+ conn_request, self._task.args["config"]
+ )
+ if self._result.get("checkpoint_session_uid") is None:
+ del self._result["checkpoint_session_uid"]
+
+ return self._result
diff --git a/ansible_collections/check_point/mgmt/plugins/action/cp_mgmt_access_rules.py b/ansible_collections/check_point/mgmt/plugins/action/cp_mgmt_access_rules.py
index 3a06797d9..bee4770f5 100644
--- a/ansible_collections/check_point/mgmt/plugins/action/cp_mgmt_access_rules.py
+++ b/ansible_collections/check_point/mgmt/plugins/action/cp_mgmt_access_rules.py
@@ -1,60 +1,91 @@
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
from ansible.errors import AnsibleActionFail
from ansible.plugins.action import ActionBase
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import \
- prepare_rule_params_for_execute_module, check_if_to_publish_for_action
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ prepare_rule_params_for_execute_module,
+ check_if_to_publish_for_action,
+)
class ActionModule(ActionBase):
-
def run(self, tmp=None, task_vars=None):
module = super(ActionModule, self).run(tmp, task_vars)
- result = self._execute_module(module_name='check_point.mgmt.cp_mgmt_access_rules', module_args=self._task.args,
- task_vars=task_vars, tmp=tmp)
+ result = self._execute_module(
+ module_name="check_point.mgmt.cp_mgmt_access_rules",
+ module_args=self._task.args,
+ task_vars=task_vars,
+ tmp=tmp,
+ )
- if 'msg' in result.keys():
- raise AnsibleActionFail(result['msg'])
+ if "msg" in result.keys():
+ raise AnsibleActionFail(result["msg"])
module_args = self._task.args
- fields = {'position', 'layer', 'auto_publish_session'}
- rules_list = module_args['rules']
+ fields = {"position", "layer", "auto_publish_session"}
+ rules_list = module_args["rules"]
for rule in rules_list:
for field in fields:
if field in rule.keys():
- raise AnsibleActionFail('Unsupported parameter ' + field + ' for rule')
+ raise AnsibleActionFail(
+ "Unsupported parameter " + field + " for rule"
+ )
# check_fields_for_rule_action_module(module_args)
- rules_list = self._task.args['rules']
+ rules_list = self._task.args["rules"]
position = 1
below_rule_name = None
for rule in rules_list:
- rule, position, below_rule_name = prepare_rule_params_for_execute_module(rule=rule, module_args=module_args,
- position=position,
- below_rule_name=below_rule_name)
-
- result['rule: ' + rule['name']] = self._execute_module(module_name='check_point.mgmt.cp_mgmt_access_rule',
- module_args=rule,
- task_vars=task_vars, tmp=tmp, wrap_async=False)
- if 'changed' in result['rule: ' + rule['name']].keys() and \
- result['rule: ' + rule['name']]['changed'] is True:
- result['changed'] = True
- if 'failed' in result['rule: ' + rule['name']].keys() and result['rule: ' + rule['name']]['failed'] is True:
- temp = result['rule: ' + rule['name']].copy()
+ (
+ rule,
+ position,
+ below_rule_name,
+ ) = prepare_rule_params_for_execute_module(
+ rule=rule,
+ module_args=module_args,
+ position=position,
+ below_rule_name=below_rule_name,
+ )
+
+ result["rule: " + rule["name"]] = self._execute_module(
+ module_name="check_point.mgmt.cp_mgmt_access_rule",
+ module_args=rule,
+ task_vars=task_vars,
+ tmp=tmp,
+ wrap_async=False,
+ )
+ if (
+ "changed" in result["rule: " + rule["name"]].keys()
+ and result["rule: " + rule["name"]]["changed"] is True
+ ):
+ result["changed"] = True
+ if (
+ "failed" in result["rule: " + rule["name"]].keys()
+ and result["rule: " + rule["name"]]["failed"] is True
+ ):
+ temp = result["rule: " + rule["name"]].copy()
result = {}
- result['rule: ' + rule['name']] = temp
- result['failed'] = True
- result['discard:'] = self._execute_module(module_name='check_point.mgmt.cp_mgmt_discard',
- module_args={}, task_vars=task_vars, tmp=tmp)
+ result["rule: " + rule["name"]] = temp
+ result["failed"] = True
+ result["discard:"] = self._execute_module(
+ module_name="check_point.mgmt.cp_mgmt_discard",
+ module_args={},
+ task_vars=task_vars,
+ tmp=tmp,
+ )
break
if check_if_to_publish_for_action(result, module_args):
- result['publish:'] = self._execute_module(module_name='check_point.mgmt.cp_mgmt_publish', module_args={},
- task_vars=task_vars, tmp=tmp)
+ result["publish:"] = self._execute_module(
+ module_name="check_point.mgmt.cp_mgmt_publish",
+ module_args={},
+ task_vars=task_vars,
+ tmp=tmp,
+ )
return result
diff --git a/ansible_collections/check_point/mgmt/plugins/action/cp_mgmt_hosts.py b/ansible_collections/check_point/mgmt/plugins/action/cp_mgmt_hosts.py
new file mode 100644
index 000000000..9dc289d31
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/action/cp_mgmt_hosts.py
@@ -0,0 +1,281 @@
+# -*- coding: utf-8 -*-
+# Copyright 2022 Red Hat
+# GNU General Public License v3.0+
+# (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+"""
+The module file for cp_mgmt_hosts
+"""
+
+from __future__ import absolute_import, division, print_function
+
+__metaclass__ = type
+
+from ansible.plugins.action import ActionBase
+from ansible.module_utils.connection import Connection
+
+from ansible_collections.ansible.netcommon.plugins.module_utils.network.common import (
+ utils,
+)
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ CheckPointRequest,
+ map_params_to_obj,
+ map_obj_to_params,
+ sync_show_params_with_add_params,
+ remove_unwanted_key,
+ contains_show_identifier_param,
+)
+from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import (
+ AnsibleArgSpecValidator,
+)
+from ansible_collections.check_point.mgmt.plugins.modules.cp_mgmt_hosts import (
+ DOCUMENTATION,
+)
+
+
+class ActionModule(ActionBase):
+ """action module"""
+
+ def __init__(self, *args, **kwargs):
+ super(ActionModule, self).__init__(*args, **kwargs)
+ self._result = None
+ self.api_call_object = "host"
+ self.api_call_object_plural_version = "hosts"
+ self.module_return = "mgmt_hosts"
+ self.key_transform = {
+ "ip_address": "ip-address",
+ "ipv4_address": "ipv4-address",
+ "ipv6_address": "ipv6-address",
+ "interfaces": "interfaces",
+ "nat_settings": "nat-settings",
+ "hide_behind": "hide-behind",
+ "install_on": "install-on",
+ "host_servers": "host-servers",
+ "dns_server": "dns-server",
+ "mail_server": "mail-server",
+ "web_server": "web-server",
+ "web_server_config": "web-server-config",
+ "additional_ports": "additional-ports",
+ "application_engines": "application-engines",
+ "listen_standard_port": "listen-standard-port",
+ "operating_system": "operating-system",
+ "protected_by": "protected-by",
+ "details_level": "details-level",
+ "ignore_warnings": "ignore-warnings",
+ "ignore_errors": "ignore-errors",
+ "mask_length": "mask-length",
+ "mask_length4": "mask-length4",
+ "mask_length6": "mask-length4",
+ "subnet_mask": "subnet-mask",
+ }
+
+ def _check_argspec(self):
+ aav = AnsibleArgSpecValidator(
+ data=self._task.args,
+ schema=DOCUMENTATION,
+ schema_format="doc",
+ name=self._task.action,
+ )
+ valid, errors, self._task.args = aav.validate()
+ if not valid:
+ self._result["failed"] = True
+ self._result["msg"] = errors
+
+ def search_for_existing_rules(
+ self, conn_request, api_call_object, search_payload=None, state=None
+ ):
+ result = conn_request.post(api_call_object, state, data=search_payload)
+ return result
+
+ def search_for_resource_name(self, conn_request, payload):
+ search_result = []
+ round_trip = False
+
+ search_payload = utils.remove_empties(payload)
+ if search_payload.get("round_trip"):
+ round_trip = True
+ if search_payload.get("round_trip") is not None:
+ del search_payload["round_trip"]
+ search_payload = map_params_to_obj(search_payload, self.key_transform)
+ if not contains_show_identifier_param(search_payload):
+ search_result = self.search_for_existing_rules(
+ conn_request,
+ self.api_call_object_plural_version,
+ search_payload,
+ "gathered",
+ )
+ if search_result.get("code") == 200:
+ search_result = search_result["response"]["objects"]
+ return search_result
+ else:
+ search_result = self.search_for_existing_rules(
+ conn_request, self.api_call_object, search_payload, "gathered"
+ )
+ if round_trip:
+ search_result = sync_show_params_with_add_params(
+ search_result["response"], self.key_transform
+ )
+ elif search_result.get("code") and search_result["code"] == 200:
+ search_result = search_result["response"]
+ search_result = map_obj_to_params(
+ search_result,
+ self.key_transform,
+ self.module_return,
+ )
+ if search_result.get("code") and search_result["code"] != 200:
+ if (
+ search_result.get("response")
+ and "object_not_found" in search_result["response"]["code"]
+ and "not found" in search_result["response"]["message"]
+ ):
+ search_result = {}
+ elif "object_not_found" in search_result.get(
+ "code"
+ ) and "not found" in search_result.get("message"):
+ search_result = {}
+ return search_result
+
+ def delete_module_api_config(self, conn_request, module_config_params):
+ config = {}
+ before = {}
+ after = {}
+ result = {}
+ changed = False
+ round_trip = False
+ ckp_session_uid = None
+ payload = utils.remove_empties(module_config_params)
+ if payload.get("round_trip"):
+ round_trip = True
+ del payload["round_trip"]
+ remove_from_response = ["uid", "read-only", "domain"]
+ if round_trip:
+ search_payload = {"name": payload["name"], "round_trip": True}
+ else:
+ search_payload = {"name": payload["name"]}
+ search_result = self.search_for_resource_name(
+ conn_request, search_payload
+ )
+ if search_result:
+ if round_trip:
+ search_result = remove_unwanted_key(
+ search_result, remove_from_response
+ )
+ before = search_result
+ result = conn_request.post(
+ self.api_call_object, self._task.args["state"], data=payload
+ )
+ if before:
+ config.update({"before": before, "after": after})
+ else:
+ config.update({"before": before})
+ if result.get("changed"):
+ changed = True
+ ckp_session_uid = result["checkpoint_session_uid"]
+ return config, changed, ckp_session_uid
+
+ def configure_module_api(self, conn_request, module_config_params):
+ config = {}
+ before = {}
+ after = {}
+ result = {}
+ changed = False
+ round_trip = False
+ ckp_session_uid = None
+ # Add to the THIS list for the value which needs to be excluded
+ # from HAVE params when compared to WANT param like 'ID' can be
+ # part of HAVE param but may not be part of your WANT param
+ remove_from_response = ["uid", "read-only", "domain"]
+ remove_from_set = []
+ payload = utils.remove_empties(module_config_params)
+ if payload.get("round_trip"):
+ round_trip = True
+ del payload["round_trip"]
+ if payload.get("name"):
+ if round_trip:
+ search_payload = {"name": payload["name"], "round_trip": True}
+ else:
+ search_payload = {"name": payload["name"]}
+ search_result = self.search_for_resource_name(
+ conn_request, search_payload
+ )
+ if search_result:
+ if round_trip:
+ search_result = remove_unwanted_key(
+ search_result, remove_from_response
+ )
+ before = search_result
+ payload = map_params_to_obj(payload, self.key_transform)
+ delete_params = {
+ "name": payload["name"],
+ }
+ result = conn_request.post(
+ self.api_call_object,
+ self._task.args["state"],
+ data=payload,
+ remove_keys=remove_from_set,
+ delete_params=delete_params,
+ )
+ if result.get("changed"):
+ if round_trip:
+ search_result = sync_show_params_with_add_params(
+ result["response"], self.key_transform
+ )
+ else:
+ search_result = map_obj_to_params(
+ result["response"],
+ self.key_transform,
+ self.module_return,
+ )
+ if round_trip:
+ search_result = remove_unwanted_key(
+ search_result, remove_from_response
+ )
+ after = search_result
+ ckp_session_uid = result["checkpoint_session_uid"]
+ changed = True
+ config.update({"before": before, "after": after})
+
+ return config, changed, ckp_session_uid
+
+ def run(self, tmp=None, task_vars=None):
+ self._supports_check_mode = True
+ self._result = super(ActionModule, self).run(tmp, task_vars)
+ self._check_argspec()
+ self._result["checkpoint_session_uid"] = None
+ if self._result.get("failed"):
+ return self._result
+ conn = Connection(self._connection.socket_path)
+ conn_request = CheckPointRequest(connection=conn, task_vars=task_vars)
+ if self._task.args["state"] == "gathered":
+ if self._task.args.get("config"):
+ self._result["gathered"] = self.search_for_resource_name(
+ conn_request, self._task.args["config"]
+ )
+ else:
+ self._result["gathered"] = self.search_for_resource_name(
+ conn_request, dict()
+ )
+ elif (
+ self._task.args["state"] == "merged"
+ or self._task.args["state"] == "replaced"
+ ):
+ if self._task.args.get("config"):
+ (
+ self._result[self.module_return],
+ self._result["changed"],
+ self._result["checkpoint_session_uid"],
+ ) = self.configure_module_api(
+ conn_request, self._task.args["config"]
+ )
+ elif self._task.args["state"] == "deleted":
+ if self._task.args.get("config"):
+ (
+ self._result[self.module_return],
+ self._result["changed"],
+ self._result["checkpoint_session_uid"],
+ ) = self.delete_module_api_config(
+ conn_request, self._task.args["config"]
+ )
+ if self._result.get("checkpoint_session_uid") is None:
+ del self._result["checkpoint_session_uid"]
+
+ return self._result
diff --git a/ansible_collections/check_point/mgmt/plugins/action/cp_mgmt_threat_layers.py b/ansible_collections/check_point/mgmt/plugins/action/cp_mgmt_threat_layers.py
new file mode 100644
index 000000000..4e91ecfac
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/action/cp_mgmt_threat_layers.py
@@ -0,0 +1,264 @@
+# -*- coding: utf-8 -*-
+# Copyright 2022 Red Hat
+# GNU General Public License v3.0+
+# (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+"""
+The module file for cp_mgmt_threat_layers
+"""
+
+from __future__ import absolute_import, division, print_function
+
+__metaclass__ = type
+
+from ansible.plugins.action import ActionBase
+from ansible.module_utils.connection import Connection
+
+from ansible_collections.ansible.netcommon.plugins.module_utils.network.common import (
+ utils,
+)
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ CheckPointRequest,
+ map_params_to_obj,
+ map_obj_to_params,
+ sync_show_params_with_add_params,
+ remove_unwanted_key,
+ contains_show_identifier_param,
+)
+from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import (
+ AnsibleArgSpecValidator,
+)
+from ansible_collections.check_point.mgmt.plugins.modules.cp_mgmt_threat_layers import (
+ DOCUMENTATION,
+)
+
+
+class ActionModule(ActionBase):
+ """action module"""
+
+ def __init__(self, *args, **kwargs):
+ super(ActionModule, self).__init__(*args, **kwargs)
+ self._result = None
+ self.api_call_object = "threat-layer"
+ self.api_call_object_plural_version = "threat-layers"
+ self.module_return = "mgmt_threat_layers"
+ self.key_transform = {
+ "add_default_rule": "add-default-rule",
+ "details_level": "details-level",
+ "ignore_warnings": "ignore-warnings",
+ "ignore_errors": "ignore-errors",
+ }
+
+ def _check_argspec(self):
+ aav = AnsibleArgSpecValidator(
+ data=self._task.args,
+ schema=DOCUMENTATION,
+ schema_format="doc",
+ name=self._task.action,
+ )
+ valid, errors, self._task.args = aav.validate()
+ if not valid:
+ self._result["failed"] = True
+ self._result["msg"] = errors
+
+ def search_for_existing_rules(
+ self, conn_request, api_call_object, search_payload=None, state=None
+ ):
+ result = conn_request.post(api_call_object, state, data=search_payload)
+ return result
+
+ def search_for_resource_name(self, conn_request, payload):
+ search_result = []
+ round_trip = False
+
+ search_payload = utils.remove_empties(payload)
+ if search_payload.get("round_trip"):
+ round_trip = True
+ if search_payload.get("round_trip") is not None:
+ del search_payload["round_trip"]
+ search_payload = map_params_to_obj(search_payload, self.key_transform)
+ if not contains_show_identifier_param(search_payload):
+ search_result = self.search_for_existing_rules(
+ conn_request,
+ self.api_call_object_plural_version,
+ search_payload,
+ "gathered",
+ )
+ if search_result.get("code") == 200:
+ search_result = search_result["response"][
+ self.api_call_object_plural_version
+ ]
+ return search_result
+ else:
+ search_result = self.search_for_existing_rules(
+ conn_request, self.api_call_object, search_payload, "gathered"
+ )
+ if round_trip:
+ search_result = sync_show_params_with_add_params(
+ search_result["response"], self.key_transform
+ )
+ elif search_result.get("code") and search_result["code"] == 200:
+ search_result = search_result["response"]
+ search_result = map_obj_to_params(
+ search_result,
+ self.key_transform,
+ self.module_return,
+ )
+ if search_result.get("code") and search_result["code"] != 200:
+ if (
+ search_result.get("response")
+ and "object_not_found" in search_result["response"]["code"]
+ and "not found" in search_result["response"]["message"]
+ ):
+ search_result = {}
+ elif "object_not_found" in search_result.get(
+ "code"
+ ) and "not found" in search_result.get("message"):
+ search_result = {}
+ return search_result
+
+ def delete_module_api_config(self, conn_request, module_config_params):
+ config = {}
+ before = {}
+ after = {}
+ result = {}
+ changed = False
+ round_trip = False
+ ckp_session_uid = None
+ payload = utils.remove_empties(module_config_params)
+ if payload.get("round_trip"):
+ round_trip = True
+ del payload["round_trip"]
+ remove_from_response = ["uid", "read-only", "domain"]
+ if round_trip:
+ search_payload = {"name": payload["name"], "round_trip": True}
+ else:
+ search_payload = {"name": payload["name"]}
+ search_result = self.search_for_resource_name(
+ conn_request, search_payload
+ )
+ if search_result:
+ if round_trip:
+ search_result = remove_unwanted_key(
+ search_result, remove_from_response
+ )
+ before = search_result
+ result = conn_request.post(
+ self.api_call_object, self._task.args["state"], data=payload
+ )
+ if before:
+ config.update({"before": before, "after": after})
+ else:
+ config.update({"before": before})
+ if result.get("changed"):
+ changed = True
+ ckp_session_uid = result["checkpoint_session_uid"]
+
+ return config, changed, ckp_session_uid
+
+ def configure_module_api(self, conn_request, module_config_params):
+ config = {}
+ before = {}
+ after = {}
+ result = {}
+ changed = False
+ round_trip = False
+ ckp_session_uid = None
+ # Add to the THIS list for the value which needs to be excluded
+ # from HAVE params when compared to WANT param like 'ID' can be
+ # part of HAVE param but may not be part of your WANT param
+ remove_from_response = ["uid", "read-only", "domain"]
+ remove_from_set = ["add-default-rule"]
+ payload = utils.remove_empties(module_config_params)
+ if payload.get("round_trip"):
+ round_trip = True
+ del payload["round_trip"]
+ if payload.get("name"):
+ if round_trip:
+ search_payload = {"name": payload["name"], "round_trip": True}
+ else:
+ search_payload = {"name": payload["name"]}
+ search_result = self.search_for_resource_name(
+ conn_request, search_payload
+ )
+ if search_result:
+ if round_trip:
+ search_result = remove_unwanted_key(
+ search_result, remove_from_response
+ )
+ before = search_result
+ payload = map_params_to_obj(payload, self.key_transform)
+ delete_params = {
+ "name": payload["name"],
+ }
+ result = conn_request.post(
+ self.api_call_object,
+ self._task.args["state"],
+ data=payload,
+ remove_keys=remove_from_set,
+ delete_params=delete_params,
+ )
+ if result.get("changed"):
+ if round_trip:
+ search_result = sync_show_params_with_add_params(
+ result["response"], self.key_transform
+ )
+ else:
+ search_result = map_obj_to_params(
+ result["response"],
+ self.key_transform,
+ self.module_return,
+ )
+ if round_trip:
+ search_result = remove_unwanted_key(
+ search_result, remove_from_response
+ )
+ after = search_result
+ ckp_session_uid = result["checkpoint_session_uid"]
+ changed = True
+ config.update({"before": before, "after": after})
+
+ return config, changed, ckp_session_uid
+
+ def run(self, tmp=None, task_vars=None):
+ self._supports_check_mode = True
+ self._result = super(ActionModule, self).run(tmp, task_vars)
+ self._check_argspec()
+ self._result["checkpoint_session_uid"] = None
+ if self._result.get("failed"):
+ return self._result
+ conn = Connection(self._connection.socket_path)
+ conn_request = CheckPointRequest(connection=conn, task_vars=task_vars)
+ if self._task.args["state"] == "gathered":
+ if self._task.args.get("config"):
+ self._result["gathered"] = self.search_for_resource_name(
+ conn_request, self._task.args["config"]
+ )
+ else:
+ self._result["gathered"] = self.search_for_resource_name(
+ conn_request, dict()
+ )
+ elif (
+ self._task.args["state"] == "merged"
+ or self._task.args["state"] == "replaced"
+ ):
+ if self._task.args.get("config"):
+ (
+ self._result[self.module_return],
+ self._result["changed"],
+ self._result["checkpoint_session_uid"],
+ ) = self.configure_module_api(
+ conn_request, self._task.args["config"]
+ )
+ elif self._task.args["state"] == "deleted":
+ if self._task.args.get("config"):
+ (
+ self._result[self.module_return],
+ self._result["changed"],
+ self._result["checkpoint_session_uid"],
+ ) = self.delete_module_api_config(
+ conn_request, self._task.args["config"]
+ )
+ if self._result.get("checkpoint_session_uid") is None:
+ del self._result["checkpoint_session_uid"]
+
+ return self._result
diff --git a/ansible_collections/check_point/mgmt/plugins/doc_fragments/checkpoint_commands.py b/ansible_collections/check_point/mgmt/plugins/doc_fragments/checkpoint_commands.py
index 19e13ffac..a11749626 100644
--- a/ansible_collections/check_point/mgmt/plugins/doc_fragments/checkpoint_commands.py
+++ b/ansible_collections/check_point/mgmt/plugins/doc_fragments/checkpoint_commands.py
@@ -3,14 +3,15 @@
# Copyright: (c) 2019, Or Soffer <orso@checkpoint.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
+
__metaclass__ = type
class ModuleDocFragment(object):
# Standard files documentation fragment
- DOCUMENTATION = r'''
+ DOCUMENTATION = r"""
options:
wait_for_task:
description:
@@ -26,4 +27,9 @@ options:
description:
- Version of checkpoint. If not given one, the latest version taken.
type: str
-'''
+ auto_publish_session:
+ description:
+ - Publish the current session if changes have been performed after task completes.
+ type: bool
+ default: False
+"""
diff --git a/ansible_collections/check_point/mgmt/plugins/doc_fragments/checkpoint_facts.py b/ansible_collections/check_point/mgmt/plugins/doc_fragments/checkpoint_facts.py
index 08a6b8954..7b520a7ae 100644
--- a/ansible_collections/check_point/mgmt/plugins/doc_fragments/checkpoint_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/doc_fragments/checkpoint_facts.py
@@ -3,19 +3,18 @@
# Copyright: (c) 2019, Or Soffer <orso@checkpoint.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
-from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
class ModuleDocFragment(object):
# Standard files documentation fragment
- DOCUMENTATION = r'''
+ DOCUMENTATION = r"""
options:
version:
description:
- Version of checkpoint. If not given one, the latest version taken.
type: str
-'''
+"""
diff --git a/ansible_collections/check_point/mgmt/plugins/doc_fragments/checkpoint_objects.py b/ansible_collections/check_point/mgmt/plugins/doc_fragments/checkpoint_objects.py
index 6df1f2f82..351656b4c 100644
--- a/ansible_collections/check_point/mgmt/plugins/doc_fragments/checkpoint_objects.py
+++ b/ansible_collections/check_point/mgmt/plugins/doc_fragments/checkpoint_objects.py
@@ -3,28 +3,27 @@
# Copyright: (c) 2019, Or Soffer <orso@checkpoint.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
+
__metaclass__ = type
class ModuleDocFragment(object):
# Standard files documentation fragment
- DOCUMENTATION = r'''
+ DOCUMENTATION = r"""
options:
state:
description:
- - State of the access rule (present or absent). Defaults to present.
+ - State of the access rule (present or absent).
type: str
default: present
- choices:
- - 'present'
- - 'absent'
+ choices: ['present', 'absent']
auto_publish_session:
description:
- - Publish the current session if changes have been performed
- after task completes.
+ - Publish the current session if changes have been performed after task completes.
type: bool
+ default: False
wait_for_task:
description:
- Wait for the task to end. Such as publish task.
@@ -39,4 +38,4 @@ options:
description:
- Version of checkpoint. If not given one, the latest version taken.
type: str
-'''
+"""
diff --git a/ansible_collections/check_point/mgmt/plugins/doc_fragments/checkpoint_objects_action_module.py b/ansible_collections/check_point/mgmt/plugins/doc_fragments/checkpoint_objects_action_module.py
index 992428bbe..62d8d5f60 100644
--- a/ansible_collections/check_point/mgmt/plugins/doc_fragments/checkpoint_objects_action_module.py
+++ b/ansible_collections/check_point/mgmt/plugins/doc_fragments/checkpoint_objects_action_module.py
@@ -3,20 +3,22 @@
# Copyright: (c) 2019, Or Soffer <orso@checkpoint.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
+
__metaclass__ = type
class ModuleDocFragment(object):
# Standard files documentation fragment
- DOCUMENTATION = r'''
+ DOCUMENTATION = r"""
options:
auto_publish_session:
description:
- Publish the current session if changes have been performed
after task completes.
type: bool
+ default: False
wait_for_task_timeout:
description:
- How many minutes to wait until throwing a timeout error.
@@ -26,4 +28,4 @@ options:
description:
- Version of checkpoint. If not given one, the latest version taken.
type: str
-'''
+"""
diff --git a/ansible_collections/check_point/mgmt/plugins/httpapi/checkpoint.py b/ansible_collections/check_point/mgmt/plugins/httpapi/checkpoint.py
index ade89cb00..606af77b1 100644
--- a/ansible_collections/check_point/mgmt/plugins/httpapi/checkpoint.py
+++ b/ansible_collections/check_point/mgmt/plugins/httpapi/checkpoint.py
@@ -1,7 +1,7 @@
# (c) 2018 Red Hat Inc.
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
@@ -44,39 +44,44 @@ from ansible.plugins.httpapi import HttpApiBase
from ansible.module_utils.connection import ConnectionError
BASE_HEADERS = {
- 'Content-Type': 'application/json',
- 'User-Agent': 'Ansible',
+ "Content-Type": "application/json",
+ "User-Agent": "Ansible",
}
class HttpApi(HttpApiBase):
def login(self, username, password):
payload = {}
- cp_domain = self.get_option('domain')
- cp_api_key = self.get_option('api_key')
+ cp_domain = self.get_option("domain")
+ cp_api_key = self.get_option("api_key")
if cp_domain:
- payload['domain'] = cp_domain
+ payload["domain"] = cp_domain
if username and password and not cp_api_key:
- payload['user'] = username
- payload['password'] = password
+ payload["user"] = username
+ payload["password"] = password
elif cp_api_key and not username and not password:
- payload['api-key'] = cp_api_key
+ payload["api-key"] = cp_api_key
else:
- raise AnsibleConnectionFailure('[Username and password] or api_key are required for login')
- url = '/web_api/login'
+ raise AnsibleConnectionFailure(
+ "[Username and password] or api_key are required for login"
+ )
+ url = "/web_api/login"
response, response_data = self.send_request(url, payload)
-
+ if response != 200:
+ raise ConnectionError("Login to server failed: %s" % response_data)
try:
- self.connection._auth = {'X-chkp-sid': response_data['sid']}
+ self.connection._auth = {"X-chkp-sid": response_data["sid"]}
except KeyError:
raise ConnectionError(
- 'Server returned response without token info during connection authentication: %s' % response)
+ "Server returned response without token info during connection authentication: %s"
+ % response
+ )
# Case of read-only
- if 'uid' in response_data.keys():
- self.connection._session_uid = response_data['uid']
+ if "uid" in response_data.keys():
+ self.connection._session_uid = response_data["uid"]
def logout(self):
- url = '/web_api/logout'
+ url = "/web_api/logout"
response, dummy = self.send_request(url, None)
@@ -84,13 +89,15 @@ class HttpApi(HttpApiBase):
return self.connection._session_uid
def send_request(self, path, body_params):
- data = json.dumps(body_params) if body_params else '{}'
- cp_cloud_mgmt_id = self.get_option('cloud_mgmt_id')
+ data = json.dumps(body_params) if body_params else "{}"
+ cp_cloud_mgmt_id = self.get_option("cloud_mgmt_id")
if cp_cloud_mgmt_id:
- path = '/' + cp_cloud_mgmt_id + path
+ path = "/" + cp_cloud_mgmt_id + path
try:
self._display_request()
- response, response_data = self.connection.send(path, data, method='POST', headers=BASE_HEADERS)
+ response, response_data = self.connection.send(
+ path, data, method="POST", headers=BASE_HEADERS
+ )
value = self._get_response_value(response_data)
return response.getcode(), self._response_to_json(value)
@@ -101,7 +108,9 @@ class HttpApi(HttpApiBase):
return e.code, error
def _display_request(self):
- self.connection.queue_message('vvvv', 'Web Services: %s %s' % ('POST', self.connection._url))
+ self.connection.queue_message(
+ "vvvv", "Web Services: %s %s" % ("POST", self.connection._url)
+ )
def _get_response_value(self, response_data):
return to_text(response_data.getvalue())
@@ -111,4 +120,4 @@ class HttpApi(HttpApiBase):
return json.loads(response_text) if response_text else {}
# JSONDecodeError only available on Python 3.5+
except ValueError:
- raise ConnectionError('Invalid JSON response: %s' % response_text)
+ raise ConnectionError("Invalid JSON response: %s" % response_text)
diff --git a/ansible_collections/check_point/mgmt/plugins/module_utils/checkpoint.py b/ansible_collections/check_point/mgmt/plugins/module_utils/checkpoint.py
index 476e56f16..12d5ea360 100644
--- a/ansible_collections/check_point/mgmt/plugins/module_utils/checkpoint.py
+++ b/ansible_collections/check_point/mgmt/plugins/module_utils/checkpoint.py
@@ -4,7 +4,7 @@
# still belong to the author of the module, and may assign their own license
# to the complete work.
#
-# (c) 2018 Red Hat Inc.
+# (c) 2022 Red Hat Inc.
#
# Redistribution and use in source and binary forms, with or without modification,
# are permitted provided that the following conditions are met:
@@ -26,71 +26,246 @@
# USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
import time
-
+from ansible.module_utils.six import iteritems
+from ansible.module_utils.urls import CertificateError
+from ansible.module_utils.connection import ConnectionError
from ansible.module_utils.connection import Connection
+from ansible_collections.ansible.netcommon.plugins.module_utils.network.common import (
+ utils,
+)
+
+
+BASE_HEADERS = {
+ "Content-Type": "application/json",
+ "User-Agent": "Ansible",
+}
checkpoint_argument_spec_for_action_module = dict(
- auto_publish_session=dict(type='bool'),
- wait_for_task_timeout=dict(type='int', default=30),
- version=dict(type='str')
+ auto_publish_session=dict(type="bool", default=False),
+ wait_for_task_timeout=dict(type="int", default=30),
+ version=dict(type="str"),
)
checkpoint_argument_spec_for_objects = dict(
- auto_publish_session=dict(type='bool'),
- wait_for_task=dict(type='bool', default=True),
- wait_for_task_timeout=dict(type='int', default=30),
- state=dict(type='str', choices=['present', 'absent'], default='present'),
- version=dict(type='str')
+ auto_publish_session=dict(type="bool", default=False),
+ wait_for_task=dict(type="bool", default=True),
+ wait_for_task_timeout=dict(type="int", default=30),
+ state=dict(type="str", choices=["present", "absent"], default="present"),
+ version=dict(type="str"),
)
-checkpoint_argument_spec_for_facts = dict(
- version=dict(type='str')
-)
+checkpoint_argument_spec_for_facts = dict(version=dict(type="str"))
checkpoint_argument_spec_for_commands = dict(
- wait_for_task=dict(type='bool', default=True),
- wait_for_task_timeout=dict(type='int', default=30),
- version=dict(type='str')
+ wait_for_task=dict(type="bool", default=True),
+ wait_for_task_timeout=dict(type="int", default=30),
+ version=dict(type="str"),
+ auto_publish_session=dict(type="bool", default=False),
)
-delete_params = ['name', 'uid', 'layer', 'exception-group-name', 'rule-name', 'package']
+delete_params = [
+ "name",
+ "uid",
+ "layer",
+ "exception-group-name",
+ "rule-name",
+ "package",
+ "ignore-errors",
+ "ignore-warnings",
+ "gateway-uid"
+]
+
+remove_from_set_payload = {
+ "lsm-cluster": [
+ "security-profile",
+ "name-prefix",
+ "name-suffix",
+ "main-ip-address",
+ ],
+ "md-permissions-profile": ["permission-level"],
+}
+
+remove_from_add_payload = {"lsm-cluster": ["name"]}
+
+
+def _fail_json(msg):
+ """Replace the AnsibleModule fail_json here
+ :param msg: The message for the failure
+ :type msg: str
+ """
+ raise Exception(msg)
+
+
+def map_params_to_obj(module_params, key_transform):
+ """The fn to convert the api returned params to module params
+ :param module_params: Module params
+ :param key_transform: Dict with module equivalent API params
+ :rtype: A dict
+ :returns: dict with module prams transformed having API expected params
+ """
+ obj = {}
+ for k, v in iteritems(key_transform):
+ if k in module_params and (
+ module_params.get(k)
+ or module_params.get(k) == 0
+ or module_params.get(k) is False
+ ):
+ val = module_params.pop(k)
+ if isinstance(val, list):
+ temp = []
+ for each in val:
+ if isinstance(each, dict):
+ temp.append(map_params_to_obj(each, key_transform))
+ if temp:
+ val = temp
+ if isinstance(val, dict):
+ temp_child = {}
+ for each_k, each_v in iteritems(val):
+ if "_" in each_k:
+ temp_param = "-".join(each_k.split("_"))
+ if isinstance(each_v, dict):
+ temp_dict = map_params_to_obj(
+ each_v, key_transform
+ )
+ each_v = temp_dict
+ temp_child.update({temp_param: each_v})
+ else:
+ temp_child.update({each_k: each_v})
+ obj[v] = temp_child
+ else:
+ obj[v] = val
+ if module_params:
+ obj.update(module_params)
+ return obj
+
+
+def map_obj_to_params(module_return_params, key_transform, return_param):
+ """The fn to convert the api returned params to module params
+ :param module_return_params: API returned response params
+ :param key_transform: Module params
+ :rtype: A dict
+ :returns: dict with api returned value to module param value
+ """
+ temp = {}
+ if module_return_params.get(return_param):
+ temp[return_param] = []
+ for each in module_return_params[return_param]:
+ api_temp = {}
+ for k, v in iteritems(key_transform):
+ if v in each and (
+ each.get(v) or each.get(v) == 0 or each.get(v) is False
+ ):
+ api_temp[k] = each.pop(v)
+ if each:
+ api_temp.update(each)
+ temp[return_param].append(api_temp)
+ else:
+ for k, v in iteritems(key_transform):
+ if v in module_return_params and (
+ module_return_params.get(v)
+ or module_return_params.get(v) == 0
+ or module_return_params.get(v) is False
+ ):
+ if isinstance(module_return_params[v], dict):
+ temp_child = {}
+ for each_k, each_v in iteritems(module_return_params[v]):
+ if "-" in each_k:
+ temp_param = "_".join(each_k.split("-"))
+ if temp_param in key_transform:
+ temp_child.update({temp_param: each_v})
+ else:
+ temp_child.update({each_k: each_v})
+ temp[k] = temp_child
+ module_return_params.pop(v)
+ else:
+ temp[k] = module_return_params.pop(v)
+ if module_return_params:
+ temp.update(module_return_params)
+ return temp
+
-remove_from_set_payload = {'lsm-cluster': ['security-profile', 'name-prefix', 'name-suffix', 'main-ip-address'],
- 'md-permissions-profile': ['permission-level']}
+def verify_want_have_diff(want, have, remove_key_from_diff):
+ for each in remove_key_from_diff:
+ if each in want:
+ del want[each]
+ diff = utils.dict_diff(have, want)
+ return diff
-remove_from_add_payload = {'lsm-cluster': ['name']}
+
+def remove_unwanted_key(payload, remove_keys):
+ for each in remove_keys:
+ if each in payload:
+ del payload[each]
+ return payload
+
+
+def sync_show_params_with_add_params(search_result, key_transform):
+ temp = {}
+ remove_keys = ["type", "meta-info"]
+ for k, v in iteritems(search_result):
+ if k in remove_keys:
+ continue
+ if isinstance(v, dict):
+ if v.get("name"):
+ temp.update({k: v["name"]})
+ else:
+ temp_child = {}
+ for each_k, each_v in iteritems(v):
+ if isinstance(each_v, dict):
+ if each_v.get("name"):
+ temp_child.update({each_k: each_v["name"]})
+ else:
+ temp_child.update({each_k: each_v})
+ temp.update({k: temp_child})
+ elif isinstance(v, list):
+ temp[k] = []
+ for each in v:
+ if each.get("name"):
+ temp[k].append(each["name"])
+ else:
+ temp.update(each)
+ else:
+ temp.update({k: v})
+ temp = map_obj_to_params(temp, key_transform, "")
+ return temp
# parse failure message with code and response
def parse_fail_message(code, response):
- return 'Checkpoint device returned error {0} with message {1}'.format(code, response)
+ return "Checkpoint device returned error {0} with message {1}".format(
+ code, response
+ )
# send the request to checkpoint
def send_request(connection, version, url, payload=None):
- code, response = connection.send_request('/web_api/' + version + url, payload)
+ code, response = connection.send_request(
+ "/web_api/" + version + url, payload
+ )
return code, response
# get the payload from the user parameters
def is_checkpoint_param(parameter):
- if parameter == 'auto_publish_session' or \
- parameter == 'state' or \
- parameter == 'wait_for_task' or \
- parameter == 'wait_for_task_timeout' or \
- parameter == 'version':
+ if (
+ parameter == "auto_publish_session"
+ or parameter == "state"
+ or parameter == "wait_for_task"
+ or parameter == "wait_for_task_timeout"
+ or parameter == "version"
+ ):
return False
return True
def contains_show_identifier_param(payload):
- identifier_params = ["name", "uid", "assigned-domain"]
+ identifier_params = ["name", "uid", "assigned-domain", "task-id", "signature", "url"]
for param in identifier_params:
if payload.get(param) is not None:
return True
@@ -104,17 +279,36 @@ def get_payload_from_parameters(params):
parameter_value = params[parameter]
if parameter_value is not None and is_checkpoint_param(parameter):
if isinstance(parameter_value, dict):
- payload[parameter.replace("_", "-")] = get_payload_from_parameters(parameter_value)
- elif isinstance(parameter_value, list) and len(parameter_value) != 0 and isinstance(parameter_value[0], dict):
+ payload[
+ parameter.replace("_", "-")
+ ] = get_payload_from_parameters(parameter_value)
+ elif (
+ isinstance(parameter_value, list)
+ and len(parameter_value) != 0
+ and isinstance(parameter_value[0], dict)
+ ):
payload_list = []
for element_dict in parameter_value:
- payload_list.append(get_payload_from_parameters(element_dict))
+ payload_list.append(
+ get_payload_from_parameters(element_dict)
+ )
payload[parameter.replace("_", "-")] = payload_list
else:
# special handle for this param in order to avoid two params called "version"
- if parameter == "gateway_version" or parameter == "cluster_version":
+ if (
+ parameter == "gateway_version"
+ or parameter == "cluster_version"
+ or parameter == "server_version"
+ or parameter == "check_point_host_version"
+ or parameter == "target_version"
+ or parameter == "vsx_version"
+ ):
parameter = "version"
+ # message & syslog_facility are internally used by Ansible, so need to avoid param duplicity
+ elif parameter == "login_message":
+ parameter = "message"
+
payload[parameter.replace("_", "-")] = parameter_value
return payload
@@ -122,11 +316,14 @@ def get_payload_from_parameters(params):
# wait for task
def wait_for_task(module, version, connection, task_id):
- task_id_payload = {'task-id': task_id, 'details-level': 'full'}
+ task_id_payload = {"task-id": task_id, "details-level": "full"}
task_complete = False
minutes_until_timeout = 30
- if module.params['wait_for_task_timeout'] is not None and module.params['wait_for_task_timeout'] >= 0:
- minutes_until_timeout = module.params['wait_for_task_timeout']
+ if (
+ module.params["wait_for_task_timeout"] is not None
+ and module.params["wait_for_task_timeout"] >= 0
+ ):
+ minutes_until_timeout = module.params["wait_for_task_timeout"]
max_num_iterations = minutes_until_timeout * 30
current_iteration = 0
@@ -134,40 +331,65 @@ def wait_for_task(module, version, connection, task_id):
while not task_complete and current_iteration < max_num_iterations:
current_iteration += 1
# Check the status of the task
- code, response = send_request(connection, version, 'show-task', task_id_payload)
+ code, response = send_request(
+ connection, version, "show-task", task_id_payload
+ )
attempts_counter = 0
while code != 200:
if attempts_counter < 5:
attempts_counter += 1
time.sleep(2)
- code, response = send_request(connection, version, 'show-task', task_id_payload)
+ code, response = send_request(
+ connection, version, "show-task", task_id_payload
+ )
else:
- response['message'] = "ERROR: Failed to handle asynchronous tasks as synchronous, tasks result is" \
- " undefined. " + response['message']
+ response["message"] = (
+ "ERROR: Failed to handle asynchronous tasks as synchronous, tasks result is"
+ " undefined. " + response["message"]
+ )
module.fail_json(msg=parse_fail_message(code, response))
# Count the number of tasks that are not in-progress
completed_tasks = 0
- for task in response['tasks']:
- if task['status'] == 'failed':
- status_description, comments = get_status_description_and_comments(task)
+ for task in response["tasks"]:
+ if task["status"] == "failed":
+ (
+ status_description,
+ comments,
+ ) = get_status_description_and_comments(task)
if comments and status_description:
module.fail_json(
- msg='Task {0} with task id {1} failed. Message: {2} with description: {3} - '
- 'Look at the logs for more details '
- .format(task['task-name'], task['task-id'], comments, status_description))
+ msg="Task {0} with task id {1} failed. Message: {2} with description: {3} - "
+ "Look at the logs for more details ".format(
+ task["task-name"],
+ task["task-id"],
+ comments,
+ status_description,
+ )
+ )
elif comments:
- module.fail_json(msg='Task {0} with task id {1} failed. Message: {2} - Look at the logs for more details '
- .format(task['task-name'], task['task-id'], comments))
+ module.fail_json(
+ msg="Task {0} with task id {1} failed. Message: {2} - Look at the logs for more details ".format(
+ task["task-name"], task["task-id"], comments
+ )
+ )
elif status_description:
- module.fail_json(msg='Task {0} with task id {1} failed. Message: {2} - Look at the logs for more '
- 'details '
- .format(task['task-name'], task['task-id'], status_description))
+ module.fail_json(
+ msg="Task {0} with task id {1} failed. Message: {2} - Look at the logs for more "
+ "details ".format(
+ task["task-name"],
+ task["task-id"],
+ status_description,
+ )
+ )
else:
- module.fail_json(msg='Task {0} with task id {1} failed. Look at the logs for more details'
- .format(task['task-name'], task['task-id']))
- if task['status'] == 'in progress':
+ module.fail_json(
+ msg="Task {0} with task id {1} failed. Look at the logs for more details".format(
+ task["task-name"], task["task-id"]
+ )
+ )
+ if task["status"] == "in progress":
break
completed_tasks += 1
@@ -177,7 +399,11 @@ def wait_for_task(module, version, connection, task_id):
else:
time.sleep(2) # Wait for two seconds
if not task_complete:
- module.fail_json(msg="ERROR: Timeout. Task-id: {0}.".format(task_id_payload['task-id']))
+ module.fail_json(
+ msg="ERROR: Timeout. Task-id: {0}.".format(
+ task_id_payload["task-id"]
+ )
+ )
else:
return response
@@ -186,56 +412,98 @@ def wait_for_task(module, version, connection, task_id):
def get_status_description_and_comments(task):
status_description = None
comments = None
- if 'comments' in task and task['comments']:
- comments = task['comments']
- if 'task-details' in task and task['task-details']:
- task_details = task['task-details'][0]
- if 'statusDescription' in task_details:
- status_description = task_details['statusDescription']
+ if "comments" in task and task["comments"]:
+ comments = task["comments"]
+ if "task-details" in task and task["task-details"]:
+ task_details = task["task-details"][0]
+ if "statusDescription" in task_details:
+ status_description = task_details["statusDescription"]
return status_description, comments
# if failed occurred, in some cases we want to discard changes before exiting. We also notify the user about the `discard`
def discard_and_fail(module, code, response, connection, version):
- discard_code, discard_response = send_request(connection, version, 'discard')
+ discard_code, discard_response = send_request(
+ connection, version, "discard"
+ )
if discard_code != 200:
try:
- module.fail_json(msg=parse_fail_message(code, response) + ' Failed to discard session {0}'
- ' with error {1} with message {2}'.format(connection.get_session_uid(),
- discard_code, discard_response))
+ module.fail_json(
+ msg=parse_fail_message(code, response)
+ + " Failed to discard session {0}"
+ " with error {1} with message {2}".format(
+ connection.get_session_uid(),
+ discard_code,
+ discard_response,
+ )
+ )
except Exception:
# Read-only mode without UID
- module.fail_json(msg=parse_fail_message(code, response) + ' Failed to discard session'
- ' with error {0} with message {1}'.format(discard_code, discard_response))
+ module.fail_json(
+ msg=parse_fail_message(code, response)
+ + " Failed to discard session"
+ " with error {0} with message {1}".format(
+ discard_code, discard_response
+ )
+ )
- module.fail_json(msg=parse_fail_message(code, response) + ' Unpublished changes were discarded')
+ module.fail_json(
+ msg=parse_fail_message(code, response)
+ + " Unpublished changes were discarded"
+ )
# handle publish command, and wait for it to end if the user asked so
def handle_publish(module, connection, version):
- if 'auto_publish_session' in module.params and module.params['auto_publish_session']:
- publish_code, publish_response = send_request(connection, version, 'publish')
+ if (
+ "auto_publish_session" in module.params
+ and module.params["auto_publish_session"]
+ ):
+ publish_code, publish_response = send_request(
+ connection, version, "publish"
+ )
if publish_code != 200:
- discard_and_fail(module, publish_code, publish_response, connection, version)
- if module.params['wait_for_task']:
- wait_for_task(module, version, connection, publish_response['task-id'])
+ discard_and_fail(
+ module, publish_code, publish_response, connection, version
+ )
+ if module.params["wait_for_task"]:
+ wait_for_task(
+ module, version, connection, publish_response["task-id"]
+ )
# if user insert a specific version, we add it to the url
def get_version(module):
- return ('v' + module.params['version'] + '/') if module.params.get('version') else ''
+ return (
+ ("v" + module.params["version"] + "/")
+ if module.params.get("version")
+ else ""
+ )
# if code is 400 (bad request) or 500 (internal error) - fail
def handle_equals_failure(module, equals_code, equals_response):
if equals_code == 400 or equals_code == 500:
module.fail_json(msg=parse_fail_message(equals_code, equals_response))
- if equals_code == 404 and equals_response['code'] == 'generic_err_command_not_found':
- module.fail_json(msg='Relevant hotfix is not installed on Check Point server. See sk114661 on Check Point Support Center.')
+ if (
+ equals_code == 404
+ and equals_response["code"] == "generic_err_command_not_found"
+ ):
+ module.fail_json(
+ msg="Relevant hotfix is not installed on Check Point server. See sk114661 on Check Point Support Center."
+ )
# handle call
-def handle_call(connection, version, call, payload, module, to_publish, to_discard_on_failure):
+def handle_call(
+ connection,
+ version,
+ call,
+ payload,
+ module,
+ to_publish,
+ to_discard_on_failure,
+):
code, response = send_request(connection, version, call, payload)
if code != 200:
if to_discard_on_failure:
@@ -243,15 +511,19 @@ def handle_call(connection, version, call, payload, module, to_publish, to_disca
else:
module.fail_json(msg=parse_fail_message(code, response))
else:
- if 'wait_for_task' in module.params and module.params['wait_for_task']:
- if 'task-id' in response:
- response = wait_for_task(module, version, connection, response['task-id'])
- elif 'tasks' in response:
- for task in response['tasks']:
- if 'task-id' in task:
- task_id = task['task-id']
- response[task_id] = wait_for_task(module, version, connection, task['task-id'])
- del response['tasks']
+ if "wait_for_task" in module.params and module.params["wait_for_task"]:
+ if "task-id" in response:
+ response = wait_for_task(
+ module, version, connection, response["task-id"]
+ )
+ elif "tasks" in response:
+ for task in response["tasks"]:
+ if "task-id" in task:
+ task_id = task["task-id"]
+ response[task_id] = wait_for_task(
+ module, version, connection, task["task-id"]
+ )
+ del response["tasks"]
if to_publish:
handle_publish(module, connection, version)
return response
@@ -264,18 +536,25 @@ def api_command(module, command):
version = get_version(module)
code, response = send_request(connection, version, command, payload)
- result = {'changed': True}
+ result = {"changed": True}
+
+ if command.startswith("show"):
+ result['changed'] = False
if code == 200:
- if module.params['wait_for_task']:
- if 'task-id' in response:
- response = wait_for_task(module, version, connection, response['task-id'])
- elif 'tasks' in response:
- for task in response['tasks']:
- if 'task-id' in task:
- task_id = task['task-id']
- response[task_id] = wait_for_task(module, version, connection, task['task-id'])
- del response['tasks']
+ if module.params["wait_for_task"]:
+ if "task-id" in response:
+ response = wait_for_task(
+ module, version, connection, response["task-id"]
+ )
+ elif "tasks" in response:
+ for task in response["tasks"]:
+ if "task-id" in task:
+ task_id = task["task-id"]
+ response[task_id] = wait_for_task(
+ module, version, connection, task["task-id"]
+ )
+ del response["tasks"]
result[command] = response
@@ -296,24 +575,55 @@ def api_call_facts(module, api_call_object, api_call_object_plural_version):
if not contains_show_identifier_param(payload):
api_call_object = api_call_object_plural_version
- response = handle_call(connection, version, 'show-' + api_call_object, payload, module, False, False)
- result = {api_call_object: response}
+ response = handle_call(
+ connection,
+ version,
+ "show-" + api_call_object,
+ payload,
+ module,
+ False,
+ False,
+ )
+ result = {api_call_object.replace("-", "_"): response}
return result
# handle delete
-def handle_delete(equals_code, payload, delete_params, connection, version, api_call_object, module, result):
+def handle_delete(
+ equals_code,
+ payload,
+ delete_params,
+ connection,
+ version,
+ api_call_object,
+ module,
+ result,
+):
# else equals_code is 404 and no need to delete because he doesn't exist
if equals_code == 200:
- payload_for_delete = extract_payload_with_some_params(payload, delete_params)
- response = handle_call(connection, version, 'delete-' + api_call_object, payload_for_delete, module, True, True)
- result['changed'] = True
-
-
-# handle the call and set the result with 'changed' and teh response
-def handle_call_and_set_result(connection, version, call, payload, module, result):
- response = handle_call(connection, version, call, payload, module, True, True)
- result['changed'] = True
+ payload_for_delete = extract_payload_with_some_params(
+ payload, delete_params
+ )
+ response = handle_call(
+ connection,
+ version,
+ "delete-" + api_call_object,
+ payload_for_delete,
+ module,
+ True,
+ True,
+ )
+ result["changed"] = True
+
+
+# handle the call and set the result with 'changed' and the response
+def handle_call_and_set_result(
+ connection, version, call, payload, module, result
+):
+ response = handle_call(
+ connection, version, call, payload, module, True, True
+ )
+ result["changed"] = True
result[call] = response
@@ -323,77 +633,128 @@ def api_call(module, api_call_object):
connection = Connection(module._socket_path)
version = get_version(module)
- result = {'changed': False}
+ result = {"changed": False}
if module.check_mode:
return result
- payload_for_equals = {'type': api_call_object, 'params': payload}
- equals_code, equals_response = send_request(connection, version, 'equals', payload_for_equals)
- result['checkpoint_session_uid'] = connection.get_session_uid()
+ payload_for_equals = {"type": api_call_object, "params": payload}
+ equals_code, equals_response = send_request(
+ connection, version, "equals", payload_for_equals
+ )
+ result["checkpoint_session_uid"] = connection.get_session_uid()
handle_equals_failure(module, equals_code, equals_response)
- if module.params['state'] == 'present':
+ if module.params["state"] == "present":
if equals_code == 200:
# else objects are equals and there is no need for set request
- if not equals_response['equals']:
- build_payload(api_call_object, payload, remove_from_set_payload)
- handle_call_and_set_result(connection, version, 'set-' + api_call_object, payload, module, result)
+ if not equals_response["equals"]:
+ build_payload(
+ api_call_object, payload, remove_from_set_payload
+ )
+ handle_call_and_set_result(
+ connection,
+ version,
+ "set-" + api_call_object,
+ payload,
+ module,
+ result,
+ )
elif equals_code == 404:
build_payload(api_call_object, payload, remove_from_add_payload)
- handle_call_and_set_result(connection, version, 'add-' + api_call_object, payload, module, result)
- elif module.params['state'] == 'absent':
- handle_delete(equals_code, payload, delete_params, connection, version, api_call_object, module, result)
+ handle_call_and_set_result(
+ connection,
+ version,
+ "add-" + api_call_object,
+ payload,
+ module,
+ result,
+ )
+ elif module.params["state"] == "absent":
+ handle_delete(
+ equals_code,
+ payload,
+ delete_params,
+ connection,
+ version,
+ api_call_object,
+ module,
+ result,
+ )
return result
-# returns a generator of the entire rulebase
-def get_rulebase_generator(connection, version, layer, show_rulebase_command, rules_amount):
+# returns a generator of the entire rulebase. show_rulebase_identifier_payload can be either package or layer
+def get_rulebase_generator(
+ connection, version, show_rulebase_identifier_payload, show_rulebase_command, rules_amount
+):
offset = 0
limit = 100
while True:
payload_for_show_rulebase = {
- 'name': layer,
- 'limit': limit,
- 'offset': offset,
+ "limit": limit,
+ "offset": offset,
}
+ payload_for_show_rulebase.update(show_rulebase_identifier_payload)
# in case there are empty sections after the last rule, we need them to appear in the reply and the limit might
# cut them out
if offset + limit >= rules_amount:
- del payload_for_show_rulebase['limit']
- code, response = send_request(connection, version, show_rulebase_command, payload_for_show_rulebase)
- offset = response['to']
- total = response['total']
- rulebase = response['rulebase']
+ del payload_for_show_rulebase["limit"]
+ code, response = send_request(
+ connection,
+ version,
+ show_rulebase_command,
+ payload_for_show_rulebase,
+ )
+ offset = response["to"]
+ total = response["total"]
+ rulebase = response["rulebase"]
yield rulebase
if total <= offset:
return
# get 'to' or 'from' of given section
-def get_edge_position_in_section(connection, version, layer, section_name, edge):
- code, response = send_request(connection, version, "show-layer-structure", {'name': layer, 'details-level': 'uid'})
- if response['code'] == 'generic_err_command_not_found':
- raise ValueError("The use of the relative_position field with a section as its value is available only for"
- " version 1.7.1 with JHF take 42 and above")
- sections_in_layer = response['root-section']['children']
+def get_edge_position_in_section(
+ connection, version, identifier, section_name, edge
+):
+ code, response = send_request(
+ connection,
+ version,
+ "show-layer-structure",
+ {"name": identifier, "details-level": "uid"},
+ )
+ if 'code' in response and response["code"] == "generic_err_command_not_found":
+ raise ValueError(
+ "The use of the relative_position field with a section as its value is available only for"
+ " version 1.7.1 with JHF take 42 and above"
+ )
+ sections_in_layer = response["root-section"]["children"]
for section in sections_in_layer:
- if section['name'] == section_name:
- return int(section[edge + '-rule'])
+ if section["name"] == section_name:
+ return int(section[edge + "-rule"])
return None
# return the total amount of rules in the rulebase of the given layer
-def get_rules_amount(connection, version, layer, show_rulebase_command):
- payload_for_show_obj_rulebase = {'name': layer, 'limit': 0}
- code, response = send_request(connection, version, show_rulebase_command, payload_for_show_obj_rulebase)
- return int(response['total'])
-
-
-def keep_searching_rulebase(position, current_section, relative_position, relative_position_is_section):
+def get_rules_amount(connection, version, show_rulebase_payload, show_rulebase_command):
+ payload = {"limit": 0}
+ payload.update(show_rulebase_payload)
+ code, response = send_request(
+ connection,
+ version,
+ show_rulebase_command,
+ payload,
+ )
+ return int(response["total"])
+
+
+def keep_searching_rulebase(
+ position, current_section, relative_position, relative_position_is_section
+):
position_not_found = position is None
- if relative_position_is_section and 'above' not in relative_position:
+ if relative_position_is_section and "above" not in relative_position:
# if 'above' in relative_position then get_number_and_section_from_relative_position returns the previous section
# so there isn't a need to further search for the relative section
relative_section = list(relative_position.values())[0]
@@ -403,153 +764,380 @@ def keep_searching_rulebase(position, current_section, relative_position, relati
return position_not_found
-def relative_position_is_section(connection, version, layer, relative_position):
- if 'top' in relative_position or 'bottom' in relative_position:
+def relative_position_is_section(
+ connection, version, api_call_object, layer_or_package_payload, relative_position
+):
+ if "top" in relative_position or "bottom" in relative_position:
return True
+ show_section_command = "show-access-section" if 'access' in api_call_object else "show-nat-section"
relative_position_value = list(relative_position.values())[0]
- code, response = send_request(connection, version, "show-access-section", {'layer': layer, 'name': relative_position_value})
+ payload = {"name": relative_position_value}
+ payload.update(layer_or_package_payload)
+ code, response = send_request(
+ connection,
+ version,
+ show_section_command,
+ payload,
+ )
if code == 200:
return True
return False
-def get_number_and_section_from_relative_position(payload, connection, version, rulebase, above_relative_position, pos_before_relative_empty_section):
- section_name = None
+def get_number_and_section_from_relative_position(
+ payload,
+ connection,
+ version,
+ rulebase,
+ above_relative_position,
+ pos_before_relative_empty_section,
+ api_call_object,
+ prev_section=None,
+ current_section=None,
+):
+ section_name = current_section
position = None
for rules in rulebase:
- if 'rulebase' in rules:
+ if "rulebase" in rules:
# cases relevant for relative-position=section
- if 'above' in payload['position'] and rules['name'] == payload['position']['above']:
- if len(rules['rulebase']) == 0:
- position = pos_before_relative_empty_section if above_relative_position else pos_before_relative_empty_section + 1
+ if (
+ "above" in payload["position"]
+ and rules["name"] == payload["position"]["above"]
+ ):
+ if len(rules["rulebase"]) == 0:
+ position = (
+ pos_before_relative_empty_section
+ if above_relative_position
+ else pos_before_relative_empty_section + 1
+ )
else:
# if the entire section isn't present in rulebase, the 'from' value of the section might not be
# the first position in the section, which is why we use get_edge_position_in_section
- from_value = get_edge_position_in_section(connection, version, payload['layer'], rules['name'], "from")
+ from_value = get_edge_position_in_section(
+ connection,
+ version,
+ list(get_relevant_layer_or_package_identifier(api_call_object, payload).values())[0],
+ rules["name"],
+ "from",
+ )
if from_value is not None: # section exists in rulebase
- position = max(from_value - 1, 1) if above_relative_position else from_value
- return position, section_name, above_relative_position, pos_before_relative_empty_section
+ position = (
+ max(from_value - 1, 1)
+ if above_relative_position
+ else from_value
+ )
+ return (
+ position,
+ section_name,
+ above_relative_position,
+ pos_before_relative_empty_section,
+ prev_section,
+ )
# we update this only after the 'above' case since the section that should be returned in that case isn't
# the one we are currently iterating over (but the one beforehand)
- section_name = rules['name']
-
- if 'bottom' in payload['position'] and rules['name'] == payload['position']['bottom']:
- if len(rules['rulebase']) == 0:
- position = pos_before_relative_empty_section if above_relative_position else pos_before_relative_empty_section + 1
+ prev_section = section_name
+ section_name = rules["name"]
+
+ if (
+ "bottom" in payload["position"]
+ and rules["name"] == payload["position"]["bottom"]
+ ):
+ if len(rules["rulebase"]) == 0:
+ position = (
+ pos_before_relative_empty_section
+ if above_relative_position
+ else pos_before_relative_empty_section + 1
+ )
else:
# if the entire section isn't present in rulebase, the 'to' value of the section might not be the
# last position in the section, which is why we use get_edge_position_in_section
- to_value = get_edge_position_in_section(connection, version, payload['layer'], section_name, "to")
- if to_value is not None and to_value == int(rules['to']): # meaning the entire section is present in rulebase
+ to_value = get_edge_position_in_section(
+ connection,
+ version,
+ list(get_relevant_layer_or_package_identifier(api_call_object, payload).values())[0],
+ section_name,
+ "to",
+ )
+ if to_value is not None and to_value == int(
+ rules["to"]
+ ): # meaning the entire section is present in rulebase
# is the rule already at the bottom of the section. Can infer this only if the entire section is
# present in rulebase
- is_bottom = rules['rulebase'][-1]['name'] == payload['name']
- position = to_value if (above_relative_position or is_bottom) else to_value + 1
+ is_bottom = (
+ rules["rulebase"][-1]["name"] == payload["name"]
+ )
+ position = (
+ to_value
+ if (above_relative_position or is_bottom)
+ else to_value + 1
+ )
# else: need to keep searching the rulebase, so position=None is returned
- return position, section_name, above_relative_position, pos_before_relative_empty_section
+ return (
+ position,
+ section_name,
+ above_relative_position,
+ pos_before_relative_empty_section,
+ prev_section,
+ )
# setting a rule 'below' a section is equivalent to setting the rule at the top of that section
- if ('below' in payload['position'] and section_name == payload['position']['below']) or \
- ('top' in payload['position'] and section_name == payload['position']['top']):
- if len(rules['rulebase']) == 0:
- position = pos_before_relative_empty_section if above_relative_position else pos_before_relative_empty_section + 1
+ if (
+ "below" in payload["position"]
+ and section_name == payload["position"]["below"]
+ ) or (
+ "top" in payload["position"]
+ and section_name == payload["position"]["top"]
+ ):
+ if len(rules["rulebase"]) == 0:
+ position = (
+ pos_before_relative_empty_section
+ if above_relative_position
+ else pos_before_relative_empty_section + 1
+ )
else:
# is the rule already at the top of the section
- is_top = rules['rulebase'][0]['name'] == payload['name']
- position = max(int(rules['from']) - 1, 1) if (above_relative_position or not is_top) else int(rules['from'])
- return position, section_name, above_relative_position, pos_before_relative_empty_section
-
- if len(rules['rulebase']) != 0:
+ is_top = rules["rulebase"][0]["name"] == payload["name"]
+ position = (
+ max(int(rules["from"]) - 1, 1)
+ if (above_relative_position or not is_top)
+ else int(rules["from"])
+ )
+ return (
+ position,
+ section_name,
+ above_relative_position,
+ pos_before_relative_empty_section,
+ prev_section,
+ )
+
+ if len(rules["rulebase"]) != 0:
# if search_entire_rulebase=True: even if rules['rulebase'] is cut (due to query limit) this will
# eventually be updated to the correct value in further calls
- pos_before_relative_empty_section = int(rules['to'])
+ pos_before_relative_empty_section = int(rules["to"])
- rules = rules['rulebase']
+ rules = rules["rulebase"]
for rule in rules:
- if payload['name'] == rule['name']:
+ if payload["name"] == rule["name"]:
above_relative_position = True
# cases relevant for relative-position=rule
- if 'below' in payload['position'] and rule['name'] == payload['position']['below']:
- position = int(rule['rule-number']) if above_relative_position else int(rule['rule-number']) + 1
- return position, section_name, above_relative_position, pos_before_relative_empty_section
- elif 'above' in payload['position'] and rule['name'] == payload['position']['above']:
- position = max(int(rule['rule-number']) - 1, 1) if above_relative_position else int(rule['rule-number'])
- return position, section_name, above_relative_position, pos_before_relative_empty_section
+ if (
+ "below" in payload["position"]
+ and rule["name"] == payload["position"]["below"]
+ ):
+ position = (
+ int(rule["rule-number"])
+ if above_relative_position
+ else int(rule["rule-number"]) + 1
+ )
+ return (
+ position,
+ section_name,
+ above_relative_position,
+ pos_before_relative_empty_section,
+ prev_section,
+ )
+ elif (
+ "above" in payload["position"]
+ and rule["name"] == payload["position"]["above"]
+ ):
+ position = (
+ max(int(rule["rule-number"]) - 1, 1)
+ if above_relative_position
+ else int(rule["rule-number"])
+ )
+ return (
+ position,
+ section_name,
+ above_relative_position,
+ pos_before_relative_empty_section,
+ prev_section,
+ )
else: # cases relevant for relative-position=rule
- if payload['name'] == rules['name']:
+ if payload["name"] == rules["name"]:
above_relative_position = True
- if 'below' in payload['position'] and rules['name'] == payload['position']['below']:
- position = int(rules['rule-number']) if above_relative_position else int(rules['rule-number']) + 1
- return position, section_name, above_relative_position, pos_before_relative_empty_section
- elif 'above' in payload['position'] and rules['name'] == payload['position']['above']:
- position = max(int(rules['rule-number']) - 1, 1) if above_relative_position else int(rules['rule-number'])
- return position, section_name, above_relative_position, pos_before_relative_empty_section
-
- return position, section_name, above_relative_position, pos_before_relative_empty_section # None, None, False/True, x>=1
+ if (
+ "below" in payload["position"]
+ and rules["name"] == payload["position"]["below"]
+ ):
+ position = (
+ int(rules["rule-number"])
+ if above_relative_position
+ else int(rules["rule-number"]) + 1
+ )
+ return (
+ position,
+ section_name,
+ above_relative_position,
+ pos_before_relative_empty_section,
+ prev_section,
+ )
+ elif (
+ "above" in payload["position"]
+ and rules["name"] == payload["position"]["above"]
+ ):
+ position = (
+ max(int(rules["rule-number"]) - 1, 1)
+ if above_relative_position
+ else int(rules["rule-number"])
+ )
+ return (
+ position,
+ section_name,
+ above_relative_position,
+ pos_before_relative_empty_section,
+ prev_section,
+ )
+
+ return (
+ position,
+ section_name,
+ above_relative_position,
+ pos_before_relative_empty_section,
+ prev_section,
+ ) # None, None, False/True, x>=1, None
# get the position in integer format and the section it is.
-def get_number_and_section_from_position(payload, connection, version, api_call_object):
+def get_number_and_section_from_position(
+ payload, connection, version, api_call_object
+):
show_rulebase_command = get_relevant_show_rulebase_command(api_call_object)
- if 'position' in payload:
+ if "position" in payload:
section_name = None
- if type(payload['position']) is not dict:
- position = payload['position']
- if position == 'top':
+ if type(payload["position"]) is not dict:
+ position = payload["position"]
+ if position == "top":
position = 1
return position, section_name
- elif position == 'bottom':
- position = get_rules_amount(connection, version, payload['layer'], show_rulebase_command)
- code, response = send_request(connection, version, show_rulebase_command, {'name': payload['layer'], 'offset': position - 1})
- rulebase = reversed(response['rulebase'])
+ elif position == "bottom":
+ show_rulebase_payload = get_relevant_show_rulebase_identifier_payload(api_call_object, payload)
+ position = get_rules_amount(
+ connection,
+ version,
+ show_rulebase_payload,
+ show_rulebase_command,
+ )
+ show_rulebase_payload.update({"offset": position - 1})
+ code, response = send_request(
+ connection,
+ version,
+ show_rulebase_command,
+ show_rulebase_payload,
+ )
+ rulebase = reversed(response["rulebase"])
else: # is a number so we need to get the section (if exists) of the rule in that position
position = int(position)
- payload_for_show_obj_rulebase = build_rulebase_payload(api_call_object, payload, position)
- code, response = send_request(connection, version, show_rulebase_command, payload_for_show_obj_rulebase)
- rulebase = response['rulebase']
- if position > response['total']:
- raise ValueError("The given position " + str(position) + " of rule " + payload['name'] +
- "exceeds the total amount of rules in the rulebase")
+ payload_for_show_obj_rulebase = build_rulebase_payload(
+ api_call_object, payload, position
+ )
+ code, response = send_request(
+ connection,
+ version,
+ show_rulebase_command,
+ payload_for_show_obj_rulebase,
+ )
+ rulebase = response["rulebase"]
+ if position > response["total"]:
+ raise ValueError(
+ "The given position "
+ + str(position)
+ + " of rule "
+ + payload["name"]
+ + "exceeds the total amount of rules in the rulebase"
+ )
# in case position=1 and there are empty sections at the beginning of the rulebase we want to skip them
i = 0
for rules in rulebase:
- if 'rulebase' in rules and len(rules['rulebase']) == 0:
+ if "rulebase" in rules and len(rules["rulebase"]) == 0:
i += 1
rulebase = rulebase[i:]
for rules in rulebase:
- if 'rulebase' in rules:
- section_name = rules['name']
+ if "rulebase" in rules:
+ section_name = rules["name"]
return position, section_name
else:
return position, section_name # section = None
else:
- search_entire_rulebase = payload['search-entire-rulebase']
+ search_entire_rulebase = payload["search-entire-rulebase"]
position = None
# is the rule we're getting its position number above the rule it is relatively positioned to
above_relative_position = False
# no from-to in empty sections so can't infer the position from them -> need to keep track of the position
# before the empty relative section
pos_before_relative_empty_section = 1
+ show_rulebase_payload = get_relevant_show_rulebase_identifier_payload(api_call_object, payload)
if not search_entire_rulebase:
- code, response = send_request(connection, version, show_rulebase_command, {'name': payload['layer']})
- rulebase = response['rulebase']
- position, section_name, above_relative_position, pos_before_relative_empty_section = \
- get_number_and_section_from_relative_position(payload, connection, version, rulebase,
- above_relative_position, pos_before_relative_empty_section)
+ code, response = send_request(
+ connection,
+ version,
+ show_rulebase_command,
+ show_rulebase_payload,
+ )
+ rulebase = response["rulebase"]
+ (
+ position,
+ section_name,
+ above_relative_position,
+ pos_before_relative_empty_section,
+ ) = get_number_and_section_from_relative_position(
+ payload,
+ connection,
+ version,
+ rulebase,
+ above_relative_position,
+ pos_before_relative_empty_section,
+ api_call_object,
+ )
else:
- rules_amount = get_rules_amount(connection, version, payload['layer'], show_rulebase_command)
- relative_pos_is_section = relative_position_is_section(connection, version, payload['layer'], payload['position'])
- rulebase_generator = get_rulebase_generator(connection, version, payload['layer'], show_rulebase_command, rules_amount)
+ layer_or_package_payload = get_relevant_layer_or_package_identifier(api_call_object, payload)
+ rules_amount = get_rules_amount(
+ connection,
+ version,
+ show_rulebase_payload,
+ show_rulebase_command,
+ )
+ relative_pos_is_section = relative_position_is_section(
+ connection, version, api_call_object, layer_or_package_payload, payload["position"]
+ )
+ rulebase_generator = get_rulebase_generator(
+ connection,
+ version,
+ show_rulebase_payload,
+ show_rulebase_command,
+ rules_amount,
+ )
+ # need to keep track of the previous section in case the iteration starts with a new section and
+ # we want to set the rule above a section - so the section the rule should be at is the previous one
+ prev_section = None
for rulebase in rulebase_generator:
- position, section_name, above_relative_position, pos_before_relative_empty_section = \
- get_number_and_section_from_relative_position(payload, connection, version, rulebase,
- above_relative_position, pos_before_relative_empty_section)
- if not keep_searching_rulebase(position, section_name, payload['position'], relative_pos_is_section):
+ (
+ position,
+ section_name,
+ above_relative_position,
+ pos_before_relative_empty_section,
+ prev_section,
+ ) = get_number_and_section_from_relative_position(
+ payload,
+ connection,
+ version,
+ rulebase,
+ above_relative_position,
+ pos_before_relative_empty_section,
+ api_call_object,
+ prev_section,
+ section_name,
+ )
+ if not keep_searching_rulebase(
+ position,
+ section_name,
+ payload["position"],
+ relative_pos_is_section,
+ ):
break
return position, section_name
@@ -558,19 +1146,16 @@ def get_number_and_section_from_position(payload, connection, version, api_call_
# build the show rulebase payload
def build_rulebase_payload(api_call_object, payload, position_number):
- rulebase_payload = {'name': payload['layer'], 'offset': position_number - 1, 'limit': 1}
-
- if api_call_object == 'threat-exception':
- rulebase_payload['rule-name'] = payload['rule-name']
-
- return rulebase_payload
+ show_rulebase_required_identifiers_payload = get_relevant_show_rulebase_identifier_payload(api_call_object, payload)
+ show_rulebase_required_identifiers_payload.update({'offset': position_number - 1, 'limit': 1})
+ return show_rulebase_required_identifiers_payload
def build_rulebase_command(api_call_object):
- rulebase_command = 'show-' + api_call_object.split('-')[0] + '-rulebase'
+ rulebase_command = "show-" + api_call_object.split("-")[0] + "-rulebase"
- if api_call_object == 'threat-exception':
- rulebase_command = 'show-threat-rule-exception-rulebase'
+ if api_call_object == "threat-exception":
+ rulebase_command = "show-threat-rule-exception-rulebase"
return rulebase_command
@@ -580,44 +1165,77 @@ def build_payload(api_call_object, payload, params_to_remove):
if api_call_object in params_to_remove:
for param in params_to_remove[api_call_object]:
del payload[param]
+
return payload
# extract first rule from given rulebase response and the section it is in.
def extract_rule_and_section_from_rulebase_response(response):
section_name = None
- rule = response['rulebase'][0]
+ rule = response["rulebase"][0]
i = 0
# skip empty sections (possible when offset=0)
- while 'rulebase' in rule and len(rule['rulebase']) == 0:
+ while "rulebase" in rule and len(rule["rulebase"]) == 0:
i += 1
- rule = response['rulebase'][i]
+ rule = response["rulebase"][i]
- while 'rulebase' in rule:
- section_name = rule['name']
- rule = rule['rulebase'][0]
+ while "rulebase" in rule:
+ section_name = rule["name"]
+ rule = rule["rulebase"][0]
return rule, section_name
def get_relevant_show_rulebase_command(api_call_object):
- if api_call_object == 'access-rule':
- return 'show-access-rulebase'
+ if api_call_object == "access-rule":
+ return "show-access-rulebase"
elif api_call_object == "threat-rule":
- return 'show-threat-rulebase'
+ return "show-threat-rulebase"
elif api_call_object == "threat-exception":
- return 'show-threat-rule-exception-rulebase'
-# uncomment code below when https & nat modules are added as crud modules
- # elif api_call_object == 'nat-rule':
- # return 'show-nat-rulebase'
+ return "show-threat-rule-exception-rulebase"
+ elif api_call_object == 'nat-rule':
+ return 'show-nat-rulebase'
+ # uncomment code below when https module is added as a crud module
# elif api_call_object == 'https-rule':
# return 'show-https-rulebase'
+# returns the show rulebase payload with the relevant required identifiers params
+def get_relevant_show_rulebase_identifier_payload(api_call_object, payload):
+ if api_call_object == 'nat-rule':
+ show_rulebase_payload = {'package': payload['package']}
+
+ else:
+ show_rulebase_payload = {'name': payload['layer']}
+
+ if api_call_object == 'threat-exception':
+ show_rulebase_payload['rule-name'] = payload['rule-name']
+
+ return show_rulebase_payload
+
+
+# returns the show section/rule payload with the relevant required identifying package/layer
+def get_relevant_layer_or_package_identifier(api_call_object, payload):
+ if 'nat' in api_call_object:
+ identifier = {'package': payload['package']}
+
+ else:
+ identifier = {'layer': payload['layer']}
+
+ return identifier
+
+
# is the param position (if the user inserted it) equals between the object and the user input, as well as the section the rule is in
-def is_equals_with_position_param(payload, connection, version, api_call_object):
+def is_equals_with_position_param(
+ payload, connection, version, api_call_object
+):
- position_number, section_according_to_position = get_number_and_section_from_position(payload, connection, version, api_call_object)
+ (
+ position_number,
+ section_according_to_position,
+ ) = get_number_and_section_from_position(
+ payload, connection, version, api_call_object
+ )
# In this case the one of the following has occurred:
# 1) There is no position param, then it's equals in vacuous truth
@@ -626,16 +1244,23 @@ def is_equals_with_position_param(payload, connection, version, api_call_object)
if position_number is None:
return True
- rulebase_payload = build_rulebase_payload(api_call_object, payload, position_number)
+ rulebase_payload = build_rulebase_payload(
+ api_call_object, payload, position_number
+ )
rulebase_command = build_rulebase_command(api_call_object)
- code, response = send_request(connection, version, rulebase_command, rulebase_payload)
+ code, response = send_request(
+ connection, version, rulebase_command, rulebase_payload
+ )
rule, section = extract_rule_and_section_from_rulebase_response(response)
# if the names of the exist rule and the user input rule are equals, as well as the section they're in, then it
# means that their positions are equals so I return True. and there is no way that there is another rule with this
# name cause otherwise the 'equals' command would fail
- if rule['name'] == payload['name'] and section_according_to_position == section:
+ if (
+ rule["name"] == payload["name"]
+ and section_according_to_position == section
+ ):
return True
else:
return False
@@ -660,18 +1285,28 @@ def extract_payload_with_some_params(payload, params_to_insert):
# is equals with all the params including action and position
-def is_equals_with_all_params(payload, connection, version, api_call_object, is_access_rule):
- if is_access_rule and 'action' in payload:
- payload_for_show = extract_payload_with_some_params(payload, ['name', 'uid', 'layer'])
- code, response = send_request(connection, version, 'show-' + api_call_object, payload_for_show)
- exist_action = response['action']['name']
- if exist_action.lower() != payload['action'].lower():
- if payload['action'].lower() != 'Apply Layer'.lower() or\
- exist_action.lower() != 'Inner Layer'.lower():
+def is_equals_with_all_params(
+ payload, connection, version, api_call_object, is_access_rule
+):
+ if is_access_rule and "action" in payload:
+ payload_for_show = extract_payload_with_some_params(
+ payload, ["name", "uid", "layer"]
+ )
+ code, response = send_request(
+ connection, version, "show-" + api_call_object, payload_for_show
+ )
+ exist_action = response["action"]["name"]
+ if exist_action.lower() != payload["action"].lower():
+ if (
+ payload["action"].lower() != "Apply Layer".lower()
+ or exist_action.lower() != "Inner Layer".lower()
+ ):
return False
# here the action is equals, so check the position param
- if not is_equals_with_position_param(payload, connection, version, api_call_object):
+ if not is_equals_with_position_param(
+ payload, connection, version, api_call_object
+ ):
return False
return True
@@ -679,44 +1314,82 @@ def is_equals_with_all_params(payload, connection, version, api_call_object, is_
# handle api call for rule
def api_call_for_rule(module, api_call_object):
- is_access_rule = True if 'access' in api_call_object else False
+ is_access_rule = True if "access" in api_call_object else False
payload = get_payload_from_parameters(module.params)
connection = Connection(module._socket_path)
version = get_version(module)
- result = {'changed': False}
+ result = {"changed": False}
if module.check_mode:
return result
if is_access_rule:
- copy_payload_without_some_params = extract_payload_without_some_params(payload, ['action', 'position', 'search_entire_rulebase'])
+ copy_payload_without_some_params = extract_payload_without_some_params(
+ payload, ["action", "position", "search_entire_rulebase"]
+ )
else:
- copy_payload_without_some_params = extract_payload_without_some_params(payload, ['position'])
- payload_for_equals = {'type': api_call_object, 'params': copy_payload_without_some_params}
- equals_code, equals_response = send_request(connection, version, 'equals', payload_for_equals)
- result['checkpoint_session_uid'] = connection.get_session_uid()
+ copy_payload_without_some_params = extract_payload_without_some_params(
+ payload, ["position"]
+ )
+ payload_for_equals = {
+ "type": api_call_object,
+ "params": copy_payload_without_some_params,
+ }
+ equals_code, equals_response = send_request(
+ connection, version, "equals", payload_for_equals
+ )
+ result["checkpoint_session_uid"] = connection.get_session_uid()
handle_equals_failure(module, equals_code, equals_response)
- if module.params['state'] == 'present':
+ if module.params["state"] == "present":
if equals_code == 200:
- if equals_response['equals']:
- if not is_equals_with_all_params(payload, connection, version, api_call_object, is_access_rule):
- equals_response['equals'] = False
+ if equals_response["equals"]:
+ if not is_equals_with_all_params(
+ payload,
+ connection,
+ version,
+ api_call_object,
+ is_access_rule,
+ ):
+ equals_response["equals"] = False
# else objects are equals and there is no need for set request
- if not equals_response['equals']:
+ if not equals_response["equals"]:
# if user insert param 'position' and needed to use the 'set' command, change the param name to 'new-position'
- if 'position' in payload:
- payload['new-position'] = payload['position']
- del payload['position']
- if 'search-entire-rulebase' in payload:
- del payload['search-entire-rulebase']
- handle_call_and_set_result(connection, version, 'set-' + api_call_object, payload, module, result)
+ if "position" in payload:
+ payload["new-position"] = payload["position"]
+ del payload["position"]
+ if "search-entire-rulebase" in payload:
+ del payload["search-entire-rulebase"]
+ handle_call_and_set_result(
+ connection,
+ version,
+ "set-" + api_call_object,
+ payload,
+ module,
+ result,
+ )
elif equals_code == 404:
- if 'search-entire-rulebase' in payload:
- del payload['search-entire-rulebase']
- handle_call_and_set_result(connection, version, 'add-' + api_call_object, payload, module, result)
- elif module.params['state'] == 'absent':
- handle_delete(equals_code, payload, delete_params, connection, version, api_call_object, module, result)
+ if "search-entire-rulebase" in payload:
+ del payload["search-entire-rulebase"]
+ handle_call_and_set_result(
+ connection,
+ version,
+ "add-" + api_call_object,
+ payload,
+ module,
+ result,
+ )
+ elif module.params["state"] == "absent":
+ handle_delete(
+ equals_code,
+ payload,
+ delete_params,
+ connection,
+ version,
+ api_call_object,
+ module,
+ result,
+ )
return result
@@ -724,20 +1397,23 @@ def api_call_for_rule(module, api_call_object):
# check if call is in plural form
def call_is_plural(api_call_object, payload):
is_plural = False
- if 'access' in api_call_object and payload.get("layer") is None:
+ if "access" in api_call_object and payload.get("layer") is None:
is_plural = True
- elif 'threat' in api_call_object and payload.get("layer") is None:
+ elif "threat" in api_call_object and payload.get("layer") is None:
is_plural = True
- elif 'nat' in api_call_object \
- and payload.get("name") is None \
- and payload.get("uid") is None \
- and payload.get("rule-number") is None:
+ elif (
+ "nat" in api_call_object
+ and payload.get("name") is None
+ and payload.get("rule-number") is None
+ ):
is_plural = True
return is_plural
# handle api call facts for rule
-def api_call_facts_for_rule(module, api_call_object, api_call_object_plural_version):
+def api_call_facts_for_rule(
+ module, api_call_object, api_call_object_plural_version
+):
payload = get_payload_from_parameters(module.params)
connection = Connection(module._socket_path)
version = get_version(module)
@@ -746,62 +1422,459 @@ def api_call_facts_for_rule(module, api_call_object, api_call_object_plural_vers
if call_is_plural(api_call_object, payload):
api_call_object = api_call_object_plural_version
- response = handle_call(connection, version, 'show-' + api_call_object, payload, module, False, False)
+ response = handle_call(
+ connection,
+ version,
+ "show-" + api_call_object,
+ payload,
+ module,
+ False,
+ False,
+ )
result = {api_call_object: response}
return result
# The code from here till EOF will be deprecated when Rikis' modules will be deprecated
-checkpoint_argument_spec = dict(auto_publish_session=dict(type='bool', default=True),
- policy_package=dict(type='str', default='standard'),
- auto_install_policy=dict(type='bool', default=True),
- targets=dict(type='list')
- )
+# checkpoint_argument_spec = dict(
+# auto_publish_session=dict(type="bool", default=True),
+# policy_package=dict(type="str", default="standard"),
+# auto_install_policy=dict(type="bool", default=True),
+# targets=dict(type="list"),
+# )
def publish(connection, uid=None):
payload = None
if uid:
- payload = {'uid': uid}
+ payload = {"uid": uid}
- connection.send_request('/web_api/publish', payload)
+ connection.send_request("/web_api/publish", payload)
def discard(connection, uid=None):
payload = None
if uid:
- payload = {'uid': uid}
+ payload = {"uid": uid}
- connection.send_request('/web_api/discard', payload)
+ connection.send_request("/web_api/discard", payload)
def install_policy(connection, policy_package, targets):
- payload = {'policy-package': policy_package,
- 'targets': targets}
+ payload = {"policy-package": policy_package, "targets": targets}
- connection.send_request('/web_api/install-policy', payload)
+ connection.send_request("/web_api/install-policy", payload)
-def prepare_rule_params_for_execute_module(rule, module_args, position, below_rule_name):
- rule['layer'] = module_args['layer']
- if 'details_level' in module_args.keys():
- rule['details_level'] = module_args['details_level']
- if 'state' not in rule.keys() or ('state' in rule.keys() and rule['state'] != 'absent'):
+def prepare_rule_params_for_execute_module(
+ rule, module_args, position, below_rule_name
+):
+ rule["layer"] = module_args["layer"]
+ if "details_level" in module_args.keys():
+ rule["details_level"] = module_args["details_level"]
+ if "state" not in rule.keys() or (
+ "state" in rule.keys() and rule["state"] != "absent"
+ ):
if below_rule_name:
- relative_position = {'relative_position': {'below': below_rule_name}}
+ relative_position = {
+ "relative_position": {"below": below_rule_name}
+ }
rule.update(relative_position)
else:
- rule['position'] = position
+ rule["position"] = position
position = position + 1
- below_rule_name = rule['name']
+ below_rule_name = rule["name"]
return rule, position, below_rule_name
def check_if_to_publish_for_action(result, module_args):
- to_publish = ('auto_publish_session' in module_args.keys() and module_args['auto_publish_session']) and \
- ('changed' in result.keys() and result['changed'] is True) and ('failed' not in result.keys() or
- result['failed'] is False)
+ to_publish = (
+ (
+ "auto_publish_session" in module_args.keys()
+ and module_args["auto_publish_session"]
+ )
+ and ("changed" in result.keys() and result["changed"] is True)
+ and ("failed" not in result.keys() or result["failed"] is False)
+ )
return to_publish
+
+
+class CheckPointRequest(object):
+ def __init__(
+ self,
+ module=None,
+ connection=None,
+ headers=None,
+ not_rest_data_keys=None,
+ task_vars=None,
+ ):
+ self.module = module
+ if module:
+ # This will be removed, once all of the available modules
+ # are moved to use action plugin design, as otherwise test
+ # would start to complain without the implementation.
+ self.connection = Connection(self.module._socket_path)
+ elif connection:
+ self.connection = connection
+ try:
+ self.connection.load_platform_plugins(
+ "check_point.mgmt.checkpoint"
+ )
+ self.connection.set_options(var_options=task_vars)
+ except ConnectionError:
+ raise
+ # This allows us to exclude specific argspec keys from being included by
+ # the rest data that don't follow the deepsec_* naming convention
+ if not_rest_data_keys:
+ self.not_rest_data_keys = not_rest_data_keys
+ else:
+ self.not_rest_data_keys = []
+ self.not_rest_data_keys.append("validate_certs")
+ self.headers = headers if headers else BASE_HEADERS
+
+ # wait for task
+ def wait_for_task(self, version, connection, task_id):
+ task_id_payload = {"task-id": task_id, "details-level": "full"}
+ task_complete = False
+ minutes_until_timeout = 30
+ # if module.params['wait_for_task_timeout'] is not None and module.params['wait_for_task_timeout'] >= 0:
+ # minutes_until_timeout = module.params['wait_for_task_timeout']
+ max_num_iterations = minutes_until_timeout * 30
+ current_iteration = 0
+
+ # As long as there is a task in progress
+ while not task_complete and current_iteration < max_num_iterations:
+ current_iteration += 1
+ # Check the status of the task
+ code, response = send_request(
+ connection, version, "show-task", task_id_payload
+ )
+
+ attempts_counter = 0
+ while code != 200:
+ if attempts_counter < 5:
+ attempts_counter += 1
+ time.sleep(2)
+ code, response = send_request(
+ connection, version, "show-task", task_id_payload
+ )
+ else:
+ response["message"] = (
+ "ERROR: Failed to handle asynchronous tasks as synchronous, tasks result is"
+ " undefined. " + response["message"]
+ )
+ _fail_json(parse_fail_message(code, response))
+
+ # Count the number of tasks that are not in-progress
+ completed_tasks = 0
+ for task in response["tasks"]:
+ if task["status"] == "failed":
+ _fail_json(
+ "Task {0} with task id {1} failed. Look at the logs for more details".format(
+ task["task-name"], task["task-id"]
+ )
+ )
+ if task["status"] == "in progress":
+ break
+ completed_tasks += 1
+
+ # Are we done? check if all tasks are completed
+ if completed_tasks == len(response["tasks"]):
+ task_complete = True
+ else:
+ time.sleep(2) # Wait for two seconds
+ if not task_complete:
+ _fail_json(
+ "ERROR: Timeout. Task-id: {0}.".format(
+ task_id_payload["task-id"]
+ )
+ )
+ else:
+ return response
+
+ # if failed occurred, in some cases we want to discard changes before exiting. We also notify the user about the `discard`
+ def discard_and_fail(
+ self, code, response, connection, version, session_uid
+ ):
+ discard_code, discard_response = send_request(
+ connection, version, "discard"
+ )
+ if discard_code != 200:
+ try:
+ _fail_json(
+ parse_fail_message(code, response)
+ + " Failed to discard session {0}"
+ " with error {1} with message {2}".format(
+ session_uid,
+ discard_code,
+ discard_response,
+ )
+ )
+ except Exception:
+ # Read-only mode without UID
+ _fail_json(
+ parse_fail_message(code, response)
+ + " Failed to discard session"
+ " with error {0} with message {1}".format(
+ discard_code, discard_response
+ )
+ )
+
+ _fail_json(
+ "Checkpoint session with ID: {0}".format(session_uid)
+ + ", "
+ + parse_fail_message(code, response)
+ + " Unpublished changes were discarded"
+ )
+
+ # handle publish command, and wait for it to end if the user asked so
+ def handle_publish(self, connection, version, payload):
+ publish_code, publish_response = send_request(
+ connection, version, "publish"
+ )
+ if publish_code != 200:
+ self.discard_and_fail(
+ publish_code, publish_response, connection, version
+ )
+ if payload.get("wait_for_task"):
+ self.wait_for_task(
+ version, connection, publish_response["task-id"]
+ )
+
+ # handle call
+ def handle_call(
+ self,
+ connection,
+ version,
+ api_url,
+ payload,
+ to_discard_on_failure,
+ session_uid=None,
+ to_publish=False,
+ ):
+ code, response = send_request(connection, version, api_url, payload)
+ if code != 200:
+ if to_discard_on_failure:
+ self.discard_and_fail(
+ code, response, connection, version, session_uid
+ )
+ elif "object_not_found" not in response.get(
+ "code"
+ ) and "not found" not in response.get("message"):
+ raise _fail_json(
+ "Checkpoint session with ID: {0}".format(session_uid)
+ + ", "
+ + parse_fail_message(code, response)
+ )
+ else:
+ if "wait_for_task" in payload and payload["wait_for_task"]:
+ if "task-id" in response:
+ response = self.wait_for_task(
+ version, connection, response["task-id"]
+ )
+ elif "tasks" in response:
+ for task in response["tasks"]:
+ if "task-id" in task:
+ task_id = task["task-id"]
+ response[task_id] = self.wait_for_task(
+ version, connection, task["task-id"]
+ )
+ del response["tasks"]
+
+ if to_publish:
+ self.handle_publish(connection, version, payload)
+ return code, response
+
+ # handle the call and set the result with 'changed' and teh response
+ def handle_add_and_set_result(
+ self,
+ connection,
+ version,
+ api_url,
+ payload,
+ session_uid,
+ auto_publish_session=False,
+ ):
+ code, response = self.handle_call(
+ connection,
+ version,
+ api_url,
+ payload,
+ True,
+ session_uid,
+ auto_publish_session,
+ )
+ result = {"code": code, "response": response, "changed": True}
+ return result
+
+ # handle delete
+ def handle_delete(self, connection, payload, api_call_object, version):
+ auto_publish = False
+ payload_for_equals = {"type": api_call_object, "params": payload}
+ equals_code, equals_response = send_request(
+ connection, version, "equals", payload_for_equals
+ )
+ session_uid = connection.get_session_uid()
+ if equals_code == 200:
+ if payload.get("auto_publish_session"):
+ auto_publish = payload["auto_publish_session"]
+ del payload["auto_publish_session"]
+ code, response = self.handle_call(
+ connection,
+ version,
+ "delete-" + api_call_object,
+ payload,
+ True,
+ session_uid,
+ auto_publish,
+ )
+ result = {"code": code, "response": response, "changed": True}
+ else:
+ # else equals_code is 404 and no need to delete because object doesn't exist
+ result = {"changed": False}
+ if result.get("response"):
+ result["checkpoint_session_uid"] = session_uid
+ return result
+
+ # handle api call facts
+ def api_call_facts(self, connection, payload, api_call_object, version):
+ if payload.get("auto_publish_session"):
+ del payload["auto_publish_session"]
+ code, response = self.handle_call(
+ connection, version, api_call_object, payload, False
+ )
+ result = {"code": code, "response": response}
+ return result
+
+ # handle api call
+ def api_call(
+ self,
+ connection,
+ payload,
+ remove_keys,
+ api_call_object,
+ state,
+ equals_response,
+ version,
+ delete_params,
+ ):
+ result = {}
+ auto_publish_session = False
+ if payload.get("auto_publish_session"):
+ auto_publish_session = payload["auto_publish_session"]
+ del payload["auto_publish_session"]
+ session_uid = connection.get_session_uid()
+ if state == "merged":
+ if equals_response and equals_response.get("equals") is False:
+ payload = remove_unwanted_key(payload, remove_keys)
+ result = self.handle_add_and_set_result(
+ connection,
+ version,
+ "set-" + api_call_object,
+ payload,
+ session_uid,
+ auto_publish_session,
+ )
+ elif equals_response.get("code") or equals_response.get("message"):
+ result = self.handle_add_and_set_result(
+ connection,
+ version,
+ "add-" + api_call_object,
+ payload,
+ session_uid,
+ auto_publish_session,
+ )
+ elif state == "replaced":
+ if equals_response and equals_response.get("equals") is False:
+ code, response = self.handle_call(
+ connection,
+ version,
+ "delete-" + api_call_object,
+ delete_params,
+ True,
+ session_uid,
+ auto_publish_session,
+ )
+ result = self.handle_add_and_set_result(
+ connection,
+ version,
+ "add-" + api_call_object,
+ payload,
+ session_uid,
+ auto_publish_session,
+ )
+ elif equals_response.get("code") or equals_response.get("message"):
+ result = self.handle_add_and_set_result(
+ connection,
+ version,
+ "add-" + api_call_object,
+ payload,
+ session_uid,
+ auto_publish_session,
+ )
+ if result.get("response"):
+ result["checkpoint_session_uid"] = session_uid
+
+ return result
+
+ # if user insert a specific version, we add it to the url
+ def get_version(self, payload):
+ return (
+ ("v" + payload["version"] + "/") if payload.get("version") else ""
+ )
+
+ def _httpapi_error_handle(self, api_obj, state, **kwargs):
+ # FIXME - make use of handle_httperror(self, exception) where applicable
+ # https://docs.ansible.com/ansible/latest/network/dev_guide/developing_plugins_network.html#developing-plugins-httpapi
+ try:
+ result = {}
+ version = self.get_version(kwargs["data"])
+ if state == "gathered":
+ result = self.api_call_facts(
+ self.connection, kwargs["data"], "show-" + api_obj, version
+ )
+ elif state == "deleted":
+ result = self.handle_delete(
+ self.connection, kwargs["data"], api_obj, version
+ )
+ elif state == "merged" or state == "replaced":
+ payload_for_equals = {
+ "type": api_obj,
+ "params": kwargs["data"],
+ }
+ equals_code, equals_response = send_request(
+ self.connection, version, "equals", payload_for_equals
+ )
+ if equals_response.get("equals"):
+ result = {
+ "code": equals_code,
+ "response": equals_response,
+ "changed": False,
+ }
+ else:
+ result = self.api_call(
+ self.connection,
+ kwargs["data"],
+ kwargs["remove_keys"],
+ api_obj,
+ state,
+ equals_response,
+ version,
+ kwargs["delete_params"],
+ )
+ except ConnectionError as e:
+ raise _fail_json("connection error occurred: {0}".format(e))
+ except CertificateError as e:
+ raise _fail_json("certificate error occurred: {0}".format(e))
+ except ValueError as e:
+ raise _fail_json("certificate not found: {0}".format(e))
+ # This fn. will return both code and response, once all of the available modules
+ # are moved to use action plugin design, as otherwise test
+ # would start to complain without the implementation.
+ return result
+
+ def post(self, obj, state, **kwargs):
+ return self._httpapi_error_handle(obj, state, **kwargs)
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_abort_get_interfaces.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_abort_get_interfaces.py
new file mode 100644
index 000000000..ae87643be
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_abort_get_interfaces.py
@@ -0,0 +1,83 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_abort_get_interfaces
+short_description: Attempt to abort an on-going "get-interfaces" operation.
+description:
+ - Attempt to abort an on-going "get-interfaces" operation.
+ This API might fail if the "get-interfaces" operation is in its final stage.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ task_id:
+ description:
+ - get-interfaces task UID.
+ type: str
+ force_cleanup:
+ description:
+ - Forcefully abort the "get-interfaces" task.
+ type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: abort-get-interfaces
+ cp_mgmt_abort_get_interfaces:
+ task_id: 45b185e7-9ccd-4971-b74b-d212282f8f96
+"""
+
+RETURN = """
+cp_mgmt_abort_get_interfaces:
+ description: The checkpoint abort-get-interfaces output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ task_id=dict(type='str'),
+ force_cleanup=dict(type='bool')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "abort-get-interfaces"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_layer.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_layer.py
index dde5b24b6..46bdab564 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_layer.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_layer.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["deprecated"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -34,6 +36,10 @@ description:
- All operations are performed over Web Services API.
version_added: "1.0.0"
author: "Or Soffer (@chkp-orso)"
+deprecated:
+ alternative: cp_mgmt_access_layers
+ why: Newer and updated modules released with more functionality.
+ removed_at_date: '2024-11-01'
options:
name:
description:
@@ -133,39 +139,80 @@ cp_mgmt_access_layer:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- add_default_rule=dict(type='bool'),
- applications_and_url_filtering=dict(type='bool'),
- content_awareness=dict(type='bool'),
- detect_using_x_forward_for=dict(type='bool'),
- firewall=dict(type='bool'),
- implicit_cleanup_action=dict(type='str', choices=['drop', 'accept']),
- mobile_access=dict(type='bool'),
- shared=dict(type='bool'),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ add_default_rule=dict(type="bool"),
+ applications_and_url_filtering=dict(type="bool"),
+ content_awareness=dict(type="bool"),
+ detect_using_x_forward_for=dict(type="bool"),
+ firewall=dict(type="bool"),
+ implicit_cleanup_action=dict(type="str", choices=["drop", "accept"]),
+ mobile_access=dict(type="bool"),
+ shared=dict(type="bool"),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'access-layer'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "access-layer"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_layer_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_layer_facts.py
index 40e98e990..999c9b8ff 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_layer_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_layer_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -98,30 +100,41 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- ))
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "access-layer"
api_call_object_plural_version = "access-layers"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_layers.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_layers.py
new file mode 100644
index 000000000..78eeb2b70
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_layers.py
@@ -0,0 +1,456 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+# Copyright 2022 Red Hat
+# GNU General Public License v3.0+
+# (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+
+"""
+The module file for cp_mgmt_add_access_layers
+"""
+
+from __future__ import absolute_import, division, print_function
+
+__metaclass__ = type
+
+DOCUMENTATION = """
+module: cp_mgmt_access_layers
+short_description: Manages ACCESS LAYERS resource module
+description:
+ - This resource module allows for addition, deletion, or modification of CP Access Layers.
+ - This resource module also takes care of gathering Access layer config facts
+version_added: "5.0.0"
+author: Ansible Security Automation Team (@justjais) <https://github.com/ansible-security>
+options:
+ config:
+ description: A dictionary of ACCESS LAYERS options
+ type: dict
+ suboptions:
+ name:
+ description: Object name. Must be unique in the domain.
+ type: str
+ add_default_rule:
+ description: Indicates whether to include a cleanup rule in the new layer.
+ type: bool
+ applications_and_url_filtering:
+ description: Whether to enable Applications & URL Filtering blade on the layer.
+ type: bool
+ content_awareness:
+ description: Whether to enable Content Awareness blade on the layer.
+ type: bool
+ detect_using_x_forward_for:
+ description: Whether to use X-Forward-For HTTP header, which is added by the proxy
+ server to keep track of the original source IP.
+ type: bool
+ firewall:
+ description: Whether to enable Firewall blade on the layer.
+ type: bool
+ implicit_cleanup_action:
+ description: The default "catch-all" action for traffic that does not match
+ any explicit or implied rules in the layer.
+ type: str
+ choices:
+ - drop
+ - accept
+ mobile_access:
+ description: Whether to enable Mobile Access blade on the layer.
+ type: bool
+ shared:
+ description: Whether this layer is shared.
+ type: bool
+ tags:
+ description: Collection of tag identifiers.
+ type: list
+ elements: str
+ color:
+ description: Color of the object. Should be one of existing colors.
+ type: str
+ choices:
+ - aquamarine
+ - black
+ - blue
+ - crete blue
+ - burlywood
+ - cyan
+ - dark green
+ - khaki
+ - orchid
+ - dark orange
+ - dark sea green
+ - pink
+ - turquoise
+ - dark blue
+ - firebrick
+ - brown
+ - forest green
+ - gold
+ - dark gold
+ - gray
+ - dark gray
+ - light green
+ - lemon chiffon
+ - coral
+ - sea green
+ - sky blue
+ - magenta
+ - purple
+ - slate blue
+ - violet red
+ - navy blue
+ - olive
+ - orange
+ - red
+ - sienna
+ - yellow
+ comments:
+ description: Comments string.
+ type: str
+ details_level:
+ description: The level of detail for some of the fields in the response can
+ vary from showing only the UID value of the object to a fully detailed representation
+ of the object.
+ type: str
+ choices:
+ - uid
+ - standard
+ - full
+ ignore_warnings:
+ description: Apply changes ignoring warnings.
+ type: bool
+ ignore_errors:
+ description: Apply changes ignoring errors. You won't be able to publish such
+ a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+ type: bool
+ limit:
+ description:
+ - The maximal number of returned results.
+ - NOTE, this parameter is a valid parameter only for the GATHERED state, for config states
+ like, MERGED, REPLACED, and DELETED state it won't be applicable.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ - NOTE, this parameter is a valid parameter only for the GATHERED state, for config states
+ like, MERGED, REPLACED, and DELETED state it won't be applicable.
+ type: int
+ order:
+ description:
+ - Sorts results by the given field. By default the results are sorted in the ascending order by name.
+ This parameter is relevant only for getting few objects.
+ - NOTE, this parameter is a valid parameter only for the GATHERED state, for config states
+ like, MERGED, REPLACED, and DELETED state it won't be applicable.
+ type: list
+ elements: dict
+ suboptions:
+ ASC:
+ description:
+ - Sorts results by the given field in ascending order.
+ type: str
+ DESC:
+ description:
+ - Sorts results by the given field in descending order.
+ type: str
+ round_trip:
+ description:
+ - If set to True, the round trip will filter out the module parameters from the response param,
+ which will enable the user to fire the config request using the structured gathered data.
+ - NOTE, this parameter makes relevance only with the GATHERED state, as for config states like,
+ MERGED, REPLACED, and DELETED state it won't make any config updates,
+ as it's not a module config parameter.
+ type: bool
+ auto_publish_session:
+ description:
+ - Publish the current session if changes have been performed
+ after task completes.
+ type: bool
+ version:
+ description:
+ - Version of checkpoint. If not given one, the latest version taken.
+ type: str
+ state:
+ description:
+ - The state the configuration should be left in
+ - The state I(gathered) will get the module API configuration from the device
+ and transform it into structured data in the format as per the module argspec
+ and the value is returned in the I(gathered) key within the result.
+ type: str
+ choices:
+ - merged
+ - replaced
+ - gathered
+ - deleted
+"""
+
+EXAMPLES = """
+
+# Using MERGED state
+# -------------------
+
+- name: Merge Access-layer config
+ cp_mgmt_access_layers:
+ state: merged
+ config:
+ name: New Layer 1
+ add_default_rule: true
+ applications_and_url_filtering: true
+ content_awareness: true
+ detect_using_x_forward_for: false
+ firewall: true
+ implicit_cleanup_action: drop
+ mobile_access: true
+ shared: false
+ tags:
+ - test_layer
+ color: aquamarine
+ comments: test description
+ details_level: full
+ ignore_warnings: false
+ ignore_errors: false
+ round_trip: true
+
+# RUN output:
+# -----------
+
+# mgmt_access_layers:
+# after:
+# applications_and_url_filtering: true
+# color: aquamarine
+# comments: test description
+# content_awareness: true
+# detect_using_x_forward_for: false
+# domain: SMC User
+# firewall: true
+# icon: ApplicationFirewall/rulebase
+# implicit_cleanup_action: drop
+# mobile_access: true
+# name: New Layer 1
+# shared: false
+# tags:
+# - test_layer
+# uid: eb74d7fe-81a6-4e6c-aedb-d2d6599f965e
+# before: {}
+
+# Using REPLACED state
+# --------------------
+
+- name: Replace Access-layer config
+ cp_mgmt_access_layers:
+ state: replaced
+ config:
+ name: New Layer 1
+ add_default_rule: true
+ applications_and_url_filtering: true
+ content_awareness: false
+ detect_using_x_forward_for: false
+ firewall: true
+ implicit_cleanup_action: drop
+ mobile_access: true
+ shared: true
+ tags:
+ - test_layer_replaced
+ color: cyan
+ comments: test REPLACE description
+ details_level: full
+ ignore_warnings: false
+ ignore_errors: false
+ round_trip: true
+
+# RUN output:
+# -----------
+
+# mgmt_access_layers:
+# after:
+# applications_and_url_filtering: true
+# color: cyan
+# comments: test REPLACE description
+# content_awareness: false
+# detect_using_x_forward_for: false
+# domain: SMC User
+# firewall: true
+# icon: ApplicationFirewall/sharedrulebase
+# implicit_cleanup_action: drop
+# mobile_access: true
+# name: New Layer 1
+# shared: true
+# tags:
+# - test_layer_replaced
+# uid: a4e2bbc1-ec94-4b85-9b00-07ad1279ac12
+# before:
+# applications_and_url_filtering: true
+# color: aquamarine
+# comments: test description
+# content_awareness: true
+# detect_using_x_forward_for: false
+# firewall: true
+# icon: ApplicationFirewall/rulebase
+# implicit_cleanup_action: drop
+# mobile_access: true
+# name: New Layer 1
+# shared: false
+# tags:
+# - test_layer
+
+# Using GATHERED state
+# --------------------
+
+# 1. With Round Trip set to True
+
+- name: Gather Access-layers config by Name
+ cp_mgmt_access_layers:
+ state: gathered
+ config:
+ name: New Layer 1
+ round_trip: true
+
+# RUN output:
+# -----------
+
+# gathered:
+# applications_and_url_filtering: true
+# color: aquamarine
+# comments: test description
+# content_awareness: true
+# detect_using_x_forward_for: false
+# domain: SMC User
+# firewall: true
+# icon: ApplicationFirewall/rulebase
+# implicit_cleanup_action: drop
+# mobile_access: true
+# name: New Layer 1
+# shared: false
+# tags:
+# - test_layer
+# uid: eb74d7fe-81a6-4e6c-aedb-d2d6599f965e
+
+# 2. With Round Trip set to False which is the default behaviour
+
+- name: Gather Access-layers config by Name
+ cp_mgmt_access_layers:
+ state: gathered
+ config:
+ name: New Layer 1
+
+# RUN output:
+# -----------
+
+# gathered:
+# applications_and_url_filtering: true
+# color: turquoise
+# comments: test description
+# content_awareness: true
+# detect_using_x_forward_for: false
+# domain:
+# domain-type: domain
+# name: SMC User
+# uid: 41e821a0-3720-11e3-aa6e-0800200c9fde
+# firewall: true
+# icon: ApplicationFirewall/rulebase
+# implicit_cleanup_action: drop
+# meta-info:
+# creation-time:
+# iso-8601: 2022-11-21T07:34+0000
+# posix: 1669016073937
+# creator: admin
+# last-modifier: admin
+# last-modify-time:
+# iso-8601: 2022-11-21T07:34+0000
+# posix: 1669016074765
+# lock: unlocked
+# validation-state: ok
+# mobile_access: true
+# name: New Layer 1
+# read-only: false
+# shared: false
+# tags:
+# - domain:
+# domain-type: domain
+# name: SMC User
+# uid: 41e821a0-3720-11e3-aa6e-0800200c9fde
+# name: test_layer
+# type: tag
+# uid: 22cc8b0d-984f-47de-b1f6-276b3377eb0c
+# type: access-layer
+# uid: a54e47d3-22fc-4aff-90d9-f644aa4a1522
+
+# 3. Gather ALL threat-layer config with DESC order filter
+
+- name: To Gather ALL access-layer and order by Name
+ cp_mgmt_access_layers:
+ config:
+ order:
+ - DESC: name
+ state: gathered
+
+# RUN output:
+# -----------
+
+# gathered:
+# - domain:
+# domain-type: domain
+# name: SMC User
+# uid: 41e821a0-3720-11e3-aa6e-0800200c9fde
+# name: New Layer 1
+# type: access-layer
+# uid: a54e47d3-22fc-4aff-90d9-f644aa4a1522
+# - domain:
+# domain-type: domain
+# name: SMC User
+# uid: 41e821a0-3720-11e3-aa6e-0800200c9fde
+# name: Network
+# type: access-layer
+# uid: 63b7fe60-76d2-4287-bca5-21af87337b0a
+
+# Using DELETED state
+# -------------------
+
+- name: Delete Access-layer config by Name
+ cp_mgmt_access_layers:
+ state: deleted
+ config:
+ name: New Layer 1
+
+# RUN output:
+# -----------
+
+# mgmt_access_layers:
+# after: {}
+# before:
+# applications_and_url_filtering: true
+# color: cyan
+# comments: test REPLACE description
+# content_awareness: false
+# detect_using_x_forward_for: false
+# domain: SMC User
+# firewall: true
+# icon: ApplicationFirewall/sharedrulebase
+# implicit_cleanup_action: drop
+# mobile_access: true
+# name: New Layer 1
+# shared: true
+# tags:
+# - test_layer_replaced
+# uid: a4e2bbc1-ec94-4b85-9b00-07ad1279ac12
+"""
+
+RETURN = """
+before:
+ description: The configuration prior to the module execution.
+ returned: when state is I(merged), I(replaced), I(deleted)
+ type: dict
+ sample: >
+ This output will always be in the same format as the
+ module argspec.
+after:
+ description: The resulting configuration after module execution.
+ returned: when changed
+ type: dict
+ sample: >
+ This output will always be in the same format as the
+ module argspec.
+gathered:
+ description: Facts about the network resource gathered from the remote device as structured data.
+ returned: when state is I(gathered)
+ type: dict
+ sample: >
+ This output will always be in the same format as the
+ module argspec.
+"""
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_point_name.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_point_name.py
new file mode 100644
index 000000000..d32f0232d
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_point_name.py
@@ -0,0 +1,165 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_access_point_name
+short_description: Manages access-point-name objects on Checkpoint over Web Services API
+description:
+ - Manages access-point-name objects on Checkpoint devices including creating, updating and removing objects.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ type: str
+ required: True
+ apn:
+ description:
+ - APN name.
+ type: str
+ enforce_end_user_domain:
+ description:
+ - Enable enforce end user domain.
+ type: bool
+ block_traffic_other_end_user_domains:
+ description:
+ - Block MS to MS traffic between this and other APN end user domains.
+ type: bool
+ block_traffic_this_end_user_domain:
+ description:
+ - Block MS to MS traffic within this end user domain.
+ type: bool
+ end_user_domain:
+ description:
+ - End user domain name or UID.
+ type: str
+ tags:
+ description:
+ - Collection of tag identifiers.
+ type: list
+ elements: str
+ color:
+ description:
+ - Color of the object. Should be one of existing colors.
+ type: str
+ choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green',
+ 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon',
+ 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow']
+ comments:
+ description:
+ - Comments string.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ groups:
+ description:
+ - Collection of group identifiers.
+ type: list
+ elements: str
+ ignore_warnings:
+ description:
+ - Apply changes ignoring warnings.
+ type: bool
+ ignore_errors:
+ description:
+ - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+ type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_objects
+"""
+
+EXAMPLES = """
+- name: add-access-point-name
+ cp_mgmt_access_point_name:
+ name: myaccesspointname
+ apn: apnname
+ end_user_domain: All_Internet
+ enforce_end_user_domain: 'True'
+ state: present
+
+- name: set-access-point-name
+ cp_mgmt_access_point_name:
+ name: myaccesspointname
+ block_traffic_other_end_user_domains: 'False'
+ block_traffic_this_end_user_domain: 'False'
+ enforce_end_user_domain: 'True'
+ state: present
+
+- name: delete-access-point-name
+ cp_mgmt_access_point_name:
+ name: myaccesspointname
+ state: absent
+"""
+
+RETURN = """
+cp_mgmt_access_point_name:
+ description: The checkpoint object created or updated.
+ returned: always, except when deleting the object.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str', required=True),
+ apn=dict(type='str'),
+ enforce_end_user_domain=dict(type='bool'),
+ block_traffic_other_end_user_domains=dict(type='bool'),
+ block_traffic_this_end_user_domain=dict(type='bool'),
+ end_user_domain=dict(type='str'),
+ tags=dict(type='list', elements='str'),
+ color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
+ 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
+ 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
+ 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
+ 'yellow']),
+ comments=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ groups=dict(type='list', elements='str'),
+ ignore_warnings=dict(type='bool'),
+ ignore_errors=dict(type='bool')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_objects)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ api_call_object = 'access-point-name'
+
+ result = api_call(module, api_call_object)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_point_name_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_point_name_facts.py
new file mode 100644
index 000000000..7a242d8cd
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_point_name_facts.py
@@ -0,0 +1,144 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_access_point_name_facts
+short_description: Get access-point-name objects facts on Checkpoint over Web Services API
+description:
+ - Get access-point-name objects facts on Checkpoint devices.
+ - All operations are performed over Web Services API.
+ - This module handles both operations, get a specific object and get several objects,
+ For getting a specific object use the parameter 'name'.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ This parameter is relevant only for getting a specific object.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ filter:
+ description:
+ - Search expression to filter objects by. The provided text should be exactly the same as it would be given in SmartConsole Object Explorer. The
+ logical operators in the expression ('AND', 'OR') should be provided in capital letters. The search involves both a IP search and a textual search in
+ name, comment, tags etc.
+ type: str
+ limit:
+ description:
+ - The maximal number of returned results.
+ This parameter is relevant only for getting few objects.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ This parameter is relevant only for getting few objects.
+ type: int
+ order:
+ description:
+ - Sorts the results by search criteria. Automatically sorts the results by Name, in the ascending order.
+ This parameter is relevant only for getting few objects.
+ type: list
+ elements: dict
+ suboptions:
+ ASC:
+ description:
+ - Sorts results by the given field in ascending order.
+ type: str
+ choices: ['name']
+ DESC:
+ description:
+ - Sorts results by the given field in descending order.
+ type: str
+ choices: ['name']
+ show_membership:
+ description:
+ - Indicates whether to calculate and show "groups" field for every object in reply.
+ type: bool
+ domains_to_process:
+ description:
+ - Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and
+ with ignore-warnings true. Valid values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.
+ type: list
+ elements: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_facts
+"""
+
+EXAMPLES = """
+- name: show-access-point-name
+ cp_mgmt_access_point_name_facts:
+ name: myaccesspointname
+
+- name: show-access-point-names
+ cp_mgmt_access_point_name_facts:
+ limit: 10
+"""
+
+RETURN = """
+ansible_facts:
+ description: The checkpoint object facts.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ filter=dict(type='str'),
+ limit=dict(type='int'),
+ offset=dict(type='int'),
+ order=dict(type='list', elements="dict", options=dict(
+ ASC=dict(type='str', choices=['name']),
+ DESC=dict(type='str', choices=['name'])
+ )),
+ show_membership=dict(type='bool'),
+ domains_to_process=dict(type='list', elements="str")
+ )
+ argument_spec.update(checkpoint_argument_spec_for_facts)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+
+ api_call_object = "access-point-name"
+ api_call_object_plural_version = "access-point-names"
+
+ result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ module.exit_json(ansible_facts=result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_role.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_role.py
index 1c9114484..4f2a8259e 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_role.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_role.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -161,51 +163,104 @@ cp_mgmt_access_role:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- machines_list=dict(type='list', elements='dict', options=dict(
- source=dict(type='str'),
- selection=dict(type='list', elements='str'),
- base_dn=dict(type='str')
- )),
- machines=dict(type='str', choices=['any', 'all identified']),
- networks=dict(type='list', elements='str'),
- remote_access_clients=dict(type='str'),
- tags=dict(type='list', elements='str'),
- users_list=dict(type='list', elements='dict', options=dict(
- source=dict(type='str'),
- selection=dict(type='list', elements='str'),
- base_dn=dict(type='str')
- )),
- users=dict(type='str', choices=['any', 'all identified']),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ machines_list=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ source=dict(type="str"),
+ selection=dict(type="list", elements="str"),
+ base_dn=dict(type="str"),
+ ),
+ ),
+ machines=dict(type="str", choices=["any", "all identified"]),
+ networks=dict(type="list", elements="str"),
+ remote_access_clients=dict(type="str"),
+ tags=dict(type="list", elements="str"),
+ users_list=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ source=dict(type="str"),
+ selection=dict(type="list", elements="str"),
+ base_dn=dict(type="str"),
+ ),
+ ),
+ users=dict(type="str", choices=["any", "all identified"]),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'access-role'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "access-role"
if module.params["machines_list"] is not None:
if module.params["machines"] is not None:
- raise AssertionError("The use of both 'machines_list' and 'machines' arguments isn't allowed")
+ raise AssertionError(
+ "The use of both 'machines_list' and 'machines' arguments isn't allowed"
+ )
module.params["machines"] = module.params["machines_list"]
module.params.pop("machines_list")
if module.params["users_list"] is not None:
if module.params["users"] is not None:
- raise AssertionError("The use of both 'users_list' and 'users' arguments isn't allowed")
+ raise AssertionError(
+ "The use of both 'users_list' and 'users' arguments isn't allowed"
+ )
module.params["users"] = module.params["users_list"]
module.params.pop("users_list")
@@ -213,5 +268,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_role_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_role_facts.py
index 6a8805e8c..37dfd4529 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_role_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_role_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -96,30 +98,41 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- ))
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "access-role"
api_call_object_plural_version = "access-roles"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_rule.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_rule.py
index 11f359fe0..ca26a2933 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_rule.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_rule.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -325,92 +327,158 @@ cp_mgmt_access_rule:
from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.connection import Connection
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call, api_call_for_rule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+ api_call_for_rule,
+)
def main():
argument_spec = dict(
- layer=dict(type='str'),
- position=dict(type='str'),
- relative_position=dict(type='dict', options=dict(
- below=dict(type='str'),
- above=dict(type='str'),
- top=dict(type='str'),
- bottom=dict(type='str')
- )),
- search_entire_rulebase=dict(type='bool', default=False),
- name=dict(type='str', required=True),
- action=dict(type='str'),
- action_settings=dict(type='dict', options=dict(
- enable_identity_captive_portal=dict(type='bool'),
- limit=dict(type='str')
- )),
- content=dict(type='list', elements='dict'),
- content_direction=dict(type='str', choices=['any', 'up', 'down']),
- content_negate=dict(type='bool'),
- custom_fields=dict(type='dict', options=dict(
- field_1=dict(type='str'),
- field_2=dict(type='str'),
- field_3=dict(type='str')
- )),
- destination=dict(type='list', elements='str'),
- destination_negate=dict(type='bool'),
- enabled=dict(type='bool'),
- inline_layer=dict(type='str'),
- install_on=dict(type='list', elements='str'),
- service=dict(type='list', elements='str'),
- service_negate=dict(type='bool'),
- source=dict(type='list', elements='str'),
- source_negate=dict(type='bool'),
- time=dict(type='list', elements='str'),
- track=dict(type='dict', options=dict(
- accounting=dict(type='bool'),
- alert=dict(type='str', choices=['none', 'alert', 'snmp', 'mail', 'user alert 1', 'user alert 2', 'user alert 3']),
- enable_firewall_session=dict(type='bool'),
- per_connection=dict(type='bool'),
- per_session=dict(type='bool'),
- type=dict(type='str')
- )),
- user_check=dict(type='dict', options=dict(
- confirm=dict(type='str', choices=['per rule', 'per category', 'per application/site', 'per data type']),
- custom_frequency=dict(type='dict', options=dict(
- every=dict(type='int'),
- unit=dict(type='str', choices=['hours', 'days', 'weeks', 'months'])
- )),
- frequency=dict(type='str', choices=['once a day', 'once a week', 'once a month', 'custom frequency...']),
- interaction=dict(type='str')
- )),
- vpn_list=dict(type='list', elements='dict', options=dict(
- community=dict(type='list', elements='str'),
- directional=dict(type='list', elements='dict', options=dict(
- to=dict(type='str')
- ))
- )),
- vpn=dict(type='str', choices=['Any', 'All_GwToGw']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ layer=dict(type="str"),
+ position=dict(type="str"),
+ relative_position=dict(
+ type="dict",
+ options=dict(
+ below=dict(type="str"),
+ above=dict(type="str"),
+ top=dict(type="str"),
+ bottom=dict(type="str"),
+ ),
+ ),
+ search_entire_rulebase=dict(type="bool", default=False),
+ name=dict(type="str", required=True),
+ action=dict(type="str"),
+ action_settings=dict(
+ type="dict",
+ options=dict(
+ enable_identity_captive_portal=dict(type="bool"),
+ limit=dict(type="str"),
+ ),
+ ),
+ content=dict(type="list", elements="dict"),
+ content_direction=dict(type="str", choices=["any", "up", "down"]),
+ content_negate=dict(type="bool"),
+ custom_fields=dict(
+ type="dict",
+ options=dict(
+ field_1=dict(type="str"),
+ field_2=dict(type="str"),
+ field_3=dict(type="str"),
+ ),
+ ),
+ destination=dict(type="list", elements="str"),
+ destination_negate=dict(type="bool"),
+ enabled=dict(type="bool"),
+ inline_layer=dict(type="str"),
+ install_on=dict(type="list", elements="str"),
+ service=dict(type="list", elements="str"),
+ service_negate=dict(type="bool"),
+ source=dict(type="list", elements="str"),
+ source_negate=dict(type="bool"),
+ time=dict(type="list", elements="str"),
+ track=dict(
+ type="dict",
+ options=dict(
+ accounting=dict(type="bool"),
+ alert=dict(
+ type="str",
+ choices=[
+ "none",
+ "alert",
+ "snmp",
+ "mail",
+ "user alert 1",
+ "user alert 2",
+ "user alert 3",
+ ],
+ ),
+ enable_firewall_session=dict(type="bool"),
+ per_connection=dict(type="bool"),
+ per_session=dict(type="bool"),
+ type=dict(type="str"),
+ ),
+ ),
+ user_check=dict(
+ type="dict",
+ options=dict(
+ confirm=dict(
+ type="str",
+ choices=[
+ "per rule",
+ "per category",
+ "per application/site",
+ "per data type",
+ ],
+ ),
+ custom_frequency=dict(
+ type="dict",
+ options=dict(
+ every=dict(type="int"),
+ unit=dict(
+ type="str",
+ choices=["hours", "days", "weeks", "months"],
+ ),
+ ),
+ ),
+ frequency=dict(
+ type="str",
+ choices=[
+ "once a day",
+ "once a week",
+ "once a month",
+ "custom frequency...",
+ ],
+ ),
+ interaction=dict(type="str"),
+ ),
+ ),
+ vpn_list=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ community=dict(type="list", elements="str"),
+ directional=dict(
+ type="list",
+ elements="dict",
+ options=dict(to=dict(type="str")),
+ ),
+ ),
+ ),
+ vpn=dict(type="str", choices=["Any", "All_GwToGw"]),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
- argument_spec['vpn_list']['options']['directional']['options']['from'] = dict(type='str')
+ argument_spec["vpn_list"]["options"]["directional"]["options"][
+ "from"
+ ] = dict(type="str")
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'access-rule'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "access-rule"
if module.params["vpn_list"] is not None:
if module.params["vpn"] is not None:
- raise AssertionError("The use of both 'vpn_list' and 'vpn' arguments isn't allowed")
+ raise AssertionError(
+ "The use of both 'vpn_list' and 'vpn' arguments isn't allowed"
+ )
module.params["vpn"] = module.params["vpn_list"]
module.params.pop("vpn_list")
if module.params["relative_position"] is not None:
if module.params["position"] is not None:
- raise AssertionError("The use of both 'relative_position' and 'position' arguments isn't allowed")
+ raise AssertionError(
+ "The use of both 'relative_position' and 'position' arguments isn't allowed"
+ )
module.params["position"] = module.params["relative_position"]
module.params.pop("relative_position")
- if module.params['action'] is None and module.params['position'] is None:
+ if module.params["action"] is None and module.params["position"] is None:
module.params.pop("search_entire_rulebase")
result = api_call(module, api_call_object)
else:
@@ -419,5 +487,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_rule_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_rule_facts.py
index 3519e6ba1..0d536ad19 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_rule_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_rule_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -193,53 +195,73 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts_for_rule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts_for_rule,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- layer=dict(type='str'),
- show_as_ranges=dict(type='bool'),
- show_hits=dict(type='bool'),
- hits_settings=dict(type='dict', options=dict(
- from_date=dict(type='str'),
- target=dict(type='str'),
- to_date=dict(type='str')
- )),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- filter=dict(type='str'),
- filter_settings=dict(type='dict', options=dict(
- search_mode=dict(type='str', choices=['general', 'packet']),
- packet_search_settings=dict(type='dict', options=dict(
- expand_group_members=dict(type='bool'),
- expand_group_with_exclusion_members=dict(type='bool'),
- match_on_any=dict(type='bool'),
- match_on_group_with_exclusion=dict(type='bool'),
- match_on_negate=dict(type='bool')
- ))
- )),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- package=dict(type='str'),
- use_object_dictionary=dict(type='bool'),
- dereference_group_members=dict(type='bool'),
- show_membership=dict(type='bool')
+ name=dict(type="str"),
+ layer=dict(type="str"),
+ show_as_ranges=dict(type="bool"),
+ show_hits=dict(type="bool"),
+ hits_settings=dict(
+ type="dict",
+ options=dict(
+ from_date=dict(type="str"),
+ target=dict(type="str"),
+ to_date=dict(type="str"),
+ ),
+ ),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ filter=dict(type="str"),
+ filter_settings=dict(
+ type="dict",
+ options=dict(
+ search_mode=dict(type="str", choices=["general", "packet"]),
+ packet_search_settings=dict(
+ type="dict",
+ options=dict(
+ expand_group_members=dict(type="bool"),
+ expand_group_with_exclusion_members=dict(type="bool"),
+ match_on_any=dict(type="bool"),
+ match_on_group_with_exclusion=dict(type="bool"),
+ match_on_negate=dict(type="bool"),
+ ),
+ ),
+ ),
+ ),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ package=dict(type="str"),
+ use_object_dictionary=dict(type="bool"),
+ dereference_group_members=dict(type="bool"),
+ show_membership=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "access-rule"
api_call_object_plural_version = "access-rulebase"
- result = api_call_facts_for_rule(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts_for_rule(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_rules.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_rules.py
index 1597ab281..cdc1f8aae 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_rules.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_rules.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -208,7 +210,7 @@ options:
description:
- N/A
type: str
- vpn:
+ vpn_list:
description:
- Communities or Directional.
type: list
@@ -218,7 +220,7 @@ options:
description:
- List of community name or UID.
type: list
- elements: dict
+ elements: str
directional:
description:
- Communities directional match condition.
@@ -233,6 +235,11 @@ options:
description:
- To community name or UID.
type: str
+ vpn:
+ description:
+ - Any or All_GwToGw.
+ type: str
+ choices: ['Any', 'All_GwToGw']
comments:
description:
- Comments string.
@@ -294,74 +301,144 @@ cp_mgmt_access_rules:
from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.connection import Connection
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import \
- checkpoint_argument_spec_for_action_module
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_action_module,
+)
def main():
argument_spec = dict(
- rules=dict(type='list', required=True, elements='dict', options=dict(
- name=dict(type='str', required=True),
- action=dict(type='str'),
- action_settings=dict(type='dict', options=dict(
- enable_identity_captive_portal=dict(type='bool'),
- limit=dict(type='str')
- )),
- content=dict(type='list', elements='dict'),
- content_direction=dict(type='str', choices=['any', 'up', 'down']),
- content_negate=dict(type='bool'),
- custom_fields=dict(type='dict', options=dict(
- field_1=dict(type='str'),
- field_2=dict(type='str'),
- field_3=dict(type='str')
- )),
- destination=dict(type='list', elements='str'),
- destination_negate=dict(type='bool'),
- enabled=dict(type='bool'),
- inline_layer=dict(type='str'),
- install_on=dict(type='list', elements='str'),
- service=dict(type='list', elements='str'),
- service_negate=dict(type='bool'),
- source=dict(type='list', elements='str'),
- source_negate=dict(type='bool'),
- time=dict(type='list', elements='str'),
- track=dict(type='dict', options=dict(
- accounting=dict(type='bool'),
- alert=dict(type='str',
- choices=['none', 'alert', 'snmp', 'mail', 'user alert 1', 'user alert 2', 'user alert 3']),
- enable_firewall_session=dict(type='bool'),
- per_connection=dict(type='bool'),
- per_session=dict(type='bool'),
- type=dict(type='str')
- )),
- user_check=dict(type='dict', options=dict(
- confirm=dict(type='str', choices=['per rule', 'per category', 'per application/site', 'per data type']),
- custom_frequency=dict(type='dict', options=dict(
- every=dict(type='int'),
- unit=dict(type='str', choices=['hours', 'days', 'weeks', 'months'])
- )),
- frequency=dict(type='str',
- choices=['once a day', 'once a week', 'once a month', 'custom frequency...']),
- interaction=dict(type='str')
- )),
- vpn=dict(type='list', elements='dict', options=dict(
- community=dict(type='list', elements='dict'),
- directional=dict(type='list', elements='dict', options=dict(
- to=dict(type='str')
- ))
- )),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool'),
- state=dict(type='str', choices=['present', 'absent'], default='present')
-
- )),
- layer=dict(type='str', required=True),
- details_level=dict(type='str', choices=['uid', 'standard', 'full'])
+ rules=dict(
+ type="list",
+ required=True,
+ elements="dict",
+ options=dict(
+ name=dict(type="str", required=True),
+ action=dict(type="str"),
+ action_settings=dict(
+ type="dict",
+ options=dict(
+ enable_identity_captive_portal=dict(type="bool"),
+ limit=dict(type="str"),
+ ),
+ ),
+ content=dict(type="list", elements="dict"),
+ content_direction=dict(
+ type="str", choices=["any", "up", "down"]
+ ),
+ content_negate=dict(type="bool"),
+ custom_fields=dict(
+ type="dict",
+ options=dict(
+ field_1=dict(type="str"),
+ field_2=dict(type="str"),
+ field_3=dict(type="str"),
+ ),
+ ),
+ destination=dict(type="list", elements="str"),
+ destination_negate=dict(type="bool"),
+ enabled=dict(type="bool"),
+ inline_layer=dict(type="str"),
+ install_on=dict(type="list", elements="str"),
+ service=dict(type="list", elements="str"),
+ service_negate=dict(type="bool"),
+ source=dict(type="list", elements="str"),
+ source_negate=dict(type="bool"),
+ time=dict(type="list", elements="str"),
+ track=dict(
+ type="dict",
+ options=dict(
+ accounting=dict(type="bool"),
+ alert=dict(
+ type="str",
+ choices=[
+ "none",
+ "alert",
+ "snmp",
+ "mail",
+ "user alert 1",
+ "user alert 2",
+ "user alert 3",
+ ],
+ ),
+ enable_firewall_session=dict(type="bool"),
+ per_connection=dict(type="bool"),
+ per_session=dict(type="bool"),
+ type=dict(type="str"),
+ ),
+ ),
+ user_check=dict(
+ type="dict",
+ options=dict(
+ confirm=dict(
+ type="str",
+ choices=[
+ "per rule",
+ "per category",
+ "per application/site",
+ "per data type",
+ ],
+ ),
+ custom_frequency=dict(
+ type="dict",
+ options=dict(
+ every=dict(type="int"),
+ unit=dict(
+ type="str",
+ choices=[
+ "hours",
+ "days",
+ "weeks",
+ "months",
+ ],
+ ),
+ ),
+ ),
+ frequency=dict(
+ type="str",
+ choices=[
+ "once a day",
+ "once a week",
+ "once a month",
+ "custom frequency...",
+ ],
+ ),
+ interaction=dict(type="str"),
+ ),
+ ),
+ vpn_list=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ community=dict(type="list", elements="str"),
+ directional=dict(
+ type="list",
+ elements="dict",
+ options=dict(to=dict(type="str")),
+ ),
+ ),
+ ),
+ vpn=dict(type="str", choices=["Any", "All_GwToGw"]),
+ comments=dict(type="str"),
+ details_level=dict(
+ type="str", choices=["uid", "standard", "full"]
+ ),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
+ state=dict(
+ type="str",
+ choices=["present", "absent"],
+ default="present",
+ ),
+ ),
+ ),
+ layer=dict(type="str", required=True),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
)
- argument_spec['rules']['options']['vpn']['options']['directional']['options']['from'] = dict(type='str')
+ argument_spec["rules"]["options"]["vpn_list"]["options"]["directional"][
+ "options"
+ ]["from"] = dict(type="str")
argument_spec.update(checkpoint_argument_spec_for_action_module)
module = AnsibleModule(argument_spec=argument_spec)
@@ -369,5 +446,5 @@ def main():
module.exit_json()
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_section.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_section.py
index 01a47a503..1a165cd89 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_section.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_access_section.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -94,26 +96,31 @@ cp_mgmt_access_section:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- layer=dict(type='str'),
- position=dict(type='str'),
- name=dict(type='str', required=True),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ layer=dict(type="str"),
+ position=dict(type="str"),
+ name=dict(type="str", required=True),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'access-section'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "access-section"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_api_key.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_api_key.py
index 641cea5e9..a86ee2416 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_api_key.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_api_key.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -51,7 +53,6 @@ EXAMPLES = """
- name: add-api-key
cp_mgmt_add_api_key:
admin_name: admin
- state: present
"""
RETURN = """
@@ -62,13 +63,15 @@ cp_mgmt_add_api_key:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- admin_uid=dict(type='str'),
- admin_name=dict(type='str')
+ admin_uid=dict(type="str"), admin_name=dict(type="str")
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -80,5 +83,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_central_license.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_central_license.py
new file mode 100644
index 000000000..909fcd333
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_central_license.py
@@ -0,0 +1,78 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_add_central_license
+short_description: Add central license.
+description:
+ - Add central license.
+ - All operations are performed over Web Services API.
+version_added: "5.2.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ license:
+ description:
+ - The license string received from the User Center - without 'cplic put'.
+ type: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: add-central-license
+ cp_mgmt_add_central_license:
+ license: 192.168.1.2 never dTTTTTT-WWWWWW-SSSSSSS-QQQQQQ CPSG-VE+3 CPBS-BECE CPSB-DFW CPSM-C-2 CPSB-VPN CPSB-NPM CPSB-LOGS CPSB-IA
+ CPSB-ADNC CPSB-SSLVWPN-5 CK-66666666
+"""
+
+RETURN = """
+cp_mgmt_add_central_license:
+ description: The checkpoint add-central-license output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ license=dict(type='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "add-central-license"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_data_center_object.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_data_center_object.py
index c4ad1d16f..f765cf8da 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_data_center_object.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_data_center_object.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -99,7 +101,6 @@ EXAMPLES = """
cp_mgmt_add_data_center_object:
data_center_name: vCenter 1
name: VM1 mgmt name
- state: present
uri: /Datacenters/VMs/My VM1
"""
@@ -111,27 +112,66 @@ cp_mgmt_add_data_center_object:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- data_center_name=dict(type='str'),
- data_center_uid=dict(type='str'),
- uri=dict(type='str'),
- uid_in_data_center=dict(type='str'),
- name=dict(type='str'),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- groups=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ data_center_name=dict(type="str"),
+ data_center_uid=dict(type="str"),
+ uri=dict(type="str"),
+ uid_in_data_center=dict(type="str"),
+ name=dict(type="str"),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ groups=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -143,5 +183,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_domain.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_domain.py
index bde1d9f4b..d6afde819 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_domain.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_domain.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -125,40 +127,86 @@ cp_mgmt_domain:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- servers=dict(type='list', elements='dict', options=dict(
- name=dict(type='str'),
- ip_address=dict(type='str'),
- ipv4_address=dict(type='str'),
- ipv6_address=dict(type='str'),
- multi_domain_server=dict(type='str'),
- active=dict(type='bool'),
- skip_start_domain_server=dict(type='bool'),
- type=dict(type='str', choices=['management server', 'log server', 'smc'])
- )),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool'),
+ name=dict(type="str", required=True),
+ servers=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ name=dict(type="str"),
+ ip_address=dict(type="str"),
+ ipv4_address=dict(type="str"),
+ ipv6_address=dict(type="str"),
+ multi_domain_server=dict(type="str"),
+ active=dict(type="bool"),
+ skip_start_domain_server=dict(type="bool"),
+ type=dict(
+ type="str",
+ choices=["management server", "log server", "smc"],
+ ),
+ ),
+ ),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
module = AnsibleModule(argument_spec=argument_spec)
- command = 'add-domain'
+ command = "add-domain"
result = api_command(module, command)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_nat_rule.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_nat_rule.py
index 8b1151bd9..badb27822 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_nat_rule.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_nat_rule.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["deprecated"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -34,6 +36,10 @@ description:
- All operations are performed over Web Services API.
version_added: "2.0.0"
author: "Or Soffer (@chkp-orso)"
+deprecated:
+ alternative: cp_mgmt_nat_rule
+ why: Newer and updated module released with more functionality.
+ removed_at_date: '2024-11-01'
options:
package:
description:
@@ -113,7 +119,6 @@ EXAMPLES = """
original_source: Any
package: standard
position: 1
- state: present
"""
RETURN = """
@@ -124,26 +129,29 @@ cp_mgmt_add_nat_rule:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- package=dict(type='str'),
- position=dict(type='str'),
- enabled=dict(type='bool'),
- install_on=dict(type='list', elements='str'),
- method=dict(type='str', choices=['static', 'hide', 'nat64', 'nat46']),
- original_destination=dict(type='str'),
- original_service=dict(type='str'),
- original_source=dict(type='str'),
- translated_destination=dict(type='str'),
- translated_service=dict(type='str'),
- translated_source=dict(type='str'),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ package=dict(type="str"),
+ position=dict(type="str"),
+ enabled=dict(type="bool"),
+ install_on=dict(type="list", elements="str"),
+ method=dict(type="str", choices=["static", "hide", "nat64", "nat46"]),
+ original_destination=dict(type="str"),
+ original_service=dict(type="str"),
+ original_source=dict(type="str"),
+ translated_destination=dict(type="str"),
+ translated_service=dict(type="str"),
+ translated_source=dict(type="str"),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -155,5 +163,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_repository_package.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_repository_package.py
new file mode 100644
index 000000000..ae6d4bd39
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_repository_package.py
@@ -0,0 +1,92 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_add_repository_package
+short_description: Add the software package to the central repository.
+description:
+ - Add the software package to the central repository.
+ - On Multi-Domain Server this command is available only after logging in to the Global domain.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Shiran Golzar (@chkp-shirango)"
+options:
+ name:
+ description:
+ - The name of the repository package.
+ type: str
+ path:
+ description:
+ - The path of the repository package.<br><font color="red">Required only for</font> adding package from local.
+ type: str
+ source:
+ description:
+ - The source of the repository package.
+ type: str
+ choices: ['cloud', 'local']
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: add-repository-package
+ cp_mgmt_add_repository_package:
+ name: Check_Point_R80_20_JUMBO_HF_Bundle_T118_sk137592_Security_Gateway_and_Standalone_2_6_18_FULL.tgz
+ path: /home/admin/
+ source: local
+"""
+
+RETURN = """
+cp_mgmt_add_repository_package:
+ description: The checkpoint add-repository-package output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, \
+ api_command
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ path=dict(type='str'),
+ source=dict(type='str', choices=['cloud', 'local'])
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "add-repository-package"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_rules_batch.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_rules_batch.py
index 58f7bb3bd..3ce0c18d8 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_rules_batch.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_rules_batch.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -109,18 +111,25 @@ cp_mgmt_add_rules_batch:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- objects=dict(type='list', elements='dict', options=dict(
- layer=dict(type='str'),
- type=dict(type='str'),
- first_position=dict(type='str'),
- list=dict(type='list', elements='dict')
- )),
- auto_publish_session=dict(type='bool')
+ objects=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ layer=dict(type="str"),
+ type=dict(type="str"),
+ first_position=dict(type="str"),
+ list=dict(type="list", elements="dict"),
+ ),
+ ),
+ auto_publish_session=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -132,5 +141,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_updatable_object.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_updatable_object.py
new file mode 100644
index 000000000..9b6190bd0
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_add_updatable_object.py
@@ -0,0 +1,116 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_add_updatable_object
+short_description: Import an updatable object from the repository to the management server.
+description:
+ - Import an updatable object from the repository to the management server. This operation takes effect immediately and doesn't require publishing.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ uri:
+ description:
+ - URI of the updatable object in the Updatable Objects Repository.
+ type: str
+ uid_in_updatable_objects_repository:
+ description:
+ - Unique identifier of the updatable object in the Updatable Objects Repository.
+ type: str
+ color:
+ description:
+ - Color of the object. Should be one of existing colors.
+ type: str
+ choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green',
+ 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon',
+ 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow']
+ comments:
+ description:
+ - Comments string.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ ignore_warnings:
+ description:
+ - Apply changes ignoring warnings.
+ type: bool
+ ignore_errors:
+ description:
+ - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+ type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: add-updatable-object
+ cp_mgmt_add_updatable_object:
+ uri: '{{uri}}'
+"""
+
+RETURN = """
+cp_mgmt_add_updatable_object:
+ description: The checkpoint add-updatable-object output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ uri=dict(type='str'),
+ uid_in_updatable_objects_repository=dict(type='str'),
+ color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
+ 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
+ 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
+ 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
+ 'yellow']),
+ comments=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ ignore_warnings=dict(type='bool'),
+ ignore_errors=dict(type='bool')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "add-updatable-object"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_address_range.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_address_range.py
index c678eb832..44ef44a02 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_address_range.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_address_range.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -169,47 +171,93 @@ cp_mgmt_address_range:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- ip_address_first=dict(type='str'),
- ipv4_address_first=dict(type='str'),
- ipv6_address_first=dict(type='str'),
- ip_address_last=dict(type='str'),
- ipv4_address_last=dict(type='str'),
- ipv6_address_last=dict(type='str'),
- nat_settings=dict(type='dict', options=dict(
- auto_rule=dict(type='bool'),
- ip_address=dict(type='str'),
- ipv4_address=dict(type='str'),
- ipv6_address=dict(type='str'),
- hide_behind=dict(type='str', choices=['gateway', 'ip-address']),
- install_on=dict(type='str'),
- method=dict(type='str', choices=['hide', 'static'])
- )),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- groups=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ ip_address_first=dict(type="str"),
+ ipv4_address_first=dict(type="str"),
+ ipv6_address_first=dict(type="str"),
+ ip_address_last=dict(type="str"),
+ ipv4_address_last=dict(type="str"),
+ ipv6_address_last=dict(type="str"),
+ nat_settings=dict(
+ type="dict",
+ options=dict(
+ auto_rule=dict(type="bool"),
+ ip_address=dict(type="str"),
+ ipv4_address=dict(type="str"),
+ ipv6_address=dict(type="str"),
+ hide_behind=dict(
+ type="str", choices=["gateway", "ip-address"]
+ ),
+ install_on=dict(type="str"),
+ method=dict(type="str", choices=["hide", "static"]),
+ ),
+ ),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ groups=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'address-range'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "address-range"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_address_range_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_address_range_facts.py
index f9032eef1..2e41e94ba 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_address_range_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_address_range_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -102,31 +104,42 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- show_membership=dict(type='bool')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ show_membership=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "address-range"
api_call_object_plural_version = "address-ranges"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_administrator.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_administrator.py
index 7568f742c..2b6cbba00 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_administrator.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_administrator.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -179,53 +181,110 @@ cp_mgmt_administrator:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- authentication_method=dict(type='str', choices=['undefined', 'check point password',
- 'os password', 'securid', 'radius', 'tacacs', 'ad authentication', 'api key']),
- email=dict(type='str'),
- expiration_date=dict(type='str'),
- multi_domain_profile=dict(type='str'),
- must_change_password=dict(type='bool'),
- password=dict(type='str', no_log=True),
- password_hash=dict(type='str', no_log=True),
- permissions_profile=dict(type='str'),
- permissions_profile_list=dict(type='list', elements='dict', options=dict(
- profile=dict(type='str'),
- domain=dict(type='str')
- )),
- phone_number=dict(type='str'),
- radius_server=dict(type='str'),
- tacacs_server=dict(type='str'),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ authentication_method=dict(
+ type="str",
+ choices=[
+ "undefined",
+ "check point password",
+ "os password",
+ "securid",
+ "radius",
+ "tacacs",
+ "ad authentication",
+ "api key",
+ ],
+ ),
+ email=dict(type="str"),
+ expiration_date=dict(type="str"),
+ multi_domain_profile=dict(type="str"),
+ must_change_password=dict(type="bool", no_log=False),
+ password=dict(type="str", no_log=True),
+ password_hash=dict(type="str", no_log=True),
+ permissions_profile=dict(type="str"),
+ permissions_profile_list=dict(
+ type="list",
+ elements="dict",
+ options=dict(profile=dict(type="str"), domain=dict(type="str")),
+ ),
+ phone_number=dict(type="str"),
+ radius_server=dict(type="str"),
+ tacacs_server=dict(type="str"),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'administrator'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "administrator"
if module.params["permissions_profile_list"] is not None:
if module.params["permissions_profile"] is not None:
- raise AssertionError("The use of both 'permissions_profile_list' and 'permissions_profile' arguments isn't allowed")
- module.params["permissions_profile"] = module.params["permissions_profile_list"]
+ raise AssertionError(
+ "The use of both 'permissions_profile_list' and 'permissions_profile' arguments isn't allowed"
+ )
+ module.params["permissions_profile"] = module.params[
+ "permissions_profile_list"
+ ]
module.params.pop("permissions_profile_list")
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_administrator_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_administrator_facts.py
index affd2febe..995362860 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_administrator_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_administrator_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -98,30 +100,41 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- ))
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "administrator"
api_call_object_plural_version = "administrators"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site.py
index 36b042a10..5b097cedf 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -143,38 +145,79 @@ cp_mgmt_application_site:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- primary_category=dict(type='str'),
- url_list=dict(type='list', elements='str'),
- application_signature=dict(type='str'),
- additional_categories=dict(type='list', elements='str'),
- description=dict(type='str'),
- tags=dict(type='list', elements='str'),
- urls_defined_as_regular_expression=dict(type='bool'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- groups=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ primary_category=dict(type="str"),
+ url_list=dict(type="list", elements="str"),
+ application_signature=dict(type="str"),
+ additional_categories=dict(type="list", elements="str"),
+ description=dict(type="str"),
+ tags=dict(type="list", elements="str"),
+ urls_defined_as_regular_expression=dict(type="bool"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ groups=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'application-site'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "application-site"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site_category.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site_category.py
index 4c3d94d13..de822141c 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site_category.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site_category.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -109,33 +111,74 @@ cp_mgmt_application_site_category:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- description=dict(type='str'),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- groups=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ description=dict(type="str"),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ groups=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'application-site-category'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "application-site-category"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site_category_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site_category_facts.py
index 3c3653b5b..cfdc977e9 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site_category_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site_category_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -98,30 +100,41 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- ))
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "application-site-category"
api_call_object_plural_version = "application-site-categories"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site_facts.py
index 2618cf6fb..d931dc1b5 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -106,32 +108,43 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- application_id=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- show_membership=dict(type='bool')
+ name=dict(type="str"),
+ application_id=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ show_membership=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "application-site"
api_call_object_plural_version = "application-sites"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site_group.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site_group.py
index 58c072771..b39c33db8 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site_group.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site_group.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -115,33 +117,74 @@ cp_mgmt_application_site_group:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- members=dict(type='list', elements='str'),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- groups=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ members=dict(type="list", elements="str"),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ groups=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'application-site-group'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "application-site-group"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site_group_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site_group_facts.py
index 8a7ac74d4..aac26e00e 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site_group_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_application_site_group_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -106,32 +108,43 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- dereference_group_members=dict(type='bool'),
- show_membership=dict(type='bool')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ dereference_group_members=dict(type="bool"),
+ show_membership=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "application-site-group"
api_call_object_plural_version = "application-site-groups"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_approve_session.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_approve_session.py
index d87b5738d..29ab8695b 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_approve_session.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_approve_session.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -56,13 +58,14 @@ cp_mgmt_approve_session:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
- argument_spec = dict(
- uid=dict(type='str')
- )
+ argument_spec = dict(uid=dict(type="str"))
argument_spec.update(checkpoint_argument_spec_for_commands)
module = AnsibleModule(argument_spec=argument_spec)
@@ -73,5 +76,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_assign_global_assignment.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_assign_global_assignment.py
index f1b1df75d..96d3ff36a 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_assign_global_assignment.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_assign_global_assignment.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -69,14 +71,17 @@ cp_mgmt_assign_global_assignment:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- dependent_domains=dict(type='list', elements='str'),
- global_domains=dict(type='list', elements='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full'])
+ dependent_domains=dict(type="list", elements="str"),
+ global_domains=dict(type="list", elements="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -88,5 +93,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_central_license_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_central_license_facts.py
new file mode 100644
index 000000000..d53212ce7
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_central_license_facts.py
@@ -0,0 +1,86 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_central_license_facts
+short_description: Get central-license objects facts on Checkpoint over Web Services API
+description:
+ - Get central-license objects facts on Checkpoint devices.
+ - All operations are performed over Web Services API.
+ - This module handles both operations, get a specific object and get several objects,
+ For getting a specific object use the parameter 'signature'.
+version_added: "5.2.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ signature:
+ description:
+ - The license's signature. This parameter is relevant only for getting a specific object.
+ type: str
+extends_documentation_fragment: checkpoint_facts
+"""
+
+EXAMPLES = """
+- name: show-central-license
+ cp_mgmt_central_license_facts:
+ signature: dLLLLL-WWWWWW-ZZZZZZ-QQQQQQ
+
+- name: show-central-licenses
+ cp_mgmt_show_central_licenses:
+"""
+
+RETURN = """
+ansible_facts:
+ description: The checkpoint object facts.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
+
+
+def main():
+ argument_spec = dict(
+ signature=dict(type='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_facts)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+
+ api_call_object = "central-license"
+ api_call_object_plural_version = "central-licenses"
+
+ result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ module.exit_json(ansible_facts=result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_check_network_feed.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_check_network_feed.py
index 8c93bf16f..c29b9cdc7 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_check_network_feed.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_check_network_feed.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -157,37 +159,51 @@ cp_mgmt_check_network_feed:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- targets=dict(type='list', elements='str'),
- network_feed=dict(type='dict', options=dict(
- name=dict(type='str'),
- feed_url=dict(type='str'),
- certificate_id=dict(type='str'),
- feed_format=dict(type='str', choices=['Flat List', 'JSON']),
- feed_type=dict(type='str', choices=['Domain', 'IP Address', 'IP Address/Domain']),
- password=dict(type='str', no_log=True),
- username=dict(type='str'),
- custom_header=dict(type='list', elements='dict', options=dict(
- header_name=dict(type='str'),
- header_value=dict(type='str')
- )),
- update_interval=dict(type='int'),
- data_column=dict(type='int'),
- fields_delimiter=dict(type='str'),
- ignore_lines_that_start_with=dict(type='str'),
- json_query=dict(type='str'),
- use_gateway_proxy=dict(type='bool'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- domains_to_process=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool'),
- )),
- auto_publish_session=dict(type='bool')
-
+ targets=dict(type="list", elements="str"),
+ network_feed=dict(
+ type="dict",
+ options=dict(
+ name=dict(type="str"),
+ feed_url=dict(type="str"),
+ certificate_id=dict(type="str"),
+ feed_format=dict(type="str", choices=["Flat List", "JSON"]),
+ feed_type=dict(
+ type="str",
+ choices=["Domain", "IP Address", "IP Address/Domain"],
+ ),
+ password=dict(type="str", no_log=True),
+ username=dict(type="str"),
+ custom_header=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ header_name=dict(type="str"),
+ header_value=dict(type="str"),
+ ),
+ ),
+ update_interval=dict(type="int"),
+ data_column=dict(type="int"),
+ fields_delimiter=dict(type="str"),
+ ignore_lines_that_start_with=dict(type="str"),
+ json_query=dict(type="str"),
+ use_gateway_proxy=dict(type="bool"),
+ details_level=dict(
+ type="str", choices=["uid", "standard", "full"]
+ ),
+ domains_to_process=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
+ ),
+ ),
+ auto_publish_session=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -199,5 +215,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_check_threat_ioc_feed.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_check_threat_ioc_feed.py
index 933349c9e..c85f1e421 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_check_threat_ioc_feed.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_check_threat_ioc_feed.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -173,41 +175,69 @@ cp_mgmt_check_threat_ioc_feed:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- ioc_feed=dict(type='dict', options=dict(
- name=dict(type='str'),
- feed_url=dict(type='str'),
- action=dict(type='str', choices=['Prevent', 'Detect']),
- certificate_id=dict(type='str'),
- custom_comment=dict(type='int'),
- custom_confidence=dict(type='int'),
- custom_header=dict(type='list', elements='dict', options=dict(
- header_name=dict(type='str'),
- header_value=dict(type='str')
- )),
- custom_name=dict(type='int'),
- custom_severity=dict(type='int'),
- custom_type=dict(type='int'),
- custom_value=dict(type='int'),
- enabled=dict(type='bool'),
- feed_type=dict(type='str', choices=['any type', 'domain', 'ip address', 'md5', 'url', 'ip range',
- 'mail subject', 'mail from', 'mail to', 'mail reply to', 'mail cc', 'sha1', 'sha256']),
- password=dict(type='str', no_log=True),
- use_custom_feed_settings=dict(type='bool'),
- username=dict(type='str'),
- fields_delimiter=dict(type='str'),
- ignore_lines_that_start_with=dict(type='str'),
- use_gateway_proxy=dict(type='bool'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
- )),
- targets=dict(type='list', elements='str'),
- auto_publish_session=dict(type='bool')
+ ioc_feed=dict(
+ type="dict",
+ options=dict(
+ name=dict(type="str"),
+ feed_url=dict(type="str"),
+ action=dict(type="str", choices=["Prevent", "Detect"]),
+ certificate_id=dict(type="str"),
+ custom_comment=dict(type="int"),
+ custom_confidence=dict(type="int"),
+ custom_header=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ header_name=dict(type="str"),
+ header_value=dict(type="str"),
+ ),
+ ),
+ custom_name=dict(type="int"),
+ custom_severity=dict(type="int"),
+ custom_type=dict(type="int"),
+ custom_value=dict(type="int"),
+ enabled=dict(type="bool"),
+ feed_type=dict(
+ type="str",
+ choices=[
+ "any type",
+ "domain",
+ "ip address",
+ "md5",
+ "url",
+ "ip range",
+ "mail subject",
+ "mail from",
+ "mail to",
+ "mail reply to",
+ "mail cc",
+ "sha1",
+ "sha256",
+ ],
+ ),
+ password=dict(type="str", no_log=True),
+ use_custom_feed_settings=dict(type="bool"),
+ username=dict(type="str"),
+ fields_delimiter=dict(type="str"),
+ ignore_lines_that_start_with=dict(type="str"),
+ use_gateway_proxy=dict(type="bool"),
+ details_level=dict(
+ type="str", choices=["uid", "standard", "full"]
+ ),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
+ ),
+ ),
+ targets=dict(type="list", elements="str"),
+ auto_publish_session=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -219,5 +249,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_checkpoint_host.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_checkpoint_host.py
new file mode 100644
index 000000000..5b3189c5f
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_checkpoint_host.py
@@ -0,0 +1,528 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_checkpoint_host
+short_description: Manages checkpoint-host objects on Checkpoint over Web Services API
+description:
+ - Manages checkpoint-host objects on Checkpoint devices including creating, updating and removing objects.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ type: str
+ required: True
+ ip_address:
+ description:
+ - IPv4 or IPv6 address. If both addresses are required use ipv4-address and ipv6-address fields explicitly.
+ type: str
+ ipv4_address:
+ description:
+ - IPv4 address.
+ type: str
+ ipv6_address:
+ description:
+ - IPv6 address.
+ type: str
+ interfaces:
+ description:
+ - Check Point host interfaces.
+ type: list
+ elements: dict
+ suboptions:
+ name:
+ description:
+ - Interface name.
+ type: str
+ subnet:
+ description:
+ - IPv4 or IPv6 network address. If both addresses are required use subnet4 and subnet6 fields explicitly.
+ type: str
+ subnet4:
+ description:
+ - IPv4 network address.
+ type: str
+ subnet6:
+ description:
+ - IPv6 network address.
+ type: str
+ mask_length:
+ description:
+ - IPv4 or IPv6 network mask length. If both masks are required use mask-length4 and mask-length6 fields explicitly. Instead of IPv4 mask
+ length it is possible to specify IPv4 mask itself in subnet-mask field.
+ type: int
+ mask_length4:
+ description:
+ - IPv4 network mask length.
+ type: int
+ mask_length6:
+ description:
+ - IPv6 network mask length.
+ type: int
+ subnet_mask:
+ description:
+ - IPv4 network mask.
+ type: str
+ color:
+ description:
+ - Color of the object. Should be one of existing colors.
+ type: str
+ choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange',
+ 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray',
+ 'light green', 'lemon chiffon', 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive',
+ 'orange', 'red', 'sienna', 'yellow']
+ comments:
+ description:
+ - Comments string.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ ignore_warnings:
+ description:
+ - Apply changes ignoring warnings.
+ type: bool
+ ignore_errors:
+ description:
+ - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+ type: bool
+ nat_settings:
+ description:
+ - NAT settings.
+ type: dict
+ suboptions:
+ auto_rule:
+ description:
+ - Whether to add automatic address translation rules.
+ type: bool
+ ip_address:
+ description:
+ - IPv4 or IPv6 address. If both addresses are required use ipv4-address and ipv6-address fields explicitly. This parameter is not
+ required in case "method" parameter is "hide" and "hide-behind" parameter is "gateway".
+ type: str
+ ipv4_address:
+ description:
+ - IPv4 address.
+ type: str
+ ipv6_address:
+ description:
+ - IPv6 address.
+ type: str
+ hide_behind:
+ description:
+ - Hide behind method. This parameter is forbidden in case "method" parameter is "static".
+ type: str
+ choices: ['gateway', 'ip-address']
+ install_on:
+ description:
+ - Which gateway should apply the NAT translation.
+ type: str
+ method:
+ description:
+ - NAT translation method.
+ type: str
+ choices: ['hide', 'static']
+ one_time_password:
+ description:
+ - Secure internal connection one time password.
+ type: str
+ hardware:
+ description:
+ - Hardware name.
+ type: str
+ os:
+ description:
+ - Operating system name.
+ type: str
+ check_point_host_version:
+ description:
+ - Check Point host platform version.
+ type: str
+ management_blades:
+ description:
+ - Management blades.
+ type: dict
+ suboptions:
+ network_policy_management:
+ description:
+ - Enable Network Policy Management.
+ type: bool
+ logging_and_status:
+ description:
+ - Enable Logging & Status.
+ type: bool
+ smart_event_server:
+ description:
+ - Enable SmartEvent server. </br>When activating SmartEvent server, blades 'logging-and-status' and 'smart-event-correlation' should be
+ set to True. </br>To complete SmartEvent configuration, perform Install Database or Install Policy on your Security Management servers and Log
+ servers. </br>Activating SmartEvent Server is not recommended in Management High Availability environment. For more information refer to sk25164.
+ type: bool
+ smart_event_correlation:
+ description:
+ - Enable SmartEvent Correlation Unit.
+ type: bool
+ endpoint_policy:
+ description:
+ - Enable Endpoint Policy. </br>To complete Endpoint Security Management configuration, perform Install Database on your Endpoint
+ Management Server. </br>Field is not supported on Multi Domain Server environment.
+ type: bool
+ compliance:
+ description:
+ - Compliance blade. Can be set when 'network-policy-management' was selected to be True.
+ type: bool
+ user_directory:
+ description:
+ - Enable User Directory. Can be set when 'network-policy-management' was selected to be True.
+ type: bool
+ logs_settings:
+ description:
+ - Logs settings.
+ type: dict
+ suboptions:
+ free_disk_space_metrics:
+ description:
+ - Free disk space metrics.
+ type: str
+ choices: ['mbytes', 'percent']
+ accept_syslog_messages:
+ description:
+ - Enable accept syslog messages.
+ type: bool
+ alert_when_free_disk_space_below:
+ description:
+ - Enable alert when free disk space is below threshold.
+ type: bool
+ alert_when_free_disk_space_below_threshold:
+ description:
+ - Alert when free disk space below threshold.
+ type: int
+ alert_when_free_disk_space_below_type:
+ description:
+ - Alert when free disk space below type.
+ type: str
+ choices: ['none', 'log', 'popup alert', 'mail alert', 'snmp trap alert', 'user defined alert no.1', 'user defined alert no.2',
+ 'user defined alert no.3']
+ before_delete_keep_logs_from_the_last_days:
+ description:
+ - Enable before delete keep logs from the last days.
+ type: bool
+ before_delete_keep_logs_from_the_last_days_threshold:
+ description:
+ - Before delete keep logs from the last days threshold.
+ type: int
+ before_delete_run_script:
+ description:
+ - Enable Before delete run script.
+ type: bool
+ before_delete_run_script_command:
+ description:
+ - Before delete run script command.
+ type: str
+ delete_index_files_older_than_days:
+ description:
+ - Enable delete index files older than days.
+ type: bool
+ delete_index_files_older_than_days_threshold:
+ description:
+ - Delete index files older than days threshold.
+ type: int
+ delete_when_free_disk_space_below:
+ description:
+ - Enable delete when free disk space below.
+ type: bool
+ delete_when_free_disk_space_below_threshold:
+ description:
+ - Delete when free disk space below threshold.
+ type: int
+ detect_new_citrix_ica_application_names:
+ description:
+ - Enable detect new Citrix ICA application names.
+ type: bool
+ distribute_logs_between_all_active_servers:
+ description:
+ - Distribute logs between all active servers.
+ type: bool
+ enable_log_indexing:
+ description:
+ - Enable log indexing.
+ type: bool
+ forward_logs_to_log_server:
+ description:
+ - Enable forward logs to log server.
+ type: bool
+ forward_logs_to_log_server_name:
+ description:
+ - Forward logs to log server name.
+ type: str
+ forward_logs_to_log_server_schedule_name:
+ description:
+ - Forward logs to log server schedule name.
+ type: str
+ rotate_log_by_file_size:
+ description:
+ - Enable rotate log by file size.
+ type: bool
+ rotate_log_file_size_threshold:
+ description:
+ - Log file size threshold.
+ type: int
+ rotate_log_on_schedule:
+ description:
+ - Enable rotate log on schedule.
+ type: bool
+ rotate_log_schedule_name:
+ description:
+ - Rotate log schedule name.
+ type: str
+ smart_event_intro_correletion_unit:
+ description:
+ - Enable SmartEvent intro correlation unit.
+ type: bool
+ stop_logging_when_free_disk_space_below:
+ description:
+ - Enable stop logging when free disk space below.
+ type: bool
+ stop_logging_when_free_disk_space_below_threshold:
+ description:
+ - Stop logging when free disk space below threshold.
+ type: int
+ turn_on_qos_logging:
+ description:
+ - Enable turn on QoS Logging.
+ type: bool
+ update_account_log_every:
+ description:
+ - Update account log in every amount of seconds.
+ type: int
+ save_logs_locally:
+ description:
+ - Enable save logs locally.
+ type: bool
+ send_alerts_to_server:
+ description:
+ - Collection of Server(s) to send alerts to identified by the name or UID.
+ type: list
+ elements: str
+ send_logs_to_backup_server:
+ description:
+ - Collection of Backup server(s) to send logs to identified by the name or UID.
+ type: list
+ elements: str
+ send_logs_to_server:
+ description:
+ - Collection of Server(s) to send logs to identified by the name or UID.
+ type: list
+ elements: str
+ tags:
+ description:
+ - Collection of tag identifiers.
+ type: list
+ elements: str
+ color:
+ description:
+ - Color of the object. Should be one of existing colors.
+ type: str
+ choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green',
+ 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon',
+ 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow']
+ comments:
+ description:
+ - Comments string.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ groups:
+ description:
+ - Collection of group identifiers.
+ type: list
+ elements: str
+ ignore_warnings:
+ description:
+ - Apply changes ignoring warnings.
+ type: bool
+ ignore_errors:
+ description:
+ - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+ type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_objects
+"""
+
+EXAMPLES = """
+- name: add-checkpoint-host
+ cp_mgmt_checkpoint_host:
+ ipv4_address: 5.5.5.5
+ management_blades:
+ logging_and_status: true
+ network_policy_management: true
+ name: secondarylogserver
+ state: present
+
+- name: set-checkpoint-host
+ cp_mgmt_checkpoint_host:
+ hardware: Smart-1
+ management_blades:
+ compliance: true
+ network_policy_management: true
+ user_directory: true
+ name: secondarylogserver
+ os: Linux
+ state: present
+
+- name: delete-checkpoint-host
+ cp_mgmt_checkpoint_host:
+ name: secondarylogserver
+ state: absent
+"""
+
+RETURN = """
+cp_mgmt_checkpoint_host:
+ description: The checkpoint object created or updated.
+ returned: always, except when deleting the object.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str', required=True),
+ ip_address=dict(type='str'),
+ ipv4_address=dict(type='str'),
+ ipv6_address=dict(type='str'),
+ interfaces=dict(type='list', elements='dict', options=dict(
+ name=dict(type='str'),
+ subnet=dict(type='str'),
+ subnet4=dict(type='str'),
+ subnet6=dict(type='str'),
+ mask_length=dict(type='int'),
+ mask_length4=dict(type='int'),
+ mask_length6=dict(type='int'),
+ subnet_mask=dict(type='str'),
+ color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan',
+ 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick',
+ 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral',
+ 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red',
+ 'sienna', 'yellow']),
+ comments=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ ignore_warnings=dict(type='bool'),
+ ignore_errors=dict(type='bool')
+ )),
+ nat_settings=dict(type='dict', options=dict(
+ auto_rule=dict(type='bool'),
+ ip_address=dict(type='str'),
+ ipv4_address=dict(type='str'),
+ ipv6_address=dict(type='str'),
+ hide_behind=dict(type='str', choices=['gateway', 'ip-address']),
+ install_on=dict(type='str'),
+ method=dict(type='str', choices=['hide', 'static'])
+ )),
+ one_time_password=dict(type='str', no_log=True),
+ hardware=dict(type='str'),
+ os=dict(type='str'),
+ check_point_host_version=dict(type='str'),
+ management_blades=dict(type='dict', options=dict(
+ network_policy_management=dict(type='bool'),
+ logging_and_status=dict(type='bool'),
+ smart_event_server=dict(type='bool'),
+ smart_event_correlation=dict(type='bool'),
+ endpoint_policy=dict(type='bool'),
+ compliance=dict(type='bool'),
+ user_directory=dict(type='bool')
+ )),
+ logs_settings=dict(type='dict', options=dict(
+ free_disk_space_metrics=dict(type='str', choices=['mbytes', 'percent']),
+ accept_syslog_messages=dict(type='bool'),
+ alert_when_free_disk_space_below=dict(type='bool'),
+ alert_when_free_disk_space_below_threshold=dict(type='int'),
+ alert_when_free_disk_space_below_type=dict(type='str', choices=['none',
+ 'log', 'popup alert', 'mail alert', 'snmp trap alert', 'user defined alert no.1',
+ 'user defined alert no.2', 'user defined alert no.3']),
+ before_delete_keep_logs_from_the_last_days=dict(type='bool'),
+ before_delete_keep_logs_from_the_last_days_threshold=dict(type='int'),
+ before_delete_run_script=dict(type='bool'),
+ before_delete_run_script_command=dict(type='str'),
+ delete_index_files_older_than_days=dict(type='bool'),
+ delete_index_files_older_than_days_threshold=dict(type='int'),
+ delete_when_free_disk_space_below=dict(type='bool'),
+ delete_when_free_disk_space_below_threshold=dict(type='int'),
+ detect_new_citrix_ica_application_names=dict(type='bool'),
+ distribute_logs_between_all_active_servers=dict(type='bool'),
+ enable_log_indexing=dict(type='bool'),
+ forward_logs_to_log_server=dict(type='bool'),
+ forward_logs_to_log_server_name=dict(type='str'),
+ forward_logs_to_log_server_schedule_name=dict(type='str'),
+ rotate_log_by_file_size=dict(type='bool'),
+ rotate_log_file_size_threshold=dict(type='int'),
+ rotate_log_on_schedule=dict(type='bool'),
+ rotate_log_schedule_name=dict(type='str'),
+ smart_event_intro_correletion_unit=dict(type='bool'),
+ stop_logging_when_free_disk_space_below=dict(type='bool'),
+ stop_logging_when_free_disk_space_below_threshold=dict(type='int'),
+ turn_on_qos_logging=dict(type='bool'),
+ update_account_log_every=dict(type='int')
+ )),
+ save_logs_locally=dict(type='bool'),
+ send_alerts_to_server=dict(type='list', elements='str'),
+ send_logs_to_backup_server=dict(type='list', elements='str'),
+ send_logs_to_server=dict(type='list', elements='str'),
+ tags=dict(type='list', elements='str'),
+ color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
+ 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
+ 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
+ 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
+ 'yellow']),
+ comments=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ groups=dict(type='list', elements='str'),
+ ignore_warnings=dict(type='bool'),
+ ignore_errors=dict(type='bool')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_objects)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ api_call_object = 'checkpoint-host'
+
+ result = api_call(module, api_call_object)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_checkpoint_host_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_checkpoint_host_facts.py
new file mode 100644
index 000000000..2ec9f8809
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_checkpoint_host_facts.py
@@ -0,0 +1,144 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_checkpoint_host_facts
+short_description: Get checkpoint-host objects facts on Checkpoint over Web Services API
+description:
+ - Get checkpoint-host objects facts on Checkpoint devices.
+ - All operations are performed over Web Services API.
+ - This module handles both operations, get a specific object and get several objects,
+ For getting a specific object use the parameter 'name'.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ This parameter is relevant only for getting a specific object.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ filter:
+ description:
+ - Search expression to filter objects by. The provided text should be exactly the same as it would be given in SmartConsole Object Explorer. The
+ logical operators in the expression ('AND', 'OR') should be provided in capital letters. The search involves both a IP search and a textual search in
+ name, comment, tags etc.
+ type: str
+ limit:
+ description:
+ - The maximal number of returned results.
+ This parameter is relevant only for getting few objects.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ This parameter is relevant only for getting few objects.
+ type: int
+ order:
+ description:
+ - Sorts the results by search criteria. Automatically sorts the results by Name, in the ascending order.
+ This parameter is relevant only for getting few objects.
+ type: list
+ elements: dict
+ suboptions:
+ ASC:
+ description:
+ - Sorts results by the given field in ascending order.
+ type: str
+ choices: ['name']
+ DESC:
+ description:
+ - Sorts results by the given field in descending order.
+ type: str
+ choices: ['name']
+ show_membership:
+ description:
+ - Indicates whether to calculate and show "groups" field for every object in reply.
+ type: bool
+ domains_to_process:
+ description:
+ - Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and
+ with ignore-warnings true. Valid values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.
+ type: list
+ elements: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_facts
+"""
+
+EXAMPLES = """
+- name: show-checkpoint-host
+ cp_mgmt_checkpoint_host_facts:
+ name: CP Host 1
+
+- name: show-checkpoint-hosts
+ cp_mgmt_checkpoint_host_facts:
+ limit: 10
+"""
+
+RETURN = """
+ansible_facts:
+ description: The checkpoint object facts.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ filter=dict(type='str'),
+ limit=dict(type='int'),
+ offset=dict(type='int'),
+ order=dict(type='list', elements='dict', options=dict(
+ ASC=dict(type='str', choices=['name']),
+ DESC=dict(type='str', choices=['name'])
+ )),
+ show_membership=dict(type='bool'),
+ domains_to_process=dict(type='list', elements='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_facts)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+
+ api_call_object = "checkpoint-host"
+ api_call_object_plural_version = "checkpoint-hosts"
+
+ result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ module.exit_json(ansible_facts=result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_cluster_members_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_cluster_members_facts.py
index 203ce487e..a99e16634 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_cluster_members_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_cluster_members_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -114,34 +116,45 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- uid=dict(type='str'),
- limit_interfaces=dict(type='int'),
- filter=dict(type='str'),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- show_membership=dict(type='bool'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- domains_to_process=dict(type='list', elements='str')
+ uid=dict(type="str"),
+ limit_interfaces=dict(type="int"),
+ filter=dict(type="str"),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ show_membership=dict(type="bool"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ domains_to_process=dict(type="list", elements="str"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "cluster-member"
api_call_object_plural_version = "cluster-members"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_connect_cloud_services.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_connect_cloud_services.py
index 9194f9a0f..a19f1f57f 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_connect_cloud_services.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_connect_cloud_services.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -61,13 +63,14 @@ cp_mgmt_connect_cloud_services:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
- argument_spec = dict(
- auth_token=dict(type='str', no_log=True)
- )
+ argument_spec = dict(auth_token=dict(type="str", no_log=True))
argument_spec.update(checkpoint_argument_spec_for_commands)
module = AnsibleModule(argument_spec=argument_spec)
@@ -78,5 +81,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_data_center_object_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_data_center_object_facts.py
index 41400cf0a..5489850bd 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_data_center_object_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_data_center_object_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -99,31 +101,42 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- show_membership=dict(type='bool')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ show_membership=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "data-center-object"
api_call_object_plural_version = "data-center-objects"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_api_key.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_api_key.py
index 4839a1f27..b590b7b8e 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_api_key.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_api_key.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -55,7 +57,6 @@ EXAMPLES = """
cp_mgmt_delete_api_key:
#sgignore next_line
api_key: eea3be76f4a8eb740ee872bcedc692748ff256a2d21c9ffd2754facbde046d00
- state: absent
"""
RETURN = """
@@ -66,14 +67,17 @@ cp_mgmt_delete_api_key:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- api_key=dict(type='str', no_log=True),
- admin_uid=dict(type='str'),
- admin_name=dict(type='str')
+ api_key=dict(type="str", no_log=True),
+ admin_uid=dict(type="str"),
+ admin_name=dict(type="str"),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -85,5 +89,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_central_license.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_central_license.py
new file mode 100644
index 000000000..e08a9f96a
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_central_license.py
@@ -0,0 +1,77 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_delete_central_license
+short_description: Delete central license.
+description:
+ - Delete central license.
+ - All operations are performed over Web Services API.
+version_added: "5.2.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ signature:
+ description:
+ - The license's signature to be deleted.
+ type: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: delete-central-license
+ cp_mgmt_delete_central_license:
+ signature: dTTTTTT-WWWWWW-SSSSSSS-QQQQQQ
+"""
+
+RETURN = """
+cp_mgmt_delete_central_license:
+ description: The checkpoint delete-central-license output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ signature=dict(type='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "delete-central-license"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_data_center_object.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_data_center_object.py
index 52f4b6633..e3cdf8c78 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_data_center_object.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_data_center_object.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -60,7 +62,6 @@ EXAMPLES = """
- name: delete-data-center-object
cp_mgmt_delete_data_center_object:
name: VM1 mgmt name
- state: absent
"""
RETURN = """
@@ -71,15 +72,18 @@ cp_mgmt_delete_data_center_object:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -91,5 +95,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_domain.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_domain.py
index 4b356fd49..550cb5009 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_domain.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_domain.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -71,24 +73,27 @@ cp_mgmt_domain:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool'),
+ name=dict(type="str", required=True),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
module = AnsibleModule(argument_spec=argument_spec)
- command = 'delete-domain'
+ command = "delete-domain"
result = api_command(module, command)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_nat_rule.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_nat_rule.py
index 2915667f3..88416c82f 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_nat_rule.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_nat_rule.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["deprecated"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -34,6 +36,10 @@ description:
- All operations are performed over Web Services API.
version_added: "2.0.0"
author: "Or Soffer (@chkp-orso)"
+deprecated:
+ alternative: cp_mgmt_nat_rule
+ why: Newer and updated module released with more functionality.
+ removed_at_date: '2024-11-01'
options:
rule_number:
description:
@@ -56,7 +62,6 @@ EXAMPLES = """
- name: delete-nat-rule
cp_mgmt_delete_nat_rule:
package: standard
- state: absent
"""
RETURN = """
@@ -67,14 +72,17 @@ cp_mgmt_delete_nat_rule:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- rule_number=dict(type='str'),
- package=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full'])
+ rule_number=dict(type="str"),
+ package=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -86,5 +94,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_repository_package.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_repository_package.py
new file mode 100644
index 000000000..6a8401022
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_repository_package.py
@@ -0,0 +1,79 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_delete_repository_package
+short_description: Delete the repository software package from the central repository.
+description:
+ - Delete the repository software package from the central repository.
+ - On Multi-Domain Server this command is available only after logging in to the Global domain.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Shiran Golzar (@chkp-shirango)"
+options:
+ name:
+ description:
+ - The name of the software package.
+ type: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: delete-repository-package
+ cp_mgmt_delete_repository_package:
+ name: Check_Point_R80_20_JUMBO_HF_Bundle_T118_sk137592_Security_Gateway_and_Standalone_2_6_18_FULL.tgz
+"""
+
+RETURN = """
+cp_mgmt_delete_repository_package:
+ description: The checkpoint delete-repository-package output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, \
+ api_command
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "delete-repository-package"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_rules_batch.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_rules_batch.py
index 8e17898be..6e9f632ce 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_rules_batch.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_rules_batch.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -86,7 +88,6 @@ EXAMPLES = """
- rule_number: 1
- rule_number: 2
type: https-rule
- state: absent
"""
RETURN = """
@@ -97,17 +98,24 @@ cp_mgmt_delete_rules_batch:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- objects=dict(type='list', elements='dict', options=dict(
- layer=dict(type='str'),
- type=dict(type='str'),
- list=dict(type='list', elements='dict')
- )),
- auto_publish_session=dict(type='bool')
+ objects=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ layer=dict(type="str"),
+ type=dict(type="str"),
+ list=dict(type="list", elements="dict"),
+ ),
+ ),
+ auto_publish_session=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -119,5 +127,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_updatable_object.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_updatable_object.py
new file mode 100644
index 000000000..2310c6894
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_delete_updatable_object.py
@@ -0,0 +1,94 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_delete_updatable_object
+short_description: Delete existing object using object name or uid.
+description:
+ - Delete existing object using object name or uid.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ ignore_warnings:
+ description:
+ - Apply changes ignoring warnings.
+ type: bool
+ ignore_errors:
+ description:
+ - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+ type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: delete-updatable-object
+ cp_mgmt_delete_updatable_object:
+ name: CodeBuild US East 1
+"""
+
+RETURN = """
+cp_mgmt_delete_updatable_object:
+ description: The checkpoint delete-updatable-object output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ ignore_warnings=dict(type='bool'),
+ ignore_errors=dict(type='bool')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "delete-updatable-object"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_discard.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_discard.py
index 7dc4844e9..4fe8d1051 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_discard.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_discard.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -55,13 +57,14 @@ cp_mgmt_discard:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
- argument_spec = dict(
- uid=dict(type='str')
- )
+ argument_spec = dict(uid=dict(type="str"))
argument_spec.update(checkpoint_argument_spec_for_commands)
module = AnsibleModule(argument_spec=argument_spec)
@@ -72,5 +75,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_disconnect_cloud_services.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_disconnect_cloud_services.py
index 82073cc7a..a6197cd09 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_disconnect_cloud_services.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_disconnect_cloud_services.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -57,13 +59,14 @@ cp_mgmt_disconnect_cloud_services:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
- argument_spec = dict(
- force=dict(type='bool')
- )
+ argument_spec = dict(force=dict(type="bool"))
argument_spec.update(checkpoint_argument_spec_for_commands)
module = AnsibleModule(argument_spec=argument_spec)
@@ -74,5 +77,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_distribute_cloud_licenses.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_distribute_cloud_licenses.py
new file mode 100644
index 000000000..a381ccc00
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_distribute_cloud_licenses.py
@@ -0,0 +1,82 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_distribute_cloud_licenses
+short_description: Distribute licenses to target CloudGuard gateways.
+description:
+ - Distribute licenses to target CloudGuard gateways. For more information, see the <A HREF =
+ "https://sc1.checkpoint.com/documents/IaaS/WebAdminGuides/EN/CP_CloudGuard_Central_License_Tool_Admin_Guide/Content/Topics-Central-License-Tool/Overview.h
+ m?tocpath=Overview%7C_____0#Overview"><b>Central License Administration Guide</b></A>.
+ - All operations are performed over Web Services API.
+version_added: "5.2.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ targets:
+ description:
+ - Targets are uid or name of the security gateway(s). In case no target specified, the license will be distributed to all CloudGuard security gateways.
+ type: list
+ elements: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: distribute-cloud-licenses
+ cp_mgmt_distribute_cloud_licenses:
+ targets:
+ - GW1
+ - GW2
+"""
+
+RETURN = """
+cp_mgmt_distribute_cloud_licenses:
+ description: The checkpoint distribute-cloud-licenses output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ targets=dict(type='list', elements='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "distribute-cloud-licenses"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_dns_domain.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_dns_domain.py
index 127dce067..2a4bf5886 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_dns_domain.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_dns_domain.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -104,32 +106,73 @@ cp_mgmt_dns_domain:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- is_sub_domain=dict(type='bool'),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ is_sub_domain=dict(type="bool"),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'dns-domain'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "dns-domain"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_dns_domain_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_dns_domain_facts.py
index 87ab82c46..b716d5a21 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_dns_domain_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_dns_domain_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -102,31 +104,42 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- show_membership=dict(type='bool')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ show_membership=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "dns-domain"
api_call_object_plural_version = "dns-domains"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_domain_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_domain_facts.py
index e6fab1445..5072e60bc 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_domain_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_domain_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -104,31 +106,42 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- filter=dict(type='str'),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- ))
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ filter=dict(type="str"),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "domain"
api_call_object_plural_version = "domains"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_domain_permissions_profile.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_domain_permissions_profile.py
index d327f30f6..d3798798a 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_domain_permissions_profile.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_domain_permissions_profile.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -459,7 +461,8 @@ EXAMPLES = """
- name: set-domain-permissions-profile
cp_mgmt_domain_permissions_profile:
- access_control.policy_layers: By Selected Profile In A Layer Editor
+ access_control:
+ policy_layers: By Selected Profile In A Layer Editor
name: read profile
permission_type: customized
state: present
@@ -478,121 +481,249 @@ cp_mgmt_domain_permissions_profile:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- permission_type=dict(type='str', choices=['read write all', 'read only all', 'customized']),
- edit_common_objects=dict(type='bool'),
- access_control=dict(type='dict', options=dict(
- show_policy=dict(type='bool'),
- policy_layers=dict(type='dict', options=dict(
- edit_layers=dict(type='str', choices=['By Software Blades', 'By Selected Profile In A Layer Editor']),
- app_control_and_url_filtering=dict(type='bool'),
- content_awareness=dict(type='bool'),
- firewall=dict(type='bool'),
- mobile_access=dict(type='bool')
- )),
- dlp_policy=dict(type='str', choices=['read', 'write', 'disabled']),
- geo_control_policy=dict(type='str', choices=['read', 'write', 'disabled']),
- nat_policy=dict(type='str', choices=['read', 'write', 'disabled']),
- qos_policy=dict(type='str', choices=['read', 'write', 'disabled']),
- access_control_objects_and_settings=dict(type='str', choices=['read', 'write', 'disabled']),
- app_control_and_url_filtering_update=dict(type='bool'),
- install_policy=dict(type='bool')
- )),
- endpoint=dict(type='dict', options=dict(
- manage_policies_and_software_deployment=dict(type='bool'),
- edit_endpoint_policies=dict(type='bool'),
- policies_installation=dict(type='bool'),
- edit_software_deployment=dict(type='bool'),
- software_deployment_installation=dict(type='bool'),
- allow_executing_push_operations=dict(type='bool'),
- authorize_preboot_users=dict(type='bool'),
- recovery_media=dict(type='bool'),
- remote_help=dict(type='bool'),
- reset_computer_data=dict(type='bool')
- )),
- events_and_reports=dict(type='dict', options=dict(
- smart_event=dict(type='str', choices=['custom', 'app control and url filtering reports only']),
- events=dict(type='str', choices=['read', 'write', 'disabled']),
- policy=dict(type='str', choices=['read', 'write', 'disabled']),
- reports=dict(type='bool')
- )),
- gateways=dict(type='dict', options=dict(
- smart_update=dict(type='str', choices=['read', 'write', 'disabled']),
- lsm_gw_db=dict(type='str', choices=['read', 'write', 'disabled']),
- manage_provisioning_profiles=dict(type='str', choices=['read', 'write', 'disabled']),
- vsx_provisioning=dict(type='bool'),
- system_backup=dict(type='bool'),
- system_restore=dict(type='bool'),
- open_shell=dict(type='bool'),
- run_one_time_script=dict(type='bool'),
- run_repository_script=dict(type='bool'),
- manage_repository_scripts=dict(type='str', choices=['read', 'write', 'disabled'])
- )),
- management=dict(type='dict', options=dict(
- cme_operations=dict(type='str', choices=['read', 'write', 'disabled']),
- manage_admins=dict(type='bool'),
- management_api_login=dict(type='bool'),
- manage_sessions=dict(type='bool'),
- high_availability_operations=dict(type='bool'),
- approve_or_reject_sessions=dict(type='bool'),
- publish_sessions=dict(type='bool'),
- manage_integration_with_cloud_services=dict(type='bool')
- )),
- monitoring_and_logging=dict(type='dict', options=dict(
- monitoring=dict(type='str', choices=['read', 'write', 'disabled']),
- management_logs=dict(type='str', choices=['read', 'write', 'disabled']),
- track_logs=dict(type='str', choices=['read', 'write', 'disabled']),
- app_and_url_filtering_logs=dict(type='bool'),
- https_inspection_logs=dict(type='bool'),
- packet_capture_and_forensics=dict(type='bool'),
- show_packet_capture_by_default=dict(type='bool'),
- identities=dict(type='bool'),
- show_identities_by_default=dict(type='bool'),
- dlp_logs_including_confidential_fields=dict(type='bool'),
- manage_dlp_messages=dict(type='bool')
- )),
- threat_prevention=dict(type='dict', options=dict(
- policy_layers=dict(type='str', choices=['read', 'write', 'disabled']),
- edit_layers=dict(type='str', choices=['By Selected Profile In A Layer Editor', 'All']),
- edit_settings=dict(type='bool'),
- policy_exceptions=dict(type='str', choices=['read', 'write', 'disabled']),
- profiles=dict(type='str', choices=['read', 'write', 'disabled']),
- protections=dict(type='str', choices=['read', 'write', 'disabled']),
- install_policy=dict(type='bool'),
- ips_update=dict(type='bool')
- )),
- others=dict(type='dict', options=dict(
- client_certificates=dict(type='bool'),
- edit_cp_users_db=dict(type='bool'),
- https_inspection=dict(type='str', choices=['read', 'write', 'disabled']),
- ldap_users_db=dict(type='str', choices=['read', 'write', 'disabled']),
- user_authority_access=dict(type='str', choices=['read', 'write', 'disabled']),
- user_device_mgmt_conf=dict(type='str', choices=['read', 'write', 'disabled'])
- )),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ permission_type=dict(
+ type="str",
+ choices=["read write all", "read only all", "customized"],
+ ),
+ edit_common_objects=dict(type="bool"),
+ access_control=dict(
+ type="dict",
+ options=dict(
+ show_policy=dict(type="bool"),
+ policy_layers=dict(
+ type="dict",
+ options=dict(
+ edit_layers=dict(
+ type="str",
+ choices=[
+ "By Software Blades",
+ "By Selected Profile In A Layer Editor",
+ ],
+ ),
+ app_control_and_url_filtering=dict(type="bool"),
+ content_awareness=dict(type="bool"),
+ firewall=dict(type="bool"),
+ mobile_access=dict(type="bool"),
+ ),
+ ),
+ dlp_policy=dict(
+ type="str", choices=["read", "write", "disabled"]
+ ),
+ geo_control_policy=dict(
+ type="str", choices=["read", "write", "disabled"]
+ ),
+ nat_policy=dict(
+ type="str", choices=["read", "write", "disabled"]
+ ),
+ qos_policy=dict(
+ type="str", choices=["read", "write", "disabled"]
+ ),
+ access_control_objects_and_settings=dict(
+ type="str", choices=["read", "write", "disabled"]
+ ),
+ app_control_and_url_filtering_update=dict(type="bool"),
+ install_policy=dict(type="bool"),
+ ),
+ ),
+ endpoint=dict(
+ type="dict",
+ options=dict(
+ manage_policies_and_software_deployment=dict(type="bool"),
+ edit_endpoint_policies=dict(type="bool"),
+ policies_installation=dict(type="bool"),
+ edit_software_deployment=dict(type="bool"),
+ software_deployment_installation=dict(type="bool"),
+ allow_executing_push_operations=dict(type="bool"),
+ authorize_preboot_users=dict(type="bool"),
+ recovery_media=dict(type="bool"),
+ remote_help=dict(type="bool"),
+ reset_computer_data=dict(type="bool"),
+ ),
+ ),
+ events_and_reports=dict(
+ type="dict",
+ options=dict(
+ smart_event=dict(
+ type="str",
+ choices=[
+ "custom",
+ "app control and url filtering reports only",
+ ],
+ ),
+ events=dict(type="str", choices=["read", "write", "disabled"]),
+ policy=dict(type="str", choices=["read", "write", "disabled"]),
+ reports=dict(type="bool"),
+ ),
+ ),
+ gateways=dict(
+ type="dict",
+ options=dict(
+ smart_update=dict(
+ type="str", choices=["read", "write", "disabled"]
+ ),
+ lsm_gw_db=dict(
+ type="str", choices=["read", "write", "disabled"]
+ ),
+ manage_provisioning_profiles=dict(
+ type="str", choices=["read", "write", "disabled"]
+ ),
+ vsx_provisioning=dict(type="bool"),
+ system_backup=dict(type="bool"),
+ system_restore=dict(type="bool"),
+ open_shell=dict(type="bool"),
+ run_one_time_script=dict(type="bool"),
+ run_repository_script=dict(type="bool"),
+ manage_repository_scripts=dict(
+ type="str", choices=["read", "write", "disabled"]
+ ),
+ ),
+ ),
+ management=dict(
+ type="dict",
+ options=dict(
+ cme_operations=dict(
+ type="str", choices=["read", "write", "disabled"]
+ ),
+ manage_admins=dict(type="bool"),
+ management_api_login=dict(type="bool"),
+ manage_sessions=dict(type="bool"),
+ high_availability_operations=dict(type="bool"),
+ approve_or_reject_sessions=dict(type="bool"),
+ publish_sessions=dict(type="bool"),
+ manage_integration_with_cloud_services=dict(type="bool"),
+ ),
+ ),
+ monitoring_and_logging=dict(
+ type="dict",
+ options=dict(
+ monitoring=dict(
+ type="str", choices=["read", "write", "disabled"]
+ ),
+ management_logs=dict(
+ type="str", choices=["read", "write", "disabled"]
+ ),
+ track_logs=dict(
+ type="str", choices=["read", "write", "disabled"]
+ ),
+ app_and_url_filtering_logs=dict(type="bool"),
+ https_inspection_logs=dict(type="bool"),
+ packet_capture_and_forensics=dict(type="bool"),
+ show_packet_capture_by_default=dict(type="bool"),
+ identities=dict(type="bool"),
+ show_identities_by_default=dict(type="bool"),
+ dlp_logs_including_confidential_fields=dict(type="bool"),
+ manage_dlp_messages=dict(type="bool"),
+ ),
+ ),
+ threat_prevention=dict(
+ type="dict",
+ options=dict(
+ policy_layers=dict(
+ type="str", choices=["read", "write", "disabled"]
+ ),
+ edit_layers=dict(
+ type="str",
+ choices=["By Selected Profile In A Layer Editor", "All"],
+ ),
+ edit_settings=dict(type="bool"),
+ policy_exceptions=dict(
+ type="str", choices=["read", "write", "disabled"]
+ ),
+ profiles=dict(
+ type="str", choices=["read", "write", "disabled"]
+ ),
+ protections=dict(
+ type="str", choices=["read", "write", "disabled"]
+ ),
+ install_policy=dict(type="bool"),
+ ips_update=dict(type="bool"),
+ ),
+ ),
+ others=dict(
+ type="dict",
+ options=dict(
+ client_certificates=dict(type="bool"),
+ edit_cp_users_db=dict(type="bool"),
+ https_inspection=dict(
+ type="str", choices=["read", "write", "disabled"]
+ ),
+ ldap_users_db=dict(
+ type="str", choices=["read", "write", "disabled"]
+ ),
+ user_authority_access=dict(
+ type="str", choices=["read", "write", "disabled"]
+ ),
+ user_device_mgmt_conf=dict(
+ type="str", choices=["read", "write", "disabled"]
+ ),
+ ),
+ ),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'domain-permissions-profile'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "domain-permissions-profile"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_domain_permissions_profile_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_domain_permissions_profile_facts.py
index b923f3939..b3e2e8368 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_domain_permissions_profile_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_domain_permissions_profile_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -110,32 +112,43 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- filter=dict(type='str'),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- domains_to_process=dict(type='list', elements='str')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ filter=dict(type="str"),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ domains_to_process=dict(type="list", elements="str"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "domain-permissions-profile"
api_call_object_plural_version = "domain-permissions-profiles"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_dynamic_global_network_object.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_dynamic_global_network_object.py
new file mode 100644
index 000000000..63d904ca0
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_dynamic_global_network_object.py
@@ -0,0 +1,136 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_dynamic_global_network_object
+short_description: Manages dynamic-global-network-object objects on Checkpoint over Web Services API
+description:
+ - Manages dynamic-global-network-object objects on Checkpoint devices including creating, updating and removing objects.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ type: str
+ required: True
+ tags:
+ description:
+ - Collection of tag identifiers.
+ type: list
+ elements: str
+ color:
+ description:
+ - Color of the object. Should be one of existing colors.
+ type: str
+ choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green',
+ 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon',
+ 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow']
+ comments:
+ description:
+ - Comments string.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ groups:
+ description:
+ - Collection of group identifiers.
+ type: list
+ elements: str
+ ignore_warnings:
+ description:
+ - Apply changes ignoring warnings.
+ type: bool
+ ignore_errors:
+ description:
+ - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+ type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_objects
+"""
+
+EXAMPLES = """
+- name: add-dynamic-global-network-object
+ cp_mgmt_dynamic_global_network_object:
+ name: obj_global
+ state: present
+
+- name: set-dynamic-global-network-object
+ cp_mgmt_dynamic_global_network_object:
+ name: obj_global
+ tags:
+ - tag1
+ state: present
+
+- name: delete-dynamic-global-network-object
+ cp_mgmt_dynamic_global_network_object:
+ name: obj_global
+ state: absent
+"""
+
+RETURN = """
+cp_mgmt_dynamic_global_network_object:
+ description: The checkpoint object created or updated.
+ returned: always, except when deleting the object.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str', required=True),
+ tags=dict(type='list', elements='str'),
+ color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
+ 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
+ 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
+ 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
+ 'yellow']),
+ comments=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ groups=dict(type='list', elements='str'),
+ ignore_warnings=dict(type='bool'),
+ ignore_errors=dict(type='bool')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_objects)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ api_call_object = 'dynamic-global-network-object'
+
+ result = api_call(module, api_call_object)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_dynamic_global_network_object_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_dynamic_global_network_object_facts.py
new file mode 100644
index 000000000..c850a614a
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_dynamic_global_network_object_facts.py
@@ -0,0 +1,144 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_dynamic_global_network_object_facts
+short_description: Get dynamic-global-network-object objects facts on Checkpoint over Web Services API
+description:
+ - Get dynamic-global-network-object objects facts on Checkpoint devices.
+ - All operations are performed over Web Services API.
+ - This module handles both operations, get a specific object and get several objects,
+ For getting a specific object use the parameter 'name'.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ This parameter is relevant only for getting a specific object.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ filter:
+ description:
+ - Search expression to filter objects by. The provided text should be exactly the same as it would be given in SmartConsole Object Explorer. The
+ logical operators in the expression ('AND', 'OR') should be provided in capital letters. The search involves both a IP search and a textual search in
+ name, comment, tags etc.
+ type: str
+ limit:
+ description:
+ - The maximal number of returned results.
+ This parameter is relevant only for getting few objects.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ This parameter is relevant only for getting few objects.
+ type: int
+ order:
+ description:
+ - Sorts the results by search criteria. Automatically sorts the results by Name, in the ascending order.
+ This parameter is relevant only for getting few objects.
+ type: list
+ elements: dict
+ suboptions:
+ ASC:
+ description:
+ - Sorts results by the given field in ascending order.
+ type: str
+ choices: ['name']
+ DESC:
+ description:
+ - Sorts results by the given field in descending order.
+ type: str
+ choices: ['name']
+ show_membership:
+ description:
+ - Indicates whether to calculate and show "groups" field for every object in reply.
+ type: bool
+ domains_to_process:
+ description:
+ - Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and
+ with ignore-warnings true. Valid values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.
+ type: list
+ elements: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_facts
+"""
+
+EXAMPLES = """
+- name: show-dynamic-global-network-object
+ cp_mgmt_dynamic_global_network_object_facts:
+ name: obj_global
+
+- name: show-dynamic-global-network-objects
+ cp_mgmt_dynamic_global_network_object_facts:
+ details_level: full
+"""
+
+RETURN = """
+ansible_facts:
+ description: The checkpoint object facts.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ filter=dict(type='str'),
+ limit=dict(type='int'),
+ offset=dict(type='int'),
+ order=dict(type='list', elements='dict', options=dict(
+ ASC=dict(type='str', choices=['name']),
+ DESC=dict(type='str', choices=['name'])
+ )),
+ show_membership=dict(type='bool'),
+ domains_to_process=dict(type='list', elements='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_facts)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+
+ api_call_object = "dynamic-global-network-object"
+ api_call_object_plural_version = "dynamic-global-network-objects"
+
+ result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ module.exit_json(ansible_facts=result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_dynamic_object.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_dynamic_object.py
index 1a7ce5fa5..9c5f908be 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_dynamic_object.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_dynamic_object.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -95,31 +97,72 @@ cp_mgmt_dynamic_object:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'dynamic-object'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "dynamic-object"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_dynamic_object_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_dynamic_object_facts.py
index c049e0407..3cec1e3a9 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_dynamic_object_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_dynamic_object_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -99,31 +101,42 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- show_membership=dict(type='bool')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ show_membership=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "dynamic-object"
api_call_object_plural_version = "dynamic-objects"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_exception_group.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_exception_group.py
index 025061d73..d7eda1482 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_exception_group.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_exception_group.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -139,41 +141,96 @@ cp_mgmt_exception_group:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- applied_profile=dict(type='str'),
- applied_threat_rules=dict(type='dict', options=dict(
- add=dict(type='list', elements='dict', options=dict(
- layer=dict(type='str'),
- name=dict(type='str'),
- rule_number=dict(type='str'),
- position=dict(type='str')
- ))
- )),
- apply_on=dict(type='str', choices=['all-threat-rules', 'all-threat-rules-with-specific-profile', 'manually-select-threat-rules']),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ applied_profile=dict(type="str"),
+ applied_threat_rules=dict(
+ type="dict",
+ options=dict(
+ add=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ layer=dict(type="str"),
+ name=dict(type="str"),
+ rule_number=dict(type="str"),
+ position=dict(type="str"),
+ ),
+ )
+ ),
+ ),
+ apply_on=dict(
+ type="str",
+ choices=[
+ "all-threat-rules",
+ "all-threat-rules-with-specific-profile",
+ "manually-select-threat-rules",
+ ],
+ ),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'exception-group'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "exception-group"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_exception_group_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_exception_group_facts.py
index cc88a3ab5..4ac4b11ba 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_exception_group_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_exception_group_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -98,30 +100,41 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- ))
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "exception-group"
api_call_object_plural_version = "exception-groups"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_export_management.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_export_management.py
new file mode 100644
index 000000000..b8e111911
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_export_management.py
@@ -0,0 +1,131 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_export_management
+short_description: Export the primary Security Management Server database or the primary Multi-Domain Server database or the single Domain database and the
+ applicable Check Point configuration.
+description:
+ - Export the primary Security Management Server database or the primary Multi-Domain Server database or the single Domain database and the applicable
+ Check Point configuration.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ file_path:
+ description:
+ - Path in which the exported database file is saved.<br><font color="red">Required only</font> when not using pre-export-verification-only flag.
+ type: str
+ domain_name:
+ description:
+ - Domain name to be exported.<br><font color="red">Required only for</font> exporting a Domain from the Multi-Domain Server or backing up Domain.
+ type: str
+ target_version:
+ description:
+ - Target version.
+ type: str
+ include_logs:
+ description:
+ - Export logs without log indexes.
+ type: bool
+ include_logs_indexes:
+ description:
+ - Export logs with log indexes.
+ type: bool
+ include_endpoint_configuration:
+ description:
+ - Include export of the Endpoint Security Management configuration files.
+ type: bool
+ include_endpoint_database:
+ description:
+ - Include export of the Endpoint Security Management database.
+ type: bool
+ is_domain_backup:
+ description:
+ - If true, the exported Domain will be suitable for import on the same Multi-Domain Server only.
+ type: bool
+ is_smc_to_mds:
+ description:
+ - If true, the exported Security Management Server will be suitable for import on the Multi-Domain Server only.
+ type: bool
+ pre_export_verification_only:
+ description:
+ - If true, only runs the pre-export verifications instead of the full export.
+ type: bool
+ ignore_warnings:
+ description:
+ - Ignoring the verification warnings. By Setting this parameter to 'true' export will not be blocked by warnings.
+ type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: export-management
+ cp_mgmt_export_management:
+ domain_name: domain1
+ file_path: /var/log/domain1_backup.tgz
+ is_domain_backup: true
+"""
+
+RETURN = """
+cp_mgmt_export_management:
+ description: The checkpoint export-management output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ file_path=dict(type='str'),
+ domain_name=dict(type='str',),
+ target_version=dict(type='str'),
+ include_logs=dict(type='bool'),
+ include_logs_indexes=dict(type='bool'),
+ include_endpoint_configuration=dict(type='bool'),
+ include_endpoint_database=dict(type='bool'),
+ is_domain_backup=dict(type='bool'),
+ is_smc_to_mds=dict(type='bool'),
+ pre_export_verification_only=dict(type='bool'),
+ ignore_warnings=dict(type='bool')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "export-management"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_export_smart_task.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_export_smart_task.py
new file mode 100644
index 000000000..e3cc8aee0
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_export_smart_task.py
@@ -0,0 +1,85 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_export_smart_task
+short_description: Export SmartTask to a file.
+description:
+ - Export SmartTask to a file. <br>This command is available only in a Security Management environment or in Multi-Domain environment when logged into
+ local domain.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Name of task to be exported.
+ type: str
+ required: True
+ file_path:
+ description:
+ - Path to the SmartTask file to be exported. <br>Should be the full file path (example, "/home/admin/exported-smart-task.txt)".<br>If no path
+ was inserted the default will be, "/var/log/<task_name>.txt".
+ type: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: export-smart-task
+ cp_mgmt_export_smart_task:
+ name: Validate Session Name Before Publish
+"""
+
+RETURN = """
+cp_mgmt_export_smart_task:
+ description: The checkpoint export-smart-task output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str', required=True),
+ file_path=dict(type='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "export-smart-task"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_get_attachment.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_get_attachment.py
new file mode 100644
index 000000000..452d1cf6f
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_get_attachment.py
@@ -0,0 +1,82 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_get_attachment
+short_description: Retrieves a packet capture or blob data, according to the attributes of a log record.
+description:
+ - Retrieves a packet capture or blob data, according to the attributes of a log record.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ attachment_id:
+ description:
+ - Attachment identifier from a log record.
+ type: str
+ id:
+ description:
+ - Log id from a log record.
+ type: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: get-attachment
+ cp_mgmt_get_attachment:
+ attachment_id: MjY5HlNtYXJ0RGVmZW5zZR5jbj1jcF9tZ210LG89aHVnbzEtYmxvYkFwaS1uZXctdGFrZS0yLmNoZWNrcG9pbnQuY29tLnM2MjdvMx57MHg1OTg4
+"""
+
+RETURN = """
+cp_mgmt_get_attachment:
+ description: The checkpoint get-attachment output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ attachment_id=dict(type='str'),
+ id=dict(type='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "get-attachment"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_get_interfaces.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_get_interfaces.py
new file mode 100644
index 000000000..ad40a78e6
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_get_interfaces.py
@@ -0,0 +1,99 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_get_interfaces
+short_description: Get physical interfaces with or without their topology from a Gaia Security Gateway or Cluster.
+description:
+ - Get physical interfaces with or without their topology from a Gaia Security Gateway or Cluster.
+ - The fetched topology is based on static routes.
+ - SIC must be established in the Security Gateway or Cluster Member object.
+ - Security Gateway or Cluster Members must be up and running.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ target_name:
+ description:
+ - Target name.
+ type: str
+ group_interfaces_by_subnet:
+ description:
+ - Specify whether to group the cluster interfaces by a subnet.
+ Otherwise, group the cluster interfaces by their names.
+ type: bool
+ use_defined_by_routes:
+ description:
+ - Specify whether to configure the topology "Defined by Routes" where applicable.
+ Otherwise, configure the topology to "This Network" as default for internal interfaces.
+ type: bool
+ with_topology:
+ description:
+ - Specify whether to fetch the interfaces with their topology. Otherwise, the Management Server fetches
+ the interfaces without their topology.
+ type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: get-interfaces
+ cp_mgmt_get_interfaces:
+ target_name: gw1
+ with_topology: true
+"""
+
+RETURN = """
+cp_mgmt_get_interfaces:
+ description: The checkpoint get-interfaces output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ target_name=dict(type='str'),
+ group_interfaces_by_subnet=dict(type='bool'),
+ use_defined_by_routes=dict(type='bool'),
+ with_topology=dict(type='bool')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "get-interfaces"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_get_platform.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_get_platform.py
index 21c5fb23b..c15f10cc2 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_get_platform.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_get_platform.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -60,13 +62,15 @@ cp_mgmt_get_platform:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- auto_publish_session=dict(type='bool')
+ name=dict(type="str"), auto_publish_session=dict(type="bool")
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -78,5 +82,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_global_assignment.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_global_assignment.py
index 08bce2b9b..c92404847 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_global_assignment.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_global_assignment.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -105,28 +107,33 @@ cp_mgmt_global_assignment:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- dependent_domain=dict(type='str'),
- global_access_policy=dict(type='str'),
- global_domain=dict(type='str'),
- global_threat_prevention_policy=dict(type='str'),
- manage_protection_actions=dict(type='bool'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ dependent_domain=dict(type="str"),
+ global_access_policy=dict(type="str"),
+ global_domain=dict(type="str"),
+ global_threat_prevention_policy=dict(type="str"),
+ manage_protection_actions=dict(type="bool"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'global-assignment'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "global-assignment"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_global_assignment_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_global_assignment_facts.py
index be5c11788..e12fcbc48 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_global_assignment_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_global_assignment_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -102,31 +104,42 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- dependent_domain=dict(type='str'),
- global_domain=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- ))
+ dependent_domain=dict(type="str"),
+ global_domain=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "global-assignment"
api_call_object_plural_version = "global-assignments"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_group.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_group.py
index fd134ff1a..ca6f2fbd5 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_group.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_group.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -111,33 +113,74 @@ cp_mgmt_group:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- members=dict(type='list', elements='str'),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- groups=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ members=dict(type="list", elements="str"),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ groups=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'group'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "group"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_group_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_group_facts.py
index baa5b2763..99ba466f1 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_group_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_group_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -112,33 +114,44 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- show_as_ranges=dict(type='bool'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- dereference_group_members=dict(type='bool'),
- show_membership=dict(type='bool')
+ name=dict(type="str"),
+ show_as_ranges=dict(type="bool"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ dereference_group_members=dict(type="bool"),
+ show_membership=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "group"
api_call_object_plural_version = "groups"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_group_with_exclusion.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_group_with_exclusion.py
index 8497cd60d..ff9c6c561 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_group_with_exclusion.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_group_with_exclusion.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -115,34 +117,75 @@ cp_mgmt_group_with_exclusion:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- include=dict(type='str'),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- groups=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ include=dict(type="str"),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ groups=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
- argument_spec['except'] = dict(type='str')
+ argument_spec["except"] = dict(type="str")
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'group-with-exclusion'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "group-with-exclusion"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_group_with_exclusion_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_group_with_exclusion_facts.py
index d2443e1cc..fe64b95be 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_group_with_exclusion_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_group_with_exclusion_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -104,31 +106,42 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- show_as_ranges=dict(type='bool'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- ))
+ name=dict(type="str"),
+ show_as_ranges=dict(type="bool"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "group-with-exclusion"
api_call_object_plural_version = "groups-with-exclusion"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_gsn_handover_group.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_gsn_handover_group.py
new file mode 100644
index 000000000..8af0fee77
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_gsn_handover_group.py
@@ -0,0 +1,155 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_gsn_handover_group
+short_description: Manages gsn-handover-group objects on Checkpoint over Web Services API
+description:
+ - Manages gsn-handover-group objects on Checkpoint devices including creating, updating and removing objects.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ type: str
+ required: True
+ enforce_gtp:
+ description:
+ - Enable enforce GTP signal packet rate limit from this group.
+ type: bool
+ gtp_rate:
+ description:
+ - Limit of the GTP rate in PDU/sec.
+ type: int
+ members:
+ description:
+ - Collection of GSN handover group members identified by the name or UID.
+ type: list
+ elements: str
+ tags:
+ description:
+ - Collection of tag identifiers.
+ type: list
+ elements: str
+ color:
+ description:
+ - Color of the object. Should be one of existing colors.
+ type: str
+ choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green',
+ 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon',
+ 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow']
+ comments:
+ description:
+ - Comments string.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ groups:
+ description:
+ - Collection of group identifiers.
+ type: list
+ elements: str
+ ignore_warnings:
+ description:
+ - Apply changes ignoring warnings.
+ type: bool
+ ignore_errors:
+ description:
+ - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+ type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_objects
+"""
+
+EXAMPLES = """
+- name: add-gsn-handover-group
+ cp_mgmt_gsn_handover_group:
+ enforce_gtp: true
+ gtp_rate: 2048
+ members:
+ - All_Internet
+ name: gsnhandovergroup
+ state: present
+
+- name: set-gsn-handover-group
+ cp_mgmt_gsn_handover_group:
+ enforce_gtp: false
+ name: gsnhandovergroup
+ state: present
+
+- name: delete-gsn-handover-group
+ cp_mgmt_gsn_handover_group:
+ name: gsnhandovergroup
+ state: absent
+"""
+
+RETURN = """
+cp_mgmt_gsn_handover_group:
+ description: The checkpoint object created or updated.
+ returned: always, except when deleting the object.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str', required=True),
+ enforce_gtp=dict(type='bool'),
+ gtp_rate=dict(type='int'),
+ members=dict(type='list', elements='str'),
+ tags=dict(type='list', elements='str'),
+ color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
+ 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
+ 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
+ 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
+ 'yellow']),
+ comments=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ groups=dict(type='list', elements='str'),
+ ignore_warnings=dict(type='bool'),
+ ignore_errors=dict(type='bool')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_objects)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ api_call_object = 'gsn-handover-group'
+
+ result = api_call(module, api_call_object)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_gsn_handover_group_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_gsn_handover_group_facts.py
new file mode 100644
index 000000000..0d01bbf15
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_gsn_handover_group_facts.py
@@ -0,0 +1,149 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_gsn_handover_group_facts
+short_description: Get gsn-handover-group objects facts on Checkpoint over Web Services API
+description:
+ - Get gsn-handover-group objects facts on Checkpoint devices.
+ - All operations are performed over Web Services API.
+ - This module handles both operations, get a specific object and get several objects,
+ For getting a specific object use the parameter 'name'.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ This parameter is relevant only for getting a specific object.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ filter:
+ description:
+ - Search expression to filter objects by. The provided text should be exactly the same as it would be given in SmartConsole Object Explorer. The
+ logical operators in the expression ('AND', 'OR') should be provided in capital letters. The search involves both a IP search and a textual search in
+ name, comment, tags etc.
+ type: str
+ limit:
+ description:
+ - The maximal number of returned results.
+ This parameter is relevant only for getting few objects.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ This parameter is relevant only for getting few objects.
+ type: int
+ order:
+ description:
+ - Sorts the results by search criteria. Automatically sorts the results by Name, in the ascending order.
+ This parameter is relevant only for getting few objects.
+ type: list
+ elements: dict
+ suboptions:
+ ASC:
+ description:
+ - Sorts results by the given field in ascending order.
+ type: str
+ choices: ['name']
+ DESC:
+ description:
+ - Sorts results by the given field in descending order.
+ type: str
+ choices: ['name']
+ dereference_group_members:
+ description:
+ - Indicates whether to dereference "members" field by details level for every object in reply.
+ type: bool
+ show_membership:
+ description:
+ - Indicates whether to calculate and show "groups" field for every object in reply.
+ type: bool
+ domains_to_process:
+ description:
+ - Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and
+ with ignore-warnings true. Valid values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.
+ type: list
+ elements: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_facts
+"""
+
+EXAMPLES = """
+- name: show-gsn-handover-group
+ cp_mgmt_gsn_handover_group_facts:
+ name: gsnhandovergroup
+
+- name: show-gsn-handover-groups
+ cp_mgmt_gsn_handover_group_facts:
+ details_level: full
+"""
+
+RETURN = """
+ansible_facts:
+ description: The checkpoint object facts.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ filter=dict(type='str'),
+ limit=dict(type='int'),
+ offset=dict(type='int'),
+ order=dict(type='list', elements='dict', options=dict(
+ ASC=dict(type='str', choices=['name']),
+ DESC=dict(type='str', choices=['name'])
+ )),
+ dereference_group_members=dict(type='bool'),
+ show_membership=dict(type='bool'),
+ domains_to_process=dict(type='list', elements='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_facts)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+
+ api_call_object = "gsn-handover-group"
+ api_call_object_plural_version = "gsn-handover-groups"
+
+ result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ module.exit_json(ansible_facts=result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_ha_full_sync.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_ha_full_sync.py
new file mode 100644
index 000000000..b53c45b42
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_ha_full_sync.py
@@ -0,0 +1,83 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_ha_full_sync
+short_description: Perform full sync from active server to standby peer.
+description:
+ - Perform full sync from active server to standby peer. <br>Run this command from the active server. <br>When performing a full sync on the global
+ domain, use the Multi Domain Server name of the standby global domain.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Peer name (Multi Domain Server, Domain Server or Security Management Server).
+ type: str
+ ignore_errors:
+ description:
+ - Apply changes ignoring errors.
+ type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: ha-full-sync
+ cp_mgmt_ha_full_sync:
+ name: mypeer
+"""
+
+RETURN = """
+cp_mgmt_ha_full_sync:
+ description: The checkpoint ha-full-sync output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ ignore_errors=dict(type='bool')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "ha-full-sync"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_host.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_host.py
index 5ec16c1f7..acceffd16 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_host.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_host.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["deprecated"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -34,6 +36,10 @@ description:
- All operations are performed over Web Services API.
version_added: "1.0.0"
author: "Or Soffer (@chkp-orso)"
+deprecated:
+ alternative: cp_mgmt_hosts
+ why: Newer and updated modules released with more functionality.
+ removed_at_date: '2024-11-01'
options:
name:
description:
@@ -264,75 +270,178 @@ cp_mgmt_host:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- ip_address=dict(type='str'),
- ipv4_address=dict(type='str'),
- ipv6_address=dict(type='str'),
- interfaces=dict(type='list', elements='dict', options=dict(
- name=dict(type='str'),
- subnet=dict(type='str'),
- subnet4=dict(type='str'),
- subnet6=dict(type='str'),
- mask_length=dict(type='int'),
- mask_length4=dict(type='int'),
- mask_length6=dict(type='int'),
- subnet_mask=dict(type='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan',
- 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick',
- 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral',
- 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red',
- 'sienna', 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
- )),
- nat_settings=dict(type='dict', options=dict(
- auto_rule=dict(type='bool'),
- ip_address=dict(type='str'),
- ipv4_address=dict(type='str'),
- ipv6_address=dict(type='str'),
- hide_behind=dict(type='str', choices=['gateway', 'ip-address']),
- install_on=dict(type='str'),
- method=dict(type='str', choices=['hide', 'static'])
- )),
- tags=dict(type='list', elements='str'),
- host_servers=dict(type='dict', options=dict(
- dns_server=dict(type='bool'),
- mail_server=dict(type='bool'),
- web_server=dict(type='bool'),
- web_server_config=dict(type='dict', options=dict(
- additional_ports=dict(type='list', elements='str'),
- application_engines=dict(type='list', elements='str'),
- listen_standard_port=dict(type='bool'),
- operating_system=dict(type='str', choices=['sparc linux', 'windows', 'other', 'x86 linux', 'sparc solaris']),
- protected_by=dict(type='str')
- ))
- )),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- groups=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ ip_address=dict(type="str"),
+ ipv4_address=dict(type="str"),
+ ipv6_address=dict(type="str"),
+ interfaces=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ name=dict(type="str"),
+ subnet=dict(type="str"),
+ subnet4=dict(type="str"),
+ subnet6=dict(type="str"),
+ mask_length=dict(type="int"),
+ mask_length4=dict(type="int"),
+ mask_length6=dict(type="int"),
+ subnet_mask=dict(type="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(
+ type="str", choices=["uid", "standard", "full"]
+ ),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
+ ),
+ ),
+ nat_settings=dict(
+ type="dict",
+ options=dict(
+ auto_rule=dict(type="bool"),
+ ip_address=dict(type="str"),
+ ipv4_address=dict(type="str"),
+ ipv6_address=dict(type="str"),
+ hide_behind=dict(
+ type="str", choices=["gateway", "ip-address"]
+ ),
+ install_on=dict(type="str"),
+ method=dict(type="str", choices=["hide", "static"]),
+ ),
+ ),
+ tags=dict(type="list", elements="str"),
+ host_servers=dict(
+ type="dict",
+ options=dict(
+ dns_server=dict(type="bool"),
+ mail_server=dict(type="bool"),
+ web_server=dict(type="bool"),
+ web_server_config=dict(
+ type="dict",
+ options=dict(
+ additional_ports=dict(type="list", elements="str"),
+ application_engines=dict(type="list", elements="str"),
+ listen_standard_port=dict(type="bool"),
+ operating_system=dict(
+ type="str",
+ choices=[
+ "sparc linux",
+ "windows",
+ "other",
+ "x86 linux",
+ "sparc solaris",
+ ],
+ ),
+ protected_by=dict(type="str"),
+ ),
+ ),
+ ),
+ ),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ groups=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'host'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "host"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_host_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_host_facts.py
index 597b817f6..fc54164d2 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_host_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_host_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -102,31 +104,42 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- show_membership=dict(type='bool')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ show_membership=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "host"
api_call_object_plural_version = "hosts"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_hosts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_hosts.py
new file mode 100644
index 000000000..61d0ae53e
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_hosts.py
@@ -0,0 +1,581 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+# Copyright 2022 Red Hat
+# GNU General Public License v3.0+
+# (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+
+"""
+The module file for cp_mgmt_hosts
+"""
+
+from __future__ import absolute_import, division, print_function
+
+__metaclass__ = type
+
+DOCUMENTATION = """
+module: cp_mgmt_hosts
+short_description: Manages HOSTS resource module
+description:
+ - This resource module allows for addition, deletion, or modification of CP MGMT Hosts.
+ - This resource module also takes care of gathering Hosts config facts
+version_added: "5.0.0"
+author: Ansible Security Automation Team (@justjais) <https://github.com/ansible-security>-
+options:
+ config:
+ description: A dictionary of HOSTS options
+ type: dict
+ suboptions:
+ name:
+ description: Object name. Must be unique in the domain.
+ type: str
+ ip_address:
+ description: IPv4 or IPv6 address. If both addresses are required use ipv4-address
+ and ipv6-address fields explicitly.
+ type: str
+ ipv4_address:
+ description: IPv4 address.
+ type: str
+ ipv6_address:
+ description: IPv4 address.
+ type: str
+ interfaces:
+ description: Host interfaces.
+ type: list
+ elements: dict
+ suboptions:
+ name:
+ description:
+ - Interface name.
+ type: str
+ subnet:
+ description:
+ - IPv4 or IPv6 network address.
+ - If both addresses are required use subnet4 and subnet6 fields explicitly.
+ type: str
+ subnet4:
+ description:
+ - IPv4 network address.
+ type: str
+ subnet6:
+ description:
+ - IPv6 network address.
+ type: str
+ mask_length:
+ description:
+ - IPv4 or IPv6 network mask length. If both masks are required use mask-length4 and
+ mask-length6 fields explicitly.
+ - Instead of IPv4 mask length it is possible to specify IPv4 mask itself in subnet-mask field.
+ type: int
+ mask_length4:
+ description:
+ - IPv4 network mask length.
+ type: int
+ mask_length6:
+ description:
+ - IPv6 network mask length.
+ type: int
+ subnet_mask:
+ description:
+ - IPv4 network mask.
+ type: str
+ color:
+ description:
+ - Color of the object. Should be one of existing colors.
+ type: str
+ choices:
+ - 'aquamarine'
+ - 'black'
+ - 'blue'
+ - 'crete blue'
+ - 'burlywood'
+ - 'cyan'
+ - 'dark green'
+ - 'khaki'
+ - 'orchid'
+ - 'dark orange'
+ - 'dark sea green'
+ - 'pink'
+ - 'turquoise'
+ - 'dark blue'
+ - 'firebrick'
+ - 'brown'
+ - 'forest green'
+ - 'gold'
+ - 'dark gold'
+ - 'gray'
+ - 'dark gray'
+ - 'light green'
+ - 'lemon chiffon'
+ - 'coral'
+ - 'sea green'
+ - 'sky blue'
+ - 'magenta'
+ - 'purple'
+ - 'slate blue'
+ - 'violet red'
+ - 'navy blue'
+ - 'olive'
+ - 'orange'
+ - 'red'
+ - 'sienna'
+ - 'yellow'
+ comments:
+ description:
+ - Comments string.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing
+ only the UID value of the object to a fully detailed representation of the object.
+ type: str
+ choices:
+ - 'uid'
+ - 'standard'
+ - 'full'
+ ignore_warnings:
+ description:
+ - Apply changes ignoring warnings.
+ type: bool
+ ignore_errors:
+ description:
+ - Apply changes ignoring errors. You won't be able to publish such a changes.
+ - If ignore-warnings flag was omitted - warnings will also be ignored.
+ type: bool
+ nat_settings:
+ description: NAT settings.
+ type: dict
+ suboptions:
+ auto_rule:
+ description:
+ - Whether to add automatic address translation rules.
+ type: bool
+ ip_address:
+ description:
+ - IPv4 or IPv6 address. If both addresses are required use ipv4-address and ipv6-address fields explicitly.
+ - This parameter is not required in case "method" parameter is "hide" and "hide-behind" parameter is "gateway".
+ type: str
+ ipv4_address:
+ description:
+ - IPv4 address.
+ type: str
+ ipv6_address:
+ description:
+ - IPv6 address.
+ type: str
+ hide_behind:
+ description:
+ - Hide behind method. This parameter is not required in case "method" parameter is "static".
+ type: str
+ choices:
+ - 'gateway'
+ - 'ip-address'
+ install_on:
+ description:
+ - Which gateway should apply the NAT translation.
+ type: str
+ method:
+ description:
+ - NAT translation method.
+ type: str
+ choices:
+ - 'hide'
+ - 'static'
+ tags:
+ description: Collection of tag identifiers.
+ type: list
+ elements: str
+ host_servers:
+ description: Servers Configuration.
+ type: dict
+ suboptions:
+ dns_server:
+ description: Gets True if this server is a DNS Server.
+ type: bool
+ mail_server:
+ description: Gets True if this server is a Mail Server.
+ type: bool
+ web_server:
+ description: Gets True if this server is a Web Server.
+ type: bool
+ web_server_config:
+ description: Web Server configuration.
+ type: dict
+ suboptions:
+ additional_ports:
+ description:
+ - Server additional ports.
+ type: list
+ elements: str
+ application_engines:
+ description:
+ - Application engines of this web server.
+ type: list
+ elements: str
+ listen_standard_port:
+ description:
+ - Whether server listens to standard port.
+ type: bool
+ operating_system:
+ description:
+ - Operating System.
+ type: str
+ choices:
+ - 'sparc linux'
+ - 'windows'
+ - 'other'
+ - 'x86 linux'
+ - 'sparc solaris'
+ protected_by:
+ description:
+ - Network object which protects this server identified by the name or UID.
+ type: str
+ color:
+ description: Color of the object. Should be one of existing colors.
+ type: str
+ choices:
+ - aquamarine
+ - black
+ - blue
+ - crete blue
+ - burlywood
+ - cyan
+ - dark green
+ - khaki
+ - orchid
+ - dark orange
+ - dark sea green
+ - pink
+ - turquoise
+ - dark blue
+ - firebrick
+ - brown
+ - forest green
+ - gold
+ - dark gold
+ - gray
+ - dark gray
+ - light green
+ - lemon chiffon
+ - coral
+ - sea green
+ - sky blue
+ - magenta
+ - purple
+ - slate blue
+ - violet red
+ - navy blue
+ - olive
+ - orange
+ - red
+ - sienna
+ - yellow
+ comments:
+ description: Comments string.
+ type: str
+ details_level:
+ description: The level of detail for some of the fields in the response can
+ vary from showing only the UID value of the object to a fully detailed representation
+ of the object.
+ type: str
+ choices:
+ - uid
+ - standard
+ - full
+ groups:
+ description: Collection of group identifiers.
+ type: list
+ elements: str
+ ignore_warnings:
+ description: Apply changes ignoring warnings.
+ type: bool
+ ignore_errors:
+ description: Apply changes ignoring errors. You won't be able to publish such
+ a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+ type: bool
+ limit:
+ description:
+ - The maximal number of returned results.
+ - NOTE, this parameter is a valid parameter only for the GATHERED state, for config states
+ like, MERGED, REPLACED, and DELETED state it won't be applicable.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ - NOTE, this parameter is a valid parameter only for the GATHERED state, for config states
+ like, MERGED, REPLACED, and DELETED state it won't be applicable.
+ type: int
+ order:
+ description:
+ - Sorts results by the given field. By default the results are sorted in the ascending order by name.
+ This parameter is relevant only for getting few objects.
+ - NOTE, this parameter is a valid parameter only for the GATHERED state, for config states
+ like, MERGED, REPLACED, and DELETED state it won't be applicable.
+ type: list
+ elements: dict
+ suboptions:
+ ASC:
+ description:
+ - Sorts results by the given field in ascending order.
+ type: str
+ DESC:
+ description:
+ - Sorts results by the given field in descending order.
+ type: str
+ round_trip:
+ description:
+ - If set to True, the round trip will filter out the module parameters from the response param,
+ which will enable the user to fire the config request using the structured gathered data.
+ - NOTE, this parameter makes relevance only with the GATHERED state, as for config states like,
+ MERGED, REPLACED, and DELETED state it won't make any config updates,
+ as it's not a module config parameter.
+ type: bool
+ auto_publish_session:
+ description:
+ - Publish the current session if changes have been performed
+ after task completes.
+ type: bool
+ version:
+ description:
+ - Version of checkpoint. If not given one, the latest version taken.
+ type: str
+ state:
+ description:
+ - The state the configuration should be left in
+ - The state I(gathered) will get the module API configuration from the device
+ and transform it into structured data in the format as per the module argspec
+ and the value is returned in the I(gathered) key within the result.
+ type: str
+ choices:
+ - merged
+ - replaced
+ - gathered
+ - deleted
+"""
+
+EXAMPLES = """
+
+# Using MERGED state
+# -------------------
+
+- name: Merge MGMT Hosts config
+ cp_mgmt_hosts:
+ state: merged
+ config:
+ color: cyan
+ ip_address: 192.0.2.1
+ name: New Host 1
+ auto_publish_session: true
+ tags:
+ - New Host
+ round_trip: true
+
+# RUN output:
+# -----------
+
+# mgmt_hosts:
+# after:
+# color: cyan
+# comments: ''
+# groups: []
+# icon: Objects/host
+# interfaces: []
+# ipv4-address: 192.0.2.1
+# name: New Host 1
+# nat_settings: {}
+# tags:
+# - New Host
+# before: {}
+
+# Using REPLACED state
+# --------------------
+
+- name: Replace MGMT Host config
+ cp_mgmt_hosts:
+ state: replaced
+ config:
+ name: New Host 1
+ tags:
+ - New Replaced Host
+ color: aquamarine
+ ip_address: 198.51.110.0
+ comments: REPLACED description
+ ignore_warnings: true
+ ignore_errors: false
+ auto_publish_session: true
+ round_trip: true
+
+# RUN output:
+# -----------
+
+# mgmt_hosts:
+# after:
+# color: aquamarine
+# comments: REPLACED description
+# groups: []
+# icon: Objects/host
+# interfaces: []
+# ipv4-address: 198.51.110.0
+# name: New Host 1
+# nat_settings: {}
+# tags:
+# - New Replaced Host
+# before:
+# color: cyan
+# comments: ''
+# groups: []
+# icon: Objects/host
+# interfaces: []
+# ipv4-address: 192.0.2.1
+# name: New Host 1
+# nat_settings: {}
+# tags:
+# - New Host
+
+# Using GATHERED state
+# --------------------
+
+# 1. With Round Trip set to True
+
+- name: Gather MGMT Host config by Name
+ cp_mgmt_hosts:
+ state: gathered
+ config:
+ name: New Host 1
+
+# RUN output:
+# -----------
+
+# gathered:
+# color: cyan
+# comments: REPLACED description
+# domain: SMC User
+# groups: []
+# icon: Objects/host
+# interfaces: []
+# ipv4-address: 192.0.2.1
+# name: New Host 1
+# nat_settings: {}
+# read-only: false
+# tags:
+# - New Host
+# uid: 63b868bb-d300-47f4-b97a-c465a56fe9c7
+
+# 2. With Round Trip set to False which is the default behaviour
+
+- name: Gather MGMT Host config by Name
+ cp_mgmt_hosts:
+ state: gathered
+ config:
+ name: New Host 1
+
+# RUN output:
+# -----------
+
+# gathered:
+# color: cyan
+# comments: ''
+# domain:
+# domain-type: domain
+# name: SMC User
+# uid: 41e821a0-3720-11e3-aa6e-0800200c9fde
+# groups: []
+# icon: Objects/host
+# interfaces: []
+# ipv4-address: 192.0.2.1
+# meta-info:
+# creation-time:
+# iso-8601: 2022-11-21T08:31+0000
+# posix: 1669019480328
+# creator: admin
+# last-modifier: admin
+# last-modify-time:
+# iso-8601: 2022-11-21T08:31+0000
+# posix: 1669019480328
+# lock: unlocked
+# validation-state: ok
+# name: New Host 1
+# nat_settings: {}
+# read-only: false
+# tags:
+# - domain:
+# domain-type: domain
+# name: SMC User
+# uid: 41e821a0-3720-11e3-aa6e-0800200c9fde
+# name: New Host
+# type: tag
+# uid: 94d53896-3cee-4e1f-a83b-3abac80bf512
+# type: host
+# uid: 8f23a44b-d9d2-4242-8a9e-2a4cbb6723ff
+
+# 3. Gather ALL threat-layer config with DESC order filter
+
+- name: Gather All hosts on the MGMT instance
+ cp_mgmt_hosts:
+ config:
+ details_level: full
+ state: gathered
+
+# RUN output:
+# -----------
+
+# gathered:
+# - domain:
+# domain-type: domain
+# name: SMC User
+# uid: 41e821a0-3720-11e3-aa6e-0800200c9fde
+# ipv4-address: 192.0.2.1
+# name: New Host 1
+# type: host
+# uid: 8f23a44b-d9d2-4242-8a9e-2a4cbb6723ff
+
+# Using DELETED state
+# -------------------
+
+- name: Delete MGMT Host config by Name
+ cp_mgmt_hosts:
+ state: deleted
+ config:
+ name: New Host 1
+ round_trip: true
+
+# RUN output:
+# -----------
+
+# mgmt_hosts:
+# after: {}
+# before:
+# color: cyan
+# comments: REPLACED description
+# groups: []
+# icon: Objects/host
+# interfaces: []
+# ipv4-address: 192.0.2.1
+# name: New Host 1
+# nat_settings: {}
+# tags:
+# - New Host
+"""
+
+RETURN = """
+before:
+ description: The configuration prior to the module execution.
+ returned: when state is I(merged), I(replaced), I(deleted)
+ type: dict
+ sample: >
+ This output will always be in the same format as the
+ module argspec.
+after:
+ description: The resulting configuration after module execution.
+ returned: when changed
+ type: dict
+ sample: >
+ This output will always be in the same format as the
+ module argspec.
+gathered:
+ description: Facts about the network resource gathered from the remote device as structured data.
+ returned: when state is I(gathered)
+ type: dict
+ sample: >
+ This output will always be in the same format as the
+ module argspec.
+"""
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_https_layer.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_https_layer.py
new file mode 100644
index 000000000..697a922c1
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_https_layer.py
@@ -0,0 +1,134 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_https_layer
+short_description: Manages https-layer objects on Checkpoint over Web Services API
+description:
+ - Manages https-layer objects on Checkpoint devices including creating, updating and removing objects.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ type: str
+ required: True
+ shared:
+ description:
+ - Define the Layer as Shared (TRUE/FALSE).
+ type: bool
+ tags:
+ description:
+ - Collection of tag identifiers.
+ type: list
+ elements: str
+ color:
+ description:
+ - Color of the object. Should be one of existing colors.
+ type: str
+ choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green',
+ 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon',
+ 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow']
+ comments:
+ description:
+ - Comments string.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ ignore_warnings:
+ description:
+ - Apply changes ignoring warnings.
+ type: bool
+ ignore_errors:
+ description:
+ - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+ type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_objects
+"""
+
+EXAMPLES = """
+- name: add-https-layer
+ cp_mgmt_https_layer:
+ name: New Layer 1
+ state: present
+
+- name: set-https-layer
+ cp_mgmt_https_layer:
+ name: New Layer 1
+ shared: true
+ state: present
+
+- name: delete-https-layer
+ cp_mgmt_https_layer:
+ name: New Layer 2
+ state: absent
+"""
+
+RETURN = """
+cp_mgmt_https_layer:
+ description: The checkpoint object created or updated.
+ returned: always, except when deleting the object.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str', required=True),
+ shared=dict(type='bool'),
+ tags=dict(type='list', elements="str"),
+ color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
+ 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
+ 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
+ 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
+ 'yellow']),
+ comments=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ ignore_warnings=dict(type='bool'),
+ ignore_errors=dict(type='bool')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_objects)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ api_call_object = 'https-layer'
+
+ result = api_call(module, api_call_object)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_https_layer_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_https_layer_facts.py
new file mode 100644
index 000000000..0b74766c3
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_https_layer_facts.py
@@ -0,0 +1,141 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_https_layer_facts
+short_description: Get https-layer objects facts on Checkpoint over Web Services API
+description:
+ - Get https-layer objects facts on Checkpoint devices.
+ - All operations are performed over Web Services API.
+ - This module handles both operations, get a specific object and get several objects,
+ For getting a specific object use the parameter 'name'.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ This parameter is relevant only for getting a specific object.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ filter:
+ description:
+ - Search expression to filter objects by. The provided text should be exactly the same as it would be given in SmartConsole Object Explorer. The
+ logical operators in the expression ('AND', 'OR') should be provided in capital letters. The search involves both a IP search and a textual search in
+ name, comment, tags etc.
+ type: str
+ limit:
+ description:
+ - The maximal number of returned results.
+ This parameter is relevant only for getting few objects.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ This parameter is relevant only for getting few objects.
+ type: int
+ order:
+ description:
+ - Sorts the results by search criteria. Automatically sorts the results by Name, in the ascending order.
+ This parameter is relevant only for getting few objects.
+ type: list
+ elements: dict
+ suboptions:
+ ASC:
+ description:
+ - Sorts results by the given field in ascending order.
+ type: str
+ choices: ['name']
+ DESC:
+ description:
+ - Sorts results by the given field in descending order.
+ type: str
+ choices: ['name']
+ domains_to_process:
+ description:
+ - Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and
+ with ignore-warnings true. Valid values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.
+ type: list
+ elements: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_facts
+"""
+
+EXAMPLES = """
+- name: show-https-layer
+ cp_mgmt_https_layer_facts:
+ name: New Layer 1
+
+- name: show-https-layers
+ cp_mgmt_https_layer_facts:
+ details_level: standard
+ limit: 50
+ offset: 0
+"""
+
+RETURN = """
+ansible_facts:
+ description: The checkpoint object facts.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ filter=dict(type='str'),
+ limit=dict(type='int'),
+ offset=dict(type='int'),
+ order=dict(type='list', elements="dict", options=dict(
+ ASC=dict(type='str', choices=['name']),
+ DESC=dict(type='str', choices=['name'])
+ )),
+ domains_to_process=dict(type='list', elements="str")
+ )
+ argument_spec.update(checkpoint_argument_spec_for_facts)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+
+ api_call_object = "https-layer"
+ api_call_object_plural_version = "https-layers"
+
+ result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ module.exit_json(ansible_facts=result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_https_section.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_https_section.py
index aba2a6a89..bdc3f3ff5 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_https_section.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_https_section.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -94,26 +96,31 @@ cp_mgmt_https_section:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- layer=dict(type='str'),
- position=dict(type='str'),
- name=dict(type='str', required=True),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ layer=dict(type="str"),
+ position=dict(type="str"),
+ name=dict(type="str", required=True),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'https-section'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "https-section"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_identity_tag.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_identity_tag.py
index 782375d67..b0f45a656 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_identity_tag.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_identity_tag.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -104,32 +106,73 @@ cp_mgmt_identity_tag:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- external_identifier=dict(type='str'),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ external_identifier=dict(type="str"),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'identity-tag'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "identity-tag"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_identity_tag_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_identity_tag_facts.py
index 07618264b..107d6cceb 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_identity_tag_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_identity_tag_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -108,32 +110,43 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- filter=dict(type='str'),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- domains_to_process=dict(type='list', elements='str')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ filter=dict(type="str"),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ domains_to_process=dict(type="list", elements="str"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "identity-tag"
api_call_object_plural_version = "identity-tags"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_idp_administrator_group.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_idp_administrator_group.py
index ec08c8f3b..788111440 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_idp_administrator_group.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_idp_administrator_group.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -124,37 +126,79 @@ cp_mgmt_idp_administrator_group:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- group_id=dict(type='str'),
- multi_domain_profile=dict(type='str'),
- permissions_profile=dict(type='list', elements='dict', options=dict(
- domain=dict(type='str'),
- profile=dict(type='str')
- )),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ group_id=dict(type="str"),
+ multi_domain_profile=dict(type="str"),
+ permissions_profile=dict(
+ type="list",
+ elements="dict",
+ options=dict(domain=dict(type="str"), profile=dict(type="str")),
+ ),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'idp-administrator-group'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "idp-administrator-group"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_idp_administrator_group_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_idp_administrator_group_facts.py
index bbe358d71..7df43f693 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_idp_administrator_group_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_idp_administrator_group_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -107,32 +109,43 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- filter=dict(type='str'),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- domains_to_process=dict(type='list', elements='str')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ filter=dict(type="str"),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ domains_to_process=dict(type="list", elements="str"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "idp-administrator-group"
api_call_object_plural_version = "idp-administrator-groups"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_idp_to_domain_assignment_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_idp_to_domain_assignment_facts.py
index 41f30a52e..a1fb64a98 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_idp_to_domain_assignment_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_idp_to_domain_assignment_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -95,30 +97,41 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- assigned_domain=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- ))
+ assigned_domain=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "idp-to-domain-assignment"
api_call_object_plural_version = "idp-to-domain-assignments"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_import_management.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_import_management.py
new file mode 100644
index 000000000..fbc45a1b6
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_import_management.py
@@ -0,0 +1,139 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_import_management
+short_description: Import the primary Security Management Server database or the primary Multi-Domain Server database or the single Domain database and the
+ applicable Check Point configuration.
+description:
+ - Import the primary Security Management Server database or the primary Multi-Domain Server database or the single Domain database and the applicable
+ Check Point configuration. <br/>After the import starts, the session expires and you must login again.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ file_path:
+ description:
+ - Path to the exported database file to be imported.
+ type: str
+ required: True
+ domain_name:
+ description:
+ - Domain name to be imported. Must be unique in the Multi-Domain Server.<br><font color="red">Required only for</font> importing the Security
+ Management Server into the Multi-Domain Server.
+ type: str
+ domain_ip_address:
+ description:
+ - IPv4 address for the imported Domain.<br><font color="red">Required only for</font> importing the Security Management Server into the
+ Multi-Domain Server.
+ type: str
+ domain_server_name:
+ description:
+ - Multi-Domain Server name for the imported Domain.<br><font color="red">Required only for</font> importing the Security Management Server into
+ the Multi-Domain Server.
+ type: str
+ include_logs:
+ description:
+ - Import logs without log indexes.
+ type: bool
+ include_logs_indexes:
+ description:
+ - Import logs with log indexes.
+ type: bool
+ keep_cloud_sharing:
+ description:
+ - Preserve the connection of the Management Server to Check Point's Infinity Portal.<br>Use this flag after ensuring that the original
+ Management Server does not communicate with Infinity Portal.<br>Note, resuming the connection is also possible after import with set-cloud-services.
+ type: bool
+ include_endpoint_configuration:
+ description:
+ - Include import of the Endpoint Security Management configuration files.
+ type: bool
+ include_endpoint_database:
+ description:
+ - Include import of the Endpoint Security Management database.
+ type: bool
+ verify_domain_restore:
+ description:
+ - If true, verify that the restore operation is valid for this input file and this environment. <br>Note, Restore operation will not be executed.
+ type: bool
+ pre_import_verification_only:
+ description:
+ - If true, only runs the pre-import verifications instead of the full import.
+ type: bool
+ ignore_warnings:
+ description:
+ - Ignoring the verification warnings. By Setting this parameter to 'true' import will not be blocked by warnings.
+ type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: import-management
+ cp_mgmt_import_management:
+ file_path: /var/log/domain1_exported.tgz
+"""
+
+RETURN = """
+cp_mgmt_import_management:
+ description: The checkpoint import-management output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ file_path=dict(type='str', required=True),
+ domain_name=dict(type='str'),
+ domain_ip_address=dict(type='str'),
+ domain_server_name=dict(type='str'),
+ include_logs=dict(type='bool'),
+ include_logs_indexes=dict(type='bool'),
+ keep_cloud_sharing=dict(type='bool'),
+ include_endpoint_configuration=dict(type='bool'),
+ include_endpoint_database=dict(type='bool'),
+ verify_domain_restore=dict(type='bool'),
+ pre_import_verification_only=dict(type='bool'),
+ ignore_warnings=dict(type='bool')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "import-management"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_import_smart_task.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_import_smart_task.py
new file mode 100644
index 000000000..712a8bdfd
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_import_smart_task.py
@@ -0,0 +1,79 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_import_smart_task
+short_description: Import SmartTask from a file.
+description:
+ - Import SmartTask from a file. <br>This command is available only in a Security Management environment or in Multi-Domain environment when logged into
+ local domain.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ file_path:
+ description:
+ - Path to the SmartTask file to be imported. <br>Should be the full file path (example, "/home/admin/exported-smart-task.txt").
+ type: str
+ required: True
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: import-smart-task
+ cp_mgmt_import_smart_task:
+ file_path: /home/admin/smart-task.txt
+"""
+
+RETURN = """
+cp_mgmt_import_smart_task:
+ description: The checkpoint import-smart-task output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ file_path=dict(type='str', required=True)
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "import-smart-task"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_install_database.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_install_database.py
index aba149118..e256c7063 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_install_database.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_install_database.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -59,13 +61,14 @@ cp_mgmt_install_database:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
- argument_spec = dict(
- targets=dict(type='list', elements='str')
- )
+ argument_spec = dict(targets=dict(type="list", elements="str"))
argument_spec.update(checkpoint_argument_spec_for_commands)
module = AnsibleModule(argument_spec=argument_spec)
@@ -76,5 +79,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_install_lsm_policy.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_install_lsm_policy.py
index 60cc030dd..bc04c467e 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_install_lsm_policy.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_install_lsm_policy.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -59,13 +61,14 @@ cp_mgmt_install_lsm_policy:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
- argument_spec = dict(
- targets=dict(type='list', elements='str')
- )
+ argument_spec = dict(targets=dict(type="list", elements="str"))
argument_spec.update(checkpoint_argument_spec_for_commands)
module = AnsibleModule(argument_spec=argument_spec)
@@ -76,5 +79,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_install_lsm_settings.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_install_lsm_settings.py
index 53fba12d1..b3fd2e4f5 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_install_lsm_settings.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_install_lsm_settings.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -59,13 +61,14 @@ cp_mgmt_install_lsm_settings:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
- argument_spec = dict(
- targets=dict(type='list', elements='str')
- )
+ argument_spec = dict(targets=dict(type="list", elements="str"))
argument_spec.update(checkpoint_argument_spec_for_commands)
module = AnsibleModule(argument_spec=argument_spec)
@@ -76,5 +79,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_install_policy.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_install_policy.py
index 4a14111d2..56c70b5ad 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_install_policy.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_install_policy.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -98,20 +100,23 @@ cp_mgmt_install_policy:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- policy_package=dict(type='str'),
- targets=dict(type='list', elements='str'),
- access=dict(type='bool'),
- desktop_security=dict(type='bool'),
- qos=dict(type='bool'),
- threat_prevention=dict(type='bool'),
- install_on_all_cluster_members_or_fail=dict(type='bool'),
- prepare_only=dict(type='bool'),
- revision=dict(type='str')
+ policy_package=dict(type="str"),
+ targets=dict(type="list", elements="str"),
+ access=dict(type="bool"),
+ desktop_security=dict(type="bool"),
+ qos=dict(type="bool"),
+ threat_prevention=dict(type="bool"),
+ install_on_all_cluster_members_or_fail=dict(type="bool"),
+ prepare_only=dict(type="bool"),
+ revision=dict(type="str"),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -123,5 +128,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_install_software_package.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_install_software_package.py
index 3a967e6cb..93bc9f371 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_install_software_package.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_install_software_package.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -92,20 +94,28 @@ cp_mgmt_install_software_package:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- targets=dict(type='list', elements='str'),
- cluster_installation_settings=dict(type='dict', options=dict(
- cluster_delay=dict(type='int'),
- cluster_strategy=dict(type='str')
- )),
- concurrency_limit=dict(type='int'),
- method=dict(type='str', choices=['install', 'upgrade']),
- package_location=dict(type='str', choices=['automatic', 'target-machine', 'central'])
+ name=dict(type="str"),
+ targets=dict(type="list", elements="str"),
+ cluster_installation_settings=dict(
+ type="dict",
+ options=dict(
+ cluster_delay=dict(type="int"),
+ cluster_strategy=dict(type="str"),
+ ),
+ ),
+ concurrency_limit=dict(type="int"),
+ method=dict(type="str", choices=["install", "upgrade"]),
+ package_location=dict(
+ type="str", choices=["automatic", "target-machine", "central"]
+ ),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -117,5 +127,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_interoperable_device.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_interoperable_device.py
index 9416e810e..cd3fd2636 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_interoperable_device.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_interoperable_device.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -249,71 +251,169 @@ cp_mgmt_interoperable_device:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- ip_address=dict(type='str'),
- ipv4_address=dict(type='str'),
- ipv6_address=dict(type='str'),
- interfaces=dict(type='list', elements='dict', options=dict(
- name=dict(type='str'),
- ip_address=dict(type='str'),
- ipv4_address=dict(type='str'),
- ipv6_address=dict(type='str'),
- network_mask=dict(type='str'),
- ipv4_network_mask=dict(type='str'),
- ipv6_network_mask=dict(type='str'),
- mask_length=dict(type='str'),
- ipv4_mask_length=dict(type='str'),
- ipv6_mask_length=dict(type='str'),
- tags=dict(type='list', elements='str'),
- topology=dict(type='str', choices=['external', 'internal']),
- topology_settings=dict(type='dict', options=dict(
- interface_leads_to_dmz=dict(type='bool'),
- ip_address_behind_this_interface=dict(type='str', choices=['not defined', 'network defined by the interface ip and net mask',
- 'network defined by routing', 'specific']),
- specific_network=dict(type='str')
- )),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan',
- 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick',
- 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral',
- 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red',
- 'sienna', 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- domains_to_process=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
- )),
- vpn_settings=dict(type='dict', options=dict(
- vpn_domain=dict(type='str'),
- vpn_domain_exclude_external_ip_addresses=dict(type='bool'),
- vpn_domain_type=dict(type='str', choices=['manual', 'addresses_behind_gw'])
- )),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- domains_to_process=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- groups=dict(type='list', elements='str'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ ip_address=dict(type="str"),
+ ipv4_address=dict(type="str"),
+ ipv6_address=dict(type="str"),
+ interfaces=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ name=dict(type="str"),
+ ip_address=dict(type="str"),
+ ipv4_address=dict(type="str"),
+ ipv6_address=dict(type="str"),
+ network_mask=dict(type="str"),
+ ipv4_network_mask=dict(type="str"),
+ ipv6_network_mask=dict(type="str"),
+ mask_length=dict(type="str"),
+ ipv4_mask_length=dict(type="str"),
+ ipv6_mask_length=dict(type="str"),
+ tags=dict(type="list", elements="str"),
+ topology=dict(type="str", choices=["external", "internal"]),
+ topology_settings=dict(
+ type="dict",
+ options=dict(
+ interface_leads_to_dmz=dict(type="bool"),
+ ip_address_behind_this_interface=dict(
+ type="str",
+ choices=[
+ "not defined",
+ "network defined by the interface ip and net mask",
+ "network defined by routing",
+ "specific",
+ ],
+ ),
+ specific_network=dict(type="str"),
+ ),
+ ),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(
+ type="str", choices=["uid", "standard", "full"]
+ ),
+ domains_to_process=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
+ ),
+ ),
+ vpn_settings=dict(
+ type="dict",
+ options=dict(
+ vpn_domain=dict(type="str"),
+ vpn_domain_exclude_external_ip_addresses=dict(type="bool"),
+ vpn_domain_type=dict(
+ type="str", choices=["manual", "addresses_behind_gw"]
+ ),
+ ),
+ ),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ domains_to_process=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ groups=dict(type="list", elements="str"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'interoperable-device'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "interoperable-device"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_interoperable_device_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_interoperable_device_facts.py
index bbc70da9d..595e52ebe 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_interoperable_device_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_interoperable_device_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -107,32 +109,43 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- filter=dict(type='str'),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- domains_to_process=dict(type='list', elements='str')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ filter=dict(type="str"),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ domains_to_process=dict(type="list", elements="str"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "interoperable-device"
api_call_object_plural_version = "interoperable-devices"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_ips_protection_extended_attribute_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_ips_protection_extended_attribute_facts.py
new file mode 100644
index 000000000..de8103d69
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_ips_protection_extended_attribute_facts.py
@@ -0,0 +1,131 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_ips_protection_extended_attribute_facts
+short_description: Get ips-protection-extended-attribute objects facts on Checkpoint over Web Services API
+description:
+ - Get ips-protection-extended-attribute objects facts on Checkpoint devices.
+ - All operations are performed over Web Services API.
+ - This module handles both operations, get a specific object and get several objects,
+ For getting a specific object use the parameter 'name'.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ This parameter is relevant only for getting a specific object.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ filter:
+ description:
+ - Search expression to filter objects by. The provided text should be exactly the same as it would be given in SmartConsole Object Explorer. The
+ logical operators in the expression ('AND', 'OR') should be provided in capital letters. The search involves both a IP search and a textual search in
+ name, comment, tags etc.
+ type: str
+ limit:
+ description:
+ - The maximal number of returned results.
+ This parameter is relevant only for getting few objects.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ This parameter is relevant only for getting few objects.
+ type: int
+ order:
+ description:
+ - Sorts the results by search criteria. Automatically sorts the results by Name, in the ascending order.
+ This parameter is relevant only for getting few objects.
+ type: list
+ elements: dict
+ suboptions:
+ ASC:
+ description:
+ - Sorts results by the given field in ascending order.
+ type: str
+ choices: ['name']
+ DESC:
+ description:
+ - Sorts results by the given field in descending order.
+ type: str
+ choices: ['name']
+extends_documentation_fragment: check_point.mgmt.checkpoint_facts
+"""
+
+EXAMPLES = """
+- name: show-ips-protection-extended-attribute
+ cp_mgmt_ips_protection_extended_attribute_facts:
+ name: Vulnerability Effect
+
+- name: show-ips-protection-extended-attributes
+ cp_mgmt_ips_protection_extended_attribute_facts:
+"""
+
+RETURN = """
+ansible_facts:
+ description: The checkpoint object facts.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ filter=dict(type='str'),
+ limit=dict(type='int'),
+ offset=dict(type='int'),
+ order=dict(type='list', elements='dict', options=dict(
+ ASC=dict(type='str', choices=['name']),
+ DESC=dict(type='str', choices=['name'])
+ ))
+ )
+ argument_spec.update(checkpoint_argument_spec_for_facts)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+
+ api_call_object = "ips-protection-extended-attribute"
+ api_call_object_plural_version = "ips-protection-extended-attributes"
+
+ result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ module.exit_json(ansible_facts=result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lock_object.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lock_object.py
new file mode 100644
index 000000000..b55b50d6e
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lock_object.py
@@ -0,0 +1,96 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_lock_object
+short_description: Lock object using name and type.
+description:
+ - Lock object using name and type. Can lock object only if the object is not locked by another session.
+ - The object can be unlocked by the unlock, publish or discard commands.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name. Must be unique in the domain.
+ type: str
+ type:
+ description:
+ - Object type.
+ type: str
+ layer:
+ description:
+ - Object layer, need to specify the layer if the object is rule/section and uid is not supplied.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: lock-object
+ cp_mgmt_lock_object:
+ name: host5
+ type: host
+"""
+
+RETURN = """
+cp_mgmt_lock_object:
+ description: The checkpoint lock-object output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ type=dict(type='str'),
+ layer=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full'])
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "lock-object"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_cluster.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_cluster.py
index 422d31424..3ba3fff11 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_cluster.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_cluster.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -221,66 +223,157 @@ cp_mgmt_lsm_cluster:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- main_ip_address=dict(type='str'),
- name_prefix=dict(type='str'),
- name_suffix=dict(type='str'),
- security_profile=dict(type='str', required=True),
- interfaces=dict(type='list', elements='dict', options=dict(
- name=dict(type='str'),
- ip_address_override=dict(type='str'),
- member_network_override=dict(type='str')
- )),
- members=dict(type='list', elements='dict', options=dict(
- name=dict(type='str'),
- provisioning_settings=dict(type='dict', options=dict(
- provisioning_profile=dict(type='str')
- )),
- provisioning_state=dict(type='str', choices=['off', 'manual', 'using-profile']),
- sic=dict(type='dict', options=dict(
- ip_address=dict(type='str'),
- one_time_password=dict(type='str', no_log=True)
- )),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan',
- 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick',
- 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral',
- 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red',
- 'sienna', 'yellow']),
- comments=dict(type='str')
- )),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool'),
+ main_ip_address=dict(type="str"),
+ name_prefix=dict(type="str"),
+ name_suffix=dict(type="str"),
+ security_profile=dict(type="str", required=True),
+ interfaces=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ name=dict(type="str"),
+ ip_address_override=dict(type="str"),
+ member_network_override=dict(type="str"),
+ ),
+ ),
+ members=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ name=dict(type="str"),
+ provisioning_settings=dict(
+ type="dict",
+ options=dict(provisioning_profile=dict(type="str")),
+ ),
+ provisioning_state=dict(
+ type="str", choices=["off", "manual", "using-profile"]
+ ),
+ sic=dict(
+ type="dict",
+ options=dict(
+ ip_address=dict(type="str"),
+ one_time_password=dict(type="str", no_log=True),
+ ),
+ ),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ ),
+ ),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
# Create lsm-cluster name
- name = module.params['security_profile']
+ name = module.params["security_profile"]
- if module.params['name_prefix']:
- name = module.params['name_prefix'] + name
- if module.params['name_suffix']:
- name = name + module.params['name_suffix']
- module.params['name'] = name
+ if module.params["name_prefix"]:
+ name = module.params["name_prefix"] + name
+ if module.params["name_suffix"]:
+ name = name + module.params["name_suffix"]
+ module.params["name"] = name
- api_call_object = 'lsm-cluster'
+ api_call_object = "lsm-cluster"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_cluster_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_cluster_facts.py
index 1c7fbec44..58816abfe 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_cluster_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_cluster_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -114,33 +116,44 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- filter=dict(type='str'),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- show_membership=dict(type='bool'),
- domains_to_process=dict(type='list', elements='str')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ filter=dict(type="str"),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ show_membership=dict(type="bool"),
+ domains_to_process=dict(type="list", elements="str"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "lsm-cluster"
api_call_object_plural_version = "lsm-clusters"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_cluster_profile_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_cluster_profile_facts.py
index 384c5b218..b87c92a0e 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_cluster_profile_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_cluster_profile_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -114,33 +116,44 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- filter=dict(type='str'),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- show_membership=dict(type='bool'),
- domains_to_process=dict(type='list', elements='str')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ filter=dict(type="str"),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ show_membership=dict(type="bool"),
+ domains_to_process=dict(type="list", elements="str"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "lsm-cluster-profile"
api_call_object_plural_version = "lsm-cluster-profiles"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_gateway.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_gateway.py
index 21fc7ce5a..704a0f74d 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_gateway.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_gateway.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -140,39 +142,85 @@ cp_mgmt_lsm_gateway:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- security_profile=dict(type='str'),
- provisioning_settings=dict(type='dict', options=dict(
- provisioning_profile=dict(type='str')
- )),
- provisioning_state=dict(type='str', choices=['off', 'manual', 'using-profile']),
- sic=dict(type='dict', options=dict(
- ip_address=dict(type='str'),
- one_time_password=dict(type='str', no_log=True)
- )),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ security_profile=dict(type="str"),
+ provisioning_settings=dict(
+ type="dict", options=dict(provisioning_profile=dict(type="str"))
+ ),
+ provisioning_state=dict(
+ type="str", choices=["off", "manual", "using-profile"]
+ ),
+ sic=dict(
+ type="dict",
+ options=dict(
+ ip_address=dict(type="str"),
+ one_time_password=dict(type="str", no_log=True),
+ ),
+ ),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'lsm-gateway'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "lsm-gateway"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_gateway_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_gateway_facts.py
index b13444e96..150ca4b7e 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_gateway_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_gateway_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -114,33 +116,44 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- filter=dict(type='str'),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- show_membership=dict(type='bool'),
- domains_to_process=dict(type='list', elements='str')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ filter=dict(type="str"),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ show_membership=dict(type="bool"),
+ domains_to_process=dict(type="list", elements="str"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "lsm-gateway"
api_call_object_plural_version = "lsm-gateways"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_gateway_profile_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_gateway_profile_facts.py
index 6778f237c..e46f1f0ee 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_gateway_profile_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_gateway_profile_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -114,33 +116,44 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- filter=dict(type='str'),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- show_membership=dict(type='bool'),
- domains_to_process=dict(type='list', elements='str')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ filter=dict(type="str"),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ show_membership=dict(type="bool"),
+ domains_to_process=dict(type="list", elements="str"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "lsm-gateway-profile"
api_call_object_plural_version = "lsm-gateway-profiles"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_run_script.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_run_script.py
index d3828262d..434e814d9 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_run_script.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsm_run_script.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -67,14 +69,17 @@ cp_mgmt_lsm_run_script:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- script_base64=dict(type='str'),
- script=dict(type='str'),
- targets=dict(type='list', elements='str')
+ script_base64=dict(type="str"),
+ script=dict(type="str"),
+ targets=dict(type="list", elements="str"),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -86,5 +91,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsv_profile.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsv_profile.py
new file mode 100644
index 000000000..eb43a20b6
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsv_profile.py
@@ -0,0 +1,173 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_lsv_profile
+short_description: Manages lsv-profile objects on Checkpoint over Web Services API
+description:
+ - Manages lsv-profile objects on Checkpoint devices including creating, updating and removing objects.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ type: str
+ required: True
+ certificate_authority:
+ description:
+ - Trusted Certificate authority for establishing trust between VPN peers, identified by name or UID.
+ type: str
+ allowed_ip_addresses:
+ description:
+ - Collection of network objects identified by name or UID that represent IP addresses allowed in profile's VPN domain.
+ type: list
+ elements: str
+ restrict_allowed_addresses:
+ description:
+ - Indicate whether the IP addresses allowed in the VPN Domain will be restricted or not, according to allowed-ip-addresses field.
+ type: bool
+ tags:
+ description:
+ - Collection of tag identifiers.
+ type: list
+ elements: str
+ vpn_domain:
+ description:
+ - peers' VPN Domain properties.
+ type: dict
+ suboptions:
+ limit_peer_domain_size:
+ description:
+ - Use this parameter to limit the number of IP addresses in the VPN Domain of each peer according to the value in the max-allowed-addresses field.
+ type: bool
+ max_allowed_addresses:
+ description:
+ - Maximum number of IP addresses in the VPN Domain of each peer. This value will be enforced only when limit-peer-domain-size field is
+ set to true. Select a value between 1 and 256. Default value is 256.
+ type: int
+ color:
+ description:
+ - Color of the object. Should be one of existing colors.
+ type: str
+ choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green',
+ 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon',
+ 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow']
+ comments:
+ description:
+ - Comments string.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ groups:
+ description:
+ - Collection of group identifiers.
+ type: list
+ elements: str
+ ignore_warnings:
+ description:
+ - Apply changes ignoring warnings.
+ type: bool
+ ignore_errors:
+ description:
+ - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+ type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_objects
+"""
+
+EXAMPLES = """
+- name: add-lsv-profile
+ cp_mgmt_lsv_profile:
+ certificate_authority: dedicated_profile_certificate
+ name: New lsv-profile
+ state: present
+
+- name: set-lsv-profile
+ cp_mgmt_lsv_profile:
+ certificate_authority: another CA
+ name: existing lsv-profile
+ restrict_allowed_addresses: 'false'
+ state: present
+ vpn_domain:
+ limit_peer_domain_size: 'false'
+
+- name: delete-lsv-profile
+ cp_mgmt_lsv_profile:
+ name: existing lsv-profile
+ state: absent
+"""
+
+RETURN = """
+cp_mgmt_lsv_profile:
+ description: The checkpoint object created or updated.
+ returned: always, except when deleting the object.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str', required=True),
+ certificate_authority=dict(type='str'),
+ allowed_ip_addresses=dict(type='list', elements='str'),
+ restrict_allowed_addresses=dict(type='bool'),
+ tags=dict(type='list', elements='str'),
+ vpn_domain=dict(type='dict', options=dict(
+ limit_peer_domain_size=dict(type='bool'),
+ max_allowed_addresses=dict(type='int')
+ )),
+ color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
+ 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
+ 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
+ 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
+ 'yellow']),
+ comments=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ groups=dict(type='list', elements='str'),
+ ignore_warnings=dict(type='bool'),
+ ignore_errors=dict(type='bool')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_objects)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ api_call_object = 'lsv-profile'
+
+ result = api_call(module, api_call_object)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsv_profile_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsv_profile_facts.py
new file mode 100644
index 000000000..d755a4a7f
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_lsv_profile_facts.py
@@ -0,0 +1,141 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_lsv_profile_facts
+short_description: Get lsv-profile objects facts on Checkpoint over Web Services API
+description:
+ - Get lsv-profile objects facts on Checkpoint devices.
+ - All operations are performed over Web Services API.
+ - This module handles both operations, get a specific object and get several objects,
+ For getting a specific object use the parameter 'name'.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ This parameter is relevant only for getting a specific object.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ filter:
+ description:
+ - Search expression to filter objects by. The provided text should be exactly the same as it would be given in SmartConsole Object Explorer. The
+ logical operators in the expression ('AND', 'OR') should be provided in capital letters. The search involves both a IP search and a textual search in
+ name, comment, tags etc.
+ type: str
+ limit:
+ description:
+ - The maximal number of returned results.
+ This parameter is relevant only for getting few objects.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ This parameter is relevant only for getting few objects.
+ type: int
+ order:
+ description:
+ - Sorts the results by search criteria. Automatically sorts the results by Name, in the ascending order.
+ This parameter is relevant only for getting few objects.
+ type: list
+ elements: dict
+ suboptions:
+ ASC:
+ description:
+ - Sorts results by the given field in ascending order.
+ type: str
+ choices: ['name']
+ DESC:
+ description:
+ - Sorts results by the given field in descending order.
+ type: str
+ choices: ['name']
+ domains_to_process:
+ description:
+ - Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and
+ with ignore-warnings true. Valid values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.
+ type: list
+ elements: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_facts
+"""
+
+EXAMPLES = """
+- name: show-lsv-profile
+ cp_mgmt_lsv_profile_facts:
+ name: existing lsv-profile
+
+- name: show-lsv-profiles
+ cp_mgmt_lsv_profile_facts:
+ details_level: standard
+ limit: 50
+ offset: 0
+"""
+
+RETURN = """
+ansible_facts:
+ description: The checkpoint object facts.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ filter=dict(type='str'),
+ limit=dict(type='int'),
+ offset=dict(type='int'),
+ order=dict(type='list', elements='dict', options=dict(
+ ASC=dict(type='str', choices=['name']),
+ DESC=dict(type='str', choices=['name'])
+ )),
+ domains_to_process=dict(type='list', elements='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_facts)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+
+ api_call_object = "lsv-profile"
+ api_call_object_plural_version = "lsv-profiles"
+
+ result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ module.exit_json(ansible_facts=result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_md_permissions_profile.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_md_permissions_profile.py
index 01f52aafe..1439e06e7 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_md_permissions_profile.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_md_permissions_profile.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -166,45 +168,88 @@ cp_mgmt_md_permissions_profile:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- permission_level=dict(type='str', choices=['super user', 'manager', 'domain level only']),
- mds_provisioning=dict(type='bool'),
- manage_admins=dict(type='bool'),
- manage_sessions=dict(type='bool'),
- management_api_login=dict(type='bool'),
- cme_operations=dict(type='str', choices=['read', 'write', 'disabled']),
- global_vpn_management=dict(type='bool'),
- manage_global_assignments=dict(type='bool'),
- enable_default_profile_for_global_domains=dict(type='bool'),
- default_profile_global_domains=dict(type='str'),
- view_global_objects_in_domain=dict(type='bool'),
- enable_default_profile_for_local_domains=dict(type='bool'),
- default_profile_local_domains=dict(type='str'),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- domains_to_process=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ permission_level=dict(
+ type="str", choices=["super user", "manager", "domain level only"]
+ ),
+ mds_provisioning=dict(type="bool"),
+ manage_admins=dict(type="bool"),
+ manage_sessions=dict(type="bool"),
+ management_api_login=dict(type="bool"),
+ cme_operations=dict(type="str", choices=["read", "write", "disabled"]),
+ global_vpn_management=dict(type="bool"),
+ manage_global_assignments=dict(type="bool"),
+ enable_default_profile_for_global_domains=dict(type="bool"),
+ default_profile_global_domains=dict(type="str"),
+ view_global_objects_in_domain=dict(type="bool"),
+ enable_default_profile_for_local_domains=dict(type="bool"),
+ default_profile_local_domains=dict(type="str"),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ domains_to_process=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'md-permissions-profile'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "md-permissions-profile"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_md_permissions_profile_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_md_permissions_profile_facts.py
index 285752fd7..338ef5920 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_md_permissions_profile_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_md_permissions_profile_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -110,32 +112,43 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- filter=dict(type='str'),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- domains_to_process=dict(type='list', elements='str')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ filter=dict(type="str"),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ domains_to_process=dict(type="list", elements="str"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "md-permissions-profile"
api_call_object_plural_version = "md-permissions-profiles"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_mds.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_mds.py
index 726164ba5..017d49857 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_mds.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_mds.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -164,45 +166,89 @@ cp_mgmt_mds:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- ip_address=dict(type='str'),
- ipv4_address=dict(type='str'),
- ipv6_address=dict(type='str'),
- hardware=dict(type='str'),
- os=dict(type='str'),
- version=dict(type='str'),
- one_time_password=dict(type='str', no_log=True),
- server_type=dict(type='str', choices=['multi-domain server', 'multi-domain log server']),
- ip_pool_first=dict(type='str'),
- ipv4_pool_first=dict(type='str'),
- ipv6_pool_first=dict(type='str'),
- ip_pool_last=dict(type='str'),
- ipv4_pool_last=dict(type='str'),
- ipv6_pool_last=dict(type='str'),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ ip_address=dict(type="str"),
+ ipv4_address=dict(type="str"),
+ ipv6_address=dict(type="str"),
+ hardware=dict(type="str"),
+ os=dict(type="str"),
+ version=dict(type="str"),
+ one_time_password=dict(type="str", no_log=True),
+ server_type=dict(
+ type="str",
+ choices=["multi-domain server", "multi-domain log server"],
+ ),
+ ip_pool_first=dict(type="str"),
+ ipv4_pool_first=dict(type="str"),
+ ipv6_pool_first=dict(type="str"),
+ ip_pool_last=dict(type="str"),
+ ipv4_pool_last=dict(type="str"),
+ ipv6_pool_last=dict(type="str"),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'mds'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "mds"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_mds_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_mds_facts.py
index 46bca5be4..3cbaedda9 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_mds_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_mds_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -95,30 +97,41 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- ))
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "mds"
api_call_object_plural_version = "mdss"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_multicast_address_range.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_multicast_address_range.py
index 04cc7a72f..4441b0fce 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_multicast_address_range.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_multicast_address_range.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -143,41 +145,82 @@ cp_mgmt_multicast_address_range:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- ip_address=dict(type='str'),
- ipv4_address=dict(type='str'),
- ipv6_address=dict(type='str'),
- ip_address_first=dict(type='str'),
- ipv4_address_first=dict(type='str'),
- ipv6_address_first=dict(type='str'),
- ip_address_last=dict(type='str'),
- ipv4_address_last=dict(type='str'),
- ipv6_address_last=dict(type='str'),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- groups=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ ip_address=dict(type="str"),
+ ipv4_address=dict(type="str"),
+ ipv6_address=dict(type="str"),
+ ip_address_first=dict(type="str"),
+ ipv4_address_first=dict(type="str"),
+ ipv6_address_first=dict(type="str"),
+ ip_address_last=dict(type="str"),
+ ipv4_address_last=dict(type="str"),
+ ipv6_address_last=dict(type="str"),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ groups=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'multicast-address-range'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "multicast-address-range"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_multicast_address_range_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_multicast_address_range_facts.py
index c32390e6d..b98fa2525 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_multicast_address_range_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_multicast_address_range_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -100,31 +102,42 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- show_membership=dict(type='bool')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ show_membership=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "multicast-address-range"
api_call_object_plural_version = "multicast-address-ranges"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_nat_rule.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_nat_rule.py
new file mode 100644
index 000000000..d187200f8
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_nat_rule.py
@@ -0,0 +1,227 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_nat_rule
+short_description: Manages nat-rule objects on Checkpoint over Web Services API.
+description:
+ - Manages nat-rule objects on Checkpoint devices including creating, updating and removing objects.
+ - Minimum version required is 1.7.1 and JHF with PMTR-88097.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ package:
+ description:
+ - Name of the package.
+ type: str
+ position:
+ description:
+ - Position in the rulebase. The use of values "top" and "bottom" may not be idempotent.
+ type: str
+ relative_position:
+ description:
+ - Position in the rulebase.
+ - Use of this field may not be idempotent.
+ type: dict
+ suboptions:
+ below:
+ description:
+ - Add rule below specific rule/section identified by name (limited to 50 rules if
+ search_entire_rulebase is False).
+ type: str
+ above:
+ description:
+ - Add rule above specific rule/section identified by name (limited to 50 rules if
+ search_entire_rulebase is False).
+ type: str
+ top:
+ description:
+ - Add rule to the top of a specific section identified by name (limited to 50 rules if
+ search_entire_rulebase is False).
+ type: str
+ bottom:
+ description:
+ - Add rule to the bottom of a specific section identified by name (limited to 50 rules if
+ search_entire_rulebase is False).
+ type: str
+ search_entire_rulebase:
+ description:
+ - Whether to search the entire rulebase for a rule that's been edited in its relative_position field to make sure
+ there indeed has been a change in its position or the section it might be in.
+ type: bool
+ default: False
+ name:
+ description:
+ - Rule name.
+ type: str
+ required: True
+ enabled:
+ description:
+ - Enable/Disable the rule.
+ type: bool
+ install_on:
+ description:
+ - Which Gateways identified by the name or UID to install the policy on.
+ type: list
+ elements: str
+ method:
+ description:
+ - Nat method.
+ type: str
+ choices: ['static', 'hide', 'nat64', 'nat46', 'cgnat']
+ original_destination:
+ description:
+ - Original destination.
+ type: str
+ original_service:
+ description:
+ - Original service.
+ type: str
+ original_source:
+ description:
+ - Original source.
+ type: str
+ translated_destination:
+ description:
+ - Translated destination.
+ type: str
+ translated_service:
+ description:
+ - Translated service.
+ type: str
+ translated_source:
+ description:
+ - Translated source.
+ type: str
+ comments:
+ description:
+ - Comments string.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ ignore_warnings:
+ description:
+ - Apply changes ignoring warnings.
+ type: bool
+ ignore_errors:
+ description:
+ - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+ type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_objects
+"""
+
+EXAMPLES = """
+- name: add-nat-rule
+ cp_mgmt_nat_rule:
+ name: nat_rule1
+ comments: comment example1 nat999
+ enabled: false
+ install_on:
+ - Policy Targets
+ original_destination: All_Internet
+ original_source: Any
+ package: standard
+ position: 1
+ state: present
+
+- name: set-nat-rule
+ cp_mgmt_nat_rule:
+ name: nat_rule1
+ comments: rule for RND members RNDNetwork-> RND to Internal Network
+ enabled: false
+ original_service: ssh_version_2
+ original_source: Any
+ package: standard
+ state: present
+
+- name: delete-nat-rule
+ cp_mgmt_nat_rule:
+ name: nat_rule1
+ package: standard
+ state: absent
+"""
+
+RETURN = """
+cp_mgmt_nat_rule:
+ description: The checkpoint object created or updated.
+ returned: always, except when deleting the object.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call_for_rule
+
+
+def main():
+ argument_spec = dict(
+ package=dict(type='str'),
+ position=dict(type='str'),
+ relative_position=dict(type='dict', options=dict(
+ below=dict(type='str'),
+ above=dict(type='str'),
+ top=dict(type='str'),
+ bottom=dict(type='str')
+ )),
+ search_entire_rulebase=dict(type='bool', default=False),
+ name=dict(type='str', required=True),
+ enabled=dict(type='bool'),
+ install_on=dict(type='list', elements='str'),
+ method=dict(type='str', choices=['static', 'hide', 'nat64', 'nat46', 'cgnat']),
+ original_destination=dict(type='str'),
+ original_service=dict(type='str'),
+ original_source=dict(type='str'),
+ translated_destination=dict(type='str'),
+ translated_service=dict(type='str'),
+ translated_source=dict(type='str'),
+ comments=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ ignore_warnings=dict(type='bool'),
+ ignore_errors=dict(type='bool')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_objects)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ api_call_object = 'nat-rule'
+
+ if module.params["relative_position"] is not None:
+ if module.params["position"] is not None:
+ raise AssertionError("The use of both 'relative_position' and 'position' arguments isn't allowed")
+ module.params["position"] = module.params["relative_position"]
+ module.params.pop("relative_position")
+
+ result = api_call_for_rule(module, api_call_object)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_nat_rule_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_nat_rule_facts.py
index c1c4465bd..6474b2af1 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_nat_rule_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_nat_rule_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -41,6 +43,11 @@ options:
description:
- Rule number.
type: str
+ name:
+ description:
+ - Rule name.
+ This parameter is relevant only for getting a specific object. Minimum version required is 1.7.1.
+ type: str
package:
description:
- Name of the package.
@@ -141,6 +148,7 @@ EXAMPLES = """
- name: show-nat-rule
cp_mgmt_nat_rule_facts:
package: standard
+ name: nat_rule1
- name: show-nat-rulebase
cp_mgmt_nat_rule_facts:
@@ -159,45 +167,63 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts_for_rule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts_for_rule,
+)
def main():
argument_spec = dict(
- rule_number=dict(type='str'),
- package=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- filter=dict(type='str'),
- filter_settings=dict(type='dict', options=dict(
- search_mode=dict(type='str', choices=['general', 'packet']),
- packet_search_settings=dict(type='dict', options=dict(
- expand_group_members=dict(type='bool'),
- expand_group_with_exclusion_members=dict(type='bool'),
- match_on_any=dict(type='bool'),
- match_on_group_with_exclusion=dict(type='bool'),
- match_on_negate=dict(type='bool')
- ))
- )),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- use_object_dictionary=dict(type='bool'),
- dereference_group_members=dict(type='bool'),
- show_membership=dict(type='bool')
+ rule_number=dict(type="str"),
+ name=dict(type='str'),
+ package=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ filter=dict(type="str"),
+ filter_settings=dict(
+ type="dict",
+ options=dict(
+ search_mode=dict(type="str", choices=["general", "packet"]),
+ packet_search_settings=dict(
+ type="dict",
+ options=dict(
+ expand_group_members=dict(type="bool"),
+ expand_group_with_exclusion_members=dict(type="bool"),
+ match_on_any=dict(type="bool"),
+ match_on_group_with_exclusion=dict(type="bool"),
+ match_on_negate=dict(type="bool"),
+ ),
+ ),
+ ),
+ ),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ use_object_dictionary=dict(type="bool"),
+ dereference_group_members=dict(type="bool"),
+ show_membership=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "nat-rule"
api_call_object_plural_version = "nat-rulebase"
- result = api_call_facts_for_rule(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts_for_rule(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_nat_section.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_nat_section.py
index d81d2609d..f59c4a803 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_nat_section.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_nat_section.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -94,26 +96,31 @@ cp_mgmt_nat_section:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- package=dict(type='str'),
- position=dict(type='str'),
- name=dict(type='str', required=True),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ package=dict(type="str"),
+ position=dict(type="str"),
+ name=dict(type="str", required=True),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'nat-section'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "nat-section"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_network.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_network.py
index 1fc5e0489..6faf9e6fd 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_network.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_network.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -179,49 +181,95 @@ cp_mgmt_network:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- subnet=dict(type='str'),
- subnet4=dict(type='str'),
- subnet6=dict(type='str'),
- mask_length=dict(type='int'),
- mask_length4=dict(type='int'),
- mask_length6=dict(type='int'),
- subnet_mask=dict(type='str'),
- nat_settings=dict(type='dict', options=dict(
- auto_rule=dict(type='bool'),
- ip_address=dict(type='str'),
- ipv4_address=dict(type='str'),
- ipv6_address=dict(type='str'),
- hide_behind=dict(type='str', choices=['gateway', 'ip-address']),
- install_on=dict(type='str'),
- method=dict(type='str', choices=['hide', 'static'])
- )),
- tags=dict(type='list', elements='str'),
- broadcast=dict(type='str', choices=['disallow', 'allow']),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- groups=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ subnet=dict(type="str"),
+ subnet4=dict(type="str"),
+ subnet6=dict(type="str"),
+ mask_length=dict(type="int"),
+ mask_length4=dict(type="int"),
+ mask_length6=dict(type="int"),
+ subnet_mask=dict(type="str"),
+ nat_settings=dict(
+ type="dict",
+ options=dict(
+ auto_rule=dict(type="bool"),
+ ip_address=dict(type="str"),
+ ipv4_address=dict(type="str"),
+ ipv6_address=dict(type="str"),
+ hide_behind=dict(
+ type="str", choices=["gateway", "ip-address"]
+ ),
+ install_on=dict(type="str"),
+ method=dict(type="str", choices=["hide", "static"]),
+ ),
+ ),
+ tags=dict(type="list", elements="str"),
+ broadcast=dict(type="str", choices=["disallow", "allow"]),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ groups=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'network'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "network"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_network_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_network_facts.py
index 9cb2382ca..cbb8f24da 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_network_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_network_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -102,31 +104,42 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- show_membership=dict(type='bool')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ show_membership=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "network"
api_call_object_plural_version = "networks"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_network_feed.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_network_feed.py
index f00e21773..345df3dd1 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_network_feed.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_network_feed.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -196,48 +198,94 @@ cp_mgmt_network_feed:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- feed_url=dict(type='str'),
- certificate_id=dict(type='str'),
- feed_format=dict(type='str', choices=['Flat List', 'JSON']),
- feed_type=dict(type='str', choices=['Domain', 'IP Address', 'IP Address/Domain']),
- password=dict(type='str', no_log=True),
- tags=dict(type='list', elements='str'),
- username=dict(type='str'),
- custom_header=dict(type='list', elements='dict', options=dict(
- header_name=dict(type='str'),
- header_value=dict(type='str')
- )),
- update_interval=dict(type='int'),
- data_column=dict(type='int'),
- fields_delimiter=dict(type='str'),
- ignore_lines_that_start_with=dict(type='str'),
- json_query=dict(type='str'),
- use_gateway_proxy=dict(type='bool'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- domains_to_process=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ feed_url=dict(type="str"),
+ certificate_id=dict(type="str"),
+ feed_format=dict(type="str", choices=["Flat List", "JSON"]),
+ feed_type=dict(
+ type="str", choices=["Domain", "IP Address", "IP Address/Domain"]
+ ),
+ password=dict(type="str", no_log=True),
+ tags=dict(type="list", elements="str"),
+ username=dict(type="str"),
+ custom_header=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ header_name=dict(type="str"), header_value=dict(type="str")
+ ),
+ ),
+ update_interval=dict(type="int"),
+ data_column=dict(type="int"),
+ fields_delimiter=dict(type="str"),
+ ignore_lines_that_start_with=dict(type="str"),
+ json_query=dict(type="str"),
+ use_gateway_proxy=dict(type="bool"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ domains_to_process=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'network-feed'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "network-feed"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_network_feed_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_network_feed_facts.py
index e2aa53fbe..471c5dd43 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_network_feed_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_network_feed_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -111,33 +113,44 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- filter=dict(type='str'),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- show_membership=dict(type='bool'),
- domains_to_process=dict(type='list', elements='str')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ filter=dict(type="str"),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ show_membership=dict(type="bool"),
+ domains_to_process=dict(type="list", elements="str"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "network-feed"
api_call_object_plural_version = "network-feeds"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_objects_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_objects_facts.py
index 50f059051..e16c8d532 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_objects_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_objects_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -145,37 +147,48 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- uid=dict(type='str'),
- uids=dict(type='list', elements='str'),
- filter=dict(type='str'),
- ip_only=dict(type='bool'),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- type=dict(type='str'),
- dereference_group_members=dict(type='bool'),
- show_membership=dict(type='bool'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- domains_to_process=dict(type='list', elements='str')
+ uid=dict(type="str"),
+ uids=dict(type="list", elements="str"),
+ filter=dict(type="str"),
+ ip_only=dict(type="bool"),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ type=dict(type="str"),
+ dereference_group_members=dict(type="bool"),
+ show_membership=dict(type="bool"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ domains_to_process=dict(type="list", elements="str"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "object"
api_call_object_plural_version = "objects"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_package.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_package.py
index e8a403f96..0e21be64f 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_package.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_package.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -198,54 +200,107 @@ cp_mgmt_package:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- access=dict(type='bool'),
- desktop_security=dict(type='bool'),
- installation_targets=dict(type='list', elements='str'),
- qos=dict(type='bool'),
- qos_policy_type=dict(type='str', choices=['recommended', 'express']),
- tags=dict(type='list', elements='str'),
- threat_prevention=dict(type='bool'),
- vpn_traditional_mode=dict(type='bool'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool'),
- access_layers=dict(type='dict', options=dict(
- add=dict(type='list', elements='dict', options=dict(
- name=dict(type='str'),
- position=dict(type='int')
- )),
- remove=dict(type='list', elements='str'),
- value=dict(type='list', elements='str')
- )),
- threat_layers=dict(type='dict', options=dict(
- add=dict(type='list', elements='dict', options=dict(
- name=dict(type='str'),
- position=dict(type='int')
- )),
- remove=dict(type='list', elements='str'),
- value=dict(type='list', elements='str')
- ))
+ name=dict(type="str", required=True),
+ access=dict(type="bool"),
+ desktop_security=dict(type="bool"),
+ installation_targets=dict(type="list", elements="str"),
+ qos=dict(type="bool"),
+ qos_policy_type=dict(type="str", choices=["recommended", "express"]),
+ tags=dict(type="list", elements="str"),
+ threat_prevention=dict(type="bool"),
+ vpn_traditional_mode=dict(type="bool"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
+ access_layers=dict(
+ type="dict",
+ options=dict(
+ add=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ name=dict(type="str"), position=dict(type="int")
+ ),
+ ),
+ remove=dict(type="list", elements="str"),
+ value=dict(type="list", elements="str"),
+ ),
+ ),
+ threat_layers=dict(
+ type="dict",
+ options=dict(
+ add=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ name=dict(type="str"), position=dict(type="int")
+ ),
+ ),
+ remove=dict(type="list", elements="str"),
+ value=dict(type="list", elements="str"),
+ ),
+ ),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'package'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "package"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_package_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_package_facts.py
index 54c80e754..c8ee9dc6d 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_package_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_package_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -98,30 +100,41 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- ))
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "package"
api_call_object_plural_version = "packages"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_provisioning_profile_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_provisioning_profile_facts.py
index b77a9b141..a6e721a3c 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_provisioning_profile_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_provisioning_profile_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -114,33 +116,44 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- filter=dict(type='str'),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- show_membership=dict(type='bool'),
- domains_to_process=dict(type='list', elements='str')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ filter=dict(type="str"),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ show_membership=dict(type="bool"),
+ domains_to_process=dict(type="list", elements="str"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "provisioning-profile"
api_call_object_plural_version = "provisioning-profiles"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_publish.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_publish.py
index c7dedd20a..b488fd184 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_publish.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_publish.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -51,12 +53,14 @@ cp_mgmt_publish:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
- argument_spec = dict(
- )
+ argument_spec = dict()
argument_spec.update(checkpoint_argument_spec_for_commands)
module = AnsibleModule(argument_spec=argument_spec)
@@ -67,5 +71,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_put_file.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_put_file.py
index 8f7eaec4c..9d0f8aa2f 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_put_file.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_put_file.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -77,16 +79,19 @@ cp_mgmt_put_file:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- targets=dict(type='list', elements='str'),
- file_content=dict(type='str'),
- file_name=dict(type='str'),
- file_path=dict(type='str'),
- comments=dict(type='str')
+ targets=dict(type="list", elements="str"),
+ file_content=dict(type="str"),
+ file_name=dict(type="str"),
+ file_path=dict(type="str"),
+ comments=dict(type="str"),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -98,5 +103,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_radius_group.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_radius_group.py
new file mode 100644
index 000000000..57b3ebd7f
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_radius_group.py
@@ -0,0 +1,150 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_radius_group
+short_description: Manages radius-group objects on Checkpoint over Web Services API
+description:
+ - Manages radius-group objects on Checkpoint devices including creating, updating and removing objects.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Shiran Golzar (@chkp-shirango)"
+options:
+ name:
+ description:
+ - Object name.
+ type: str
+ required: True
+ members:
+ description:
+ - Collection of radius servers identified by the name or UID.
+ type: list
+ elements: str
+ tags:
+ description:
+ - Collection of tag identifiers.
+ type: list
+ elements: str
+ color:
+ description:
+ - Color of the object. Should be one of existing colors.
+ type: str
+ choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green',
+ 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon',
+ 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow']
+ comments:
+ description:
+ - Comments string.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ groups:
+ description:
+ - Collection of group identifiers.
+ type: list
+ elements: str
+ ignore_warnings:
+ description:
+ - Apply changes ignoring warnings.
+ type: bool
+ ignore_errors:
+ description:
+ - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+ type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_objects
+"""
+
+EXAMPLES = """
+- name: add-radius-group
+ cp_mgmt_radius_group:
+ members:
+ - t4
+ - radgroup
+ name: radgroup
+ state: present
+
+- name: set-radius-group
+ cp_mgmt_radius_group:
+ members:
+ - t4
+ name: radgroup
+ state: present
+
+- name: delete-radius-group
+ cp_mgmt_radius_group:
+ ignore_warnings: 'true'
+ name: testgroup
+ state: absent
+"""
+
+RETURN = """
+cp_mgmt_radius_group:
+ description: The checkpoint object created or updated.
+ returned: always, except when deleting the object.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, \
+ api_call
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str', required=True),
+ members=dict(type='list', elements='str'),
+ tags=dict(type='list', elements="str"),
+ color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
+ 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise',
+ 'dark blue', 'firebrick', 'brown',
+ 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green',
+ 'lemon chiffon', 'coral', 'sea green',
+ 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue',
+ 'olive', 'orange', 'red', 'sienna',
+ 'yellow']),
+ comments=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ groups=dict(type='list', elements='str'),
+ ignore_warnings=dict(type='bool'),
+ ignore_errors=dict(type='bool')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_objects)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ api_call_object = 'radius-group'
+
+ result = api_call(module, api_call_object)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_radius_group_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_radius_group_facts.py
new file mode 100644
index 000000000..af0ab8889
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_radius_group_facts.py
@@ -0,0 +1,157 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_radius_group_facts
+short_description: Get radius-group objects facts on Checkpoint over Web Services API
+description:
+ - Get radius-group objects facts on Checkpoint devices.
+ - All operations are performed over Web Services API.
+ - This module handles both operations, get a specific object and get several objects,
+ For getting a specific object use the parameter 'name'.
+version_added: "5.0.0"
+author: "Shiran Golzar (@chkp-shirango)"
+options:
+ name:
+ description:
+ - Object name.
+ This parameter is relevant only for getting a specific object.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ filter:
+ description:
+ - Search expression to filter objects by. The provided text should be exactly the same as it would be given in SmartConsole Object Explorer. The
+ logical operators in the expression ('AND', 'OR') should be provided in capital letters. The search involves both a IP search and a textual search in
+ name, comment, tags etc.
+ type: str
+ limit:
+ description:
+ - The maximal number of returned results.
+ This parameter is relevant only for getting few objects.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ This parameter is relevant only for getting few objects.
+ type: int
+ order:
+ description:
+ - Sorts the results by search criteria. Automatically sorts the results by Name, in the ascending order.
+ This parameter is relevant only for getting few objects.
+ type: list
+ elements: dict
+ suboptions:
+ ASC:
+ description:
+ - Sorts results by the given field in ascending order.
+ type: str
+ choices: ['name']
+ DESC:
+ description:
+ - Sorts results by the given field in descending order.
+ type: str
+ choices: ['name']
+ dereference_group_members:
+ description:
+ - Indicates whether to dereference "members" field by details level for every object in reply.
+ type: bool
+ show_membership:
+ description:
+ - Indicates whether to calculate and show "groups" field for every object in reply.
+ type: bool
+ async_response:
+ description:
+ - Run command in asynchronous mode and return task UID. Use show-task command to check the progress of the task.
+ type: bool
+ domains_to_process:
+ description:
+ - Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and
+ with ignore-warnings true. Valid values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.
+ type: list
+ elements: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_facts
+"""
+
+EXAMPLES = """
+- name: show-radius-group
+ cp_mgmt_radius_group_facts:
+ name: radgroup
+
+- name: show-radius-groups
+ cp_mgmt_radius_group_facts:
+ details_level: standard
+ limit: 4
+ offset: 0
+"""
+
+RETURN = """
+ansible_facts:
+ description: The checkpoint object facts.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, \
+ api_call_facts
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ filter=dict(type='str'),
+ limit=dict(type='int'),
+ offset=dict(type='int'),
+ order=dict(type='list', elements='dict', options=dict(
+ ASC=dict(type='str', choices=['name']),
+ DESC=dict(type='str', choices=['name'])
+ )),
+ dereference_group_members=dict(type='bool'),
+ show_membership=dict(type='bool'),
+ async_response=dict(type='bool'),
+ domains_to_process=dict(type='list', elements='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_facts)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+
+ api_call_object = "radius-group"
+ api_call_object_plural_version = "radius-groups"
+
+ result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ module.exit_json(ansible_facts=result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_radius_server.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_radius_server.py
new file mode 100644
index 000000000..f1b0cfe5d
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_radius_server.py
@@ -0,0 +1,192 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_radius_server
+short_description: Manages radius-server objects on Checkpoint over Web Services API
+description:
+ - Manages radius-server objects on Checkpoint devices including creating, updating and removing objects.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Shiran Golzar (@chkp-shirango)"
+options:
+ name:
+ description:
+ - Object name.
+ type: str
+ required: True
+ server:
+ description:
+ - The UID or Name of the host that is the RADIUS Server.
+ type: str
+ shared_secret:
+ description:
+ - The secret between the RADIUS server and the Security Gateway.
+ type: str
+ service:
+ description:
+ - The UID or Name of the Service to which the RADIUS server listens.
+ type: str
+ server_version:
+ description:
+ - The version can be either RADIUS Version 1.0, which is RFC 2138 compliant, and RADIUS Version 2.0 which is RFC 2865 compliant.
+ type: str
+ choices: ['RADIUS Ver. 1.0', 'RADIUS Ver. 2.0']
+ protocol:
+ description:
+ - The type of authentication protocol that will be used when authenticating the user to the RADIUS server.
+ type: str
+ choices: ['PAP', 'MS_CHAP2']
+ priority:
+ description:
+ - The priority of the RADIUS Server in case it is a member of a RADIUS Group.
+ type: int
+ accounting:
+ description:
+ - Accounting settings.
+ type: dict
+ suboptions:
+ enable_ip_pool_management:
+ description:
+ - IP pool management, enables Accounting service.
+ type: bool
+ accounting_service:
+ description:
+ - The UID or Name of the the accounting interface to notify the server when users login and logout which will then lock and release the
+ IP addresses that the server allocated to those users.
+ type: str
+ tags:
+ description:
+ - Collection of tag identifiers.
+ type: list
+ elements: str
+ color:
+ description:
+ - Color of the object. Should be one of existing colors.
+ type: str
+ choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green',
+ 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon',
+ 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow']
+ comments:
+ description:
+ - Comments string.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ groups:
+ description:
+ - Collection of group identifiers.
+ type: list
+ elements: str
+ ignore_warnings:
+ description:
+ - Apply changes ignoring warnings.
+ type: bool
+ ignore_errors:
+ description:
+ - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+ type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_objects
+"""
+
+EXAMPLES = """
+- name: add-radius-server
+ cp_mgmt_radius_server:
+ name: radServer
+ server: hostRad
+ shared_secret: '123'
+ state: present
+
+- name: set-radius-server
+ cp_mgmt_radius_server:
+ name: t4
+ server: hostRadius
+ state: present
+
+- name: delete-radius-server
+ cp_mgmt_radius_server:
+ ignore_warnings: 'true'
+ name: radiusServer
+ state: absent
+"""
+
+RETURN = """
+cp_mgmt_radius_server:
+ description: The checkpoint object created or updated.
+ returned: always, except when deleting the object.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, \
+ api_call
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str', required=True),
+ server=dict(type='str'),
+ shared_secret=dict(type='str', no_log=True),
+ service=dict(type='str'),
+ server_version=dict(type='str', choices=['RADIUS Ver. 1.0', 'RADIUS Ver. 2.0']),
+ protocol=dict(type='str', choices=['PAP', 'MS_CHAP2']),
+ priority=dict(type='int'),
+ accounting=dict(type='dict', options=dict(
+ enable_ip_pool_management=dict(type='bool'),
+ accounting_service=dict(type='str')
+ )),
+ tags=dict(type='list', elements='str'),
+ color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
+ 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise',
+ 'dark blue', 'firebrick', 'brown',
+ 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green',
+ 'lemon chiffon', 'coral', 'sea green',
+ 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue',
+ 'olive', 'orange', 'red', 'sienna',
+ 'yellow']),
+ comments=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ groups=dict(type='list', elements='str'),
+ ignore_warnings=dict(type='bool'),
+ ignore_errors=dict(type='bool')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_objects)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ api_call_object = 'radius-server'
+
+ result = api_call(module, api_call_object)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_radius_server_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_radius_server_facts.py
new file mode 100644
index 000000000..988cd8858
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_radius_server_facts.py
@@ -0,0 +1,147 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_radius_server_facts
+short_description: Get radius-server objects facts on Checkpoint over Web Services API
+description:
+ - Get radius-server objects facts on Checkpoint devices.
+ - All operations are performed over Web Services API.
+ - This module handles both operations, get a specific object and get several objects,
+ For getting a specific object use the parameter 'name'.
+version_added: "5.0.0"
+author: "Shiran Golzar (@chkp-shirango)"
+options:
+ name:
+ description:
+ - Object name.
+ This parameter is relevant only for getting a specific object.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ filter:
+ description:
+ - Search expression to filter objects by. The provided text should be exactly the same as it would be given in SmartConsole Object Explorer. The
+ logical operators in the expression ('AND', 'OR') should be provided in capital letters. The search involves both a IP search and a textual search in
+ name, comment, tags etc.
+ type: str
+ limit:
+ description:
+ - The maximal number of returned results.
+ This parameter is relevant only for getting few objects.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ This parameter is relevant only for getting few objects.
+ type: int
+ order:
+ description:
+ - Sorts the results by search criteria. Automatically sorts the results by Name, in the ascending order.
+ This parameter is relevant only for getting few objects.
+ type: list
+ elements: dict
+ suboptions:
+ ASC:
+ description:
+ - Sorts results by the given field in ascending order.
+ type: str
+ choices: ['name']
+ DESC:
+ description:
+ - Sorts results by the given field in descending order.
+ type: str
+ choices: ['name']
+ show_membership:
+ description:
+ - Indicates whether to calculate and show "groups" field for every object in reply.
+ type: bool
+ domains_to_process:
+ description:
+ - Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and
+ with ignore-warnings true. Valid values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.
+ type: list
+ elements: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_facts
+"""
+
+EXAMPLES = """
+- name: show-radius-server
+ cp_mgmt_radius_server_facts:
+ name: t4
+
+- name: show-radius-servers
+ cp_mgmt_radius_server_facts:
+ details_level: standard
+ limit: 4
+ offset: 0
+"""
+
+RETURN = """
+ansible_facts:
+ description: The checkpoint object facts.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, \
+ api_call_facts
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ filter=dict(type='str'),
+ limit=dict(type='int'),
+ offset=dict(type='int'),
+ order=dict(type='list', elements='dict', options=dict(
+ ASC=dict(type='str', choices=['name']),
+ DESC=dict(type='str', choices=['name'])
+ )),
+ show_membership=dict(type='bool'),
+ domains_to_process=dict(type='list', elements='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_facts)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+
+ api_call_object = "radius-server"
+ api_call_object_plural_version = "radius-servers"
+
+ result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ module.exit_json(ansible_facts=result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_reject_session.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_reject_session.py
index ab76c1389..967c83d43 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_reject_session.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_reject_session.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -61,14 +63,14 @@ cp_mgmt_reject_session:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
- argument_spec = dict(
- uid=dict(type='str'),
- comments=dict(type='str')
- )
+ argument_spec = dict(uid=dict(type="str"), comments=dict(type="str"))
argument_spec.update(checkpoint_argument_spec_for_commands)
module = AnsibleModule(argument_spec=argument_spec)
@@ -79,5 +81,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_repository_package_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_repository_package_facts.py
new file mode 100644
index 000000000..a7c50e982
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_repository_package_facts.py
@@ -0,0 +1,135 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_repository_package_facts
+short_description: Get repository-package objects facts on Checkpoint over Web Services API
+description:
+ - Get repository-package objects facts on Checkpoint devices.
+ - All operations are performed over Web Services API.
+ - This module handles both operations, get a specific object and get several objects,
+ For getting a specific object use the parameter 'name'.
+version_added: "5.0.0"
+author: "Shiran Golzar (@chkp-shirango)"
+options:
+ name:
+ description:
+ - Object name.
+ This parameter is relevant only for getting a specific object.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ limit:
+ description:
+ - The maximal number of returned results.
+ This parameter is relevant only for getting few objects.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ This parameter is relevant only for getting few objects.
+ type: int
+ order:
+ description:
+ - Sorts the results by search criteria. Automatically sorts the results by Name, in the ascending order.
+ This parameter is relevant only for getting few objects.
+ type: list
+ elements: dict
+ suboptions:
+ ASC:
+ description:
+ - Sorts results by the given field in ascending order.
+ type: str
+ choices: ['name']
+ DESC:
+ description:
+ - Sorts results by the given field in descending order.
+ type: str
+ choices: ['name']
+ domains_to_process:
+ description:
+ - Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and
+ with ignore-warnings true. Valid values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.
+ type: list
+ elements: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_facts
+"""
+
+EXAMPLES = """
+- name: show-repository-package
+ cp_mgmt_repository_package_facts:
+ name: Check_Point_R80_20_JUMBO_HF_Bundle_T118_sk137592_Security_Gateway_and_Standalone_2_6_18_FULL.tgz
+
+- name: show-repository-packages
+ cp_mgmt_repository_package_facts:
+ details_level: standard
+ limit: 4
+ offset: 0
+"""
+
+RETURN = """
+ansible_facts:
+ description: The checkpoint object facts.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, \
+ api_call_facts
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ limit=dict(type='int'),
+ offset=dict(type='int'),
+ order=dict(type='list', elements='dict', options=dict(
+ ASC=dict(type='str', choices=['name']),
+ DESC=dict(type='str', choices=['name'])
+ )),
+ domains_to_process=dict(type='list', elements='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_facts)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+
+ api_call_object = "repository-package"
+ api_call_object_plural_version = "repository-packages"
+
+ result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ module.exit_json(ansible_facts=result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_repository_script.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_repository_script.py
index 62d48cc56..113ffbe14 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_repository_script.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_repository_script.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -109,33 +111,74 @@ cp_mgmt_repository_script:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- script_body=dict(type='str'),
- script_body_base64=dict(type='str'),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full'])
+ name=dict(type="str", required=True),
+ script_body=dict(type="str"),
+ script_body_base64=dict(type="str"),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'repository-script'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "repository-script"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_repository_script_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_repository_script_facts.py
index 67edad307..15378c927 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_repository_script_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_repository_script_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -98,30 +100,41 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- ))
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "repository-script"
api_call_object_plural_version = "repository-scripts"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_reset_sic.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_reset_sic.py
index cb5b8d00f..28f8e3567 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_reset_sic.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_reset_sic.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -62,13 +64,15 @@ cp_mgmt_reset_sic:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- auto_publish_session=dict(type='bool')
+ name=dict(type="str"), auto_publish_session=dict(type="bool")
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -80,5 +84,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_run_ips_update.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_run_ips_update.py
index 2c9f99347..aee311dbc 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_run_ips_update.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_run_ips_update.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -55,13 +57,14 @@ cp_mgmt_run_ips_update:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
- argument_spec = dict(
- package_path=dict(type='str')
- )
+ argument_spec = dict(package_path=dict(type="str"))
argument_spec.update(checkpoint_argument_spec_for_commands)
module = AnsibleModule(argument_spec=argument_spec)
@@ -72,5 +75,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_run_script.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_run_script.py
index f4dabd98b..93259daeb 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_run_script.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_run_script.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -76,16 +78,19 @@ cp_mgmt_run_script:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- script_name=dict(type='str'),
- script=dict(type='str'),
- targets=dict(type='list', elements='str'),
- args=dict(type='str'),
- comments=dict(type='str')
+ script_name=dict(type="str"),
+ script=dict(type="str"),
+ targets=dict(type="list", elements="str"),
+ args=dict(type="str"),
+ comments=dict(type="str"),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -97,5 +102,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_security_zone.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_security_zone.py
index 6c9cab11b..d1d77b1ae 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_security_zone.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_security_zone.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -100,31 +102,72 @@ cp_mgmt_security_zone:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'security-zone'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "security-zone"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_security_zone_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_security_zone_facts.py
index 90be77462..cf3dc2114 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_security_zone_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_security_zone_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -99,31 +101,42 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- show_membership=dict(type='bool')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ show_membership=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "security-zone"
api_call_object_plural_version = "security-zones"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_citrix_tcp.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_citrix_tcp.py
new file mode 100644
index 000000000..8dcdfd796
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_citrix_tcp.py
@@ -0,0 +1,135 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_service_citrix_tcp
+short_description: Manages service-citrix-tcp objects on Checkpoint over Web Services API
+description:
+ - Manages service-citrix-tcp objects on Checkpoint devices including creating, updating and removing objects.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ type: str
+ required: True
+ application:
+ description:
+ - Citrix application name.
+ type: str
+ tags:
+ description:
+ - Collection of tag identifiers.
+ type: list
+ elements: str
+ color:
+ description:
+ - Color of the object. Should be one of existing colors.
+ type: str
+ choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green',
+ 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon',
+ 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow']
+ comments:
+ description:
+ - Comments string.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ ignore_warnings:
+ description:
+ - Apply changes ignoring warnings.
+ type: bool
+ ignore_errors:
+ description:
+ - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+ type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_objects
+"""
+
+EXAMPLES = """
+- name: add-service-citrix-tcp
+ cp_mgmt_service_citrix_tcp:
+ application: My Citrix Application
+ name: mycitrixtcp
+ state: present
+
+- name: set-service-citrix-tcp
+ cp_mgmt_service_citrix_tcp:
+ application: My Citrix Application 2
+ name: mycitrixtcp
+ state: present
+
+- name: delete-service-citrix-tcp
+ cp_mgmt_service_citrix_tcp:
+ name: mycitrixtcp
+ state: absent
+"""
+
+RETURN = """
+cp_mgmt_service_citrix_tcp:
+ description: The checkpoint object created or updated.
+ returned: always, except when deleting the object.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str', required=True),
+ application=dict(type='str'),
+ tags=dict(type='list', elements='str'),
+ color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
+ 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
+ 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
+ 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
+ 'yellow']),
+ comments=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ ignore_warnings=dict(type='bool'),
+ ignore_errors=dict(type='bool')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_objects)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ api_call_object = 'service-citrix-tcp'
+
+ result = api_call(module, api_call_object)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_citrix_tcp_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_citrix_tcp_facts.py
new file mode 100644
index 000000000..fd618014b
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_citrix_tcp_facts.py
@@ -0,0 +1,144 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_service_citrix_tcp_facts
+short_description: Get service-citrix-tcp objects facts on Checkpoint over Web Services API
+description:
+ - Get service-citrix-tcp objects facts on Checkpoint devices.
+ - All operations are performed over Web Services API.
+ - This module handles both operations, get a specific object and get several objects,
+ For getting a specific object use the parameter 'name'.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ This parameter is relevant only for getting a specific object.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ filter:
+ description:
+ - Search expression to filter objects by. The provided text should be exactly the same as it would be given in SmartConsole Object Explorer. The
+ logical operators in the expression ('AND', 'OR') should be provided in capital letters. The search involves both a IP search and a textual search in
+ name, comment, tags etc.
+ type: str
+ limit:
+ description:
+ - The maximal number of returned results.
+ This parameter is relevant only for getting few objects.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ This parameter is relevant only for getting few objects.
+ type: int
+ order:
+ description:
+ - Sorts the results by search criteria. Automatically sorts the results by Name, in the ascending order.
+ This parameter is relevant only for getting few objects.
+ type: list
+ elements: dict
+ suboptions:
+ ASC:
+ description:
+ - Sorts results by the given field in ascending order.
+ type: str
+ choices: ['name']
+ DESC:
+ description:
+ - Sorts results by the given field in descending order.
+ type: str
+ choices: ['name']
+ show_membership:
+ description:
+ - Indicates whether to calculate and show "groups" field for every object in reply.
+ type: bool
+ domains_to_process:
+ description:
+ - Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and
+ with ignore-warnings true. Valid values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.
+ type: list
+ elements: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_facts
+"""
+
+EXAMPLES = """
+- name: show-service-citrix-tcp
+ cp_mgmt_service_citrix_tcp_facts:
+ name: mycitrixtcp
+
+- name: show-services-citrix-tcp
+ cp_mgmt_service_citrix_tcp_facts:
+ limit: 10
+"""
+
+RETURN = """
+ansible_facts:
+ description: The checkpoint object facts.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ filter=dict(type='str'),
+ limit=dict(type='int'),
+ offset=dict(type='int'),
+ order=dict(type='list', elements='dict', options=dict(
+ ASC=dict(type='str', choices=['name']),
+ DESC=dict(type='str', choices=['name'])
+ )),
+ show_membership=dict(type='bool'),
+ domains_to_process=dict(type='list', elements='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_facts)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+
+ api_call_object = "service-citrix-tcp"
+ api_call_object_plural_version = "services-citrix-tcp"
+
+ result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ module.exit_json(ansible_facts=result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_compound_tcp.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_compound_tcp.py
new file mode 100644
index 000000000..2d2a1831b
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_compound_tcp.py
@@ -0,0 +1,150 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_service_compound_tcp
+short_description: Manages service-compound-tcp objects on Checkpoint over Web Services API
+description:
+ - Manages service-compound-tcp objects on Checkpoint devices including creating, updating and removing objects.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ type: str
+ required: True
+ compound_service:
+ description:
+ - Compound service type.
+ type: str
+ choices: ['pointcast', 'netcaster', 'backweb', 'cdf']
+ keep_connections_open_after_policy_installation:
+ description:
+ - Keep connections open after policy has been installed even if they are not allowed under the new policy. This overrides the settings in the
+ Connection Persistence page. If you change this property, the change will not affect open connections, but only future connections.
+ type: bool
+ tags:
+ description:
+ - Collection of tag identifiers.
+ type: list
+ elements: str
+ color:
+ description:
+ - Color of the object. Should be one of existing colors.
+ type: str
+ choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green',
+ 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon',
+ 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow']
+ comments:
+ description:
+ - Comments string.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ groups:
+ description:
+ - Collection of group identifiers.
+ type: list
+ elements: str
+ ignore_warnings:
+ description:
+ - Apply changes ignoring warnings.
+ type: bool
+ ignore_errors:
+ description:
+ - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+ type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_objects
+"""
+
+EXAMPLES = """
+- name: add-service-compound-tcp
+ cp_mgmt_service_compound_tcp:
+ compound_service: pointcast
+ keep_connections_open_after_policy_installation: 'True'
+ name: mycompoundtcp
+ state: present
+
+- name: set-service-compound-tcp
+ cp_mgmt_service_compound_tcp:
+ compound_service: backweb
+ keep_connections_open_after_policy_installation: 'False'
+ name: mycompoundtcp
+ state: present
+
+- name: delete-service-compound-tcp
+ cp_mgmt_service_compound_tcp:
+ name: mycompoundtcp
+ state: absent
+"""
+
+RETURN = """
+cp_mgmt_service_compound_tcp:
+ description: The checkpoint object created or updated.
+ returned: always, except when deleting the object.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str', required=True),
+ compound_service=dict(type='str', choices=['pointcast', 'netcaster', 'backweb', 'cdf']),
+ keep_connections_open_after_policy_installation=dict(type='bool'),
+ tags=dict(type='list', elements='str'),
+ color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
+ 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
+ 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
+ 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
+ 'yellow']),
+ comments=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ groups=dict(type='list', elements='str'),
+ ignore_warnings=dict(type='bool'),
+ ignore_errors=dict(type='bool')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_objects)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ api_call_object = 'service-compound-tcp'
+
+ result = api_call(module, api_call_object)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_compound_tcp_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_compound_tcp_facts.py
new file mode 100644
index 000000000..d2b72a3b3
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_compound_tcp_facts.py
@@ -0,0 +1,144 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_service_compound_tcp_facts
+short_description: Get service-compound-tcp objects facts on Checkpoint over Web Services API
+description:
+ - Get service-compound-tcp objects facts on Checkpoint devices.
+ - All operations are performed over Web Services API.
+ - This module handles both operations, get a specific object and get several objects,
+ For getting a specific object use the parameter 'name'.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ This parameter is relevant only for getting a specific object.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ filter:
+ description:
+ - Search expression to filter objects by. The provided text should be exactly the same as it would be given in SmartConsole Object Explorer. The
+ logical operators in the expression ('AND', 'OR') should be provided in capital letters. The search involves both a IP search and a textual search in
+ name, comment, tags etc.
+ type: str
+ limit:
+ description:
+ - The maximal number of returned results.
+ This parameter is relevant only for getting few objects.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ This parameter is relevant only for getting few objects.
+ type: int
+ order:
+ description:
+ - Sorts the results by search criteria. Automatically sorts the results by Name, in the ascending order.
+ This parameter is relevant only for getting few objects.
+ type: list
+ elements: dict
+ suboptions:
+ ASC:
+ description:
+ - Sorts results by the given field in ascending order.
+ type: str
+ choices: ['name']
+ DESC:
+ description:
+ - Sorts results by the given field in descending order.
+ type: str
+ choices: ['name']
+ show_membership:
+ description:
+ - Indicates whether to calculate and show "groups" field for every object in reply.
+ type: bool
+ domains_to_process:
+ description:
+ - Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and
+ with ignore-warnings true. Valid values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.
+ type: list
+ elements: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_facts
+"""
+
+EXAMPLES = """
+- name: show-service-compound-tcp
+ cp_mgmt_service_compound_tcp_facts:
+ name: mycompoundtcp
+
+- name: show-services-compound-tcp
+ cp_mgmt_service_compound_tcp_facts:
+ limit: 10
+"""
+
+RETURN = """
+ansible_facts:
+ description: The checkpoint object facts.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ filter=dict(type='str'),
+ limit=dict(type='int'),
+ offset=dict(type='int'),
+ order=dict(type='list', elements='dict', options=dict(
+ ASC=dict(type='str', choices=['name']),
+ DESC=dict(type='str', choices=['name'])
+ )),
+ show_membership=dict(type='bool'),
+ domains_to_process=dict(type='list', elements='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_facts)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+
+ api_call_object = "service-compound-tcp"
+ api_call_object_plural_version = "services-compound-tcp"
+
+ result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ module.exit_json(ansible_facts=result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_dce_rpc.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_dce_rpc.py
index 63941587a..ec5ee67b0 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_dce_rpc.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_dce_rpc.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -116,34 +118,75 @@ cp_mgmt_service_dce_rpc:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- interface_uuid=dict(type='str'),
- keep_connections_open_after_policy_installation=dict(type='bool'),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- groups=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ interface_uuid=dict(type="str"),
+ keep_connections_open_after_policy_installation=dict(type="bool"),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ groups=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'service-dce-rpc'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "service-dce-rpc"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_dce_rpc_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_dce_rpc_facts.py
index b9419a93a..59a0517ec 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_dce_rpc_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_dce_rpc_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -102,31 +104,42 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- show_membership=dict(type='bool')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ show_membership=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "service-dce-rpc"
api_call_object_plural_version = "services-dce-rpc"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_group.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_group.py
index 1f78ac539..be7a969f5 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_group.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_group.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -117,33 +119,74 @@ cp_mgmt_service_group:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- members=dict(type='list', elements='str'),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- groups=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ members=dict(type="list", elements="str"),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ groups=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'service-group'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "service-group"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_group_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_group_facts.py
index f04e0b961..589849fe0 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_group_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_group_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -112,33 +114,44 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- show_as_ranges=dict(type='bool'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- dereference_group_members=dict(type='bool'),
- show_membership=dict(type='bool')
+ name=dict(type="str"),
+ show_as_ranges=dict(type="bool"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ dereference_group_members=dict(type="bool"),
+ show_membership=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "service-group"
api_call_object_plural_version = "service-groups"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_icmp.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_icmp.py
index 0cd0d4ca8..a5627f4a9 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_icmp.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_icmp.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -120,35 +122,76 @@ cp_mgmt_service_icmp:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- icmp_code=dict(type='int'),
- icmp_type=dict(type='int'),
- keep_connections_open_after_policy_installation=dict(type='bool'),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- groups=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ icmp_code=dict(type="int"),
+ icmp_type=dict(type="int"),
+ keep_connections_open_after_policy_installation=dict(type="bool"),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ groups=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'service-icmp'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "service-icmp"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_icmp6.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_icmp6.py
index fe845e609..4a5bec46a 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_icmp6.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_icmp6.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -120,35 +122,76 @@ cp_mgmt_service_icmp6:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- icmp_code=dict(type='int'),
- icmp_type=dict(type='int'),
- keep_connections_open_after_policy_installation=dict(type='bool'),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- groups=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ icmp_code=dict(type="int"),
+ icmp_type=dict(type="int"),
+ keep_connections_open_after_policy_installation=dict(type="bool"),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ groups=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'service-icmp6'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "service-icmp6"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_icmp6_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_icmp6_facts.py
index d94525f23..539569f3a 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_icmp6_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_icmp6_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -101,31 +103,42 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- show_membership=dict(type='bool')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ show_membership=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "service-icmp6"
api_call_object_plural_version = "services-icmp6"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_icmp_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_icmp_facts.py
index 8d044c37f..e8a8f834d 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_icmp_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_icmp_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -101,31 +103,42 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- show_membership=dict(type='bool')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ show_membership=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "service-icmp"
api_call_object_plural_version = "services-icmp"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_other.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_other.py
index 8e1766a58..455190ff4 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_other.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_other.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -180,48 +182,92 @@ cp_mgmt_service_other:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- accept_replies=dict(type='bool'),
- action=dict(type='str'),
- aggressive_aging=dict(type='dict', options=dict(
- default_timeout=dict(type='int'),
- enable=dict(type='bool'),
- timeout=dict(type='int'),
- use_default_timeout=dict(type='bool')
- )),
- ip_protocol=dict(type='int'),
- keep_connections_open_after_policy_installation=dict(type='bool'),
- match=dict(type='str'),
- match_for_any=dict(type='bool'),
- override_default_settings=dict(type='bool'),
- session_timeout=dict(type='int'),
- sync_connections_on_cluster=dict(type='bool'),
- tags=dict(type='list', elements='str'),
- use_default_session_timeout=dict(type='bool'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- groups=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ accept_replies=dict(type="bool"),
+ action=dict(type="str"),
+ aggressive_aging=dict(
+ type="dict",
+ options=dict(
+ default_timeout=dict(type="int"),
+ enable=dict(type="bool"),
+ timeout=dict(type="int"),
+ use_default_timeout=dict(type="bool"),
+ ),
+ ),
+ ip_protocol=dict(type="int"),
+ keep_connections_open_after_policy_installation=dict(type="bool"),
+ match=dict(type="str"),
+ match_for_any=dict(type="bool"),
+ override_default_settings=dict(type="bool"),
+ session_timeout=dict(type="int"),
+ sync_connections_on_cluster=dict(type="bool"),
+ tags=dict(type="list", elements="str"),
+ use_default_session_timeout=dict(type="bool"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ groups=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'service-other'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "service-other"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_other_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_other_facts.py
index e7ad3da11..0cca6ed9f 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_other_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_other_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -102,31 +104,42 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- show_membership=dict(type='bool')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ show_membership=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "service-other"
api_call_object_plural_version = "services-other"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_rpc.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_rpc.py
index e9f917ca1..21c0739f2 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_rpc.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_rpc.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -116,34 +118,75 @@ cp_mgmt_service_rpc:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- keep_connections_open_after_policy_installation=dict(type='bool'),
- program_number=dict(type='int'),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- groups=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ keep_connections_open_after_policy_installation=dict(type="bool"),
+ program_number=dict(type="int"),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ groups=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'service-rpc'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "service-rpc"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_rpc_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_rpc_facts.py
index 3ff1f3c0b..7df6d695c 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_rpc_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_rpc_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -102,31 +104,42 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- show_membership=dict(type='bool')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ show_membership=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "service-rpc"
api_call_object_plural_version = "services-rpc"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_sctp.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_sctp.py
index 624a81939..e6d7ae333 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_sctp.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_sctp.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -167,45 +169,89 @@ cp_mgmt_service_sctp:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- port=dict(type='str'),
- aggressive_aging=dict(type='dict', options=dict(
- default_timeout=dict(type='int'),
- enable=dict(type='bool'),
- timeout=dict(type='int'),
- use_default_timeout=dict(type='bool')
- )),
- keep_connections_open_after_policy_installation=dict(type='bool'),
- match_for_any=dict(type='bool'),
- session_timeout=dict(type='int'),
- source_port=dict(type='str'),
- sync_connections_on_cluster=dict(type='bool'),
- tags=dict(type='list', elements='str'),
- use_default_session_timeout=dict(type='bool'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- groups=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ port=dict(type="str"),
+ aggressive_aging=dict(
+ type="dict",
+ options=dict(
+ default_timeout=dict(type="int"),
+ enable=dict(type="bool"),
+ timeout=dict(type="int"),
+ use_default_timeout=dict(type="bool"),
+ ),
+ ),
+ keep_connections_open_after_policy_installation=dict(type="bool"),
+ match_for_any=dict(type="bool"),
+ session_timeout=dict(type="int"),
+ source_port=dict(type="str"),
+ sync_connections_on_cluster=dict(type="bool"),
+ tags=dict(type="list", elements="str"),
+ use_default_session_timeout=dict(type="bool"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ groups=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'service-sctp'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "service-sctp"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_sctp_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_sctp_facts.py
index 852aacff5..5e5a9c102 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_sctp_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_sctp_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -102,31 +104,42 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- show_membership=dict(type='bool')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ show_membership=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "service-sctp"
api_call_object_plural_version = "services-sctp"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_tcp.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_tcp.py
index 91b032b05..de251efd2 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_tcp.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_tcp.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -184,48 +186,92 @@ cp_mgmt_service_tcp:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- aggressive_aging=dict(type='dict', options=dict(
- default_timeout=dict(type='int'),
- enable=dict(type='bool'),
- timeout=dict(type='int'),
- use_default_timeout=dict(type='bool')
- )),
- keep_connections_open_after_policy_installation=dict(type='bool'),
- match_by_protocol_signature=dict(type='bool'),
- match_for_any=dict(type='bool'),
- override_default_settings=dict(type='bool'),
- port=dict(type='str'),
- protocol=dict(type='str'),
- session_timeout=dict(type='int'),
- source_port=dict(type='str'),
- sync_connections_on_cluster=dict(type='bool'),
- tags=dict(type='list', elements='str'),
- use_default_session_timeout=dict(type='bool'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- groups=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ aggressive_aging=dict(
+ type="dict",
+ options=dict(
+ default_timeout=dict(type="int"),
+ enable=dict(type="bool"),
+ timeout=dict(type="int"),
+ use_default_timeout=dict(type="bool"),
+ ),
+ ),
+ keep_connections_open_after_policy_installation=dict(type="bool"),
+ match_by_protocol_signature=dict(type="bool"),
+ match_for_any=dict(type="bool"),
+ override_default_settings=dict(type="bool"),
+ port=dict(type="str"),
+ protocol=dict(type="str"),
+ session_timeout=dict(type="int"),
+ source_port=dict(type="str"),
+ sync_connections_on_cluster=dict(type="bool"),
+ tags=dict(type="list", elements="str"),
+ use_default_session_timeout=dict(type="bool"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ groups=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'service-tcp'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "service-tcp"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_tcp_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_tcp_facts.py
index 55e0c16d9..a9dc3e4ec 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_tcp_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_tcp_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -102,31 +104,42 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- show_membership=dict(type='bool')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ show_membership=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "service-tcp"
api_call_object_plural_version = "services-tcp"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_udp.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_udp.py
index 31558754b..cb90ec034 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_udp.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_udp.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -190,49 +192,93 @@ cp_mgmt_service_udp:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- accept_replies=dict(type='bool'),
- aggressive_aging=dict(type='dict', options=dict(
- default_timeout=dict(type='int'),
- enable=dict(type='bool'),
- timeout=dict(type='int'),
- use_default_timeout=dict(type='bool')
- )),
- keep_connections_open_after_policy_installation=dict(type='bool'),
- match_by_protocol_signature=dict(type='bool'),
- match_for_any=dict(type='bool'),
- override_default_settings=dict(type='bool'),
- port=dict(type='str'),
- protocol=dict(type='str'),
- session_timeout=dict(type='int'),
- source_port=dict(type='str'),
- sync_connections_on_cluster=dict(type='bool'),
- tags=dict(type='list', elements='str'),
- use_default_session_timeout=dict(type='bool'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- groups=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ accept_replies=dict(type="bool"),
+ aggressive_aging=dict(
+ type="dict",
+ options=dict(
+ default_timeout=dict(type="int"),
+ enable=dict(type="bool"),
+ timeout=dict(type="int"),
+ use_default_timeout=dict(type="bool"),
+ ),
+ ),
+ keep_connections_open_after_policy_installation=dict(type="bool"),
+ match_by_protocol_signature=dict(type="bool"),
+ match_for_any=dict(type="bool"),
+ override_default_settings=dict(type="bool"),
+ port=dict(type="str"),
+ protocol=dict(type="str"),
+ session_timeout=dict(type="int"),
+ source_port=dict(type="str"),
+ sync_connections_on_cluster=dict(type="bool"),
+ tags=dict(type="list", elements="str"),
+ use_default_session_timeout=dict(type="bool"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ groups=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'service-udp'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "service-udp"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_udp_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_udp_facts.py
index 1668739ab..14e0ea178 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_udp_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_service_udp_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -102,31 +104,42 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- show_membership=dict(type='bool')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ show_membership=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "service-udp"
api_call_object_plural_version = "services-udp"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_session_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_session_facts.py
index 9b64722da..67ea673f2 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_session_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_session_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -96,30 +98,41 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- view_published_sessions=dict(type='bool'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full'])
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ view_published_sessions=dict(type="bool"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "session"
api_call_object_plural_version = "sessions"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_api_settings.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_api_settings.py
new file mode 100644
index 000000000..127eedb57
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_api_settings.py
@@ -0,0 +1,78 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_set_api_settings
+short_description: Edit API settings, the changes will be applied after publish followed by running 'api restart' command.
+description:
+ - Edit API settings, the changes will be applied after publish followed by running 'api restart' command.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ accepted_api_calls_from:
+ description:
+ - Clients allowed to connect to the API Server.
+ type: str
+ choices: ['management server only', 'all ip addresses that can be used for gui clients', 'all ip addresses']
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: set-api-settings
+ cp_mgmt_set_api_settings:
+ accepted_api_calls_from: 'all ip addresses'
+"""
+
+RETURN = """
+cp_mgmt_set_api_settings:
+ description: The checkpoint set-api-settings output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ accepted_api_calls_from=dict(type='str', choices=['management server only', 'all ip addresses that can be used for gui clients', 'all ip addresses'])
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "set-api-settings"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_cloud_services.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_cloud_services.py
new file mode 100644
index 000000000..f182e4cf5
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_cloud_services.py
@@ -0,0 +1,114 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_set_cloud_services
+short_description: Set the connection settings between the Management Server and Check Point's Infinity Portal.
+description:
+ - Set the connection settings between the Management Server and Check Point's Infinity Portal.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ gateways_onboarding_settings:
+ description:
+ - Gateways on-boarding to Infinity Portal settings.
+ type: dict
+ suboptions:
+ connection_method:
+ description:
+ - Indicate whether Gateways will be connected to Infinity Portal automatically or only after policy installation.
+ type: str
+ choices: ['automatically', 'after install policy']
+ participant_gateways:
+ description:
+ - Which Gateways will be connected to Infinity Portal.
+ type: str
+ choices: ['all', 'specific']
+ specific_gateways:
+ description:
+ - Selection of targets identified by the name or UID which will be on-boarded to the cloud. Configuration will be applied only when
+ "participant-gateways" field is set to "specific".
+ type: list
+ elements: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ status:
+ description:
+ - Connection status.
+ type: str
+ choices: ['connected', 'disabled']
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: set-cloud-services
+ cp_mgmt_set_cloud_services:
+ gateways_onboarding_settings:
+ connection_method: after install policy
+ participant_gateways: specific
+ specific_gateways: gw1
+"""
+
+RETURN = """
+cp_mgmt_set_cloud_services:
+ description: The checkpoint set-cloud-services output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ gateways_onboarding_settings=dict(type='dict', options=dict(
+ connection_method=dict(type='str', choices=['automatically', 'after install policy']),
+ participant_gateways=dict(type='str', choices=['all', 'specific']),
+ specific_gateways=dict(type='list', elements='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full'])
+ )),
+ status=dict(type='str', choices=['connected', 'disabled'])
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "set-cloud-services"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_domain.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_domain.py
index 186bc4b2d..e9205b647 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_domain.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_domain.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -139,43 +141,92 @@ cp_mgmt_domain:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- servers=dict(type='dict', options=dict(
- add=dict(type='list', elements='dict', options=dict(
- name=dict(type='str'),
- ip_address=dict(type='str'),
- ipv4_address=dict(type='str'),
- ipv6_address=dict(type='str'),
- multi_domain_server=dict(type='str'),
- skip_start_domain_server=dict(type='bool'),
- type=dict(type='str', choices=['management server', 'log server', 'smc'])
- )),
- remove=dict(type='list', elements='str')
- )),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool'),
- tags=dict(type='list', elements='str')
+ name=dict(type="str", required=True),
+ servers=dict(
+ type="dict",
+ options=dict(
+ add=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ name=dict(type="str"),
+ ip_address=dict(type="str"),
+ ipv4_address=dict(type="str"),
+ ipv6_address=dict(type="str"),
+ multi_domain_server=dict(type="str"),
+ skip_start_domain_server=dict(type="bool"),
+ type=dict(
+ type="str",
+ choices=["management server", "log server", "smc"],
+ ),
+ ),
+ ),
+ remove=dict(type="list", elements="str"),
+ ),
+ ),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
+ tags=dict(type="list", elements="str"),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
module = AnsibleModule(argument_spec=argument_spec)
- command = 'set-domain'
+ command = "set-domain"
result = api_command(module, command)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_global_domain.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_global_domain.py
new file mode 100644
index 000000000..95a787d26
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_global_domain.py
@@ -0,0 +1,143 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_set_global_domain
+short_description: Edit Global domain object using domain name or UID.
+description:
+ - Edit Global domain object using domain name or UID. When the list of Multi Domain Server is edited, the command is handled asynchronously. A list of
+ task identifiers is returned to a user. In this case, the changes to the Global domain object are done in a public session and so should not be published.
+ If the domain is changed in other parameters than the Multi Domain Servers, i.e. comments, color or tags, such changes are done in the user's private
+ session and therefore should be published. In this case, the returned command output is similar to the one of 'show-global-domain'.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ type: str
+ servers:
+ description:
+ - Multi Domain Servers. When the field is provided, 'set-global-domain' command is executed asynchronously.
+ type: dict
+ suboptions:
+ add:
+ description:
+ - Adds to collection of values
+ type: list
+ elements: str
+ remove:
+ description:
+ - Removes from collection of values
+ type: list
+ elements: str
+ tags:
+ description:
+ - Collection of tag identifiers. Note, The list of tags can not be modified in a single command together with the domain servers. To modify
+ tags, please use the separate 'set-global-domain' command, without providing the list of domain servers.
+ type: list
+ elements: str
+ color:
+ description:
+ - Color of the object. Should be one of existing colors.
+ type: str
+ choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green',
+ 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon',
+ 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow']
+ comments:
+ description:
+ - Comments string.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ ignore_warnings:
+ description:
+ - Apply changes ignoring warnings.
+ type: bool
+ ignore_errors:
+ description:
+ - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+ type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: set-global-domain
+ cp_mgmt_set_global_domain:
+ name: Global
+ tags:
+ - tag1
+ comments: "This is a Global domain"
+"""
+
+RETURN = """
+cp_mgmt_set_global_domain:
+ description: The checkpoint set-global-domain output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ servers=dict(type='dict', options=dict(
+ add=dict(type='list', elements='str'),
+ remove=dict(type='list', elements='str')
+ )),
+ tags=dict(type='list', elements='str'),
+ color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
+ 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
+ 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
+ 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
+ 'yellow']),
+ comments=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ ignore_warnings=dict(type='bool'),
+ ignore_errors=dict(type='bool')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "set-global-domain"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_global_properties.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_global_properties.py
index 12549bb8c..41740c9fd 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_global_properties.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_global_properties.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -1624,7 +1626,6 @@ EXAMPLES = """
logical_name: unique logical name
port: 8080
reauthentication: post request
- state: present
"""
RETURN = """
@@ -1635,400 +1636,987 @@ cp_mgmt_set_global_properties:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- firewall=dict(type='dict', options=dict(
- accept_control_connections=dict(type='bool'),
- accept_ips1_management_connections=dict(type='bool'),
- accept_remote_access_control_connections=dict(type='bool'),
- accept_smart_update_connections=dict(type='bool'),
- accept_outgoing_packets_originating_from_gw=dict(type='bool'),
- accept_outgoing_packets_originating_from_gw_position=dict(type='str', choices=['first', 'last', 'before last']),
- accept_outgoing_packets_originating_from_connectra_gw=dict(type='bool'),
- accept_outgoing_packets_to_cp_online_services=dict(type='bool'),
- accept_outgoing_packets_to_cp_online_services_position=dict(type='str', choices=['first', 'last', 'before last']),
- accept_domain_name_over_tcp=dict(type='bool'),
- accept_domain_name_over_tcp_position=dict(type='str', choices=['first', 'last', 'before last']),
- accept_domain_name_over_udp=dict(type='bool'),
- accept_domain_name_over_udp_position=dict(type='str', choices=['first', 'last', 'before last']),
- accept_dynamic_addr_modules_outgoing_internet_connections=dict(type='bool'),
- accept_icmp_requests=dict(type='bool'),
- accept_icmp_requests_position=dict(type='str', choices=['first', 'last', 'before last']),
- accept_identity_awareness_control_connections=dict(type='bool'),
- accept_identity_awareness_control_connections_position=dict(type='str', choices=['first', 'last', 'before last']),
- accept_incoming_traffic_to_dhcp_and_dns_services_of_gws=dict(type='bool'),
- accept_rip=dict(type='bool'),
- accept_rip_position=dict(type='str', choices=['first', 'last', 'before last']),
- accept_vrrp_packets_originating_from_cluster_members=dict(type='bool'),
- accept_web_and_ssh_connections_for_gw_administration=dict(type='bool'),
- log_implied_rules=dict(type='bool'),
- security_server=dict(type='dict', options=dict(
- client_auth_welcome_file=dict(type='str'),
- ftp_welcome_msg_file=dict(type='str'),
- rlogin_welcome_msg_file=dict(type='str'),
- telnet_welcome_msg_file=dict(type='str'),
- mdq_welcome_msg=dict(type='str'),
- smtp_welcome_msg=dict(type='str'),
- http_next_proxy_host=dict(type='str'),
- http_next_proxy_port=dict(type='int'),
- http_servers=dict(type='list', elements='dict', options=dict(
- logical_name=dict(type='str'),
- host=dict(type='str'),
- port=dict(type='int'),
- reauthentication=dict(type='str', choices=['standard', 'post request', 'every request'])
- )),
- server_for_null_requests=dict(type='str')
- ))
- )),
- nat=dict(type='dict', options=dict(
- allow_bi_directional_nat=dict(type='bool'),
- auto_arp_conf=dict(type='bool'),
- merge_manual_proxy_arp_conf=dict(type='bool'),
- auto_translate_dest_on_client_side=dict(type='bool'),
- manually_translate_dest_on_client_side=dict(type='bool'),
- enable_ip_pool_nat=dict(type='bool'),
- addr_alloc_and_release_track=dict(type='str', choices=['ip allocation log', 'none']),
- addr_exhaustion_track=dict(type='str', choices=['ip exhaustion alert', 'none', 'ip exhaustion log'])
- )),
- authentication=dict(type='dict', options=dict(
- auth_internal_users_with_specific_suffix=dict(type='bool'),
- allowed_suffix_for_internal_users=dict(type='str'),
- max_days_before_expiration_of_non_pulled_user_certificates=dict(type='int'),
- max_client_auth_attempts_before_connection_termination=dict(type='int'),
- max_rlogin_attempts_before_connection_termination=dict(type='int'),
- max_session_auth_attempts_before_connection_termination=dict(type='int'),
- max_telnet_attempts_before_connection_termination=dict(type='int'),
- enable_delayed_auth=dict(type='bool'),
- delay_each_auth_attempt_by=dict(type='int')
- )),
- vpn=dict(type='dict', options=dict(
- vpn_conf_method=dict(type='str', choices=['simplified', 'traditional', 'per policy']),
- domain_name_for_dns_resolving=dict(type='str'),
- enable_backup_gw=dict(type='bool'),
- enable_decrypt_on_accept_for_gw_to_gw_traffic=dict(type='bool'),
- enable_load_distribution_for_mep_conf=dict(type='bool'),
- enable_vpn_directional_match_in_vpn_column=dict(type='bool'),
- grace_period_after_the_crl_is_not_valid=dict(type='int'),
- grace_period_before_the_crl_is_valid=dict(type='int'),
- grace_period_extension_for_secure_remote_secure_client=dict(type='int'),
- support_ike_dos_protection_from_identified_src=dict(type='str', choices=['puzzles', 'stateless', 'none']),
- support_ike_dos_protection_from_unidentified_src=dict(type='str', choices=['puzzles', 'stateless', 'none'])
- )),
- remote_access=dict(type='dict', options=dict(
- enable_back_connections=dict(type='bool'),
- keep_alive_packet_to_gw_interval=dict(type='int'),
- encrypt_dns_traffic=dict(type='bool'),
- simultaneous_login_mode=dict(type='str', choices=['allowonlysinglelogintouser', 'allowseverallogintouser']),
- vpn_authentication_and_encryption=dict(type='dict', options=dict(
- encryption_algorithms=dict(type='dict', options=dict(
- ike=dict(type='dict', options=dict(
- support_encryption_algorithms=dict(type='dict', options=dict(
- tdes=dict(type='bool'),
- aes_128=dict(type='bool'),
- aes_256=dict(type='bool'),
- des=dict(type='bool')
- )),
- use_encryption_algorithm=dict(type='str', choices=['AES-256', 'DES', 'AES-128', 'TDES']),
- support_data_integrity=dict(type='dict', options=dict(
- aes_xcbc=dict(type='bool'),
- md5=dict(type='bool'),
- sha1=dict(type='bool'),
- sha256=dict(type='bool')
- )),
- use_data_integrity=dict(type='str', choices=['aes-xcbc', 'sha256', 'sha1', 'md5']),
- support_diffie_hellman_groups=dict(type='dict', options=dict(
- group1=dict(type='bool'),
- group14=dict(type='bool'),
- group2=dict(type='bool'),
- group5=dict(type='bool')
- )),
- use_diffie_hellman_group=dict(type='str', choices=['group 1', 'group 2', 'group 5', 'group 14'])
- )),
- ipsec=dict(type='dict', options=dict(
- support_encryption_algorithms=dict(type='dict', options=dict(
- tdes=dict(type='bool'),
- aes_128=dict(type='bool'),
- aes_256=dict(type='bool'),
- des=dict(type='bool')
- )),
- use_encryption_algorithm=dict(type='str', choices=['AES-256', 'DES', 'AES-128', 'TDES']),
- support_data_integrity=dict(type='dict', options=dict(
- aes_xcbc=dict(type='bool'),
- md5=dict(type='bool'),
- sha1=dict(type='bool'),
- sha256=dict(type='bool')
- )),
- use_data_integrity=dict(type='str', choices=['aes-xcbc', 'sha1', 'sha256', 'sha384', 'sha512', 'md5']),
- enforce_encryption_alg_and_data_integrity_on_all_users=dict(type='bool')
- ))
- )),
- encryption_method=dict(type='str', choices=['prefer_ikev2_support_ikev1', 'ike_v2_only', 'ike_v1_only']),
- pre_shared_secret=dict(type='bool'),
- support_legacy_auth_for_sc_l2tp_nokia_clients=dict(type='bool'),
- support_legacy_eap=dict(type='bool'),
- support_l2tp_with_pre_shared_key=dict(type='bool'),
- l2tp_pre_shared_key=dict(type='str', no_log=True)
- )),
- vpn_advanced=dict(type='dict', options=dict(
- allow_clear_traffic_to_encryption_domain_when_disconnected=dict(type='bool'),
- enable_load_distribution_for_mep_conf=dict(type='bool'),
- use_first_allocated_om_ip_addr_for_all_conn_to_the_gws_of_the_site=dict(type='bool')
- )),
- scv=dict(type='dict', options=dict(
- apply_scv_on_simplified_mode_fw_policies=dict(type='bool'),
- exceptions=dict(type='list', elements='dict', options=dict(
- hosts=dict(type='list', elements='str'),
- services=dict(type='list', elements='str')
- )),
- no_scv_for_unsupported_cp_clients=dict(type='bool'),
- upon_verification_accept_and_log_client_connection=dict(type='bool'),
- only_tcp_ip_protocols_are_used=dict(type='bool'),
- policy_installed_on_all_interfaces=dict(type='bool'),
- generate_log=dict(type='bool'),
- notify_user=dict(type='bool')
- )),
- ssl_network_extender=dict(type='dict', options=dict(
- user_auth_method=dict(type='str', choices=['certificate_with_enrollment', 'certificate', 'mixed', 'legacy']),
- supported_encryption_methods=dict(type='str', choices=['3des_or_rc4', '3des_only']),
- client_upgrade_upon_connection=dict(type='str', choices=['force_upgrade', 'ask_user', 'no_upgrade']),
- client_uninstall_upon_disconnection=dict(type='str', choices=['force_uninstall', 'ask_user', 'dont_uninstall']),
- re_auth_user_interval=dict(type='int'),
- scan_ep_machine_for_compliance_with_ep_compliance_policy=dict(type='bool'),
- client_outgoing_keep_alive_packets_frequency=dict(type='int')
- )),
- secure_client_mobile=dict(type='dict', options=dict(
- user_auth_method=dict(type='str', choices=['certificate_with_enrollment', 'certificate', 'mixed', 'legacy']),
- enable_password_caching=dict(type='str', choices=['client_decide', 'true', 'false']),
- cache_password_timeout=dict(type='int'),
- re_auth_user_interval=dict(type='int'),
- connect_mode=dict(type='str', choices=['manual', 'always connected', 'on application request', 'configured on endpoint client']),
- automatically_initiate_dialup=dict(type='str', choices=['client_decide', 'true', 'false']),
- disconnect_when_device_is_idle=dict(type='str', choices=['client_decide', 'true', 'false']),
- supported_encryption_methods=dict(type='str', choices=['3des_or_rc4', '3des_only']),
- route_all_traffic_to_gw=dict(type='str', choices=['client_decide', 'true', 'false'])
- )),
- endpoint_connect=dict(type='dict', options=dict(
- enable_password_caching=dict(type='str', choices=['client_decide', 'true', 'false']),
- cache_password_timeout=dict(type='int'),
- re_auth_user_interval=dict(type='int'),
- connect_mode=dict(type='str', choices=['Manual', 'Always Connected', 'Configured On Endpoint Client']),
- network_location_awareness=dict(type='str', choices=['client_decide', 'true', 'false']),
- network_location_awareness_conf=dict(type='dict', options=dict(
- vpn_clients_are_considered_inside_the_internal_network_when_the_client=dict(
- type='str',
- choices=['connects to gw through internal interface',
- 'connects from network or group',
- 'runs on computer with access to active directory domain']),
- network_or_group_of_conn_vpn_client=dict(type='str'),
- consider_wireless_networks_as_external=dict(type='bool'),
- excluded_internal_wireless_networks=dict(type='list', elements='str'),
- consider_undefined_dns_suffixes_as_external=dict(type='bool'),
- dns_suffixes=dict(type='list', elements='str'),
- remember_previously_detected_external_networks=dict(type='bool')
- )),
- disconnect_when_conn_to_network_is_lost=dict(type='str', choices=['client_decide', 'true', 'false']),
- disconnect_when_device_is_idle=dict(type='str', choices=['client_decide', 'true', 'false']),
- route_all_traffic_to_gw=dict(type='str', choices=['client_decide', 'true', 'false']),
- client_upgrade_mode=dict(type='str', choices=['force_upgrade', 'ask_user', 'no_upgrade'])
- )),
- hot_spot_and_hotel_registration=dict(type='dict', options=dict(
- enable_registration=dict(type='bool'),
- local_subnets_access_only=dict(type='bool'),
- registration_timeout=dict(type='int'),
- track_log=dict(type='bool'),
- max_ip_access_during_registration=dict(type='int'),
- ports=dict(type='list', elements='str')
- ))
- )),
- user_directory=dict(type='dict', options=dict(
- enable_password_change_when_user_active_directory_expires=dict(type='bool'),
- cache_size=dict(type='int'),
- enable_password_expiration_configuration=dict(type='bool'),
- password_expires_after=dict(type='int', no_log=False),
- timeout_on_cached_users=dict(type='int'),
- display_user_dn_at_login=dict(type='str', choices=['no display', 'display upon request', 'display']),
- enforce_rules_for_user_mgmt_admins=dict(type='bool'),
- min_password_length=dict(type='int', no_log=False),
- password_must_include_a_digit=dict(type='bool'),
- password_must_include_a_symbol=dict(type='bool'),
- password_must_include_lowercase_char=dict(type='bool'),
- password_must_include_uppercase_char=dict(type='bool')
- )),
- qos=dict(type='dict', options=dict(
- default_weight_of_rule=dict(type='int'),
- max_weight_of_rule=dict(type='int'),
- unit_of_measure=dict(type='str', choices=['bits-per-sec', 'bytes-per-sec', 'kbits-per-sec', 'kbytes-per-sec', 'mbits-per-sec', 'mbytes-per-sec']),
- authenticated_ip_expiration=dict(type='int'),
- non_authenticated_ip_expiration=dict(type='int'),
- unanswered_queried_ip_expiration=dict(type='int')
- )),
- carrier_security=dict(type='dict', options=dict(
- block_gtp_in_gtp=dict(type='bool'),
- enforce_gtp_anti_spoofing=dict(type='bool'),
- produce_extended_logs_on_unmatched_pdus=dict(type='bool'),
- produce_extended_logs_on_unmatched_pdus_position=dict(type='str', choices=['before last', 'last']),
- protocol_violation_track_option=dict(type='str', choices=['none', 'log',
- 'popup alert', 'mail alert', 'snmp trap alert', 'user defined alert no.1',
- 'user defined alert no.2', 'user defined alert no.3']),
- enable_g_pdu_seq_number_check_with_max_deviation=dict(type='bool'),
- g_pdu_seq_number_check_max_deviation=dict(type='int'),
- verify_flow_labels=dict(type='bool'),
- allow_ggsn_replies_from_multiple_interfaces=dict(type='bool'),
- enable_reverse_connections=dict(type='bool'),
- gtp_signaling_rate_limit_sampling_interval=dict(type='int'),
- one_gtp_echo_on_each_path_frequency=dict(type='int'),
- aggressive_aging=dict(type='bool'),
- aggressive_timeout=dict(type='int'),
- memory_activation_threshold=dict(type='int'),
- memory_deactivation_threshold=dict(type='int'),
- tunnel_activation_threshold=dict(type='int'),
- tunnel_deactivation_threshold=dict(type='int')
- )),
- user_accounts=dict(type='dict', options=dict(
- expiration_date_method=dict(type='str', choices=['expire after', 'expire at']),
- expiration_date=dict(type='str'),
- days_until_expiration=dict(type='int'),
- show_accounts_expiration_indication_days_in_advance=dict(type='bool')
- )),
- user_authority=dict(type='dict', options=dict(
- display_web_access_view=dict(type='bool'),
- windows_domains_to_trust=dict(type='str', choices=['selectively', 'all']),
- trust_only_following_windows_domains=dict(type='list', elements='str')
- )),
- connect_control=dict(type='dict', options=dict(
- load_agents_port=dict(type='int'),
- load_measurement_interval=dict(type='int'),
- persistence_server_timeout=dict(type='int'),
- server_availability_check_interval=dict(type='int'),
- server_check_retries=dict(type='int')
- )),
- stateful_inspection=dict(type='dict', options=dict(
- tcp_start_timeout=dict(type='int'),
- tcp_session_timeout=dict(type='int'),
- tcp_end_timeout=dict(type='int'),
- tcp_end_timeout_r8020_gw_and_above=dict(type='int'),
- udp_virtual_session_timeout=dict(type='int'),
- icmp_virtual_session_timeout=dict(type='int'),
- other_ip_protocols_virtual_session_timeout=dict(type='int'),
- sctp_start_timeout=dict(type='int'),
- sctp_session_timeout=dict(type='int'),
- sctp_end_timeout=dict(type='int'),
- accept_stateful_udp_replies_for_unknown_services=dict(type='bool'),
- accept_stateful_icmp_errors=dict(type='bool'),
- accept_stateful_icmp_replies=dict(type='bool'),
- accept_stateful_other_ip_protocols_replies_for_unknown_services=dict(type='bool'),
- drop_out_of_state_tcp_packets=dict(type='bool'),
- log_on_drop_out_of_state_tcp_packets=dict(type='bool'),
- tcp_out_of_state_drop_exceptions=dict(type='list', elements='str'),
- drop_out_of_state_icmp_packets=dict(type='bool'),
- log_on_drop_out_of_state_icmp_packets=dict(type='bool'),
- drop_out_of_state_sctp_packets=dict(type='bool'),
- log_on_drop_out_of_state_sctp_packets=dict(type='bool')
- )),
- log_and_alert=dict(type='dict', options=dict(
- administrative_notifications=dict(type='str', choices=['none', 'log',
- 'popup alert', 'mail alert', 'snmp trap alert', 'user defined alert no.1',
- 'user defined alert no.2', 'user defined alert no.3']),
- connection_matched_by_sam=dict(type='str', choices=['Popup Alert', 'Mail Alert',
- 'SNMP Trap Alert', 'User Defined Alert no.1', 'User Defined Alert no.2',
- 'User Defined Alert no.3']),
- dynamic_object_resolution_failure=dict(type='str', choices=['none', 'log',
- 'popup alert', 'mail alert', 'snmp trap alert', 'user defined alert no.1',
- 'user defined alert no.2', 'user defined alert no.3']),
- ip_options_drop=dict(type='str', choices=['none', 'log', 'popup alert', 'mail alert',
- 'snmp trap alert', 'user defined alert no.1', 'user defined alert no.2', 'user defined alert no.3']),
- packet_is_incorrectly_tagged=dict(type='str', choices=['none', 'log',
- 'popup alert', 'mail alert', 'snmp trap alert', 'user defined alert no.1',
- 'user defined alert no.2', 'user defined alert no.3']),
- packet_tagging_brute_force_attack=dict(type='str', choices=['none', 'log',
- 'popup alert', 'mail alert', 'snmp trap alert', 'user defined alert no.1',
- 'user defined alert no.2', 'user defined alert no.3']),
- sla_violation=dict(type='str', choices=['none', 'log', 'popup alert', 'mail alert',
- 'snmp trap alert', 'user defined alert no.1', 'user defined alert no.2', 'user defined alert no.3']),
- vpn_conf_and_key_exchange_errors=dict(type='str', choices=['none', 'log',
- 'popup alert', 'mail alert', 'snmp trap alert', 'user defined alert no.1',
- 'user defined alert no.2', 'user defined alert no.3']),
- vpn_packet_handling_error=dict(type='str', choices=['none', 'log', 'popup alert',
- 'mail alert', 'snmp trap alert', 'user defined alert no.1', 'user defined alert no.2',
- 'user defined alert no.3']),
- vpn_successful_key_exchange=dict(type='str', choices=['none', 'log',
- 'popup alert', 'mail alert', 'snmp trap alert', 'user defined alert no.1',
- 'user defined alert no.2', 'user defined alert no.3']),
- log_every_authenticated_http_connection=dict(type='bool'),
- log_traffic=dict(type='str', choices=['none', 'log']),
- alerts=dict(type='dict', options=dict(
- send_popup_alert_to_smartview_monitor=dict(type='bool'),
- popup_alert_script=dict(type='str'),
- send_mail_alert_to_smartview_monitor=dict(type='bool'),
- mail_alert_script=dict(type='str'),
- send_snmp_trap_alert_to_smartview_monitor=dict(type='bool'),
- snmp_trap_alert_script=dict(type='str'),
- send_user_defined_alert_num1_to_smartview_monitor=dict(type='bool'),
- user_defined_script_num1=dict(type='str'),
- send_user_defined_alert_num2_to_smartview_monitor=dict(type='bool'),
- user_defined_script_num2=dict(type='str'),
- send_user_defined_alert_num3_to_smartview_monitor=dict(type='bool'),
- user_defined_script_num3=dict(type='str'),
- default_track_option_for_system_alerts=dict(type='str', choices=['Popup Alert', 'Mail Alert', 'SNMP Trap Alert',
- 'User Defined Alert no.1', 'User Defined Alert no.2',
- 'User Defined Alert no.3'])
- )),
- time_settings=dict(type='dict', options=dict(
- excessive_log_grace_period=dict(type='int'),
- logs_resolving_timeout=dict(type='int'),
- status_fetching_interval=dict(type='int'),
- virtual_link_statistics_logging_interval=dict(type='int')
- ))
- )),
- data_access_control=dict(type='dict', options=dict(
- auto_download_important_data=dict(type='bool'),
- auto_download_sw_updates_and_new_features=dict(type='bool'),
- send_anonymous_info=dict(type='bool'),
- share_sensitive_info=dict(type='bool')
- )),
- non_unique_ip_address_ranges=dict(type='list', elements='dict', options=dict(
- address_type=dict(type='str', choices=['IPv4', 'IPv6']),
- first_ipv4_address=dict(type='str'),
- first_ipv6_address=dict(type='str'),
- last_ipv4_address=dict(type='str'),
- last_ipv6_address=dict(type='str')
- )),
- proxy=dict(type='dict', options=dict(
- use_proxy_server=dict(type='bool'),
- proxy_address=dict(type='str'),
- proxy_port=dict(type='int')
- )),
- user_check=dict(type='dict', options=dict(
- preferred_language=dict(type='str', choices=['Afrikaans', 'Albanian', 'Amharic', 'Arabic',
- 'Armenian', 'Basque', 'Belarusian', 'Bosnian', 'Bulgarian', 'Catalan', 'Chinese', 'Croatian', 'Czech',
- 'Danish', 'Dutch', 'English', 'Estonian', 'Finnish', 'French', 'Gaelic', 'Georgian', 'German',
- 'Greek', 'Hebrew', 'Hindi', 'Hungarian', 'Icelandic', 'Indonesian', 'Irish', 'Italian', 'Japanese',
- 'Korean', 'Latvian', 'Lithuanian', 'Macedonia', 'Maltese', 'Nepali', 'Norwegian', 'Polish',
- 'Portuguese', 'Romanian', 'Russian', 'Serbian', 'Slovak', 'Slovenian', 'Sorbian', 'Spanish',
- 'Swahili', 'Swedish', 'Thai', 'Turkish', 'Ukrainian', 'Vietnamese', 'Welsh']),
- send_emails_using_mail_server=dict(type='str')
- )),
- hit_count=dict(type='dict', options=dict(
- enable_hit_count=dict(type='bool'),
- keep_hit_count_data_up_to=dict(type='str', choices=['3 months', '6 months', '1 year', '2 years'])
- )),
- advanced_conf=dict(type='dict', options=dict(
- certs_and_pki=dict(type='dict', options=dict(
- cert_validation_enforce_key_size=dict(type='str', choices=['off', 'alert', 'fail']),
- host_certs_ecdsa_key_size=dict(type='str', choices=['p-256', 'p-384', 'p-521']),
- host_certs_key_size=dict(type='str', choices=['4096', '1024', '2048'])
- ))
- )),
- allow_remote_registration_of_opsec_products=dict(type='bool'),
- num_spoofing_errs_that_trigger_brute_force=dict(type='int'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- domains_to_process=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool'),
- auto_publish_session=dict(type='bool')
+ firewall=dict(
+ type="dict",
+ options=dict(
+ accept_control_connections=dict(type="bool"),
+ accept_ips1_management_connections=dict(type="bool"),
+ accept_remote_access_control_connections=dict(type="bool"),
+ accept_smart_update_connections=dict(type="bool"),
+ accept_outgoing_packets_originating_from_gw=dict(type="bool"),
+ accept_outgoing_packets_originating_from_gw_position=dict(
+ type="str", choices=["first", "last", "before last"]
+ ),
+ accept_outgoing_packets_originating_from_connectra_gw=dict(
+ type="bool"
+ ),
+ accept_outgoing_packets_to_cp_online_services=dict(
+ type="bool"
+ ),
+ accept_outgoing_packets_to_cp_online_services_position=dict(
+ type="str", choices=["first", "last", "before last"]
+ ),
+ accept_domain_name_over_tcp=dict(type="bool"),
+ accept_domain_name_over_tcp_position=dict(
+ type="str", choices=["first", "last", "before last"]
+ ),
+ accept_domain_name_over_udp=dict(type="bool"),
+ accept_domain_name_over_udp_position=dict(
+ type="str", choices=["first", "last", "before last"]
+ ),
+ accept_dynamic_addr_modules_outgoing_internet_connections=dict(
+ type="bool"
+ ),
+ accept_icmp_requests=dict(type="bool"),
+ accept_icmp_requests_position=dict(
+ type="str", choices=["first", "last", "before last"]
+ ),
+ accept_identity_awareness_control_connections=dict(
+ type="bool"
+ ),
+ accept_identity_awareness_control_connections_position=dict(
+ type="str", choices=["first", "last", "before last"]
+ ),
+ accept_incoming_traffic_to_dhcp_and_dns_services_of_gws=dict(
+ type="bool"
+ ),
+ accept_rip=dict(type="bool"),
+ accept_rip_position=dict(
+ type="str", choices=["first", "last", "before last"]
+ ),
+ accept_vrrp_packets_originating_from_cluster_members=dict(
+ type="bool"
+ ),
+ accept_web_and_ssh_connections_for_gw_administration=dict(
+ type="bool"
+ ),
+ log_implied_rules=dict(type="bool"),
+ security_server=dict(
+ type="dict",
+ options=dict(
+ client_auth_welcome_file=dict(type="str"),
+ ftp_welcome_msg_file=dict(type="str"),
+ rlogin_welcome_msg_file=dict(type="str"),
+ telnet_welcome_msg_file=dict(type="str"),
+ mdq_welcome_msg=dict(type="str"),
+ smtp_welcome_msg=dict(type="str"),
+ http_next_proxy_host=dict(type="str"),
+ http_next_proxy_port=dict(type="int"),
+ http_servers=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ logical_name=dict(type="str"),
+ host=dict(type="str"),
+ port=dict(type="int"),
+ reauthentication=dict(
+ type="str",
+ choices=[
+ "standard",
+ "post request",
+ "every request",
+ ],
+ ),
+ ),
+ ),
+ server_for_null_requests=dict(type="str"),
+ ),
+ ),
+ ),
+ ),
+ nat=dict(
+ type="dict",
+ options=dict(
+ allow_bi_directional_nat=dict(type="bool"),
+ auto_arp_conf=dict(type="bool"),
+ merge_manual_proxy_arp_conf=dict(type="bool"),
+ auto_translate_dest_on_client_side=dict(type="bool"),
+ manually_translate_dest_on_client_side=dict(type="bool"),
+ enable_ip_pool_nat=dict(type="bool"),
+ addr_alloc_and_release_track=dict(
+ type="str", choices=["ip allocation log", "none"]
+ ),
+ addr_exhaustion_track=dict(
+ type="str",
+ choices=[
+ "ip exhaustion alert",
+ "none",
+ "ip exhaustion log",
+ ],
+ ),
+ ),
+ ),
+ authentication=dict(
+ type="dict",
+ options=dict(
+ auth_internal_users_with_specific_suffix=dict(type="bool"),
+ allowed_suffix_for_internal_users=dict(type="str"),
+ max_days_before_expiration_of_non_pulled_user_certificates=dict(
+ type="int"
+ ),
+ max_client_auth_attempts_before_connection_termination=dict(
+ type="int"
+ ),
+ max_rlogin_attempts_before_connection_termination=dict(
+ type="int"
+ ),
+ max_session_auth_attempts_before_connection_termination=dict(
+ type="int"
+ ),
+ max_telnet_attempts_before_connection_termination=dict(
+ type="int"
+ ),
+ enable_delayed_auth=dict(type="bool"),
+ delay_each_auth_attempt_by=dict(type="int"),
+ ),
+ ),
+ vpn=dict(
+ type="dict",
+ options=dict(
+ vpn_conf_method=dict(
+ type="str",
+ choices=["simplified", "traditional", "per policy"],
+ ),
+ domain_name_for_dns_resolving=dict(type="str"),
+ enable_backup_gw=dict(type="bool"),
+ enable_decrypt_on_accept_for_gw_to_gw_traffic=dict(
+ type="bool"
+ ),
+ enable_load_distribution_for_mep_conf=dict(type="bool"),
+ enable_vpn_directional_match_in_vpn_column=dict(type="bool"),
+ grace_period_after_the_crl_is_not_valid=dict(type="int"),
+ grace_period_before_the_crl_is_valid=dict(type="int"),
+ grace_period_extension_for_secure_remote_secure_client=dict(
+ type="int"
+ ),
+ support_ike_dos_protection_from_identified_src=dict(
+ type="str", choices=["puzzles", "stateless", "none"]
+ ),
+ support_ike_dos_protection_from_unidentified_src=dict(
+ type="str", choices=["puzzles", "stateless", "none"]
+ ),
+ ),
+ ),
+ remote_access=dict(
+ type="dict",
+ options=dict(
+ enable_back_connections=dict(type="bool"),
+ keep_alive_packet_to_gw_interval=dict(type="int"),
+ encrypt_dns_traffic=dict(type="bool"),
+ simultaneous_login_mode=dict(
+ type="str",
+ choices=[
+ "allowonlysinglelogintouser",
+ "allowseverallogintouser",
+ ],
+ ),
+ vpn_authentication_and_encryption=dict(
+ type="dict",
+ options=dict(
+ encryption_algorithms=dict(
+ type="dict",
+ options=dict(
+ ike=dict(
+ type="dict",
+ options=dict(
+ support_encryption_algorithms=dict(
+ type="dict",
+ options=dict(
+ tdes=dict(type="bool"),
+ aes_128=dict(type="bool"),
+ aes_256=dict(type="bool"),
+ des=dict(type="bool"),
+ ),
+ ),
+ use_encryption_algorithm=dict(
+ type="str",
+ choices=[
+ "AES-256",
+ "DES",
+ "AES-128",
+ "TDES",
+ ],
+ ),
+ support_data_integrity=dict(
+ type="dict",
+ options=dict(
+ aes_xcbc=dict(type="bool"),
+ md5=dict(type="bool"),
+ sha1=dict(type="bool"),
+ sha256=dict(type="bool"),
+ ),
+ ),
+ use_data_integrity=dict(
+ type="str",
+ choices=[
+ "aes-xcbc",
+ "sha256",
+ "sha1",
+ "md5",
+ ],
+ ),
+ support_diffie_hellman_groups=dict(
+ type="dict",
+ options=dict(
+ group1=dict(type="bool"),
+ group14=dict(type="bool"),
+ group2=dict(type="bool"),
+ group5=dict(type="bool"),
+ ),
+ ),
+ use_diffie_hellman_group=dict(
+ type="str",
+ choices=[
+ "group 1",
+ "group 2",
+ "group 5",
+ "group 14",
+ ],
+ ),
+ ),
+ ),
+ ipsec=dict(
+ type="dict",
+ options=dict(
+ support_encryption_algorithms=dict(
+ type="dict",
+ options=dict(
+ tdes=dict(type="bool"),
+ aes_128=dict(type="bool"),
+ aes_256=dict(type="bool"),
+ des=dict(type="bool"),
+ ),
+ ),
+ use_encryption_algorithm=dict(
+ type="str",
+ choices=[
+ "AES-256",
+ "DES",
+ "AES-128",
+ "TDES",
+ ],
+ ),
+ support_data_integrity=dict(
+ type="dict",
+ options=dict(
+ aes_xcbc=dict(type="bool"),
+ md5=dict(type="bool"),
+ sha1=dict(type="bool"),
+ sha256=dict(type="bool"),
+ ),
+ ),
+ use_data_integrity=dict(
+ type="str",
+ choices=[
+ "aes-xcbc",
+ "sha1",
+ "sha256",
+ "sha384",
+ "sha512",
+ "md5",
+ ],
+ ),
+ enforce_encryption_alg_and_data_integrity_on_all_users=dict(
+ type="bool"
+ ),
+ ),
+ ),
+ ),
+ ),
+ encryption_method=dict(
+ type="str",
+ choices=[
+ "prefer_ikev2_support_ikev1",
+ "ike_v2_only",
+ "ike_v1_only",
+ ],
+ ),
+ pre_shared_secret=dict(type="bool"),
+ support_legacy_auth_for_sc_l2tp_nokia_clients=dict(
+ type="bool"
+ ),
+ support_legacy_eap=dict(type="bool"),
+ support_l2tp_with_pre_shared_key=dict(type="bool"),
+ l2tp_pre_shared_key=dict(type="str", no_log=True),
+ ),
+ ),
+ vpn_advanced=dict(
+ type="dict",
+ options=dict(
+ allow_clear_traffic_to_encryption_domain_when_disconnected=dict(
+ type="bool"
+ ),
+ enable_load_distribution_for_mep_conf=dict(
+ type="bool"
+ ),
+ use_first_allocated_om_ip_addr_for_all_conn_to_the_gws_of_the_site=dict(
+ type="bool"
+ ),
+ ),
+ ),
+ scv=dict(
+ type="dict",
+ options=dict(
+ apply_scv_on_simplified_mode_fw_policies=dict(
+ type="bool"
+ ),
+ exceptions=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ hosts=dict(type="list", elements="str"),
+ services=dict(type="list", elements="str"),
+ ),
+ ),
+ no_scv_for_unsupported_cp_clients=dict(type="bool"),
+ upon_verification_accept_and_log_client_connection=dict(
+ type="bool"
+ ),
+ only_tcp_ip_protocols_are_used=dict(type="bool"),
+ policy_installed_on_all_interfaces=dict(type="bool"),
+ generate_log=dict(type="bool"),
+ notify_user=dict(type="bool"),
+ ),
+ ),
+ ssl_network_extender=dict(
+ type="dict",
+ options=dict(
+ user_auth_method=dict(
+ type="str",
+ choices=[
+ "certificate_with_enrollment",
+ "certificate",
+ "mixed",
+ "legacy",
+ ],
+ ),
+ supported_encryption_methods=dict(
+ type="str", choices=["3des_or_rc4", "3des_only"]
+ ),
+ client_upgrade_upon_connection=dict(
+ type="str",
+ choices=[
+ "force_upgrade",
+ "ask_user",
+ "no_upgrade",
+ ],
+ ),
+ client_uninstall_upon_disconnection=dict(
+ type="str",
+ choices=[
+ "force_uninstall",
+ "ask_user",
+ "dont_uninstall",
+ ],
+ ),
+ re_auth_user_interval=dict(type="int"),
+ scan_ep_machine_for_compliance_with_ep_compliance_policy=dict(
+ type="bool"
+ ),
+ client_outgoing_keep_alive_packets_frequency=dict(
+ type="int"
+ ),
+ ),
+ ),
+ secure_client_mobile=dict(
+ type="dict",
+ options=dict(
+ user_auth_method=dict(
+ type="str",
+ choices=[
+ "certificate_with_enrollment",
+ "certificate",
+ "mixed",
+ "legacy",
+ ],
+ ),
+ enable_password_caching=dict(
+ type="str",
+ choices=["client_decide", "true", "false"],
+ ),
+ cache_password_timeout=dict(type="int"),
+ re_auth_user_interval=dict(type="int"),
+ connect_mode=dict(
+ type="str",
+ choices=[
+ "manual",
+ "always connected",
+ "on application request",
+ "configured on endpoint client",
+ ],
+ ),
+ automatically_initiate_dialup=dict(
+ type="str",
+ choices=["client_decide", "true", "false"],
+ ),
+ disconnect_when_device_is_idle=dict(
+ type="str",
+ choices=["client_decide", "true", "false"],
+ ),
+ supported_encryption_methods=dict(
+ type="str", choices=["3des_or_rc4", "3des_only"]
+ ),
+ route_all_traffic_to_gw=dict(
+ type="str",
+ choices=["client_decide", "true", "false"],
+ ),
+ ),
+ ),
+ endpoint_connect=dict(
+ type="dict",
+ options=dict(
+ enable_password_caching=dict(
+ type="str",
+ choices=["client_decide", "true", "false"],
+ ),
+ cache_password_timeout=dict(type="int"),
+ re_auth_user_interval=dict(type="int"),
+ connect_mode=dict(
+ type="str",
+ choices=[
+ "Manual",
+ "Always Connected",
+ "Configured On Endpoint Client",
+ ],
+ ),
+ network_location_awareness=dict(
+ type="str",
+ choices=["client_decide", "true", "false"],
+ ),
+ network_location_awareness_conf=dict(
+ type="dict",
+ options=dict(
+ vpn_clients_are_considered_inside_the_internal_network_when_the_client=dict(
+ type="str",
+ choices=[
+ "connects to gw through internal interface",
+ "connects from network or group",
+ "runs on computer with access to active directory domain",
+ ],
+ ),
+ network_or_group_of_conn_vpn_client=dict(
+ type="str"
+ ),
+ consider_wireless_networks_as_external=dict(
+ type="bool"
+ ),
+ excluded_internal_wireless_networks=dict(
+ type="list", elements="str"
+ ),
+ consider_undefined_dns_suffixes_as_external=dict(
+ type="bool"
+ ),
+ dns_suffixes=dict(type="list", elements="str"),
+ remember_previously_detected_external_networks=dict(
+ type="bool"
+ ),
+ ),
+ ),
+ disconnect_when_conn_to_network_is_lost=dict(
+ type="str",
+ choices=["client_decide", "true", "false"],
+ ),
+ disconnect_when_device_is_idle=dict(
+ type="str",
+ choices=["client_decide", "true", "false"],
+ ),
+ route_all_traffic_to_gw=dict(
+ type="str",
+ choices=["client_decide", "true", "false"],
+ ),
+ client_upgrade_mode=dict(
+ type="str",
+ choices=[
+ "force_upgrade",
+ "ask_user",
+ "no_upgrade",
+ ],
+ ),
+ ),
+ ),
+ hot_spot_and_hotel_registration=dict(
+ type="dict",
+ options=dict(
+ enable_registration=dict(type="bool"),
+ local_subnets_access_only=dict(type="bool"),
+ registration_timeout=dict(type="int"),
+ track_log=dict(type="bool"),
+ max_ip_access_during_registration=dict(type="int"),
+ ports=dict(type="list", elements="str"),
+ ),
+ ),
+ ),
+ ),
+ user_directory=dict(
+ type="dict",
+ options=dict(
+ enable_password_change_when_user_active_directory_expires=dict(
+ type="bool"
+ ),
+ cache_size=dict(type="int"),
+ enable_password_expiration_configuration=dict(type="bool"),
+ password_expires_after=dict(type="int", no_log=False),
+ timeout_on_cached_users=dict(type="int"),
+ display_user_dn_at_login=dict(
+ type="str",
+ choices=["no display", "display upon request", "display"],
+ ),
+ enforce_rules_for_user_mgmt_admins=dict(type="bool"),
+ min_password_length=dict(type="int", no_log=False),
+ password_must_include_a_digit=dict(type="bool"),
+ password_must_include_a_symbol=dict(type="bool"),
+ password_must_include_lowercase_char=dict(type="bool"),
+ password_must_include_uppercase_char=dict(type="bool"),
+ ),
+ ),
+ qos=dict(
+ type="dict",
+ options=dict(
+ default_weight_of_rule=dict(type="int"),
+ max_weight_of_rule=dict(type="int"),
+ unit_of_measure=dict(
+ type="str",
+ choices=[
+ "bits-per-sec",
+ "bytes-per-sec",
+ "kbits-per-sec",
+ "kbytes-per-sec",
+ "mbits-per-sec",
+ "mbytes-per-sec",
+ ],
+ ),
+ authenticated_ip_expiration=dict(type="int"),
+ non_authenticated_ip_expiration=dict(type="int"),
+ unanswered_queried_ip_expiration=dict(type="int"),
+ ),
+ ),
+ carrier_security=dict(
+ type="dict",
+ options=dict(
+ block_gtp_in_gtp=dict(type="bool"),
+ enforce_gtp_anti_spoofing=dict(type="bool"),
+ produce_extended_logs_on_unmatched_pdus=dict(type="bool"),
+ produce_extended_logs_on_unmatched_pdus_position=dict(
+ type="str", choices=["before last", "last"]
+ ),
+ protocol_violation_track_option=dict(
+ type="str",
+ choices=[
+ "none",
+ "log",
+ "popup alert",
+ "mail alert",
+ "snmp trap alert",
+ "user defined alert no.1",
+ "user defined alert no.2",
+ "user defined alert no.3",
+ ],
+ ),
+ enable_g_pdu_seq_number_check_with_max_deviation=dict(
+ type="bool"
+ ),
+ g_pdu_seq_number_check_max_deviation=dict(type="int"),
+ verify_flow_labels=dict(type="bool"),
+ allow_ggsn_replies_from_multiple_interfaces=dict(type="bool"),
+ enable_reverse_connections=dict(type="bool"),
+ gtp_signaling_rate_limit_sampling_interval=dict(type="int"),
+ one_gtp_echo_on_each_path_frequency=dict(type="int"),
+ aggressive_aging=dict(type="bool"),
+ aggressive_timeout=dict(type="int"),
+ memory_activation_threshold=dict(type="int"),
+ memory_deactivation_threshold=dict(type="int"),
+ tunnel_activation_threshold=dict(type="int"),
+ tunnel_deactivation_threshold=dict(type="int"),
+ ),
+ ),
+ user_accounts=dict(
+ type="dict",
+ options=dict(
+ expiration_date_method=dict(
+ type="str", choices=["expire after", "expire at"]
+ ),
+ expiration_date=dict(type="str"),
+ days_until_expiration=dict(type="int"),
+ show_accounts_expiration_indication_days_in_advance=dict(
+ type="bool"
+ ),
+ ),
+ ),
+ user_authority=dict(
+ type="dict",
+ options=dict(
+ display_web_access_view=dict(type="bool"),
+ windows_domains_to_trust=dict(
+ type="str", choices=["selectively", "all"]
+ ),
+ trust_only_following_windows_domains=dict(
+ type="list", elements="str"
+ ),
+ ),
+ ),
+ connect_control=dict(
+ type="dict",
+ options=dict(
+ load_agents_port=dict(type="int"),
+ load_measurement_interval=dict(type="int"),
+ persistence_server_timeout=dict(type="int"),
+ server_availability_check_interval=dict(type="int"),
+ server_check_retries=dict(type="int"),
+ ),
+ ),
+ stateful_inspection=dict(
+ type="dict",
+ options=dict(
+ tcp_start_timeout=dict(type="int"),
+ tcp_session_timeout=dict(type="int"),
+ tcp_end_timeout=dict(type="int"),
+ tcp_end_timeout_r8020_gw_and_above=dict(type="int"),
+ udp_virtual_session_timeout=dict(type="int"),
+ icmp_virtual_session_timeout=dict(type="int"),
+ other_ip_protocols_virtual_session_timeout=dict(type="int"),
+ sctp_start_timeout=dict(type="int"),
+ sctp_session_timeout=dict(type="int"),
+ sctp_end_timeout=dict(type="int"),
+ accept_stateful_udp_replies_for_unknown_services=dict(
+ type="bool"
+ ),
+ accept_stateful_icmp_errors=dict(type="bool"),
+ accept_stateful_icmp_replies=dict(type="bool"),
+ accept_stateful_other_ip_protocols_replies_for_unknown_services=dict(
+ type="bool"
+ ),
+ drop_out_of_state_tcp_packets=dict(type="bool"),
+ log_on_drop_out_of_state_tcp_packets=dict(type="bool"),
+ tcp_out_of_state_drop_exceptions=dict(
+ type="list", elements="str"
+ ),
+ drop_out_of_state_icmp_packets=dict(type="bool"),
+ log_on_drop_out_of_state_icmp_packets=dict(type="bool"),
+ drop_out_of_state_sctp_packets=dict(type="bool"),
+ log_on_drop_out_of_state_sctp_packets=dict(type="bool"),
+ ),
+ ),
+ log_and_alert=dict(
+ type="dict",
+ options=dict(
+ administrative_notifications=dict(
+ type="str",
+ choices=[
+ "none",
+ "log",
+ "popup alert",
+ "mail alert",
+ "snmp trap alert",
+ "user defined alert no.1",
+ "user defined alert no.2",
+ "user defined alert no.3",
+ ],
+ ),
+ connection_matched_by_sam=dict(
+ type="str",
+ choices=[
+ "Popup Alert",
+ "Mail Alert",
+ "SNMP Trap Alert",
+ "User Defined Alert no.1",
+ "User Defined Alert no.2",
+ "User Defined Alert no.3",
+ ],
+ ),
+ dynamic_object_resolution_failure=dict(
+ type="str",
+ choices=[
+ "none",
+ "log",
+ "popup alert",
+ "mail alert",
+ "snmp trap alert",
+ "user defined alert no.1",
+ "user defined alert no.2",
+ "user defined alert no.3",
+ ],
+ ),
+ ip_options_drop=dict(
+ type="str",
+ choices=[
+ "none",
+ "log",
+ "popup alert",
+ "mail alert",
+ "snmp trap alert",
+ "user defined alert no.1",
+ "user defined alert no.2",
+ "user defined alert no.3",
+ ],
+ ),
+ packet_is_incorrectly_tagged=dict(
+ type="str",
+ choices=[
+ "none",
+ "log",
+ "popup alert",
+ "mail alert",
+ "snmp trap alert",
+ "user defined alert no.1",
+ "user defined alert no.2",
+ "user defined alert no.3",
+ ],
+ ),
+ packet_tagging_brute_force_attack=dict(
+ type="str",
+ choices=[
+ "none",
+ "log",
+ "popup alert",
+ "mail alert",
+ "snmp trap alert",
+ "user defined alert no.1",
+ "user defined alert no.2",
+ "user defined alert no.3",
+ ],
+ ),
+ sla_violation=dict(
+ type="str",
+ choices=[
+ "none",
+ "log",
+ "popup alert",
+ "mail alert",
+ "snmp trap alert",
+ "user defined alert no.1",
+ "user defined alert no.2",
+ "user defined alert no.3",
+ ],
+ ),
+ vpn_conf_and_key_exchange_errors=dict(
+ type="str",
+ choices=[
+ "none",
+ "log",
+ "popup alert",
+ "mail alert",
+ "snmp trap alert",
+ "user defined alert no.1",
+ "user defined alert no.2",
+ "user defined alert no.3",
+ ],
+ ),
+ vpn_packet_handling_error=dict(
+ type="str",
+ choices=[
+ "none",
+ "log",
+ "popup alert",
+ "mail alert",
+ "snmp trap alert",
+ "user defined alert no.1",
+ "user defined alert no.2",
+ "user defined alert no.3",
+ ],
+ ),
+ vpn_successful_key_exchange=dict(
+ type="str",
+ choices=[
+ "none",
+ "log",
+ "popup alert",
+ "mail alert",
+ "snmp trap alert",
+ "user defined alert no.1",
+ "user defined alert no.2",
+ "user defined alert no.3",
+ ],
+ ),
+ log_every_authenticated_http_connection=dict(type="bool"),
+ log_traffic=dict(type="str", choices=["none", "log"]),
+ alerts=dict(
+ type="dict",
+ options=dict(
+ send_popup_alert_to_smartview_monitor=dict(
+ type="bool"
+ ),
+ popup_alert_script=dict(type="str"),
+ send_mail_alert_to_smartview_monitor=dict(type="bool"),
+ mail_alert_script=dict(type="str"),
+ send_snmp_trap_alert_to_smartview_monitor=dict(
+ type="bool"
+ ),
+ snmp_trap_alert_script=dict(type="str"),
+ send_user_defined_alert_num1_to_smartview_monitor=dict(
+ type="bool"
+ ),
+ user_defined_script_num1=dict(type="str"),
+ send_user_defined_alert_num2_to_smartview_monitor=dict(
+ type="bool"
+ ),
+ user_defined_script_num2=dict(type="str"),
+ send_user_defined_alert_num3_to_smartview_monitor=dict(
+ type="bool"
+ ),
+ user_defined_script_num3=dict(type="str"),
+ default_track_option_for_system_alerts=dict(
+ type="str",
+ choices=[
+ "Popup Alert",
+ "Mail Alert",
+ "SNMP Trap Alert",
+ "User Defined Alert no.1",
+ "User Defined Alert no.2",
+ "User Defined Alert no.3",
+ ],
+ ),
+ ),
+ ),
+ time_settings=dict(
+ type="dict",
+ options=dict(
+ excessive_log_grace_period=dict(type="int"),
+ logs_resolving_timeout=dict(type="int"),
+ status_fetching_interval=dict(type="int"),
+ virtual_link_statistics_logging_interval=dict(
+ type="int"
+ ),
+ ),
+ ),
+ ),
+ ),
+ data_access_control=dict(
+ type="dict",
+ options=dict(
+ auto_download_important_data=dict(type="bool"),
+ auto_download_sw_updates_and_new_features=dict(type="bool"),
+ send_anonymous_info=dict(type="bool"),
+ share_sensitive_info=dict(type="bool"),
+ ),
+ ),
+ non_unique_ip_address_ranges=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ address_type=dict(type="str", choices=["IPv4", "IPv6"]),
+ first_ipv4_address=dict(type="str"),
+ first_ipv6_address=dict(type="str"),
+ last_ipv4_address=dict(type="str"),
+ last_ipv6_address=dict(type="str"),
+ ),
+ ),
+ proxy=dict(
+ type="dict",
+ options=dict(
+ use_proxy_server=dict(type="bool"),
+ proxy_address=dict(type="str"),
+ proxy_port=dict(type="int"),
+ ),
+ ),
+ user_check=dict(
+ type="dict",
+ options=dict(
+ preferred_language=dict(
+ type="str",
+ choices=[
+ "Afrikaans",
+ "Albanian",
+ "Amharic",
+ "Arabic",
+ "Armenian",
+ "Basque",
+ "Belarusian",
+ "Bosnian",
+ "Bulgarian",
+ "Catalan",
+ "Chinese",
+ "Croatian",
+ "Czech",
+ "Danish",
+ "Dutch",
+ "English",
+ "Estonian",
+ "Finnish",
+ "French",
+ "Gaelic",
+ "Georgian",
+ "German",
+ "Greek",
+ "Hebrew",
+ "Hindi",
+ "Hungarian",
+ "Icelandic",
+ "Indonesian",
+ "Irish",
+ "Italian",
+ "Japanese",
+ "Korean",
+ "Latvian",
+ "Lithuanian",
+ "Macedonia",
+ "Maltese",
+ "Nepali",
+ "Norwegian",
+ "Polish",
+ "Portuguese",
+ "Romanian",
+ "Russian",
+ "Serbian",
+ "Slovak",
+ "Slovenian",
+ "Sorbian",
+ "Spanish",
+ "Swahili",
+ "Swedish",
+ "Thai",
+ "Turkish",
+ "Ukrainian",
+ "Vietnamese",
+ "Welsh",
+ ],
+ ),
+ send_emails_using_mail_server=dict(type="str"),
+ ),
+ ),
+ hit_count=dict(
+ type="dict",
+ options=dict(
+ enable_hit_count=dict(type="bool"),
+ keep_hit_count_data_up_to=dict(
+ type="str",
+ choices=["3 months", "6 months", "1 year", "2 years"],
+ ),
+ ),
+ ),
+ advanced_conf=dict(
+ type="dict",
+ options=dict(
+ certs_and_pki=dict(
+ type="dict",
+ options=dict(
+ cert_validation_enforce_key_size=dict(
+ type="str", choices=["off", "alert", "fail"]
+ ),
+ host_certs_ecdsa_key_size=dict(
+ type="str", choices=["p-256", "p-384", "p-521"]
+ ),
+ host_certs_key_size=dict(
+ type="str", choices=["4096", "1024", "2048"]
+ ),
+ ),
+ )
+ ),
+ ),
+ allow_remote_registration_of_opsec_products=dict(type="bool"),
+ num_spoofing_errs_that_trigger_brute_force=dict(type="int"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ domains_to_process=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
+ auto_publish_session=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -2040,5 +2628,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_ha_state.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_ha_state.py
new file mode 100644
index 000000000..a0889076f
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_ha_state.py
@@ -0,0 +1,84 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_set_ha_state
+short_description: Switch domain server high availability state.
+description:
+ - Switch domain server high availability state. </br>After switching domain server to standby state, the session expires and you need to login again.
+ <br/>You can run this command from a user or global domain on Multi Domain Server and from the user domain on Security Management Server.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ new_state:
+ description:
+ - Domain server new state.
+ type: str
+ choices: ['active', 'standby']
+ ignore_errors:
+ description:
+ - Apply changes ignoring errors.
+ type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: set-ha-state
+ cp_mgmt_set_ha_state:
+ new_state: active
+"""
+
+RETURN = """
+cp_mgmt_set_ha_state:
+ description: The checkpoint set-ha-state output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ new_state=dict(type='str', choices=['active', 'standby']),
+ ignore_errors=dict(type='bool')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "set-ha-state"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_idp_default_assignment.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_idp_default_assignment.py
index c8b74f7f7..00aed9d8b 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_idp_default_assignment.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_idp_default_assignment.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -75,16 +77,19 @@ cp_mgmt_set_idp_default_assignment:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- identity_provider=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool'),
- auto_publish_session=dict(type='bool')
+ identity_provider=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
+ auto_publish_session=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -96,5 +101,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_idp_to_domain_assignment.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_idp_to_domain_assignment.py
index b14aca799..0de52a2cc 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_idp_to_domain_assignment.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_idp_to_domain_assignment.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -85,18 +87,21 @@ cp_mgmt_set_idp_to_domain_assignment:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- assigned_domain=dict(type='str'),
- identity_provider=dict(type='str'),
- using_default=dict(type='bool'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool'),
- auto_publish_session=dict(type='bool')
+ assigned_domain=dict(type="str"),
+ identity_provider=dict(type="str"),
+ using_default=dict(type="bool"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
+ auto_publish_session=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -108,5 +113,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_ips_update_schedule.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_ips_update_schedule.py
new file mode 100644
index 000000000..298d5f657
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_ips_update_schedule.py
@@ -0,0 +1,114 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_set_ips_update_schedule
+short_description: Edit IPS Update Schedule.
+description:
+ - Edit IPS Update Schedule.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ enabled:
+ description:
+ - Enable/Disable IPS Update Schedule.
+ type: bool
+ time:
+ description:
+ - Time in format HH,mm.
+ type: str
+ recurrence:
+ description:
+ - Days recurrence.
+ type: dict
+ suboptions:
+ days:
+ description:
+ - Valid on specific days. Multiple options, support range of days in months. Example,["1","3","9-20"].
+ type: list
+ elements: str
+ minutes:
+ description:
+ - Valid on interval. The length of time in minutes between updates.
+ type: int
+ pattern:
+ description:
+ - Valid on "Interval", "Daily", "Weekly", "Monthly" base.
+ type: str
+ weekdays:
+ description:
+ - Valid on weekdays. Example, "Sun", "Mon"..."Sat".
+ type: list
+ elements: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: set-ips-update-schedule
+ cp_mgmt_set_ips_update_schedule:
+ enabled: true
+ recurrence:
+ minutes: 121
+ pattern: interval
+"""
+
+RETURN = """
+cp_mgmt_set_ips_update_schedule:
+ description: The checkpoint set-ips-update-schedule output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ enabled=dict(type='bool'),
+ time=dict(type='str'),
+ recurrence=dict(type='dict', options=dict(
+ days=dict(type='list', elements='str'),
+ minutes=dict(type='int'),
+ pattern=dict(type='str'),
+ weekdays=dict(type='list', elements='str')
+ ))
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "set-ips-update-schedule"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_login_message.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_login_message.py
new file mode 100644
index 000000000..8be27eeb3
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_login_message.py
@@ -0,0 +1,102 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_set_login_message
+short_description: Edit Login message.
+description:
+ - Edit Login message.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ header:
+ description:
+ - Login message header.
+ type: str
+ login_message:
+ description:
+ - Login message body.
+ type: str
+ show_message:
+ description:
+ - Whether to show login message.
+ type: bool
+ warning:
+ description:
+ - Add warning sign.
+ type: bool
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: set-login-message
+ cp_mgmt_set_login_message:
+ header: Warning
+ login_message: Unauthorized access of this server is prohibited and punished by law
+ show_message: 'true'
+ warning: 'true'
+"""
+
+RETURN = """
+cp_mgmt_set_login_message:
+ description: The checkpoint set-login-message output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ header=dict(type='str'),
+ login_message=dict(type='str'),
+ show_message=dict(type='bool'),
+ warning=dict(type='bool'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full'])
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "set-login-message"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_nat_rule.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_nat_rule.py
index 01832640e..60204a8a9 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_nat_rule.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_nat_rule.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["deprecated"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -34,6 +36,10 @@ description:
- All operations are performed over Web Services API.
version_added: "2.0.0"
author: "Or Soffer (@chkp-orso)"
+deprecated:
+ alternative: cp_mgmt_nat_rule
+ why: Newer and updated module released with more functionality.
+ removed_at_date: '2024-11-01'
options:
rule_number:
description:
@@ -114,7 +120,6 @@ EXAMPLES = """
original_service: ssh_version_2
original_source: Any
package: standard
- state: present
"""
RETURN = """
@@ -125,27 +130,30 @@ cp_mgmt_set_nat_rule:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- rule_number=dict(type='str'),
- package=dict(type='str'),
- enabled=dict(type='bool'),
- install_on=dict(type='list', elements='str'),
- method=dict(type='str', choices=['static', 'hide', 'nat64', 'nat46']),
- new_position=dict(type='str'),
- original_destination=dict(type='str'),
- original_service=dict(type='str'),
- original_source=dict(type='str'),
- translated_destination=dict(type='str'),
- translated_service=dict(type='str'),
- translated_source=dict(type='str'),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ rule_number=dict(type="str"),
+ package=dict(type="str"),
+ enabled=dict(type="bool"),
+ install_on=dict(type="list", elements="str"),
+ method=dict(type="str", choices=["static", "hide", "nat64", "nat46"]),
+ new_position=dict(type="str"),
+ original_destination=dict(type="str"),
+ original_service=dict(type="str"),
+ original_source=dict(type="str"),
+ translated_destination=dict(type="str"),
+ translated_service=dict(type="str"),
+ translated_source=dict(type="str"),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -157,5 +165,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_policy_settings.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_policy_settings.py
new file mode 100644
index 000000000..ee7ca8e03
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_policy_settings.py
@@ -0,0 +1,111 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_set_policy_settings
+short_description: Edit Policy settings, the changes will be applied after publish.
+description:
+ - Edit Policy settings, the changes will be applied after publish.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ last_in_cell:
+ description:
+ - Added object after removing the last object in cell.
+ type: str
+ choices: ['none', 'restore to default']
+ none_object_behavior:
+ description:
+ - a 'None' object behavior. Rules with object 'None' will never be matched.
+ type: str
+ choices: ['warning', 'error', 'none']
+ security_access_defaults:
+ description:
+ - Access Policy default values.
+ type: dict
+ suboptions:
+ destination:
+ description:
+ - Destination default value for new rule creation. Any or None.
+ type: str
+ service:
+ description:
+ - Service and Applications default value for new rule creation. Any or None.
+ type: str
+ source:
+ description:
+ - Source default value for new rule creation. Any or None.
+ type: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: set-policy-settings
+ cp_mgmt_set_policy_settings:
+ last_in_cell: any
+ none_object_behavior: none
+ security_access_defaults:
+ destination: any
+ service: any
+ source: any
+"""
+
+RETURN = """
+cp_mgmt_set_policy_settings:
+ description: The checkpoint set-policy-settings output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ last_in_cell=dict(type='str', choices=['none', 'restore to default']),
+ none_object_behavior=dict(type='str', choices=['warning', 'error', 'none']),
+ security_access_defaults=dict(type='dict', options=dict(
+ destination=dict(type='str'),
+ service=dict(type='str'),
+ source=dict(type='str')
+ ))
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "set-policy-settings"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_session.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_session.py
index 9979860b2..b47f4c280 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_session.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_session.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -80,7 +82,6 @@ EXAMPLES = """
- name: set-session
cp_mgmt_set_session:
description: Session to work on ticket number CR00323665
- state: present
"""
RETURN = """
@@ -91,23 +92,62 @@ cp_mgmt_set_session:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- description=dict(type='str'),
- new_name=dict(type='str'),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ description=dict(type="str"),
+ new_name=dict(type="str"),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -119,5 +159,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_threat_advanced_settings.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_threat_advanced_settings.py
index 15258f900..b1e3702fb 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_threat_advanced_settings.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_threat_advanced_settings.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -111,7 +113,6 @@ EXAMPLES = """
log_unification_timeout: 600
resource_classification.mode: hold
resource_classification.web_service_fail_mode: block connections
- state: present
"""
RETURN = """
@@ -122,27 +123,49 @@ cp_mgmt_set_threat_advanced_settings:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- feed_retrieving_interval=dict(type='str'),
- httpi_non_standard_ports=dict(type='bool'),
- internal_error_fail_mode=dict(type='str', choices=['allow connections', 'block connections']),
- log_unification_timeout=dict(type='int'),
- resource_classification=dict(type='dict', options=dict(
- custom_settings=dict(type='dict', options=dict(
- anti_bot=dict(type='str', choices=['background', 'hold']),
- anti_virus=dict(type='str', choices=['background', 'hold']),
- zero_phishing=dict(type='str', choices=['background', 'hold'])
- )),
- mode=dict(type='str', choices=['background', 'hold', 'custom']),
- web_service_fail_mode=dict(type='str', choices=['allow connections', 'block connections'])
- )),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool'),
- auto_publish_session=dict(type='bool')
+ feed_retrieving_interval=dict(type="str"),
+ httpi_non_standard_ports=dict(type="bool"),
+ internal_error_fail_mode=dict(
+ type="str", choices=["allow connections", "block connections"]
+ ),
+ log_unification_timeout=dict(type="int"),
+ resource_classification=dict(
+ type="dict",
+ options=dict(
+ custom_settings=dict(
+ type="dict",
+ options=dict(
+ anti_bot=dict(
+ type="str", choices=["background", "hold"]
+ ),
+ anti_virus=dict(
+ type="str", choices=["background", "hold"]
+ ),
+ zero_phishing=dict(
+ type="str", choices=["background", "hold"]
+ ),
+ ),
+ ),
+ mode=dict(
+ type="str", choices=["background", "hold", "custom"]
+ ),
+ web_service_fail_mode=dict(
+ type="str",
+ choices=["allow connections", "block connections"],
+ ),
+ ),
+ ),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
+ auto_publish_session=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -154,5 +177,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_vpn_community_remote_access.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_vpn_community_remote_access.py
new file mode 100644
index 000000000..e7406f4b6
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_set_vpn_community_remote_access.py
@@ -0,0 +1,133 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_set_vpn_community_remote_access
+short_description: Edit existing Remote Access object. Using object name or uid is optional.
+description:
+ - Edit existing Remote Access object. Using object name or uid is optional.
+ - Add and Delete API commands for this object are unavailable since there is single object per domain.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ type: str
+ gateways:
+ description:
+ - Collection of Gateway objects identified by the name or UID.
+ type: list
+ elements: str
+ user_groups:
+ description:
+ - Collection of User group objects identified by the name or UID.
+ type: list
+ elements: str
+ tags:
+ description:
+ - Collection of tag identifiers.
+ type: list
+ elements: str
+ color:
+ description:
+ - Color of the object. Should be one of existing colors.
+ type: str
+ choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green',
+ 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon',
+ 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow']
+ comments:
+ description:
+ - Comments string.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ ignore_warnings:
+ description:
+ - Apply changes ignoring warnings.
+ type: bool
+ ignore_errors:
+ description:
+ - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+ type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: set-vpn-community-remote-access
+ cp_mgmt_set_vpn_community_remote_access:
+ gateways:
+ - mygateway
+ user_groups:
+ - myusergroup
+"""
+
+RETURN = """
+cp_mgmt_set_vpn_community_remote_access:
+ description: The checkpoint set-vpn-community-remote-access output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ gateways=dict(type='list', elements='str'),
+ user_groups=dict(type='list', elements='str'),
+ tags=dict(type='list', elements='str'),
+ color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
+ 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
+ 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
+ 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
+ 'yellow']),
+ comments=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ ignore_warnings=dict(type='bool'),
+ ignore_errors=dict(type='bool')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "set-vpn-community-remote-access"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_access_section.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_access_section.py
index dfa684fda..fbb1336d4 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_access_section.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_access_section.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -67,14 +69,17 @@ cp_mgmt_show_access_section:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- layer=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full'])
+ name=dict(type="str"),
+ layer=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -86,5 +91,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_api_settings.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_api_settings.py
new file mode 100644
index 000000000..eda38db60
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_api_settings.py
@@ -0,0 +1,71 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_show_api_settings
+short_description: Retrieve API Settings.
+description:
+ - Retrieve API Settings. This command is available only after logging in to the System Data domain.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options: {}
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: show-api-settings
+ cp_mgmt_show_api_settings:
+"""
+
+RETURN = """
+cp_mgmt_show_api_settings:
+ description: The checkpoint show-api-settings output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "show-api-settings"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_api_versions.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_api_versions.py
new file mode 100644
index 000000000..24a535a78
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_api_versions.py
@@ -0,0 +1,71 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_show_api_versions
+short_description: Shows all supported API versions and current API version (the latest one).
+description:
+ - Shows all supported API versions and current API version (the latest one).
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options: {}
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: show-api-versions
+ cp_mgmt_show_api_versions:
+"""
+
+RETURN = """
+cp_mgmt_show_api_versions:
+ description: The checkpoint show-api-versions output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "show-api-versions"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_azure_ad_content.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_azure_ad_content.py
new file mode 100644
index 000000000..a60a786ec
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_azure_ad_content.py
@@ -0,0 +1,152 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_show_azure_ad_content
+short_description: Retrieve AzureAD Objects from Azure AD Server.
+description:
+ - Retrieve AzureAD Objects from Azure AD Server.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ azure_ad_name:
+ description:
+ - Name of the Azure AD Server where to search for objects.
+ type: str
+ azure_ad_uid:
+ description:
+ - Unique identifier of the Azure AD Server where to search for objects.
+ type: str
+ limit:
+ description:
+ - The maximal number of returned results.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ type: int
+ order:
+ description:
+ - Sorts the results by search criteria. Automatically sorts the results by Name, in the ascending order.
+ type: list
+ elements: dict
+ suboptions:
+ ASC:
+ description:
+ - Sorts results by the given field in ascending order.
+ type: str
+ choices: ['name']
+ DESC:
+ description:
+ - Sorts results by the given field in descending order.
+ type: str
+ choices: ['name']
+ uid_in_azure_ad:
+ description:
+ - Return result matching the unique identifier of the object on the Azure AD Server.
+ type: str
+ filter:
+ description:
+ - Return results matching the specified filter.
+ type: dict
+ suboptions:
+ text:
+ description:
+ - Return results containing the specified text value.
+ type: str
+ uri:
+ description:
+ - Return results under the specified Data Center Object (identified by URI).
+ type: str
+ parent_uid_in_data_center:
+ description:
+ - Return results under the specified Data Center Object (identified by UID).
+ type: str
+ details_level:
+ description:
+ - Standard and Full description are the same.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ domains_to_process:
+ description:
+ - Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and
+ with ignore-warnings true. Valid values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.
+ type: list
+ elements: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: show-azure-ad-content
+ cp_mgmt_show_azure_ad_content:
+ name: my_azureAD
+"""
+
+RETURN = """
+cp_mgmt_show_azure_ad_content:
+ description: The checkpoint show-azure-ad-content output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ azure_ad_name=dict(type='str'),
+ azure_ad_uid=dict(type='str'),
+ limit=dict(type='int'),
+ offset=dict(type='int'),
+ order=dict(type='list', elements='dict', options=dict(
+ ASC=dict(type='str', choices=['name']),
+ DESC=dict(type='str', choices=['name'])
+ )),
+ uid_in_azure_ad=dict(type='str'),
+ filter=dict(type='dict', options=dict(
+ text=dict(type='str'),
+ uri=dict(type='str'),
+ parent_uid_in_data_center=dict(type='str')
+ )),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ domains_to_process=dict(type='list', elements='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "show-azure-ad-content"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_changes.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_changes.py
new file mode 100644
index 000000000..214e816c5
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_changes.py
@@ -0,0 +1,125 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_show_changes
+short_description: Show changes between two sessions.
+description:
+ - Show changes between two sessions.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ from_date:
+ description:
+ - The date from which tracking changes is to be performed. ISO 8601. If timezone isn't specified in the input, the Management server's timezone is used.
+ type: str
+ from_session:
+ description:
+ - The session UID from which tracking changes is to be performed.
+ type: str
+ limit:
+ description:
+ - Maximum number of sessions to analyze.
+ type: int
+ offset:
+ description:
+ - Number of sessions to skip (beginning with from-session).
+ type: int
+ to_date:
+ description:
+ - The date until which tracking changes is to be performed. ISO 8601. If timezone isn't specified in the input, the Management server's timezone is used.
+ type: str
+ to_session:
+ description:
+ - The session UID until which tracking changes is to be performed.
+ type: str
+ dereference_group_members:
+ description:
+ - Indicates whether to dereference "members" field by details level for every object in reply.
+ type: bool
+ show_membership:
+ description:
+ - Indicates whether to calculate and show "groups" field for every object in reply.
+ type: bool
+ dereference_max_depth:
+ description:
+ - When details level is full you can choose the number of levels in the API reply.
+ type: int
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: show-changes
+ cp_mgmt_show_changes:
+ from_date: '2017-02-01T08:20:50'
+ to_date: '2017-02-21'
+"""
+
+RETURN = """
+cp_mgmt_show_changes:
+ description: The checkpoint show-changes output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ from_date=dict(type='str'),
+ from_session=dict(type='str'),
+ limit=dict(type='int'),
+ offset=dict(type='int'),
+ to_date=dict(type='str'),
+ to_session=dict(type='str'),
+ dereference_group_members=dict(type='bool'),
+ show_membership=dict(type='bool'),
+ dereference_max_depth=dict(type='int'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full'])
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "show-changes"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_cloud_licenses_usage.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_cloud_licenses_usage.py
new file mode 100644
index 000000000..10faf1ba7
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_cloud_licenses_usage.py
@@ -0,0 +1,71 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_show_cloud_licenses_usage
+short_description: Show attached licenses usage.
+description:
+ - Show attached licenses usage.
+ - All operations are performed over Web Services API.
+version_added: "5.2.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options: {}
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: show-cloud-licenses-usage
+ cp_mgmt_show_cloud_licenses_usage:
+"""
+
+RETURN = """
+cp_mgmt_show_cloud_licenses_usage:
+ description: The checkpoint show-cloud-licenses-usage output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "show-cloud-licenses-usage"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_cloud_services.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_cloud_services.py
index 91725ff53..bff5b92b9 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_cloud_services.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_cloud_services.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -51,12 +53,14 @@ cp_mgmt_show_cloud_services:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
- argument_spec = dict(
- )
+ argument_spec = dict()
argument_spec.update(checkpoint_argument_spec_for_commands)
module = AnsibleModule(argument_spec=argument_spec)
@@ -67,5 +71,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_commands.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_commands.py
new file mode 100644
index 000000000..aae501fd3
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_commands.py
@@ -0,0 +1,76 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_show_commands
+short_description: Retrieve all of the supported Management API commands with their description.
+description:
+ - Retrieve all of the supported Management API commands with their description.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ prefix:
+ description:
+ - The prefix of the desired commands to show.
+ type: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: show-commands
+ cp_mgmt_show_commands:
+"""
+
+RETURN = """
+cp_mgmt_show_commands:
+ description: The checkpoint show-commands output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ prefix=dict(type='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "show-commands"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_gateways_and_servers.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_gateways_and_servers.py
new file mode 100644
index 000000000..5f4a23201
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_gateways_and_servers.py
@@ -0,0 +1,119 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_show_gateways_and_servers
+short_description: Shows list of Gateways & Servers sorted by name.
+description:
+ - Shows list of Gateways & Servers sorted by name.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ limit:
+ description:
+ - The maximal number of returned results.
+ This parameter is relevant only for getting few objects.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ This parameter is relevant only for getting few objects.
+ type: int
+ order:
+ description:
+ - Sorts the results by search criteria. Automatically sorts the results by Name, in the ascending order.
+ This parameter is relevant only for getting few objects.
+ type: list
+ elements: dict
+ suboptions:
+ ASC:
+ description:
+ - Sorts results by the given field in ascending order.
+ type: str
+ choices: ['name']
+ DESC:
+ description:
+ - Sorts results by the given field in descending order.
+ type: str
+ choices: ['name']
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ domains_to_process:
+ description:
+ - Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and
+ with ignore-warnings true. Valid values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.
+ type: list
+ elements: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: show-gateways-and-servers
+ cp_mgmt_show_gateways_and_servers:
+ details_level: full
+"""
+
+RETURN = """
+cp_mgmt_show_gateways_and_servers:
+ description: The checkpoint show-gateways-and-servers output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ limit=dict(type='int'),
+ offset=dict(type='int'),
+ order=dict(type='list', elements='dict', options=dict(
+ ASC=dict(type='str', choices=['name']),
+ DESC=dict(type='str', choices=['name'])
+ )),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ domains_to_process=dict(type='list', elements='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "show-gateways-and-servers"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_global_domain.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_global_domain.py
new file mode 100644
index 000000000..95d367eed
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_global_domain.py
@@ -0,0 +1,85 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_show_global_domain
+short_description: Retrieve existing object using object name or uid.
+description:
+ - Retrieve existing object using object name or uid.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ This parameter is relevant only for getting a specific object.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: show-global-domain
+ cp_mgmt_show_global_domain:
+ name: Global
+"""
+
+RETURN = """
+cp_mgmt_show_global_domain:
+ description: The checkpoint show-global-domain output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full'])
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "show-global-domain"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_global_properties.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_global_properties.py
index 24f40149b..5234d39d4 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_global_properties.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_global_properties.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -51,12 +53,14 @@ cp_mgmt_show_global_properties:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
- argument_spec = dict(
- )
+ argument_spec = dict()
argument_spec.update(checkpoint_argument_spec_for_commands)
module = AnsibleModule(argument_spec=argument_spec)
@@ -67,5 +71,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_ha_state.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_ha_state.py
new file mode 100644
index 000000000..6692efa83
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_ha_state.py
@@ -0,0 +1,71 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_show_ha_state
+short_description: Retrieve domain high availability state.
+description:
+ - Retrieve domain high availability state.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options: {}
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: show-ha-state
+ cp_mgmt_show_ha_state:
+"""
+
+RETURN = """
+cp_mgmt_show_ha_state:
+ description: The checkpoint show-ha-state output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "show-ha-state"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_ha_status.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_ha_status.py
new file mode 100644
index 000000000..8ed957e98
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_ha_status.py
@@ -0,0 +1,71 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_show_ha_status
+short_description: Retrieve domain high availability status.
+description:
+ - Retrieve domain high availability status.
+ - All operations are performed over Web Services API.
+version_added: "5.2.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options: {}
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: show-ha-status
+ cp_mgmt_show_ha_status:
+"""
+
+RETURN = """
+cp_mgmt_show_ha_status:
+ description: The checkpoint show-ha-status output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "show-ha-status"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_https_section.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_https_section.py
index e05e8b4b3..14a8bba52 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_https_section.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_https_section.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -67,14 +69,17 @@ cp_mgmt_show_https_section:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- layer=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full'])
+ name=dict(type="str"),
+ layer=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -86,5 +91,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_idp_default_assignment.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_idp_default_assignment.py
index e6962ce94..d0f18772f 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_idp_default_assignment.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_idp_default_assignment.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -57,12 +59,15 @@ cp_mgmt_show_idp_default_assignment:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- details_level=dict(type='str', choices=['uid', 'standard', 'full'])
+ details_level=dict(type="str", choices=["uid", "standard", "full"])
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -74,5 +79,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_ips_status.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_ips_status.py
new file mode 100644
index 000000000..608bd47b0
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_ips_status.py
@@ -0,0 +1,71 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_show_ips_status
+short_description: show ips status on Checkpoint over Web Services API
+description:
+ - show ips status on Checkpoint over Web Services API
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options: {}
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: show-ips-status
+ cp_mgmt_show_ips_status:
+"""
+
+RETURN = """
+cp_mgmt_show_ips_status:
+ description: The checkpoint show-ips-status output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "show-ips-status"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_ips_update_schedule.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_ips_update_schedule.py
new file mode 100644
index 000000000..31303974b
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_ips_update_schedule.py
@@ -0,0 +1,71 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_show_ips_update_schedule
+short_description: Retrieve IPS Update Schedule.
+description:
+ - Retrieve IPS Update Schedule.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options: {}
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: show-ips-update-schedule
+ cp_mgmt_show_ips_update_schedule:
+"""
+
+RETURN = """
+cp_mgmt_show_ips_update_schedule:
+ description: The checkpoint show-ips-update-schedule output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "show-ips-update-schedule"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_layer_structure.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_layer_structure.py
new file mode 100644
index 000000000..d3156cf7b
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_layer_structure.py
@@ -0,0 +1,104 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_show_layer_structure
+short_description: Shows the entire layer structure.
+description:
+ - Shows the entire layer structure. The layer structure is divided into sections and each section has its own entities.
+ - Supported layer types include Access Control, NAT, Custom Threat Prevention, Threat Exception and HTTPS Inspection.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name. Must be unique in the domain.
+ type: str
+ required: True
+ package:
+ description:
+ - Name of the package. Must be set when want to receive the resolved rule instead of the place holder in global domain layer.
+ type: str
+ limit:
+ description:
+ - The maximal number of returned results.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ type: int
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard']
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: show-layer-structure
+ cp_mgmt_show_layer_structure:
+ details_level: standard
+ limit: 20
+ name: Network
+ offset: 0
+"""
+
+RETURN = """
+cp_mgmt_show_layer_structure:
+ description: The checkpoint show-layer-structure output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str', required=True),
+ package=dict(type='str'),
+ limit=dict(type='int'),
+ offset=dict(type='int'),
+ details_level=dict(type='str', choices=['uid', 'standard'])
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "show-layer-structure"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_login_message.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_login_message.py
new file mode 100644
index 000000000..51b5f673d
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_login_message.py
@@ -0,0 +1,79 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_show_login_message
+short_description: Retrieve Login message.
+description:
+ - Retrieve Login message.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: show-login-message
+ cp_mgmt_show_login_message:
+ details_level: full
+"""
+
+RETURN = """
+cp_mgmt_show_login_message:
+ description: The checkpoint show-login-message output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ details_level=dict(type='str', choices=['uid', 'standard', 'full'])
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "show-login-message"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_logs.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_logs.py
index 59ecccd35..4508bba55 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_logs.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_logs.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -113,27 +115,61 @@ cp_mgmt_show_logs:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- new_query=dict(type='dict', options=dict(
- filter=dict(type='str'),
- time_frame=dict(type='str', choices=['last-7-days', 'last-hour', 'today', 'last-24-hours', 'yesterday',
- 'this-week', 'this-month', 'last-30-days', 'all-time', 'custom']),
- custom_start=dict(type='str'),
- custom_end=dict(type='str'),
- max_logs_per_request=dict(type='int'),
- top=dict(type='dict', options=dict(
- field=dict(type='str', choices=['sources', 'destinations', 'services', 'actions', 'blades', 'origins', 'users', 'applications']),
- count=dict(type='int')
- )),
- type=dict(type='str', choices=['logs', 'audit']),
- log_servers=dict(type='list', elements='str')
- )),
- query_id=dict(type='str'),
- ignore_warnings=dict(type='bool')
+ new_query=dict(
+ type="dict",
+ options=dict(
+ filter=dict(type="str"),
+ time_frame=dict(
+ type="str",
+ choices=[
+ "last-7-days",
+ "last-hour",
+ "today",
+ "last-24-hours",
+ "yesterday",
+ "this-week",
+ "this-month",
+ "last-30-days",
+ "all-time",
+ "custom",
+ ],
+ ),
+ custom_start=dict(type="str"),
+ custom_end=dict(type="str"),
+ max_logs_per_request=dict(type="int"),
+ top=dict(
+ type="dict",
+ options=dict(
+ field=dict(
+ type="str",
+ choices=[
+ "sources",
+ "destinations",
+ "services",
+ "actions",
+ "blades",
+ "origins",
+ "users",
+ "applications",
+ ],
+ ),
+ count=dict(type="int"),
+ ),
+ ),
+ type=dict(type="str", choices=["logs", "audit"]),
+ log_servers=dict(type="list", elements="str"),
+ ),
+ ),
+ query_id=dict(type="str"),
+ ignore_warnings=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -145,5 +181,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_nat_section.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_nat_section.py
index 92809266c..086e4b53b 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_nat_section.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_nat_section.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -67,14 +69,17 @@ cp_mgmt_show_nat_section:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- package=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full'])
+ name=dict(type="str"),
+ package=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -86,5 +91,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_place_holder.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_place_holder.py
new file mode 100644
index 000000000..f1395f108
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_place_holder.py
@@ -0,0 +1,84 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_show_place_holder
+short_description: Retrieve existing object using object uid.
+description:
+ - Retrieve existing object using object uid.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ uid:
+ description:
+ - Object unique identifier.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: show-place-holder
+ cp_mgmt_show_place_holder:
+ uid: 5df27676-83a6-4d38-beaa-0413838a7f85
+"""
+
+RETURN = """
+cp_mgmt_show_place_holder:
+ description: The checkpoint show-place-holder output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ uid=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full'])
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "show-place-holder"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_policy_settings.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_policy_settings.py
new file mode 100644
index 000000000..2b03c8272
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_policy_settings.py
@@ -0,0 +1,71 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_show_policy_settings
+short_description: Show Policy settings.
+description:
+ - Show Policy settings.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options: {}
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: show-policy-settings
+ cp_mgmt_show_policy_settings:
+"""
+
+RETURN = """
+cp_mgmt_show_policy_settings:
+ description: The checkpoint show-policy-settings output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "show-policy-settings"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_servers_and_processes.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_servers_and_processes.py
index 6014b40a3..03a9b2e5a 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_servers_and_processes.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_servers_and_processes.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -53,12 +55,14 @@ cp_mgmt_show_servers_and_processes:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
- argument_spec = dict(
- )
+ argument_spec = dict()
argument_spec.update(checkpoint_argument_spec_for_commands)
module = AnsibleModule(argument_spec=argument_spec)
@@ -69,5 +73,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_software_package_details.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_software_package_details.py
index 0b6ef90b7..d4ea50161 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_software_package_details.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_software_package_details.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -56,13 +58,14 @@ cp_mgmt_show_software_package_details:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
- argument_spec = dict(
- name=dict(type='str')
- )
+ argument_spec = dict(name=dict(type="str"))
argument_spec.update(checkpoint_argument_spec_for_commands)
module = AnsibleModule(argument_spec=argument_spec)
@@ -73,5 +76,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_software_packages_per_targets.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_software_packages_per_targets.py
new file mode 100644
index 000000000..c03850eac
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_software_packages_per_targets.py
@@ -0,0 +1,109 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_show_software_packages_per_targets
+short_description: Shows software packages on targets.
+description:
+ - Shows software packages on targets.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Shiran Golzar (@chkp-shirango)"
+options:
+ display:
+ description:
+ - Filter the displayed results.
+ type: dict
+ suboptions:
+ category:
+ description:
+ - The package categories to include in the results.
+ type: list
+ elements: str
+ installed:
+ description:
+ - Show installed packages, available packages, or both.
+ type: str
+ choices: ['yes', 'no', 'any']
+ recommended:
+ description:
+ - Show only recommended packages, other packages, or both.
+ type: str
+ choices: ['yes', 'no', 'any']
+ targets:
+ description:
+ - On what targets to execute this command. Targets may be identified by their object name, or object unique identifier.
+ type: list
+ elements: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: show-software-packages-per-targets
+ cp_mgmt_show_software_packages_per_targets:
+ display:
+ category: major
+ installed: 'no'
+ recommended: any
+ targets:
+ - corporate-gateway
+"""
+
+RETURN = """
+cp_mgmt_show_software_packages_per_targets:
+ description: The checkpoint show-software-packages-per-targets output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, \
+ api_command
+
+
+def main():
+ argument_spec = dict(
+ display=dict(type='dict', options=dict(
+ category=dict(type='list', elements='str'),
+ installed=dict(type='str', choices=['yes', 'no', 'any']),
+ recommended=dict(type='str', choices=['yes', 'no', 'any'])
+ )),
+ targets=dict(type='list', elements='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "show-software-packages-per-targets"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_task.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_task.py
index d90bc7bbf..bf6cab246 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_task.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_task.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["deprecated"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -34,6 +36,10 @@ description:
- All operations are performed over Web Services API.
version_added: "2.0.0"
author: "Or Soffer (@chkp-orso)"
+deprecated:
+ alternative: cp_mgmt_task_facts
+ why: Newer single facts module released.
+ removed_at_date: '2024-11-01'
options:
task_id:
description:
@@ -63,13 +69,16 @@ cp_mgmt_show_task:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- task_id=dict(type='list', elements='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full'])
+ task_id=dict(type="list", elements="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -81,5 +90,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_tasks.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_tasks.py
index a9fcdd872..77a7a9171 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_tasks.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_tasks.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["deprecated"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -34,6 +36,10 @@ description:
- All operations are performed over Web Services API.
version_added: "2.0.0"
author: "Or Soffer (@chkp-orso)"
+deprecated:
+ alternative: cp_mgmt_task_facts
+ why: Newer single facts module released.
+ removed_at_date: '2024-11-01'
options:
initiator:
description:
@@ -103,22 +109,31 @@ cp_mgmt_show_tasks:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- initiator=dict(type='str'),
- status=dict(type='str', choices=['successful', 'failed', 'in-progress', 'all']),
- from_date=dict(type='str'),
- to_date=dict(type='str'),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- details_level=dict(type='str', choices=['uid', 'standard', 'full'])
+ initiator=dict(type="str"),
+ status=dict(
+ type="str", choices=["successful", "failed", "in-progress", "all"]
+ ),
+ from_date=dict(type="str"),
+ to_date=dict(type="str"),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -130,5 +145,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_threat_advanced_settings.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_threat_advanced_settings.py
index 5af7329a7..72d1a549c 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_threat_advanced_settings.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_threat_advanced_settings.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -51,12 +53,14 @@ cp_mgmt_show_threat_advanced_settings:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
- argument_spec = dict(
- )
+ argument_spec = dict()
argument_spec.update(checkpoint_argument_spec_for_commands)
module = AnsibleModule(argument_spec=argument_spec)
@@ -67,5 +71,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_unused_objects.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_unused_objects.py
new file mode 100644
index 000000000..53118916e
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_unused_objects.py
@@ -0,0 +1,138 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_show_unused_objects
+short_description: Retrieve all unused objects.
+description:
+ - Retrieve all unused objects.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ filter:
+ description:
+ - Search expression to filter objects by. The provided text should be exactly the same as it would be given in SmartConsole Object Explorer. The
+ logical operators in the expression ('AND', 'OR') should be provided in capital letters. The search involves both a IP search and a textual search in
+ name, comment, tags etc.
+ type: str
+ limit:
+ description:
+ - The maximal number of returned results.
+ This parameter is relevant only for getting few objects.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ This parameter is relevant only for getting few objects.
+ type: int
+ order:
+ description:
+ - Sorts the results by search criteria. Automatically sorts the results by Name, in the ascending order.
+ This parameter is relevant only for getting few objects.
+ type: list
+ elements: dict
+ suboptions:
+ ASC:
+ description:
+ - Sorts results by the given field in ascending order.
+ type: str
+ choices: ['name']
+ DESC:
+ description:
+ - Sorts results by the given field in descending order.
+ type: str
+ choices: ['name']
+ dereference_group_members:
+ description:
+ - Indicates whether to dereference "members" field by details level for every object in reply.
+ type: bool
+ show_membership:
+ description:
+ - Indicates whether to calculate and show "groups" field for every object in reply.
+ type: bool
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ domains_to_process:
+ description:
+ - Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and
+ with ignore-warnings true. Valid values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.
+ type: list
+ elements: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: show-unused-objects
+ cp_mgmt_show_unused_objects:
+ details_level: standard
+ limit: 50
+ offset: 0
+"""
+
+RETURN = """
+cp_mgmt_show_unused_objects:
+ description: The checkpoint show-unused-objects output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ filter=dict(type='str'),
+ limit=dict(type='int'),
+ offset=dict(type='int'),
+ order=dict(type='list', elements='dict', options=dict(
+ ASC=dict(type='str', choices=['name']),
+ DESC=dict(type='str', choices=['name'])
+ )),
+ dereference_group_members=dict(type='bool'),
+ show_membership=dict(type='bool'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ domains_to_process=dict(type='list', elements='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "show-unused-objects"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_updatable_objects_repository_content.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_updatable_objects_repository_content.py
new file mode 100644
index 000000000..59320df7a
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_updatable_objects_repository_content.py
@@ -0,0 +1,143 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_show_updatable_objects_repository_content
+short_description: Shows the content of the available updatable objects from the Check Point User Center.
+description:
+ - Shows the content of the available updatable objects from the Check Point User Center.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ uid_in_updatable_objects_repository:
+ description:
+ - The object's unique identifier in the Updatable Objects repository.
+ type: str
+ filter:
+ description:
+ - Return results matching the specified filter.
+ type: dict
+ suboptions:
+ text:
+ description:
+ - Return results containing the specified text value.
+ type: str
+ uri:
+ description:
+ - Return results under the specified uri value.
+ type: str
+ parent_uid_in_updatable_objects_repository:
+ description:
+ - Return results under the specified Updatable Object.
+ type: str
+ limit:
+ description:
+ - The maximal number of returned results.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ type: int
+ order:
+ description:
+ - Sorts the results by search criteria. Automatically sorts the results by Name, in the ascending order.
+ type: list
+ elements: dict
+ suboptions:
+ ASC:
+ description:
+ - Sorts results by the given field in ascending order.
+ type: str
+ choices: ['name']
+ DESC:
+ description:
+ - Sorts results by the given field in descending order.
+ type: str
+ choices: ['name']
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ domains_to_process:
+ description:
+ - Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and
+ with ignore-warnings true. Valid values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.
+ type: list
+ elements: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: show-updatable-objects-repository-content
+ cp_mgmt_show_updatable_objects_repository_content:
+ limit: 1
+"""
+
+RETURN = """
+cp_mgmt_show_updatable_objects_repository_content:
+ description: The checkpoint show-updatable-objects-repository-content output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ uid_in_updatable_objects_repository=dict(type='str'),
+ filter=dict(type='dict', options=dict(
+ text=dict(type='str'),
+ uri=dict(type='str'),
+ parent_uid_in_updatable_objects_repository=dict(type='str')
+ )),
+ limit=dict(type='int'),
+ offset=dict(type='int'),
+ order=dict(type='list', elements='dict', options=dict(
+ ASC=dict(type='str', choices=['name']),
+ DESC=dict(type='str', choices=['name'])
+ )),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ domains_to_process=dict(type='list', elements='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "show-updatable-objects-repository-content"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_validations.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_validations.py
new file mode 100644
index 000000000..c90a6d18d
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_show_validations.py
@@ -0,0 +1,71 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_show_validations
+short_description: Show all validation incidents limited to 500.
+description:
+ - Show all validation incidents limited to 500.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options: {}
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: show-validations
+ cp_mgmt_show_validations:
+"""
+
+RETURN = """
+cp_mgmt_show_validations:
+ description: The checkpoint show-validations output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "show-validations"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_simple_cluster.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_simple_cluster.py
index 0742d2489..11a2e5caa 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_simple_cluster.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_simple_cluster.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -1023,265 +1025,608 @@ cp_mgmt_simple_cluster:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- ip_address=dict(type='str'),
- ipv4_address=dict(type='str'),
- ipv6_address=dict(type='str'),
- anti_bot=dict(type='bool'),
- anti_virus=dict(type='bool'),
- application_control=dict(type='bool'),
- cluster_mode=dict(type='str', choices=['cluster-xl-ha', 'cluster-ls-multicast', 'cluster-ls-unicast', 'opsec-ha', 'opsec-ls']),
- content_awareness=dict(type='bool'),
- firewall=dict(type='bool'),
- firewall_settings=dict(type='dict', options=dict(
- auto_calculate_connections_hash_table_size_and_memory_pool=dict(type='bool'),
- auto_maximum_limit_for_concurrent_connections=dict(type='bool'),
- connections_hash_size=dict(type='int'),
- maximum_limit_for_concurrent_connections=dict(type='int'),
- maximum_memory_pool_size=dict(type='int'),
- memory_pool_size=dict(type='int')
- )),
- hardware=dict(type='str'),
- interfaces=dict(type='list', elements='dict', options=dict(
- name=dict(type='str'),
- interface_type=dict(type='str', choices=['cluster', 'sync', 'cluster + sync', 'private']),
- ip_address=dict(type='str'),
- ipv4_address=dict(type='str'),
- ipv6_address=dict(type='str'),
- network_mask=dict(type='str'),
- ipv4_network_mask=dict(type='str'),
- ipv6_network_mask=dict(type='str'),
- mask_length=dict(type='str'),
- ipv4_mask_length=dict(type='str'),
- ipv6_mask_length=dict(type='str'),
- anti_spoofing=dict(type='bool'),
- anti_spoofing_settings=dict(type='dict', options=dict(
- action=dict(type='str', choices=['prevent', 'detect']),
- exclude_packets=dict(type='bool'),
- excluded_network_name=dict(type='str'),
- excluded_network_uid=dict(type='str'),
- spoof_tracking=dict(type='str', choices=['none', 'log', 'alert'])
- )),
- multicast_address=dict(type='str'),
- multicast_address_type=dict(type='str', choices=['manual', 'default']),
- security_zone=dict(type='bool'),
- security_zone_settings=dict(type='dict', options=dict(
- auto_calculated=dict(type='bool'),
- specific_zone=dict(type='str')
- )),
- tags=dict(type='list', elements='str'),
- topology=dict(type='str', choices=['automatic', 'external', 'internal']),
- topology_settings=dict(type='dict', options=dict(
- interface_leads_to_dmz=dict(type='bool'),
- ip_address_behind_this_interface=dict(type='str', choices=['not defined', 'network defined by the interface ip and net mask',
- 'network defined by routing', 'specific']),
- specific_network=dict(type='str')
- )),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan',
- 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick',
- 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral',
- 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red',
- 'sienna', 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
- )),
- ips=dict(type='bool'),
- members=dict(type='list', elements='dict', options=dict(
- name=dict(type='str'),
- interfaces=dict(type='list', elements='dict', options=dict(
- name=dict(type='str'),
- anti_spoofing=dict(type='bool'),
- anti_spoofing_settings=dict(type='dict', options=dict(
- action=dict(type='str', choices=['prevent', 'detect']),
- exclude_packets=dict(type='bool'),
- excluded_network_name=dict(type='str'),
- excluded_network_uid=dict(type='str'),
- spoof_tracking=dict(type='str', choices=['none', 'log', 'alert'])
- )),
- ip_address=dict(type='str'),
- ipv4_address=dict(type='str'),
- ipv6_address=dict(type='str'),
- network_mask=dict(type='str'),
- ipv4_network_mask=dict(type='str'),
- ipv6_network_mask=dict(type='str'),
- mask_length=dict(type='str'),
- ipv4_mask_length=dict(type='str'),
- ipv6_mask_length=dict(type='str'),
- security_zone=dict(type='bool'),
- security_zone_settings=dict(type='dict', options=dict(
- auto_calculated=dict(type='bool'),
- specific_zone=dict(type='str')
- )),
- tags=dict(type='list', elements='str'),
- topology=dict(type='str', choices=['automatic', 'external', 'internal']),
- topology_settings=dict(type='dict', options=dict(
- interface_leads_to_dmz=dict(type='bool'),
- ip_address_behind_this_interface=dict(type='str', choices=['not defined', 'network defined by the interface ip and net mask',
- 'network defined by routing', 'specific']),
- specific_network=dict(type='str')
- )),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood',
- 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue',
- 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon',
- 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive',
- 'orange', 'red', 'sienna', 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
- )),
- ip_address=dict(type='str'),
- ipv4_address=dict(type='str'),
- ipv6_address=dict(type='str'),
- one_time_password=dict(type='str', no_log=True),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan',
- 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick',
- 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral',
- 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red',
- 'sienna', 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
- )),
- os_name=dict(type='str'),
- platform_portal_settings=dict(type='dict', options=dict(
- portal_web_settings=dict(type='dict', options=dict(
- aliases=dict(type='list', elements='str'),
- ip_address=dict(type='str'),
- main_url=dict(type='str')
- )),
- certificate_settings=dict(type='dict', options=dict(
- base64_certificate=dict(type='str'),
- base64_password=dict(type='str', no_log=True)
- )),
- accessibility=dict(type='dict', options=dict(
- allow_access_from=dict(type='str', choices=['rule_base', 'internal_interfaces', 'all_interfaces']),
- internal_access_settings=dict(type='dict', options=dict(
- undefined=dict(type='bool'),
- dmz=dict(type='bool'),
- vpn=dict(type='bool')
- ))
- ))
- )),
- send_alerts_to_server=dict(type='list', elements='str'),
- send_logs_to_backup_server=dict(type='list', elements='str'),
- send_logs_to_server=dict(type='list', elements='str'),
- tags=dict(type='list', elements='str'),
- threat_emulation=dict(type='bool'),
- threat_extraction=dict(type='bool'),
- threat_prevention_mode=dict(type='str', choices=['autonomous', 'custom']),
- url_filtering=dict(type='bool'),
- usercheck_portal_settings=dict(type='dict', options=dict(
- enabled=dict(type='bool'),
- portal_web_settings=dict(type='dict', options=dict(
- aliases=dict(type='list', elements='str'),
- ip_address=dict(type='str'),
- main_url=dict(type='str')
- )),
- certificate_settings=dict(type='dict', options=dict(
- base64_certificate=dict(type='str'),
- base64_password=dict(type='str', no_log=True)
- )),
- accessibility=dict(type='dict', options=dict(
- allow_access_from=dict(type='str', choices=['rule_base', 'internal_interfaces', 'all_interfaces']),
- internal_access_settings=dict(type='dict', options=dict(
- undefined=dict(type='bool'),
- dmz=dict(type='bool'),
- vpn=dict(type='bool')
- ))
- ))
- )),
- cluster_version=dict(type='str'),
- vpn=dict(type='bool'),
- vpn_settings=dict(type='dict', options=dict(
- authentication=dict(type='dict', options=dict(
- authentication_clients=dict(type='list', elements='str')
- )),
- link_selection=dict(type='dict', options=dict(
- ip_selection=dict(type='str', choices=['use-main-address',
- 'use-selected-address-from-topology', 'use-statically-nated-ip', 'calculated-ip-based-on-topology',
- 'dns-resolving-from-hostname', 'dns-resolving-from-gateway-and-domain-name',
- 'use-probing-with-high-availability', 'use-probing-with-load-sharing', 'use-one-time-probing']),
- dns_resolving_hostname=dict(type='str'),
- ip_address=dict(type='str')
- )),
- maximum_concurrent_ike_negotiations=dict(type='int'),
- maximum_concurrent_tunnels=dict(type='int'),
- office_mode=dict(type='dict', options=dict(
- mode=dict(type='str', choices=['off', 'specific-group', 'all-users']),
- group=dict(type='str'),
- allocate_ip_address_from=dict(type='dict', options=dict(
- radius_server=dict(type='bool'),
- use_allocate_method=dict(type='bool'),
- allocate_method=dict(type='str', choices=['manual', 'automatic']),
- manual_network=dict(type='str'),
- dhcp_server=dict(type='str'),
- virtual_ip_address=dict(type='str'),
- dhcp_mac_address=dict(type='str', choices=['per-machine', 'per-user']),
- optional_parameters=dict(type='dict', options=dict(
- use_primary_dns_server=dict(type='bool'),
- primary_dns_server=dict(type='str'),
- use_first_backup_dns_server=dict(type='bool'),
- first_backup_dns_server=dict(type='str'),
- use_second_backup_dns_server=dict(type='bool'),
- second_backup_dns_server=dict(type='str'),
- dns_suffixes=dict(type='str'),
- use_primary_wins_server=dict(type='bool'),
- primary_wins_server=dict(type='str'),
- use_first_backup_wins_server=dict(type='bool'),
- first_backup_wins_server=dict(type='str'),
- use_second_backup_wins_server=dict(type='bool'),
- second_backup_wins_server=dict(type='str'),
- ip_lease_duration=dict(type='int')
- ))
- )),
- support_multiple_interfaces=dict(type='bool'),
- perform_anti_spoofing=dict(type='bool'),
- anti_spoofing_additional_addresses=dict(type='str')
- )),
- remote_access=dict(type='dict', options=dict(
- support_l2tp=dict(type='bool'),
- l2tp_auth_method=dict(type='str', choices=['certificate', 'md5']),
- l2tp_certificate=dict(type='str'),
- allow_vpn_clients_to_route_traffic=dict(type='bool'),
- support_nat_traversal_mechanism=dict(type='bool'),
- nat_traversal_service=dict(type='str'),
- support_visitor_mode=dict(type='bool'),
- visitor_mode_service=dict(type='str'),
- visitor_mode_interface=dict(type='str')
- )),
- vpn_domain=dict(type='str'),
- vpn_domain_type=dict(type='str', choices=['manual', 'addresses_behind_gw'])
- )),
- show_portals_certificate=dict(type='bool'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- groups=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ ip_address=dict(type="str"),
+ ipv4_address=dict(type="str"),
+ ipv6_address=dict(type="str"),
+ anti_bot=dict(type="bool"),
+ anti_virus=dict(type="bool"),
+ application_control=dict(type="bool"),
+ cluster_mode=dict(
+ type="str",
+ choices=[
+ "cluster-xl-ha",
+ "cluster-ls-multicast",
+ "cluster-ls-unicast",
+ "opsec-ha",
+ "opsec-ls",
+ ],
+ ),
+ content_awareness=dict(type="bool"),
+ firewall=dict(type="bool"),
+ firewall_settings=dict(
+ type="dict",
+ options=dict(
+ auto_calculate_connections_hash_table_size_and_memory_pool=dict(
+ type="bool"
+ ),
+ auto_maximum_limit_for_concurrent_connections=dict(
+ type="bool"
+ ),
+ connections_hash_size=dict(type="int"),
+ maximum_limit_for_concurrent_connections=dict(type="int"),
+ maximum_memory_pool_size=dict(type="int"),
+ memory_pool_size=dict(type="int"),
+ ),
+ ),
+ hardware=dict(type="str"),
+ interfaces=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ name=dict(type="str"),
+ interface_type=dict(
+ type="str",
+ choices=["cluster", "sync", "cluster + sync", "private"],
+ ),
+ ip_address=dict(type="str"),
+ ipv4_address=dict(type="str"),
+ ipv6_address=dict(type="str"),
+ network_mask=dict(type="str"),
+ ipv4_network_mask=dict(type="str"),
+ ipv6_network_mask=dict(type="str"),
+ mask_length=dict(type="str"),
+ ipv4_mask_length=dict(type="str"),
+ ipv6_mask_length=dict(type="str"),
+ anti_spoofing=dict(type="bool"),
+ anti_spoofing_settings=dict(
+ type="dict",
+ options=dict(
+ action=dict(type="str", choices=["prevent", "detect"]),
+ exclude_packets=dict(type="bool"),
+ excluded_network_name=dict(type="str"),
+ excluded_network_uid=dict(type="str"),
+ spoof_tracking=dict(
+ type="str", choices=["none", "log", "alert"]
+ ),
+ ),
+ ),
+ multicast_address=dict(type="str"),
+ multicast_address_type=dict(
+ type="str", choices=["manual", "default"]
+ ),
+ security_zone=dict(type="bool"),
+ security_zone_settings=dict(
+ type="dict",
+ options=dict(
+ auto_calculated=dict(type="bool"),
+ specific_zone=dict(type="str"),
+ ),
+ ),
+ tags=dict(type="list", elements="str"),
+ topology=dict(
+ type="str", choices=["automatic", "external", "internal"]
+ ),
+ topology_settings=dict(
+ type="dict",
+ options=dict(
+ interface_leads_to_dmz=dict(type="bool"),
+ ip_address_behind_this_interface=dict(
+ type="str",
+ choices=[
+ "not defined",
+ "network defined by the interface ip and net mask",
+ "network defined by routing",
+ "specific",
+ ],
+ ),
+ specific_network=dict(type="str"),
+ ),
+ ),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(
+ type="str", choices=["uid", "standard", "full"]
+ ),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
+ ),
+ ),
+ ips=dict(type="bool"),
+ members=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ name=dict(type="str"),
+ interfaces=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ name=dict(type="str"),
+ anti_spoofing=dict(type="bool"),
+ anti_spoofing_settings=dict(
+ type="dict",
+ options=dict(
+ action=dict(
+ type="str", choices=["prevent", "detect"]
+ ),
+ exclude_packets=dict(type="bool"),
+ excluded_network_name=dict(type="str"),
+ excluded_network_uid=dict(type="str"),
+ spoof_tracking=dict(
+ type="str",
+ choices=["none", "log", "alert"],
+ ),
+ ),
+ ),
+ ip_address=dict(type="str"),
+ ipv4_address=dict(type="str"),
+ ipv6_address=dict(type="str"),
+ network_mask=dict(type="str"),
+ ipv4_network_mask=dict(type="str"),
+ ipv6_network_mask=dict(type="str"),
+ mask_length=dict(type="str"),
+ ipv4_mask_length=dict(type="str"),
+ ipv6_mask_length=dict(type="str"),
+ security_zone=dict(type="bool"),
+ security_zone_settings=dict(
+ type="dict",
+ options=dict(
+ auto_calculated=dict(type="bool"),
+ specific_zone=dict(type="str"),
+ ),
+ ),
+ tags=dict(type="list", elements="str"),
+ topology=dict(
+ type="str",
+ choices=["automatic", "external", "internal"],
+ ),
+ topology_settings=dict(
+ type="dict",
+ options=dict(
+ interface_leads_to_dmz=dict(type="bool"),
+ ip_address_behind_this_interface=dict(
+ type="str",
+ choices=[
+ "not defined",
+ "network defined by the interface ip and net mask",
+ "network defined by routing",
+ "specific",
+ ],
+ ),
+ specific_network=dict(type="str"),
+ ),
+ ),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(
+ type="str", choices=["uid", "standard", "full"]
+ ),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
+ ),
+ ),
+ ip_address=dict(type="str"),
+ ipv4_address=dict(type="str"),
+ ipv6_address=dict(type="str"),
+ one_time_password=dict(type="str", no_log=True),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(
+ type="str", choices=["uid", "standard", "full"]
+ ),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
+ ),
+ ),
+ os_name=dict(type="str"),
+ platform_portal_settings=dict(
+ type="dict",
+ options=dict(
+ portal_web_settings=dict(
+ type="dict",
+ options=dict(
+ aliases=dict(type="list", elements="str"),
+ ip_address=dict(type="str"),
+ main_url=dict(type="str"),
+ ),
+ ),
+ certificate_settings=dict(
+ type="dict",
+ options=dict(
+ base64_certificate=dict(type="str"),
+ base64_password=dict(type="str", no_log=True),
+ ),
+ ),
+ accessibility=dict(
+ type="dict",
+ options=dict(
+ allow_access_from=dict(
+ type="str",
+ choices=[
+ "rule_base",
+ "internal_interfaces",
+ "all_interfaces",
+ ],
+ ),
+ internal_access_settings=dict(
+ type="dict",
+ options=dict(
+ undefined=dict(type="bool"),
+ dmz=dict(type="bool"),
+ vpn=dict(type="bool"),
+ ),
+ ),
+ ),
+ ),
+ ),
+ ),
+ send_alerts_to_server=dict(type="list", elements="str"),
+ send_logs_to_backup_server=dict(type="list", elements="str"),
+ send_logs_to_server=dict(type="list", elements="str"),
+ tags=dict(type="list", elements="str"),
+ threat_emulation=dict(type="bool"),
+ threat_extraction=dict(type="bool"),
+ threat_prevention_mode=dict(
+ type="str", choices=["autonomous", "custom"]
+ ),
+ url_filtering=dict(type="bool"),
+ usercheck_portal_settings=dict(
+ type="dict",
+ options=dict(
+ enabled=dict(type="bool"),
+ portal_web_settings=dict(
+ type="dict",
+ options=dict(
+ aliases=dict(type="list", elements="str"),
+ ip_address=dict(type="str"),
+ main_url=dict(type="str"),
+ ),
+ ),
+ certificate_settings=dict(
+ type="dict",
+ options=dict(
+ base64_certificate=dict(type="str"),
+ base64_password=dict(type="str", no_log=True),
+ ),
+ ),
+ accessibility=dict(
+ type="dict",
+ options=dict(
+ allow_access_from=dict(
+ type="str",
+ choices=[
+ "rule_base",
+ "internal_interfaces",
+ "all_interfaces",
+ ],
+ ),
+ internal_access_settings=dict(
+ type="dict",
+ options=dict(
+ undefined=dict(type="bool"),
+ dmz=dict(type="bool"),
+ vpn=dict(type="bool"),
+ ),
+ ),
+ ),
+ ),
+ ),
+ ),
+ cluster_version=dict(type="str"),
+ vpn=dict(type="bool"),
+ vpn_settings=dict(
+ type="dict",
+ options=dict(
+ authentication=dict(
+ type="dict",
+ options=dict(
+ authentication_clients=dict(
+ type="list", elements="str"
+ )
+ ),
+ ),
+ link_selection=dict(
+ type="dict",
+ options=dict(
+ ip_selection=dict(
+ type="str",
+ choices=[
+ "use-main-address",
+ "use-selected-address-from-topology",
+ "use-statically-nated-ip",
+ "calculated-ip-based-on-topology",
+ "dns-resolving-from-hostname",
+ "dns-resolving-from-gateway-and-domain-name",
+ "use-probing-with-high-availability",
+ "use-probing-with-load-sharing",
+ "use-one-time-probing",
+ ],
+ ),
+ dns_resolving_hostname=dict(type="str"),
+ ip_address=dict(type="str"),
+ ),
+ ),
+ maximum_concurrent_ike_negotiations=dict(type="int"),
+ maximum_concurrent_tunnels=dict(type="int"),
+ office_mode=dict(
+ type="dict",
+ options=dict(
+ mode=dict(
+ type="str",
+ choices=["off", "specific-group", "all-users"],
+ ),
+ group=dict(type="str"),
+ allocate_ip_address_from=dict(
+ type="dict",
+ options=dict(
+ radius_server=dict(type="bool"),
+ use_allocate_method=dict(type="bool"),
+ allocate_method=dict(
+ type="str", choices=["manual", "automatic"]
+ ),
+ manual_network=dict(type="str"),
+ dhcp_server=dict(type="str"),
+ virtual_ip_address=dict(type="str"),
+ dhcp_mac_address=dict(
+ type="str",
+ choices=["per-machine", "per-user"],
+ ),
+ optional_parameters=dict(
+ type="dict",
+ options=dict(
+ use_primary_dns_server=dict(
+ type="bool"
+ ),
+ primary_dns_server=dict(type="str"),
+ use_first_backup_dns_server=dict(
+ type="bool"
+ ),
+ first_backup_dns_server=dict(
+ type="str"
+ ),
+ use_second_backup_dns_server=dict(
+ type="bool"
+ ),
+ second_backup_dns_server=dict(
+ type="str"
+ ),
+ dns_suffixes=dict(type="str"),
+ use_primary_wins_server=dict(
+ type="bool"
+ ),
+ primary_wins_server=dict(type="str"),
+ use_first_backup_wins_server=dict(
+ type="bool"
+ ),
+ first_backup_wins_server=dict(
+ type="str"
+ ),
+ use_second_backup_wins_server=dict(
+ type="bool"
+ ),
+ second_backup_wins_server=dict(
+ type="str"
+ ),
+ ip_lease_duration=dict(type="int"),
+ ),
+ ),
+ ),
+ ),
+ support_multiple_interfaces=dict(type="bool"),
+ perform_anti_spoofing=dict(type="bool"),
+ anti_spoofing_additional_addresses=dict(type="str"),
+ ),
+ ),
+ remote_access=dict(
+ type="dict",
+ options=dict(
+ support_l2tp=dict(type="bool"),
+ l2tp_auth_method=dict(
+ type="str", choices=["certificate", "md5"]
+ ),
+ l2tp_certificate=dict(type="str"),
+ allow_vpn_clients_to_route_traffic=dict(type="bool"),
+ support_nat_traversal_mechanism=dict(type="bool"),
+ nat_traversal_service=dict(type="str"),
+ support_visitor_mode=dict(type="bool"),
+ visitor_mode_service=dict(type="str"),
+ visitor_mode_interface=dict(type="str"),
+ ),
+ ),
+ vpn_domain=dict(type="str"),
+ vpn_domain_type=dict(
+ type="str", choices=["manual", "addresses_behind_gw"]
+ ),
+ ),
+ ),
+ show_portals_certificate=dict(type="bool"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ groups=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'simple-cluster'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "simple-cluster"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_simple_cluster_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_simple_cluster_facts.py
index c422eabf1..23cf270a4 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_simple_cluster_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_simple_cluster_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -122,35 +124,46 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- limit_interfaces=dict(type='int'),
- show_portals_certificate=dict(type='bool'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- filter=dict(type='str'),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- show_membership=dict(type='bool'),
- domains_to_process=dict(type='list', elements='str')
+ name=dict(type="str"),
+ limit_interfaces=dict(type="int"),
+ show_portals_certificate=dict(type="bool"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ filter=dict(type="str"),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ show_membership=dict(type="bool"),
+ domains_to_process=dict(type="list", elements="str"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "simple-cluster"
api_call_object_plural_version = "simple-clusters"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_simple_gateway.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_simple_gateway.py
index ce530d3f3..bd276c179 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_simple_gateway.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_simple_gateway.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -497,141 +499,272 @@ cp_mgmt_simple_gateway:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- ip_address=dict(type='str'),
- ipv4_address=dict(type='str'),
- ipv6_address=dict(type='str'),
- anti_bot=dict(type='bool'),
- anti_virus=dict(type='bool'),
- application_control=dict(type='bool'),
- content_awareness=dict(type='bool'),
- firewall=dict(type='bool'),
- firewall_settings=dict(type='dict', options=dict(
- auto_calculate_connections_hash_table_size_and_memory_pool=dict(type='bool'),
- auto_maximum_limit_for_concurrent_connections=dict(type='bool'),
- connections_hash_size=dict(type='int'),
- maximum_limit_for_concurrent_connections=dict(type='int'),
- maximum_memory_pool_size=dict(type='int'),
- memory_pool_size=dict(type='int')
- )),
- interfaces=dict(type='list', elements='dict', options=dict(
- name=dict(type='str'),
- anti_spoofing=dict(type='bool'),
- anti_spoofing_settings=dict(type='dict', options=dict(
- action=dict(type='str', choices=['prevent', 'detect'])
- )),
- ip_address=dict(type='str'),
- ipv4_address=dict(type='str'),
- ipv6_address=dict(type='str'),
- network_mask=dict(type='str'),
- ipv4_network_mask=dict(type='str'),
- ipv6_network_mask=dict(type='str'),
- mask_length=dict(type='str'),
- ipv4_mask_length=dict(type='str'),
- ipv6_mask_length=dict(type='str'),
- security_zone=dict(type='bool'),
- security_zone_settings=dict(type='dict', options=dict(
- auto_calculated=dict(type='bool'),
- specific_zone=dict(type='str')
- )),
- tags=dict(type='list', elements='str'),
- topology=dict(type='str', choices=['automatic', 'external', 'internal']),
- topology_settings=dict(type='dict', options=dict(
- interface_leads_to_dmz=dict(type='bool'),
- ip_address_behind_this_interface=dict(type='str', choices=['not defined', 'network defined by the interface ip and net mask',
- 'network defined by routing', 'specific']),
- specific_network=dict(type='str')
- )),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan',
- 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue',
- 'firebrick',
- 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon',
- 'coral',
- 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange',
- 'red',
- 'sienna', 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
- )),
- ips=dict(type='bool'),
- logs_settings=dict(type='dict', options=dict(
- alert_when_free_disk_space_below=dict(type='bool'),
- alert_when_free_disk_space_below_threshold=dict(type='int'),
- alert_when_free_disk_space_below_type=dict(type='str', choices=['none',
- 'log', 'popup alert', 'mail alert', 'snmp trap alert',
- 'user defined alert no.1',
- 'user defined alert no.2', 'user defined alert no.3']),
- before_delete_keep_logs_from_the_last_days=dict(type='bool'),
- before_delete_keep_logs_from_the_last_days_threshold=dict(type='int'),
- before_delete_run_script=dict(type='bool'),
- before_delete_run_script_command=dict(type='str'),
- delete_index_files_older_than_days=dict(type='bool'),
- delete_index_files_older_than_days_threshold=dict(type='int'),
- delete_index_files_when_index_size_above=dict(type='bool'),
- delete_index_files_when_index_size_above_threshold=dict(type='int'),
- delete_when_free_disk_space_below=dict(type='bool'),
- delete_when_free_disk_space_below_threshold=dict(type='int'),
- detect_new_citrix_ica_application_names=dict(type='bool'),
- forward_logs_to_log_server=dict(type='bool'),
- forward_logs_to_log_server_name=dict(type='str'),
- forward_logs_to_log_server_schedule_name=dict(type='str'),
- free_disk_space_metrics=dict(type='str', choices=['mbytes', 'percent']),
- perform_log_rotate_before_log_forwarding=dict(type='bool'),
- reject_connections_when_free_disk_space_below_threshold=dict(type='bool'),
- reserve_for_packet_capture_metrics=dict(type='str', choices=['percent', 'mbytes']),
- reserve_for_packet_capture_threshold=dict(type='int'),
- rotate_log_by_file_size=dict(type='bool'),
- rotate_log_file_size_threshold=dict(type='int'),
- rotate_log_on_schedule=dict(type='bool'),
- rotate_log_schedule_name=dict(type='str'),
- stop_logging_when_free_disk_space_below=dict(type='bool'),
- stop_logging_when_free_disk_space_below_threshold=dict(type='int'),
- turn_on_qos_logging=dict(type='bool'),
- update_account_log_every=dict(type='int')
- )),
- one_time_password=dict(type='str', no_log=True),
- os_name=dict(type='str'),
- save_logs_locally=dict(type='bool'),
- send_alerts_to_server=dict(type='list', elements='str'),
- send_logs_to_backup_server=dict(type='list', elements='str'),
- send_logs_to_server=dict(type='list', elements='str'),
- tags=dict(type='list', elements='str'),
- threat_emulation=dict(type='bool'),
- threat_extraction=dict(type='bool'),
- url_filtering=dict(type='bool'),
- gateway_version=dict(type='str'),
- vpn=dict(type='bool'),
- vpn_settings=dict(type='dict', options=dict(
- maximum_concurrent_ike_negotiations=dict(type='int'),
- maximum_concurrent_tunnels=dict(type='int')
- )),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral',
- 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- groups=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ ip_address=dict(type="str"),
+ ipv4_address=dict(type="str"),
+ ipv6_address=dict(type="str"),
+ anti_bot=dict(type="bool"),
+ anti_virus=dict(type="bool"),
+ application_control=dict(type="bool"),
+ content_awareness=dict(type="bool"),
+ firewall=dict(type="bool"),
+ firewall_settings=dict(
+ type="dict",
+ options=dict(
+ auto_calculate_connections_hash_table_size_and_memory_pool=dict(
+ type="bool"
+ ),
+ auto_maximum_limit_for_concurrent_connections=dict(
+ type="bool"
+ ),
+ connections_hash_size=dict(type="int"),
+ maximum_limit_for_concurrent_connections=dict(type="int"),
+ maximum_memory_pool_size=dict(type="int"),
+ memory_pool_size=dict(type="int"),
+ ),
+ ),
+ interfaces=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ name=dict(type="str"),
+ anti_spoofing=dict(type="bool"),
+ anti_spoofing_settings=dict(
+ type="dict",
+ options=dict(
+ action=dict(type="str", choices=["prevent", "detect"])
+ ),
+ ),
+ ip_address=dict(type="str"),
+ ipv4_address=dict(type="str"),
+ ipv6_address=dict(type="str"),
+ network_mask=dict(type="str"),
+ ipv4_network_mask=dict(type="str"),
+ ipv6_network_mask=dict(type="str"),
+ mask_length=dict(type="str"),
+ ipv4_mask_length=dict(type="str"),
+ ipv6_mask_length=dict(type="str"),
+ security_zone=dict(type="bool"),
+ security_zone_settings=dict(
+ type="dict",
+ options=dict(
+ auto_calculated=dict(type="bool"),
+ specific_zone=dict(type="str"),
+ ),
+ ),
+ tags=dict(type="list", elements="str"),
+ topology=dict(
+ type="str", choices=["automatic", "external", "internal"]
+ ),
+ topology_settings=dict(
+ type="dict",
+ options=dict(
+ interface_leads_to_dmz=dict(type="bool"),
+ ip_address_behind_this_interface=dict(
+ type="str",
+ choices=[
+ "not defined",
+ "network defined by the interface ip and net mask",
+ "network defined by routing",
+ "specific",
+ ],
+ ),
+ specific_network=dict(type="str"),
+ ),
+ ),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(
+ type="str", choices=["uid", "standard", "full"]
+ ),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
+ ),
+ ),
+ ips=dict(type="bool"),
+ logs_settings=dict(
+ type="dict",
+ options=dict(
+ alert_when_free_disk_space_below=dict(type="bool"),
+ alert_when_free_disk_space_below_threshold=dict(type="int"),
+ alert_when_free_disk_space_below_type=dict(
+ type="str",
+ choices=[
+ "none",
+ "log",
+ "popup alert",
+ "mail alert",
+ "snmp trap alert",
+ "user defined alert no.1",
+ "user defined alert no.2",
+ "user defined alert no.3",
+ ],
+ ),
+ before_delete_keep_logs_from_the_last_days=dict(type="bool"),
+ before_delete_keep_logs_from_the_last_days_threshold=dict(
+ type="int"
+ ),
+ before_delete_run_script=dict(type="bool"),
+ before_delete_run_script_command=dict(type="str"),
+ delete_index_files_older_than_days=dict(type="bool"),
+ delete_index_files_older_than_days_threshold=dict(type="int"),
+ delete_index_files_when_index_size_above=dict(type="bool"),
+ delete_index_files_when_index_size_above_threshold=dict(
+ type="int"
+ ),
+ delete_when_free_disk_space_below=dict(type="bool"),
+ delete_when_free_disk_space_below_threshold=dict(type="int"),
+ detect_new_citrix_ica_application_names=dict(type="bool"),
+ forward_logs_to_log_server=dict(type="bool"),
+ forward_logs_to_log_server_name=dict(type="str"),
+ forward_logs_to_log_server_schedule_name=dict(type="str"),
+ free_disk_space_metrics=dict(
+ type="str", choices=["mbytes", "percent"]
+ ),
+ perform_log_rotate_before_log_forwarding=dict(type="bool"),
+ reject_connections_when_free_disk_space_below_threshold=dict(
+ type="bool"
+ ),
+ reserve_for_packet_capture_metrics=dict(
+ type="str", choices=["percent", "mbytes"]
+ ),
+ reserve_for_packet_capture_threshold=dict(type="int"),
+ rotate_log_by_file_size=dict(type="bool"),
+ rotate_log_file_size_threshold=dict(type="int"),
+ rotate_log_on_schedule=dict(type="bool"),
+ rotate_log_schedule_name=dict(type="str"),
+ stop_logging_when_free_disk_space_below=dict(type="bool"),
+ stop_logging_when_free_disk_space_below_threshold=dict(
+ type="int"
+ ),
+ turn_on_qos_logging=dict(type="bool"),
+ update_account_log_every=dict(type="int"),
+ ),
+ ),
+ one_time_password=dict(type="str", no_log=True),
+ os_name=dict(type="str"),
+ save_logs_locally=dict(type="bool"),
+ send_alerts_to_server=dict(type="list", elements="str"),
+ send_logs_to_backup_server=dict(type="list", elements="str"),
+ send_logs_to_server=dict(type="list", elements="str"),
+ tags=dict(type="list", elements="str"),
+ threat_emulation=dict(type="bool"),
+ threat_extraction=dict(type="bool"),
+ url_filtering=dict(type="bool"),
+ gateway_version=dict(type="str"),
+ vpn=dict(type="bool"),
+ vpn_settings=dict(
+ type="dict",
+ options=dict(
+ maximum_concurrent_ike_negotiations=dict(type="int"),
+ maximum_concurrent_tunnels=dict(type="int"),
+ ),
+ ),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ groups=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'simple-gateway'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "simple-gateway"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_simple_gateway_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_simple_gateway_facts.py
index cdccabb18..6df2d31c4 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_simple_gateway_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_simple_gateway_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -102,31 +104,42 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- show_membership=dict(type='bool')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ show_membership=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "simple-gateway"
api_call_object_plural_version = "simple-gateways"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_smart_task.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_smart_task.py
new file mode 100644
index 000000000..c491bf72c
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_smart_task.py
@@ -0,0 +1,295 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_smart_task
+short_description: Manages smart-task objects on Checkpoint over Web Services API
+description:
+ - Manages smart-task objects on Checkpoint devices including creating, updating and removing objects.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ type: str
+ required: True
+ action:
+ description:
+ - The action to be run when the trigger is fired.
+ type: dict
+ suboptions:
+ send_web_request:
+ description:
+ - When the trigger is fired, sends an HTTPS POST web request to the configured URL.<br>The trigger data will be passed along with the
+ SmartTask's custom data in the request's payload.
+ type: dict
+ suboptions:
+ url:
+ description:
+ - URL used for the web request.
+ type: str
+ fingerprint:
+ description:
+ - The SHA1 fingerprint of the URL's SSL certificate. Used to trust servers with self-signed SSL certificates.
+ type: str
+ override_proxy:
+ description:
+ - Option to send to the web request via a proxy other than the Management's Server proxy (if defined).
+ type: bool
+ proxy_url:
+ description:
+ - URL of the proxy used to send the request.
+ type: str
+ shared_secret:
+ description:
+ - Shared secret that can be used by the target server to identify the Management Server.<br>The value will be sent as part of
+ the request in the "X-chkp-shared-secret" header.
+ type: str
+ time_out:
+ description:
+ - Web Request time-out in seconds.
+ type: int
+ run_script:
+ description:
+ - When the trigger is fired, runs the configured Repository Script on the defined targets.<br>The trigger data is then passed to the
+ script as the first parameter. The parameter is JSON encoded in Base64 format.
+ type: dict
+ suboptions:
+ repository_script:
+ description:
+ - Repository script that is executed when the trigger is fired., identified by the name or UID.
+ type: str
+ targets:
+ description:
+ - Targets to execute the script on.
+ type: list
+ elements: str
+ time_out:
+ description:
+ - Script execution time-out in seconds.
+ type: int
+ send_mail:
+ description:
+ - When the trigger is fired, sends the configured email to the defined recipients.
+ type: dict
+ suboptions:
+ mail_settings:
+ description:
+ - The required settings to send the mail by.
+ type: dict
+ suboptions:
+ recipients:
+ description:
+ - A comma separated list of recipient mail addresses.
+ type: str
+ sender_email:
+ description:
+ - An email address to send the mail from.
+ type: str
+ subject:
+ description:
+ - The email subject.
+ type: str
+ body:
+ description:
+ - The email body.
+ type: str
+ attachment:
+ description:
+ - What file should be attached to the mail.
+ type: str
+ choices: ['no attachment', 'changes report', 'policy installation report']
+ bcc_recipients:
+ description:
+ - A comma separated list of bcc recipient mail addresses.
+ type: str
+ cc_recipients:
+ description:
+ - A comma separated list of cc recipient mail addresses.
+ type: str
+ smtp_server:
+ description:
+ - The UID or the name a preconfigured SMTP server object.
+ type: str
+ trigger:
+ description:
+ - Trigger type associated with the SmartTask.
+ type: str
+ custom_data:
+ description:
+ - Per SmartTask custom data in JSON format.<br>When the trigger is fired, the trigger data is converted to JSON. The custom data is then
+ concatenated to the trigger data JSON.
+ type: str
+ description:
+ description:
+ - Description of the SmartTask's functionality and options.
+ type: str
+ enabled:
+ description:
+ - Whether the SmartTask is enabled and will run when triggered.
+ type: bool
+ fail_open:
+ description:
+ - If the action fails to execute, whether to treat the execution failure as an error, or continue.
+ type: bool
+ tags:
+ description:
+ - Collection of tag identifiers.
+ type: list
+ elements: str
+ color:
+ description:
+ - Color of the object. Should be one of existing colors.
+ type: str
+ choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green',
+ 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon',
+ 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow']
+ comments:
+ description:
+ - Comments string.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ ignore_warnings:
+ description:
+ - Apply changes ignoring warnings.
+ type: bool
+ ignore_errors:
+ description:
+ - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+ type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_objects
+"""
+
+EXAMPLES = """
+- name: add-smart-task
+ cp_mgmt_smart_task:
+ action:
+ run_script:
+ repository_script: Session Name Validation Script
+ time_out: 30
+ custom_data: '{"session-name-format": "CR"}'
+ description: Run a validation script that ensures that the a session name matches the expected name format as described in the Custom Data field.
+ enabled: true
+ name: Validate Session Name Before Publish
+ state: present
+ trigger: Before Publish
+
+- name: set-smart-task
+ cp_mgmt_smart_task:
+ action:
+ send_web_request:
+ fingerprint: 3FDD902286DBF130EF4CEC7939EF81060AB0FEB6
+ url: https://demo.example.com/policy-installation-reports
+ custom_data: '{"mail-address": "example-admin@example-corp.com"}'
+ description: Send policy installation results to the mail address specified in the Custom Data field using the corporate's dedicated web server.
+ enabled: true
+ name: Send Policy Installation Reports
+ state: present
+ trigger: After Install Policy
+
+- name: delete-smart-task
+ cp_mgmt_smart_task:
+ name: Validate Session Name Before Publish
+ state: absent
+"""
+
+RETURN = """
+cp_mgmt_smart_task:
+ description: The checkpoint object created or updated.
+ returned: always, except when deleting the object.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str', required=True),
+ action=dict(type='dict', options=dict(
+ send_web_request=dict(type='dict', options=dict(
+ url=dict(type='str'),
+ fingerprint=dict(type='str'),
+ override_proxy=dict(type='bool'),
+ proxy_url=dict(type='str'),
+ shared_secret=dict(type='str', no_log=True),
+ time_out=dict(type='int')
+ )),
+ run_script=dict(type='dict', options=dict(
+ repository_script=dict(type='str'),
+ targets=dict(type='list', elements='str'),
+ time_out=dict(type='int')
+ )),
+ send_mail=dict(type='dict', options=dict(
+ mail_settings=dict(type='dict', options=dict(
+ recipients=dict(type='str'),
+ sender_email=dict(type='str'),
+ subject=dict(type='str'),
+ body=dict(type='str'),
+ attachment=dict(type='str', choices=['no attachment', 'changes report', 'policy installation report']),
+ bcc_recipients=dict(type='str'),
+ cc_recipients=dict(type='str')
+ )),
+ smtp_server=dict(type='str')
+ ))
+ )),
+ trigger=dict(type='str'),
+ custom_data=dict(type='str'),
+ description=dict(type='str'),
+ enabled=dict(type='bool'),
+ fail_open=dict(type='bool'),
+ tags=dict(type='list', elements='str'),
+ color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
+ 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
+ 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
+ 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
+ 'yellow']),
+ comments=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ ignore_warnings=dict(type='bool'),
+ ignore_errors=dict(type='bool')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_objects)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ api_call_object = 'smart-task'
+
+ result = api_call(module, api_call_object)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_smart_task_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_smart_task_facts.py
new file mode 100644
index 000000000..ee5abdead
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_smart_task_facts.py
@@ -0,0 +1,141 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_smart_task_facts
+short_description: Get smart-task objects facts on Checkpoint over Web Services API
+description:
+ - Get smart-task objects facts on Checkpoint devices.
+ - All operations are performed over Web Services API.
+ - This module handles both operations, get a specific object and get several objects,
+ For getting a specific object use the parameter 'name'.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ This parameter is relevant only for getting a specific object.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ filter:
+ description:
+ - Search expression to filter objects by. The provided text should be exactly the same as it would be given in SmartConsole Object Explorer. The
+ logical operators in the expression ('AND', 'OR') should be provided in capital letters. The search involves both a IP search and a textual search in
+ name, comment, tags etc.
+ type: str
+ limit:
+ description:
+ - The maximal number of returned results.
+ This parameter is relevant only for getting few objects.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ This parameter is relevant only for getting few objects.
+ type: int
+ order:
+ description:
+ - Sorts the results by search criteria. Automatically sorts the results by Name, in the ascending order.
+ This parameter is relevant only for getting few objects.
+ type: list
+ elements: dict
+ suboptions:
+ ASC:
+ description:
+ - Sorts results by the given field in ascending order.
+ type: str
+ choices: ['name']
+ DESC:
+ description:
+ - Sorts results by the given field in descending order.
+ type: str
+ choices: ['name']
+ domains_to_process:
+ description:
+ - Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and
+ with ignore-warnings true. Valid values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.
+ type: list
+ elements: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_facts
+"""
+
+EXAMPLES = """
+- name: show-smart-task
+ cp_mgmt_smart_task_facts:
+ name: Validate Session Name Before Publish
+
+- name: show-smart-tasks
+ cp_mgmt_smart_task_facts:
+ details_level: standard
+ limit: 50
+ offset: 0
+"""
+
+RETURN = """
+ansible_facts:
+ description: The checkpoint object facts.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ filter=dict(type='str'),
+ limit=dict(type='int'),
+ offset=dict(type='int'),
+ order=dict(type='list', elements='dict', options=dict(
+ ASC=dict(type='str', choices=['name']),
+ DESC=dict(type='str', choices=['name'])
+ )),
+ domains_to_process=dict(type='list', elements='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_facts)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+
+ api_call_object = "smart-task"
+ api_call_object_plural_version = "smart-tasks"
+
+ result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ module.exit_json(ansible_facts=result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_smart_task_trigger_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_smart_task_trigger_facts.py
new file mode 100644
index 000000000..cbdc3f747
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_smart_task_trigger_facts.py
@@ -0,0 +1,141 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_smart_task_trigger_facts
+short_description: Get smart-task-trigger objects facts on Checkpoint over Web Services API
+description:
+ - Get smart-task-trigger objects facts on Checkpoint devices.
+ - All operations are performed over Web Services API.
+ - This module handles both operations, get a specific object and get several objects,
+ For getting a specific object use the parameter 'name'.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ This parameter is relevant only for getting a specific object.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ filter:
+ description:
+ - Search expression to filter objects by. The provided text should be exactly the same as it would be given in SmartConsole Object Explorer. The
+ logical operators in the expression ('AND', 'OR') should be provided in capital letters. The search involves both a IP search and a textual search in
+ name, comment, tags etc.
+ type: str
+ limit:
+ description:
+ - The maximal number of returned results.
+ This parameter is relevant only for getting few objects.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ This parameter is relevant only for getting few objects.
+ type: int
+ order:
+ description:
+ - Sorts the results by search criteria. Automatically sorts the results by Name, in the ascending order.
+ This parameter is relevant only for getting few objects.
+ type: list
+ elements: dict
+ suboptions:
+ ASC:
+ description:
+ - Sorts results by the given field in ascending order.
+ type: str
+ choices: ['name']
+ DESC:
+ description:
+ - Sorts results by the given field in descending order.
+ type: str
+ choices: ['name']
+ domains_to_process:
+ description:
+ - Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and
+ with ignore-warnings true. Valid values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.
+ type: list
+ elements: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_facts
+"""
+
+EXAMPLES = """
+- name: show-smart-task-trigger
+ cp_mgmt_smart_task_trigger_facts:
+ name: Before Publish
+
+- name: show-smart-task-triggers
+ cp_mgmt_smart_task_trigger_facts:
+ details_level: standard
+ limit: 50
+ offset: 0
+"""
+
+RETURN = """
+ansible_facts:
+ description: The checkpoint object facts.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ filter=dict(type='str'),
+ limit=dict(type='int'),
+ offset=dict(type='int'),
+ order=dict(type='list', elements='dict', options=dict(
+ ASC=dict(type='str', choices=['name']),
+ DESC=dict(type='str', choices=['name'])
+ )),
+ domains_to_process=dict(type='list', elements='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_facts)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+
+ api_call_object = "smart-task-trigger"
+ api_call_object_plural_version = "smart-task-triggers"
+
+ result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ module.exit_json(ansible_facts=result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_smtp_server.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_smtp_server.py
index 7feb0b7e1..9eff3c612 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_smtp_server.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_smtp_server.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -134,38 +136,79 @@ cp_mgmt_smtp_server:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- port=dict(type='int'),
- server=dict(type='str'),
- password=dict(type='str', no_log=True),
- username=dict(type='str'),
- authentication=dict(type='bool'),
- encryption=dict(type='str', choices=['none', 'ssl', 'tls']),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- domains_to_process=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ port=dict(type="int"),
+ server=dict(type="str"),
+ password=dict(type="str", no_log=True),
+ username=dict(type="str"),
+ authentication=dict(type="bool"),
+ encryption=dict(type="str", choices=["none", "ssl", "tls"]),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ domains_to_process=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'smtp-server'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "smtp-server"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_smtp_server_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_smtp_server_facts.py
index b574885fd..151902f5f 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_smtp_server_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_smtp_server_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -110,32 +112,43 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- filter=dict(type='str'),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- domains_to_process=dict(type='list', elements='str')
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ filter=dict(type="str"),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ domains_to_process=dict(type="list", elements="str"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "smtp-server"
api_call_object_plural_version = "smtp-servers"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_submit_session.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_submit_session.py
index 0dfdd0f5e..18abdc243 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_submit_session.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_submit_session.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -56,13 +58,14 @@ cp_mgmt_submit_session:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
- argument_spec = dict(
- uid=dict(type='str')
- )
+ argument_spec = dict(uid=dict(type="str"))
argument_spec.update(checkpoint_argument_spec_for_commands)
module = AnsibleModule(argument_spec=argument_spec)
@@ -73,5 +76,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_tacacs_group.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_tacacs_group.py
new file mode 100644
index 000000000..989502da5
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_tacacs_group.py
@@ -0,0 +1,146 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_tacacs_group
+short_description: Manages tacacs-group objects on Checkpoint over Web Services API
+description:
+ - Manages tacacs-group objects on Checkpoint devices including creating, updating and removing objects.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ type: str
+ required: True
+ members:
+ description:
+ - Collection of tacacs servers identified by the name or UID.
+ type: list
+ elements: str
+ tags:
+ description:
+ - Collection of tag identifiers.
+ type: list
+ elements: str
+ color:
+ description:
+ - Color of the object. Should be one of existing colors.
+ type: str
+ choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green',
+ 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon',
+ 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow']
+ comments:
+ description:
+ - Comments string.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ groups:
+ description:
+ - Collection of group identifiers.
+ type: list
+ elements: str
+ ignore_warnings:
+ description:
+ - Apply changes ignoring warnings.
+ type: bool
+ ignore_errors:
+ description:
+ - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+ type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_objects
+"""
+
+EXAMPLES = """
+- name: add-tacacs-group
+ cp_mgmt_tacacs_group:
+ members:
+ - t1
+ - t3
+ - group1
+ name: group2
+ state: present
+
+- name: set-tacacs-group
+ cp_mgmt_tacacs_group:
+ members:
+ - tacacs4
+ name: group1
+ state: present
+
+- name: delete-tacacs-group
+ cp_mgmt_tacacs_group:
+ name: tacacs group
+ state: absent
+"""
+
+RETURN = """
+cp_mgmt_tacacs_group:
+ description: The checkpoint object created or updated.
+ returned: always, except when deleting the object.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str', required=True),
+ members=dict(type='list', elements='str'),
+ tags=dict(type='list', elements='str'),
+ color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
+ 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
+ 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
+ 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
+ 'yellow']),
+ comments=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ groups=dict(type='list', elements='str'),
+ ignore_warnings=dict(type='bool'),
+ ignore_errors=dict(type='bool')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_objects)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ api_call_object = 'tacacs-group'
+
+ result = api_call(module, api_call_object)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_tacacs_group_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_tacacs_group_facts.py
new file mode 100644
index 000000000..00f8302ce
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_tacacs_group_facts.py
@@ -0,0 +1,141 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_tacacs_group_facts
+short_description: Get tacacs-group objects facts on Checkpoint over Web Services API
+description:
+ - Get tacacs-group objects facts on Checkpoint devices.
+ - All operations are performed over Web Services API.
+ - This module handles both operations, get a specific object and get several objects,
+ For getting a specific object use the parameter 'name'.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ This parameter is relevant only for getting a specific object.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ filter:
+ description:
+ - Search expression to filter objects by. The provided text should be exactly the same as it would be given in SmartConsole Object Explorer. The
+ logical operators in the expression ('AND', 'OR') should be provided in capital letters. The search involves both a IP search and a textual search in
+ name, comment, tags etc.
+ type: str
+ limit:
+ description:
+ - The maximal number of returned results.
+ This parameter is relevant only for getting few objects.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ This parameter is relevant only for getting few objects.
+ type: int
+ order:
+ description:
+ - Sorts the results by search criteria. Automatically sorts the results by Name, in the ascending order.
+ This parameter is relevant only for getting few objects.
+ type: list
+ elements: dict
+ suboptions:
+ ASC:
+ description:
+ - Sorts results by the given field in ascending order.
+ type: str
+ choices: ['name']
+ DESC:
+ description:
+ - Sorts results by the given field in descending order.
+ type: str
+ choices: ['name']
+ domains_to_process:
+ description:
+ - Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and
+ with ignore-warnings true. Valid values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.
+ type: list
+ elements: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_facts
+"""
+
+EXAMPLES = """
+- name: show-tacacs-group
+ cp_mgmt_tacacs_group_facts:
+ name: group1
+
+- name: show-tacacs-groups
+ cp_mgmt_tacacs_group_facts:
+ details_level: standard
+ limit: 50
+ offset: 0
+"""
+
+RETURN = """
+ansible_facts:
+ description: The checkpoint object facts.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ filter=dict(type='str'),
+ limit=dict(type='int'),
+ offset=dict(type='int'),
+ order=dict(type='list', elements='dict', options=dict(
+ ASC=dict(type='str', choices=['name']),
+ DESC=dict(type='str', choices=['name'])
+ )),
+ domains_to_process=dict(type='list', elements='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_facts)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+
+ api_call_object = "tacacs-group"
+ api_call_object_plural_version = "tacacs-groups"
+
+ result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ module.exit_json(ansible_facts=result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_tacacs_server.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_tacacs_server.py
new file mode 100644
index 000000000..986b46156
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_tacacs_server.py
@@ -0,0 +1,171 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_tacacs_server
+short_description: Manages tacacs-server objects on Checkpoint over Web Services API
+description:
+ - Manages tacacs-server objects on Checkpoint devices including creating, updating and removing objects.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ type: str
+ required: True
+ secret_key:
+ description:
+ - The server's secret key.<br><font color="red">Required only when</font> "server-type" was selected to be "TACACS+".
+ type: str
+ server:
+ description:
+ - The UID or Name of the host that is the TACACS Server.
+ type: str
+ encryption:
+ description:
+ - Is there a secret key defined on the server. Must be set true when "server-type" was selected to be "TACACS+".
+ type: bool
+ priority:
+ description:
+ - The priority of the TACACS Server in case it is a member of a TACACS Group.
+ type: int
+ server_type:
+ description:
+ - Server type, TACACS or TACACS+.
+ type: str
+ choices: ['TACACS', 'TACACS+']
+ service:
+ description:
+ - Server service, only relevant when "server-type" is TACACS.
+ type: str
+ tags:
+ description:
+ - Collection of tag identifiers.
+ type: list
+ elements: str
+ color:
+ description:
+ - Color of the object. Should be one of existing colors.
+ type: str
+ choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green',
+ 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon',
+ 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow']
+ comments:
+ description:
+ - Comments string.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ groups:
+ description:
+ - Collection of group identifiers.
+ type: list
+ elements: str
+ ignore_warnings:
+ description:
+ - Apply changes ignoring warnings.
+ type: bool
+ ignore_errors:
+ description:
+ - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+ type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_objects
+"""
+
+EXAMPLES = """
+- name: add-tacacs-server
+ cp_mgmt_tacacs_server:
+ name: tacacs7
+ server: h1
+ state: present
+
+- name: set-tacacs-server
+ cp_mgmt_tacacs_server:
+ encryption: 'true'
+ name: tacacs server
+ priority: '5'
+ secret_key: '**secret**'
+ server: d700e8d5-d010-4f37-ab14-f78f5a26426c
+ server_type: TACACS
+ state: present
+
+- name: delete-tacacs-server
+ cp_mgmt_tacacs_server:
+ name: tacacs server
+ state: absent
+"""
+
+RETURN = """
+cp_mgmt_tacacs_server:
+ description: The checkpoint object created or updated.
+ returned: always, except when deleting the object.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str', required=True),
+ secret_key=dict(type='str', no_log=True),
+ server=dict(type='str'),
+ encryption=dict(type='bool'),
+ priority=dict(type='int'),
+ server_type=dict(type='str', choices=['TACACS', 'TACACS+']),
+ service=dict(type='str'),
+ tags=dict(type='list', elements='str'),
+ color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
+ 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
+ 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
+ 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
+ 'yellow']),
+ comments=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ groups=dict(type='list', elements='str'),
+ ignore_warnings=dict(type='bool'),
+ ignore_errors=dict(type='bool')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_objects)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ api_call_object = 'tacacs-server'
+
+ result = api_call(module, api_call_object)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_tacacs_server_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_tacacs_server_facts.py
new file mode 100644
index 000000000..3a5868a20
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_tacacs_server_facts.py
@@ -0,0 +1,141 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_tacacs_server_facts
+short_description: Get tacacs-server objects facts on Checkpoint over Web Services API
+description:
+ - Get tacacs-server objects facts on Checkpoint devices.
+ - All operations are performed over Web Services API.
+ - This module handles both operations, get a specific object and get several objects,
+ For getting a specific object use the parameter 'name'.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ This parameter is relevant only for getting a specific object.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ filter:
+ description:
+ - Search expression to filter objects by. The provided text should be exactly the same as it would be given in SmartConsole Object Explorer. The
+ logical operators in the expression ('AND', 'OR') should be provided in capital letters. The search involves both a IP search and a textual search in
+ name, comment, tags etc.
+ type: str
+ limit:
+ description:
+ - The maximal number of returned results.
+ This parameter is relevant only for getting few objects.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ This parameter is relevant only for getting few objects.
+ type: int
+ order:
+ description:
+ - Sorts the results by search criteria. Automatically sorts the results by Name, in the ascending order.
+ This parameter is relevant only for getting few objects.
+ type: list
+ elements: dict
+ suboptions:
+ ASC:
+ description:
+ - Sorts results by the given field in ascending order.
+ type: str
+ choices: ['name']
+ DESC:
+ description:
+ - Sorts results by the given field in descending order.
+ type: str
+ choices: ['name']
+ domains_to_process:
+ description:
+ - Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and
+ with ignore-warnings true. Valid values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.
+ type: list
+ elements: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_facts
+"""
+
+EXAMPLES = """
+- name: show-tacacs-server
+ cp_mgmt_tacacs_server_facts:
+ name: t1
+
+- name: show-tacacs-servers
+ cp_mgmt_tacacs_server_facts:
+ details_level: standard
+ limit: 50
+ offset: 0
+"""
+
+RETURN = """
+ansible_facts:
+ description: The checkpoint object facts.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ filter=dict(type='str'),
+ limit=dict(type='int'),
+ offset=dict(type='int'),
+ order=dict(type='list', elements='dict', options=dict(
+ ASC=dict(type='str', choices=['name']),
+ DESC=dict(type='str', choices=['name'])
+ )),
+ domains_to_process=dict(type='list', elements='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_facts)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+
+ api_call_object = "tacacs-server"
+ api_call_object_plural_version = "tacacs-servers"
+
+ result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ module.exit_json(ansible_facts=result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_tag.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_tag.py
index 07bc150ce..2650b1913 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_tag.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_tag.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -96,31 +98,72 @@ cp_mgmt_tag:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'tag'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "tag"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_tag_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_tag_facts.py
index 942e1415b..918c9c8eb 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_tag_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_tag_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -95,30 +97,41 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- ))
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "tag"
api_call_object_plural_version = "tags"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_task_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_task_facts.py
new file mode 100644
index 000000000..f76eba09b
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_task_facts.py
@@ -0,0 +1,150 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_task_facts
+short_description: Get task objects facts on Checkpoint over Web Services API
+description:
+ - Get task objects facts on Checkpoint devices.
+ - All operations are performed over Web Services API.
+ - This module handles both operations, get a specific object and get several objects,
+ For getting a specific object use the parameter 'name'.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ task_id:
+ description:
+ - Unique identifier of one or more tasks.
+ type: list
+ elements: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ initiator:
+ description:
+ - Initiator's name. If name isn't specified, tasks from all initiators will be shown.
+ type: str
+ status:
+ description:
+ - Status.
+ type: str
+ choices: ['successful', 'failed', 'in-progress', 'all']
+ from_date:
+ description:
+ - The date from which tracking tasks is to be performed, by the task's last update date. ISO 8601. If timezone isn't specified in the input, the
+ Management server's timezone is used.
+ type: str
+ to_date:
+ description:
+ - The date until which tracking tasks is to be performed, by the task's last update date. ISO 8601. If timezone isn't specified in the input,
+ the Management server's timezone is used.
+ type: str
+ limit:
+ description:
+ - The maximal number of returned results.
+ This parameter is relevant only for getting few objects.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ This parameter is relevant only for getting few objects.
+ type: int
+ order:
+ description:
+ - Sorts results by the given field. By default the results are sorted in the descending order by the task's last update date.
+ This parameter is relevant only for getting few objects.
+ type: list
+ elements: dict
+ suboptions:
+ ASC:
+ description:
+ - Sorts results by the given field in ascending order.
+ type: str
+ choices: ['name']
+ DESC:
+ description:
+ - Sorts results by the given field in descending order.
+ type: str
+ choices: ['name']
+extends_documentation_fragment: check_point.mgmt.checkpoint_facts
+"""
+
+EXAMPLES = """
+- name: show-task
+ cp_mgmt_task_facts:
+ task_id: 2eec70e5-78a8-4bdb-9a76-cfb5601d0bcb
+
+- name: show-tasks
+ cp_mgmt_task_facts:
+ from_date: '2018-05-23T08:00:00'
+ initiator: admin1
+ status: successful
+"""
+
+RETURN = """
+ansible_facts:
+ description: The checkpoint object facts.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+
+
+def main():
+ argument_spec = dict(
+ task_id=dict(type='list', elements='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ initiator=dict(type='str'),
+ status=dict(type='str', choices=['successful', 'failed', 'in-progress', 'all']),
+ from_date=dict(type='str'),
+ to_date=dict(type='str'),
+ limit=dict(type='int'),
+ offset=dict(type='int'),
+ order=dict(type='list', elements='dict', options=dict(
+ ASC=dict(type='str', choices=['name']),
+ DESC=dict(type='str', choices=['name'])
+ ))
+ )
+ argument_spec.update(checkpoint_argument_spec_for_facts)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+
+ api_call_object = "task"
+ api_call_object_plural_version = "tasks"
+
+ result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ module.exit_json(ansible_facts=result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_test_sic_status.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_test_sic_status.py
index 2eb7dbf0a..7224b7886 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_test_sic_status.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_test_sic_status.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -61,13 +63,14 @@ cp_mgmt_test_sic_status:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
- argument_spec = dict(
- name=dict(type='str')
- )
+ argument_spec = dict(name=dict(type="str"))
argument_spec.update(checkpoint_argument_spec_for_commands)
module = AnsibleModule(argument_spec=argument_spec)
@@ -78,5 +81,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_exception.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_exception.py
index b6ea57f63..1b5f2b6bf 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_exception.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_exception.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -173,41 +175,47 @@ cp_mgmt_threat_exception:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call, api_call_for_rule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+ api_call_for_rule,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- position=dict(type='str'),
- exception_group_uid=dict(type='str'),
- exception_group_name=dict(type='str'),
- layer=dict(type='str'),
- rule_name=dict(type='str'),
- action=dict(type='str'),
- destination=dict(type='list', elements='str'),
- destination_negate=dict(type='bool'),
- enabled=dict(type='bool'),
- install_on=dict(type='list', elements='str'),
- protected_scope=dict(type='list', elements='str'),
- protected_scope_negate=dict(type='bool'),
- protection_or_site=dict(type='list', elements='str'),
- service=dict(type='list', elements='str'),
- service_negate=dict(type='bool'),
- source=dict(type='list', elements='str'),
- source_negate=dict(type='bool'),
- track=dict(type='str'),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ position=dict(type="str"),
+ exception_group_uid=dict(type="str"),
+ exception_group_name=dict(type="str"),
+ layer=dict(type="str"),
+ rule_name=dict(type="str"),
+ action=dict(type="str"),
+ destination=dict(type="list", elements="str"),
+ destination_negate=dict(type="bool"),
+ enabled=dict(type="bool"),
+ install_on=dict(type="list", elements="str"),
+ protected_scope=dict(type="list", elements="str"),
+ protected_scope_negate=dict(type="bool"),
+ protection_or_site=dict(type="list", elements="str"),
+ service=dict(type="list", elements="str"),
+ service_negate=dict(type="bool"),
+ source=dict(type="list", elements="str"),
+ source_negate=dict(type="bool"),
+ track=dict(type="str"),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'threat-exception'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "threat-exception"
- if module.params['position'] is None:
+ if module.params["position"] is None:
result = api_call(module, api_call_object)
else:
result = api_call_for_rule(module, api_call_object)
@@ -215,5 +223,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_exception_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_exception_facts.py
index 1455df234..6473ef001 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_exception_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_exception_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -175,49 +177,66 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- exception_group_uid=dict(type='str'),
- exception_group_name=dict(type='str'),
- layer=dict(type='str'),
- rule_name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- filter=dict(type='str'),
- filter_settings=dict(type='dict', options=dict(
- search_mode=dict(type='str', choices=['general', 'packet']),
- packet_search_settings=dict(type='dict', options=dict(
- expand_group_members=dict(type='bool'),
- expand_group_with_exclusion_members=dict(type='bool'),
- match_on_any=dict(type='bool'),
- match_on_group_with_exclusion=dict(type='bool'),
- match_on_negate=dict(type='bool')
- ))
- )),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- package=dict(type='str'),
- use_object_dictionary=dict(type='bool'),
- dereference_group_members=dict(type='bool'),
- show_membership=dict(type='bool')
+ name=dict(type="str"),
+ exception_group_uid=dict(type="str"),
+ exception_group_name=dict(type="str"),
+ layer=dict(type="str"),
+ rule_name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ filter=dict(type="str"),
+ filter_settings=dict(
+ type="dict",
+ options=dict(
+ search_mode=dict(type="str", choices=["general", "packet"]),
+ packet_search_settings=dict(
+ type="dict",
+ options=dict(
+ expand_group_members=dict(type="bool"),
+ expand_group_with_exclusion_members=dict(type="bool"),
+ match_on_any=dict(type="bool"),
+ match_on_group_with_exclusion=dict(type="bool"),
+ match_on_negate=dict(type="bool"),
+ ),
+ ),
+ ),
+ ),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ package=dict(type="str"),
+ use_object_dictionary=dict(type="bool"),
+ dereference_group_members=dict(type="bool"),
+ show_membership=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "threat-exception"
api_call_object_plural_version = "threat-rule-exception-rulebase"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_indicator.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_indicator.py
index 67772aef5..1fd458e81 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_indicator.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_indicator.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -218,57 +220,115 @@ cp_mgmt_threat_indicator:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- observables=dict(type='list', elements='dict', options=dict(
- name=dict(type='str'),
- md5=dict(type='str'),
- url=dict(type='str'),
- ip_address=dict(type='str'),
- ip_address_first=dict(type='str'),
- ip_address_last=dict(type='str'),
- domain=dict(type='str'),
- mail_to=dict(type='str'),
- mail_from=dict(type='str'),
- mail_cc=dict(type='str'),
- mail_reply_to=dict(type='str'),
- mail_subject=dict(type='str'),
- confidence=dict(type='str', choices=['low', 'medium', 'high', 'critical']),
- product=dict(type='str', choices=['AV', 'AB']),
- severity=dict(type='str', choices=['low', 'medium', 'high', 'critical']),
- comments=dict(type='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
- )),
- observables_raw_data=dict(type='str'),
- action=dict(type='str', choices=['Inactive', 'Ask', 'Prevent', 'Detect']),
- profile_overrides=dict(type='list', elements='dict', options=dict(
- action=dict(type='str', choices=['Inactive', 'Ask', 'Prevent', 'Detect']),
- profile=dict(type='str')
- )),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ observables=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ name=dict(type="str"),
+ md5=dict(type="str"),
+ url=dict(type="str"),
+ ip_address=dict(type="str"),
+ ip_address_first=dict(type="str"),
+ ip_address_last=dict(type="str"),
+ domain=dict(type="str"),
+ mail_to=dict(type="str"),
+ mail_from=dict(type="str"),
+ mail_cc=dict(type="str"),
+ mail_reply_to=dict(type="str"),
+ mail_subject=dict(type="str"),
+ confidence=dict(
+ type="str", choices=["low", "medium", "high", "critical"]
+ ),
+ product=dict(type="str", choices=["AV", "AB"]),
+ severity=dict(
+ type="str", choices=["low", "medium", "high", "critical"]
+ ),
+ comments=dict(type="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
+ ),
+ ),
+ observables_raw_data=dict(type="str"),
+ action=dict(
+ type="str", choices=["Inactive", "Ask", "Prevent", "Detect"]
+ ),
+ profile_overrides=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ action=dict(
+ type="str",
+ choices=["Inactive", "Ask", "Prevent", "Detect"],
+ ),
+ profile=dict(type="str"),
+ ),
+ ),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'threat-indicator'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "threat-indicator"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_indicator_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_indicator_facts.py
index 3d441c435..7e211e197 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_indicator_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_indicator_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -95,30 +97,41 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- ))
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "threat-indicator"
api_call_object_plural_version = "threat-indicators"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_layer.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_layer.py
index 991b533ef..45d4e8e43 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_layer.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_layer.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["deprecated"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -34,6 +36,10 @@ description:
- All operations are performed over Web Services API.
version_added: "1.0.0"
author: "Or Soffer (@chkp-orso)"
+deprecated:
+ alternative: cp_mgmt_threat_layers
+ why: Newer and updated modules released with more functionality.
+ removed_at_date: '2024-11-01'
options:
name:
description:
@@ -97,32 +103,73 @@ cp_mgmt_threat_layer:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- add_default_rule=dict(type='bool'),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ add_default_rule=dict(type="bool"),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'threat-layer'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "threat-layer"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_layer_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_layer_facts.py
index c432b56ec..bfed8eff4 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_layer_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_layer_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -98,30 +100,41 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- ))
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "threat-layer"
api_call_object_plural_version = "threat-layers"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_layers.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_layers.py
new file mode 100644
index 000000000..fdf605544
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_layers.py
@@ -0,0 +1,423 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+# Copyright 2022 Red Hat
+# GNU General Public License v3.0+
+# (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+
+"""
+The module file for cp_mgmt_threat_layers
+"""
+
+from __future__ import absolute_import, division, print_function
+
+__metaclass__ = type
+
+DOCUMENTATION = """
+module: cp_mgmt_threat_layers
+short_description: Manages THREAT LAYERS resource module
+description:
+ - This resource module allows for addition, deletion, or modification of CP Threat Layers.
+ - This resource module also takes care of gathering Threat Layers config facts
+version_added: "5.0.0"
+author: Ansible Security Automation Team (@justjais) <https://github.com/ansible-security>-
+options:
+ config:
+ description: A dictionary of THREAT LAYERS options
+ type: dict
+ suboptions:
+ name:
+ description: Object name. Must be unique in the domain.
+ type: str
+ add_default_rule:
+ description: Indicates whether to include a default rule in the new layer.
+ type: bool
+ tags:
+ description: Collection of tag identifiers.
+ type: list
+ elements: str
+ color:
+ description: Color of the object. Should be one of existing colors.
+ type: str
+ choices:
+ - aquamarine
+ - black
+ - blue
+ - crete blue
+ - burlywood
+ - cyan
+ - dark green
+ - khaki
+ - orchid
+ - dark orange
+ - dark sea green
+ - pink
+ - turquoise
+ - dark blue
+ - firebrick
+ - brown
+ - forest green
+ - gold
+ - dark gold
+ - gray
+ - dark gray
+ - light green
+ - lemon chiffon
+ - coral
+ - sea green
+ - sky blue
+ - magenta
+ - purple
+ - slate blue
+ - violet red
+ - navy blue
+ - olive
+ - orange
+ - red
+ - sienna
+ - yellow
+ comments:
+ description: Comments string.
+ type: str
+ details_level:
+ description: The level of detail for some of the fields in the response can
+ vary from showing only the UID value of the object to a fully detailed representation
+ of the object.
+ type: str
+ choices:
+ - uid
+ - standard
+ - full
+ ignore_warnings:
+ description: Apply changes ignoring warnings.
+ type: bool
+ ignore_errors:
+ description: Apply changes ignoring errors. You won't be able to publish such
+ a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+ type: bool
+ limit:
+ description:
+ - The maximal number of returned results.
+ - NOTE, this parameter is a valid parameter only for the GATHERED state, for config states
+ like, MERGED, REPLACED, and DELETED state it won't be applicable.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ - NOTE, this parameter is a valid parameter only for the GATHERED state, for config states
+ like, MERGED, REPLACED, and DELETED state it won't be applicable.
+ type: int
+ order:
+ description:
+ - Sorts results by the given field. By default the results are sorted in the ascending order by name.
+ This parameter is relevant only for getting few objects.
+ - NOTE, this parameter is a valid parameter only for the GATHERED state, for config states
+ like, MERGED, REPLACED, and DELETED state it won't be applicable.
+ type: list
+ elements: dict
+ suboptions:
+ ASC:
+ description:
+ - Sorts results by the given field in ascending order.
+ type: str
+ DESC:
+ description:
+ - Sorts results by the given field in descending order.
+ type: str
+ round_trip:
+ description:
+ - If set to True, the round trip will filter out the module parameters from the response param,
+ which will enable the user to fire the config request using the structured gathered data.
+ - NOTE, this parameter makes relevance only with the GATHERED state, as for config states like,
+ MERGED, REPLACED, and DELETED state it won't make any config updates,
+ as it's not a module config parameter.
+ auto_publish_session:
+ description:
+ - Publish the current session if changes have been performed
+ after task completes.
+ type: bool
+ version:
+ description:
+ - Version of checkpoint. If not given one, the latest version taken.
+ type: str
+ state:
+ description:
+ - The state the configuration should be left in
+ - The state I(gathered) will get the module API configuration from the device
+ and transform it into structured data in the format as per the module argspec
+ and the value is returned in the I(gathered) key within the result.
+ type: str
+ choices:
+ - merged
+ - replaced
+ - gathered
+ - deleted
+"""
+
+EXAMPLES = """
+
+# Using MERGED state
+# -------------------
+
+- name: To Add Merge Threat-Layers config
+ cp_mgmt_threat_layers:
+ state: merged
+ config:
+ name: New Layer 1
+ add_default_rule: true
+ tags:
+ - test_threat_layer
+ color: turquoise
+ comments: test description
+ ignore_warnings: false
+ ignore_errors: false
+ round_trip: true
+
+# RUN output:
+# -----------
+
+# mgmt_threat_layers:
+# after:
+# color: turquoise
+# comments: test description
+# icon: ApplicationFirewall/rulebase
+# ips-layer: false
+# name: New Layer 1
+# tags:
+# - test_threat_layer
+# before: {}
+
+# Using REPLACED state
+# --------------------
+
+- name: Replace Threat-layer config
+ cp_mgmt_threat_layers:
+ state: replaced
+ config:
+ name: New Layer 1
+ add_default_rule: true
+ tags:
+ - test_threat_layer_replaced
+ color: cyan
+ comments: REPLACED description
+ ignore_warnings: false
+ ignore_errors: false
+ round_trip: true
+
+# RUN output:
+# -----------
+
+# mgmt_threat_layers:
+# after:
+# color: cyan
+# comments: REPLACED description
+# icon: ApplicationFirewall/rulebase
+# ips-layer: false
+# name: New Layer 1
+# tags:
+# - test_threat_layer_replaced
+# before:
+# color: turquoise
+# comments: test description
+# icon: ApplicationFirewall/rulebase
+# ips-layer: false
+# name: New Layer 1
+# tags:
+# - test_threat_layer
+
+# Using GATHERED state
+# --------------------
+
+# 1. With Round Trip set to True
+
+- name: To Gather threat-layer by Name
+ cp_mgmt_threat_layers:
+ config:
+ name: New Layer 1
+ round_trip: true
+ state: gathered
+
+# RUN output:
+# -----------
+
+# gathered:
+# color: turquoise
+# comments: test description
+# domain: SMC User
+# icon: ApplicationFirewall/rulebase
+# ips-layer: false
+# name: New Layer 1
+# read-only: false
+# tags:
+# - test_threat_layer
+# uid: 4dc060e2-0ed6-48c5-9b0f-3d2fbeb552ba
+
+# 2. With Round Trip set to False which is the default behaviour
+
+- name: To Gather threat-layer by Name
+ cp_mgmt_threat_layers:
+ config:
+ name: New Layer 1
+ state: gathered
+
+# RUN output:
+# -----------
+
+# gathered:
+# color: turquoise
+# comments: test description
+# domain:
+# domain-type: domain
+# name: SMC User
+# uid: 41e821a0-3720-11e3-aa6e-0800200c9fde
+# icon: ApplicationFirewall/rulebase
+# ips-layer: false
+# meta-info:
+# creation-time:
+# iso-8601: 2022-11-21T07:30+0000
+# posix: 1669015820472
+# creator: admin
+# last-modifier: admin
+# last-modify-time:
+# iso-8601: 2022-11-21T07:30+0000
+# posix: 1669015821024
+# lock: unlocked
+# validation-state: ok
+# name: New Layer 1
+# read-only: false
+# tags:
+# - domain:
+# domain-type: domain
+# name: SMC User
+# uid: 41e821a0-3720-11e3-aa6e-0800200c9fde
+# name: test_threat_layer
+# type: tag
+# uid: 59f23149-ed5e-439f-9012-0cdf222a1c97
+# type: threat-layer
+# uid: ca196a80-fdc4-4e7b-8b25-e3eed125a25f
+
+# 3. Gather ALL threat-layer config with DESC order filter
+
+- name: To Gather ALL threat-layer and order by Name
+ cp_mgmt_threat_layers:
+ config:
+ order:
+ - DESC: name
+ state: gathered
+
+# RUN output:
+# -----------
+
+# gathered:
+# - color: black
+# comments: ''
+# domain:
+# domain-type: domain
+# name: SMC User
+# uid: 41e821a0-3720-11e3-aa6e-0800200c9fde
+# icon: ApplicationFirewall/sharedrulebase
+# ips-layer: true
+# meta-info:
+# creation-time:
+# iso-8601: 2020-01-20T09:43+0000
+# posix: 1579513387322
+# creator: System
+# last-modifier: System
+# last-modify-time:
+# iso-8601: 2020-01-20T09:43+0000
+# posix: 1579513387377
+# lock: unlocked
+# validation-state: ok
+# name: IPS
+# read-only: false
+# tags: []
+# type: threat-layer
+# uid: 90678011-1bcb-4296-8154-fa58c23ecf3b
+# - color: black
+# comments: ''
+# domain:
+# domain-type: domain
+# name: SMC User
+# uid: 41e821a0-3720-11e3-aa6e-0800200c9fde
+# icon: ApplicationFirewall/rulebase
+# ips-layer: false
+# meta-info:
+# creation-time:
+# iso-8601: 2020-01-20T09:43+0000
+# posix: 1579513386848
+# creator: System
+# last-modifier: System
+# last-modify-time:
+# iso-8601: 2020-01-20T09:43+0000
+# posix: 1579513387396
+# lock: unlocked
+# validation-state: ok
+# name: Standard Threat Prevention
+# read-only: false
+# tags: []
+# type: threat-layer
+# uid: 0dbe7c44-6d3f-4f28-8f2b-0e6790e57f8a
+
+# Using DELETED state
+# -------------------
+
+- name: Delete Threat-layer config by Name and Layer
+ cp_mgmt_threat_layers:
+ config:
+ layer: IPS
+ name: First threat layer
+ round_trip: true
+ state: deleted
+
+# RUN output:
+# -----------
+
+# mgmt_threat_layers:
+# after: {}
+# before:
+# action: Optimized
+# comments: This is the THREAT RULE
+# destination:
+# - Any
+# destination_negate: false
+# enabled: true
+# install_on:
+# - Policy Targets
+# layer: 90678011-1bcb-4296-8154-fa58c23ecf3b
+# name: First threat layer
+# protected_scope:
+# - All_Internet
+# protected_scope_negate: false
+# service:
+# - Any
+# service_negate: false
+# source:
+# - Any
+# source_negate: false
+# track: None
+# track_settings:
+# packet_capture: true
+"""
+
+RETURN = """
+before:
+ description: The configuration prior to the module execution.
+ returned: when state is I(merged), I(replaced), I(deleted)
+ type: dict
+ sample: >
+ This output will always be in the same format as the
+ module argspec.
+after:
+ description: The resulting configuration after module execution.
+ returned: when changed
+ type: dict
+ sample: >
+ This output will always be in the same format as the
+ module argspec.
+gathered:
+ description: Facts about the network resource gathered from the remote device as structured data.
+ returned: when state is I(gathered)
+ type: dict
+ sample: >
+ This output will always be in the same format as the
+ module argspec.
+"""
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_profile.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_profile.py
index e41b82c84..457f5d402 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_profile.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_profile.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -326,81 +328,191 @@ cp_mgmt_threat_profile:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- active_protections_performance_impact=dict(type='str', choices=['high', 'medium', 'low', 'very_low']),
- active_protections_severity=dict(type='str', choices=['Critical', 'High', 'Medium or above', 'Low or above']),
- confidence_level_high=dict(type='str', choices=['Inactive', 'Ask', 'Prevent', 'Detect']),
- confidence_level_low=dict(type='str', choices=['Inactive', 'Ask', 'Prevent', 'Detect']),
- confidence_level_medium=dict(type='str', choices=['Inactive', 'Ask', 'Prevent', 'Detect']),
- indicator_overrides=dict(type='list', elements='dict', options=dict(
- action=dict(type='str', choices=['Inactive', 'Ask', 'Prevent', 'Detect']),
- indicator=dict(type='str')
- )),
- ips_settings=dict(type='dict', options=dict(
- exclude_protection_with_performance_impact=dict(type='bool'),
- exclude_protection_with_performance_impact_mode=dict(type='str', choices=['very low', 'low or lower', 'medium or lower', 'high or lower']),
- exclude_protection_with_severity=dict(type='bool'),
- exclude_protection_with_severity_mode=dict(type='str', choices=['low or above', 'medium or above', 'high or above', 'critical']),
- newly_updated_protections=dict(type='str', choices=['active', 'inactive', 'staging'])
- )),
- malicious_mail_policy_settings=dict(type='dict', options=dict(
- add_customized_text_to_email_body=dict(type='bool'),
- add_email_subject_prefix=dict(type='bool'),
- add_x_header_to_email=dict(type='bool'),
- email_action=dict(type='str', choices=['allow', 'block']),
- email_body_customized_text=dict(type='str'),
- email_subject_prefix_text=dict(type='str'),
- failed_to_scan_attachments_text=dict(type='str'),
- malicious_attachments_text=dict(type='str'),
- malicious_links_text=dict(type='str'),
- remove_attachments_and_links=dict(type='bool'),
- send_copy=dict(type='bool'),
- send_copy_list=dict(type='list', elements='str')
- )),
- overrides=dict(type='list', elements='dict', options=dict(
- action=dict(type='str', choices=['Threat Cloud: Inactive', 'Detect', 'Prevent <br> Core: Drop', 'Inactive', 'Accept']),
- protection=dict(type='str'),
- capture_packets=dict(type='bool'),
- track=dict(type='str', choices=['none', 'log', 'alert', 'mail', 'snmp trap', 'user alert', 'user alert 1', 'user alert 2'])
- )),
- tags=dict(type='list', elements='str'),
- use_indicators=dict(type='bool'),
- anti_bot=dict(type='bool'),
- anti_virus=dict(type='bool'),
- ips=dict(type='bool'),
- threat_emulation=dict(type='bool'),
- activate_protections_by_extended_attributes=dict(type='list', elements='dict', options=dict(
- name=dict(type='str'),
- category=dict(type='str')
- )),
- deactivate_protections_by_extended_attributes=dict(type='list', elements='dict', options=dict(
- name=dict(type='str'),
- category=dict(type='str')
- )),
- use_extended_attributes=dict(type='bool'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ active_protections_performance_impact=dict(
+ type="str", choices=["high", "medium", "low", "very_low"]
+ ),
+ active_protections_severity=dict(
+ type="str",
+ choices=["Critical", "High", "Medium or above", "Low or above"],
+ ),
+ confidence_level_high=dict(
+ type="str", choices=["Inactive", "Ask", "Prevent", "Detect"]
+ ),
+ confidence_level_low=dict(
+ type="str", choices=["Inactive", "Ask", "Prevent", "Detect"]
+ ),
+ confidence_level_medium=dict(
+ type="str", choices=["Inactive", "Ask", "Prevent", "Detect"]
+ ),
+ indicator_overrides=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ action=dict(
+ type="str",
+ choices=["Inactive", "Ask", "Prevent", "Detect"],
+ ),
+ indicator=dict(type="str"),
+ ),
+ ),
+ ips_settings=dict(
+ type="dict",
+ options=dict(
+ exclude_protection_with_performance_impact=dict(type="bool"),
+ exclude_protection_with_performance_impact_mode=dict(
+ type="str",
+ choices=[
+ "very low",
+ "low or lower",
+ "medium or lower",
+ "high or lower",
+ ],
+ ),
+ exclude_protection_with_severity=dict(type="bool"),
+ exclude_protection_with_severity_mode=dict(
+ type="str",
+ choices=[
+ "low or above",
+ "medium or above",
+ "high or above",
+ "critical",
+ ],
+ ),
+ newly_updated_protections=dict(
+ type="str", choices=["active", "inactive", "staging"]
+ ),
+ ),
+ ),
+ malicious_mail_policy_settings=dict(
+ type="dict",
+ options=dict(
+ add_customized_text_to_email_body=dict(type="bool"),
+ add_email_subject_prefix=dict(type="bool"),
+ add_x_header_to_email=dict(type="bool"),
+ email_action=dict(type="str", choices=["allow", "block"]),
+ email_body_customized_text=dict(type="str"),
+ email_subject_prefix_text=dict(type="str"),
+ failed_to_scan_attachments_text=dict(type="str"),
+ malicious_attachments_text=dict(type="str"),
+ malicious_links_text=dict(type="str"),
+ remove_attachments_and_links=dict(type="bool"),
+ send_copy=dict(type="bool"),
+ send_copy_list=dict(type="list", elements="str"),
+ ),
+ ),
+ overrides=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ action=dict(
+ type="str",
+ choices=[
+ "Threat Cloud: Inactive",
+ "Detect",
+ "Prevent <br> Core: Drop",
+ "Inactive",
+ "Accept",
+ ],
+ ),
+ protection=dict(type="str"),
+ capture_packets=dict(type="bool"),
+ track=dict(
+ type="str",
+ choices=[
+ "none",
+ "log",
+ "alert",
+ "mail",
+ "snmp trap",
+ "user alert",
+ "user alert 1",
+ "user alert 2",
+ ],
+ ),
+ ),
+ ),
+ tags=dict(type="list", elements="str"),
+ use_indicators=dict(type="bool"),
+ anti_bot=dict(type="bool"),
+ anti_virus=dict(type="bool"),
+ ips=dict(type="bool"),
+ threat_emulation=dict(type="bool"),
+ activate_protections_by_extended_attributes=dict(
+ type="list",
+ elements="dict",
+ options=dict(name=dict(type="str"), category=dict(type="str")),
+ ),
+ deactivate_protections_by_extended_attributes=dict(
+ type="list",
+ elements="dict",
+ options=dict(name=dict(type="str"), category=dict(type="str")),
+ ),
+ use_extended_attributes=dict(type="bool"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'threat-profile'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "threat-profile"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_profile_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_profile_facts.py
index b3fcbaae2..00dc08a04 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_profile_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_profile_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -98,30 +100,41 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- ))
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "threat-profile"
api_call_object_plural_version = "threat-profiles"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_protection_override.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_protection_override.py
index 22ce24a22..d3d96289c 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_protection_override.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_protection_override.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -101,21 +103,49 @@ cp_mgmt_threat_protection_override:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- comments=dict(type='str'),
- follow_up=dict(type='bool'),
- overrides=dict(type='list', elements='dict', options=dict(
- action=dict(type='str', choices=['Threat Cloud: Inactive', 'Detect', 'Prevent <br> Core: Drop', 'Inactive', 'Accept']),
- profile=dict(type='str'),
- capture_packets=dict(type='bool'),
- track=dict(type='str', choices=['none', 'log', 'alert', 'mail', 'snmp trap', 'user alert', 'user alert 1', 'user alert 2'])
- )),
- details_level=dict(type='str', choices=['uid', 'standard', 'full'])
+ name=dict(type="str"),
+ comments=dict(type="str"),
+ follow_up=dict(type="bool"),
+ overrides=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ action=dict(
+ type="str",
+ choices=[
+ "Threat Cloud: Inactive",
+ "Detect",
+ "Prevent <br> Core: Drop",
+ "Inactive",
+ "Accept",
+ ],
+ ),
+ profile=dict(type="str"),
+ capture_packets=dict(type="bool"),
+ track=dict(
+ type="str",
+ choices=[
+ "none",
+ "log",
+ "alert",
+ "mail",
+ "snmp trap",
+ "user alert",
+ "user alert 1",
+ "user alert 2",
+ ],
+ ),
+ ),
+ ),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -127,5 +157,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_rule.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_rule.py
index a69286364..11e23389d 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_rule.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_rule.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -169,40 +171,46 @@ cp_mgmt_threat_rule:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call, api_call_for_rule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+ api_call_for_rule,
+)
def main():
argument_spec = dict(
- position=dict(type='str'),
- layer=dict(type='str'),
- name=dict(type='str', required=True),
- action=dict(type='str'),
- destination=dict(type='list', elements='str'),
- destination_negate=dict(type='bool'),
- enabled=dict(type='bool'),
- install_on=dict(type='list', elements='str'),
- protected_scope=dict(type='list', elements='str'),
- protected_scope_negate=dict(type='bool'),
- service=dict(type='list', elements='str'),
- service_negate=dict(type='bool'),
- source=dict(type='list', elements='str'),
- source_negate=dict(type='bool'),
- track=dict(type='str'),
- track_settings=dict(type='dict', options=dict(
- packet_capture=dict(type='bool')
- )),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ position=dict(type="str"),
+ layer=dict(type="str"),
+ name=dict(type="str", required=True),
+ action=dict(type="str"),
+ destination=dict(type="list", elements="str"),
+ destination_negate=dict(type="bool"),
+ enabled=dict(type="bool"),
+ install_on=dict(type="list", elements="str"),
+ protected_scope=dict(type="list", elements="str"),
+ protected_scope_negate=dict(type="bool"),
+ service=dict(type="list", elements="str"),
+ service_negate=dict(type="bool"),
+ source=dict(type="list", elements="str"),
+ source_negate=dict(type="bool"),
+ track=dict(type="str"),
+ track_settings=dict(
+ type="dict", options=dict(packet_capture=dict(type="bool"))
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'threat-rule'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "threat-rule"
- if module.params['position'] is None:
+ if module.params["position"] is None:
result = api_call(module, api_call_object)
else:
result = api_call_for_rule(module, api_call_object)
@@ -210,5 +218,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_rule_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_rule_facts.py
index 683784bc8..ce8fa8fe2 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_rule_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_threat_rule_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -165,46 +167,63 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts_for_rule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts_for_rule,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- layer=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- filter=dict(type='str'),
- filter_settings=dict(type='dict', options=dict(
- search_mode=dict(type='str', choices=['general', 'packet']),
- packet_search_settings=dict(type='dict', options=dict(
- expand_group_members=dict(type='bool'),
- expand_group_with_exclusion_members=dict(type='bool'),
- match_on_any=dict(type='bool'),
- match_on_group_with_exclusion=dict(type='bool'),
- match_on_negate=dict(type='bool')
- ))
- )),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- )),
- package=dict(type='str'),
- use_object_dictionary=dict(type='bool'),
- dereference_group_members=dict(type='bool'),
- show_membership=dict(type='bool')
+ name=dict(type="str"),
+ layer=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ filter=dict(type="str"),
+ filter_settings=dict(
+ type="dict",
+ options=dict(
+ search_mode=dict(type="str", choices=["general", "packet"]),
+ packet_search_settings=dict(
+ type="dict",
+ options=dict(
+ expand_group_members=dict(type="bool"),
+ expand_group_with_exclusion_members=dict(type="bool"),
+ match_on_any=dict(type="bool"),
+ match_on_group_with_exclusion=dict(type="bool"),
+ match_on_negate=dict(type="bool"),
+ ),
+ ),
+ ),
+ ),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
+ package=dict(type="str"),
+ use_object_dictionary=dict(type="bool"),
+ dereference_group_members=dict(type="bool"),
+ show_membership=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "threat-rule"
api_call_object_plural_version = "threat-rulebase"
- result = api_call_facts_for_rule(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts_for_rule(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_time.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_time.py
index aa0af5e9a..92f6b8137 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_time.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_time.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -228,58 +230,112 @@ cp_mgmt_time:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- end=dict(type='dict', options=dict(
- date=dict(type='str'),
- iso_8601=dict(type='str'),
- posix=dict(type='int'),
- time=dict(type='str')
- )),
- end_never=dict(type='bool'),
- hours_ranges=dict(type='list', elements='dict', options=dict(
- enabled=dict(type='bool'),
- index=dict(type='int'),
- to=dict(type='str')
- )),
- start=dict(type='dict', options=dict(
- date=dict(type='str'),
- iso_8601=dict(type='str'),
- posix=dict(type='int'),
- time=dict(type='str')
- )),
- start_now=dict(type='bool'),
- tags=dict(type='list', elements='str'),
- recurrence=dict(type='dict', options=dict(
- days=dict(type='list', elements='str'),
- month=dict(type='str'),
- pattern=dict(type='str'),
- weekdays=dict(type='list', elements='str')
- )),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- groups=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ end=dict(
+ type="dict",
+ options=dict(
+ date=dict(type="str"),
+ iso_8601=dict(type="str"),
+ posix=dict(type="int"),
+ time=dict(type="str"),
+ ),
+ ),
+ end_never=dict(type="bool"),
+ hours_ranges=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ enabled=dict(type="bool"),
+ index=dict(type="int"),
+ to=dict(type="str"),
+ ),
+ ),
+ start=dict(
+ type="dict",
+ options=dict(
+ date=dict(type="str"),
+ iso_8601=dict(type="str"),
+ posix=dict(type="int"),
+ time=dict(type="str"),
+ ),
+ ),
+ start_now=dict(type="bool"),
+ tags=dict(type="list", elements="str"),
+ recurrence=dict(
+ type="dict",
+ options=dict(
+ days=dict(type="list", elements="str"),
+ month=dict(type="str"),
+ pattern=dict(type="str"),
+ weekdays=dict(type="list", elements="str"),
+ ),
+ ),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ groups=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
- argument_spec['hours_ranges']['options']['from'] = dict(type='str')
+ argument_spec["hours_ranges"]["options"]["from"] = dict(type="str")
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'time'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "time"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_time_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_time_facts.py
index 40eb88026..2802e5ae1 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_time_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_time_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -98,30 +100,41 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- ))
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "time"
api_call_object_plural_version = "times"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_time_group.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_time_group.py
new file mode 100644
index 000000000..10ab28db4
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_time_group.py
@@ -0,0 +1,148 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_time_group
+short_description: Manages time-group objects on Checkpoint over Web Services API
+description:
+ - Manages time-group objects on Checkpoint devices including creating, updating and removing objects.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ type: str
+ required: True
+ members:
+ description:
+ - Collection of Time Group objects identified by the name or UID.
+ type: list
+ elements: str
+ tags:
+ description:
+ - Collection of tag identifiers.
+ type: list
+ elements: str
+ color:
+ description:
+ - Color of the object. Should be one of existing colors.
+ type: str
+ choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green',
+ 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon',
+ 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow']
+ comments:
+ description:
+ - Comments string.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ groups:
+ description:
+ - Collection of group identifiers.
+ type: list
+ elements: str
+ ignore_warnings:
+ description:
+ - Apply changes ignoring warnings.
+ type: bool
+ ignore_errors:
+ description:
+ - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+ type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_objects
+"""
+
+EXAMPLES = """
+- name: add-time-group
+ cp_mgmt_time_group:
+ name: timeGroup-1
+ members:
+ - member1
+ - member2
+ state: present
+
+- name: set-time-group
+ cp_mgmt_time_group:
+ name: timeGroup-1
+ members:
+ - member1
+ - member2
+ tags:
+ - tag1
+ state: present
+
+- name: delete-time-group
+ cp_mgmt_time_group:
+ name: timeGroup-1
+ state: absent
+"""
+
+RETURN = """
+cp_mgmt_time_group:
+ description: The checkpoint object created or updated.
+ returned: always, except when deleting the object.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str', required=True),
+ members=dict(type='list', elements='str'),
+ tags=dict(type='list', elements='str'),
+ color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
+ 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
+ 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
+ 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
+ 'yellow']),
+ comments=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ groups=dict(type='list', elements='str'),
+ ignore_warnings=dict(type='bool'),
+ ignore_errors=dict(type='bool')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_objects)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ api_call_object = 'time-group'
+
+ result = api_call(module, api_call_object)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_time_group_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_time_group_facts.py
new file mode 100644
index 000000000..49146d949
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_time_group_facts.py
@@ -0,0 +1,141 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_time_group_facts
+short_description: Get time-group objects facts on Checkpoint over Web Services API
+description:
+ - Get time-group objects facts on Checkpoint devices.
+ - All operations are performed over Web Services API.
+ - This module handles both operations, get a specific object and get several objects,
+ For getting a specific object use the parameter 'name'.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ This parameter is relevant only for getting a specific object.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ filter:
+ description:
+ - Search expression to filter objects by. The provided text should be exactly the same as it would be given in SmartConsole Object Explorer. The
+ logical operators in the expression ('AND', 'OR') should be provided in capital letters. The search involves both a IP search and a textual search in
+ name, comment, tags etc.
+ type: str
+ limit:
+ description:
+ - The maximal number of returned results.
+ This parameter is relevant only for getting few objects.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ This parameter is relevant only for getting few objects.
+ type: int
+ order:
+ description:
+ - Sorts the results by search criteria. Automatically sorts the results by Name, in the ascending order.
+ This parameter is relevant only for getting few objects.
+ type: list
+ elements: dict
+ suboptions:
+ ASC:
+ description:
+ - Sorts results by the given field in ascending order.
+ type: str
+ choices: ['name']
+ DESC:
+ description:
+ - Sorts results by the given field in descending order.
+ type: str
+ choices: ['name']
+ domains_to_process:
+ description:
+ - Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and
+ with ignore-warnings true. Valid values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.
+ type: list
+ elements: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_facts
+"""
+
+EXAMPLES = """
+- name: show-time-group
+ cp_mgmt_time_group_facts:
+ name: timeGroup-1
+
+- name: show-time-groups
+ cp_mgmt_time_group_facts:
+ details_level: standard
+ limit: 50
+ offset: 0
+"""
+
+RETURN = """
+ansible_facts:
+ description: The checkpoint object facts.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ filter=dict(type='str'),
+ limit=dict(type='int'),
+ offset=dict(type='int'),
+ order=dict(type='list', elements='dict', options=dict(
+ ASC=dict(type='str', choices=['name']),
+ DESC=dict(type='str', choices=['name'])
+ )),
+ domains_to_process=dict(type='list', elements='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_facts)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+
+ api_call_object = "time-group"
+ api_call_object_plural_version = "time-groups"
+
+ result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ module.exit_json(ansible_facts=result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_trusted_client.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_trusted_client.py
index 9b885f83a..f872eb7d9 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_trusted_client.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_trusted_client.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -169,48 +171,102 @@ cp_mgmt_trusted_client:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- ip_address=dict(type='str'),
- ipv4_address=dict(type='str'),
- ipv6_address=dict(type='str'),
- domains_assignment=dict(type='list', elements='str'),
- ip_address_first=dict(type='str'),
- ipv4_address_first=dict(type='str'),
- ipv6_address_first=dict(type='str'),
- ip_address_last=dict(type='str'),
- ipv4_address_last=dict(type='str'),
- ipv6_address_last=dict(type='str'),
- mask_length=dict(type='int'),
- mask_length4=dict(type='int'),
- mask_length6=dict(type='int'),
- multi_domain_server_trusted_client=dict(type='bool'),
- tags=dict(type='list', elements='str'),
- type=dict(type='str', choices=['any', 'domain', 'ipv4 address', 'ipv4 address range', 'ipv4 netmask',
- 'ipv6 address', 'ipv6 address range', 'ipv6 netmask', 'name', 'wild cards (ip only)']),
- wild_card=dict(type='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ ip_address=dict(type="str"),
+ ipv4_address=dict(type="str"),
+ ipv6_address=dict(type="str"),
+ domains_assignment=dict(type="list", elements="str"),
+ ip_address_first=dict(type="str"),
+ ipv4_address_first=dict(type="str"),
+ ipv6_address_first=dict(type="str"),
+ ip_address_last=dict(type="str"),
+ ipv4_address_last=dict(type="str"),
+ ipv6_address_last=dict(type="str"),
+ mask_length=dict(type="int"),
+ mask_length4=dict(type="int"),
+ mask_length6=dict(type="int"),
+ multi_domain_server_trusted_client=dict(type="bool"),
+ tags=dict(type="list", elements="str"),
+ type=dict(
+ type="str",
+ choices=[
+ "any",
+ "domain",
+ "ipv4 address",
+ "ipv4 address range",
+ "ipv4 netmask",
+ "ipv6 address",
+ "ipv6 address range",
+ "ipv6 netmask",
+ "name",
+ "wild cards (ip only)",
+ ],
+ ),
+ wild_card=dict(type="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'trusted-client'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "trusted-client"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_trusted_client_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_trusted_client_facts.py
index 8991e1125..46a620f9f 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_trusted_client_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_trusted_client_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -104,31 +106,42 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- filter=dict(type='str'),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- ))
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ filter=dict(type="str"),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "trusted-client"
api_call_object_plural_version = "trusted-clients"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_uninstall_software_package.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_uninstall_software_package.py
index 1ddb16d74..ce1a035ae 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_uninstall_software_package.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_uninstall_software_package.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -79,18 +81,24 @@ cp_mgmt_uninstall_software_package:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- targets=dict(type='list', elements='str'),
- cluster_installation_settings=dict(type='dict', options=dict(
- cluster_delay=dict(type='int'),
- cluster_strategy=dict(type='str')
- )),
- concurrency_limit=dict(type='int')
+ name=dict(type="str"),
+ targets=dict(type="list", elements="str"),
+ cluster_installation_settings=dict(
+ type="dict",
+ options=dict(
+ cluster_delay=dict(type="int"),
+ cluster_strategy=dict(type="str"),
+ ),
+ ),
+ concurrency_limit=dict(type="int"),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -102,5 +110,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_unlock_administrator.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_unlock_administrator.py
new file mode 100644
index 000000000..23fa7a58b
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_unlock_administrator.py
@@ -0,0 +1,85 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_unlock_administrator
+short_description: Unlock administrator.
+description:
+ - Unlock administrator.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ This parameter is relevant only for getting a specific object.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: unlock-administrator
+ cp_mgmt_unlock_administrator:
+ name: aa
+"""
+
+RETURN = """
+cp_mgmt_unlock_administrator:
+ description: The checkpoint unlock-administrator output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full'])
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "unlock-administrator"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_unlock_object.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_unlock_object.py
new file mode 100644
index 000000000..8718ed825
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_unlock_object.py
@@ -0,0 +1,96 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_unlock_object
+short_description: Unlock object using uid or {name and type}.
+description:
+ - Unlock object using uid or {name and type}.
+ - Can unlock object only if the current session owns the lock and there are no changes on the object.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name. Must be unique in the domain.
+ type: str
+ type:
+ description:
+ - Object type.
+ type: str
+ layer:
+ description:
+ - Object layer, need to specify the layer if the object is rule/section and uid is not supplied.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: unlock-object
+ cp_mgmt_unlock_object:
+ name: host5
+ type: host
+"""
+
+RETURN = """
+cp_mgmt_unlock_object:
+ description: The checkpoint unlock-object output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ type=dict(type='str'),
+ layer=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full'])
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "unlock-object"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_updatable_object_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_updatable_object_facts.py
new file mode 100644
index 000000000..626794a5e
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_updatable_object_facts.py
@@ -0,0 +1,143 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_updatable_object_facts
+short_description: Get updatable-object objects facts on Checkpoint over Web Services API
+description:
+ - Get updatable-object objects facts on Checkpoint devices.
+ - All operations are performed over Web Services API.
+ - This module handles both operations, get a specific object and get several objects,
+ For getting a specific object use the parameter 'name'.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ This parameter is relevant only for getting a specific object.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ filter:
+ description:
+ - Search expression to filter objects by. The provided text should be exactly the same as it would be given in SmartConsole Object Explorer. The
+ logical operators in the expression ('AND', 'OR') should be provided in capital letters. The search involves both a IP search and a textual search in
+ name, comment, tags etc.
+ type: str
+ limit:
+ description:
+ - The maximal number of returned results.
+ This parameter is relevant only for getting few objects.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ This parameter is relevant only for getting few objects.
+ type: int
+ order:
+ description:
+ - Sorts the results by search criteria. Automatically sorts the results by Name, in the ascending order.
+ This parameter is relevant only for getting few objects.
+ type: list
+ elements: dict
+ suboptions:
+ ASC:
+ description:
+ - Sorts results by the given field in ascending order.
+ type: str
+ choices: ['name']
+ DESC:
+ description:
+ - Sorts results by the given field in descending order.
+ type: str
+ choices: ['name']
+ show_membership:
+ description:
+ - Indicates whether to calculate and show "groups" field for every object in reply.
+ type: bool
+ domains_to_process:
+ description:
+ - Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and
+ with ignore-warnings true. Valid values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.
+ type: list
+ elements: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_facts
+"""
+
+EXAMPLES = """
+- name: show-updatable-object
+ cp_mgmt_updatable_object_facts:
+ name: CodeBuild US East 1
+
+- name: show-updatable-objects
+ cp_mgmt_updatable_object_facts:
+"""
+
+RETURN = """
+ansible_facts:
+ description: The checkpoint object facts.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ filter=dict(type='str'),
+ limit=dict(type='int'),
+ offset=dict(type='int'),
+ order=dict(type='list', elements="dict", options=dict(
+ ASC=dict(type='str', choices=['name']),
+ DESC=dict(type='str', choices=['name'])
+ )),
+ show_membership=dict(type='bool'),
+ domains_to_process=dict(type='list', elements="str")
+ )
+ argument_spec.update(checkpoint_argument_spec_for_facts)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+
+ api_call_object = "updatable-object"
+ api_call_object_plural_version = "updatable-objects"
+
+ result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ module.exit_json(ansible_facts=result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_update_provisioned_satellites.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_update_provisioned_satellites.py
index 5202c95b5..326e289a7 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_update_provisioned_satellites.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_update_provisioned_satellites.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -59,13 +61,14 @@ cp_mgmt_update_provisioned_satellites:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
- argument_spec = dict(
- vpn_center_gateways=dict(type='list', elements='str')
- )
+ argument_spec = dict(vpn_center_gateways=dict(type="list", elements="str"))
argument_spec.update(checkpoint_argument_spec_for_commands)
module = AnsibleModule(argument_spec=argument_spec)
@@ -76,5 +79,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_update_updatable_objects_repository_content.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_update_updatable_objects_repository_content.py
new file mode 100644
index 000000000..315f6af95
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_update_updatable_objects_repository_content.py
@@ -0,0 +1,71 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_update_updatable_objects_repository_content
+short_description: Updates the content of the Updatable Objects repository from the Check Point User Center.
+description:
+ - Updates the content of the Updatable Objects repository from the Check Point User Center.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options: {}
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: update-updatable-objects-repository-content
+ cp_mgmt_update_updatable_objects_repository_content:
+"""
+
+RETURN = """
+cp_mgmt_update_updatable_objects_repository_content:
+ description: The checkpoint update-updatable-objects-repository-content output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "update-updatable-objects-repository-content"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_user_group.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_user_group.py
new file mode 100644
index 000000000..591645d61
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_user_group.py
@@ -0,0 +1,149 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_user_group
+short_description: Manages user-group objects on Checkpoint over Web Services API
+description:
+ - Manages user-group objects on Checkpoint devices including creating, updating and removing objects.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ type: str
+ required: True
+ email:
+ description:
+ - Email Address.
+ type: str
+ members:
+ description:
+ - Collection of User Group objects identified by the name or UID.
+ type: list
+ elements: str
+ tags:
+ description:
+ - Collection of tag identifiers.
+ type: list
+ elements: str
+ color:
+ description:
+ - Color of the object. Should be one of existing colors.
+ type: str
+ choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green',
+ 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon',
+ 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow']
+ comments:
+ description:
+ - Comments string.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ groups:
+ description:
+ - Collection of group identifiers.
+ type: list
+ elements: str
+ ignore_warnings:
+ description:
+ - Apply changes ignoring warnings.
+ type: bool
+ ignore_errors:
+ description:
+ - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+ type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_objects
+"""
+
+EXAMPLES = """
+- name: add-user-group
+ cp_mgmt_user_group:
+ email: myusergroup@email.com
+ members:
+ - myuser
+ name: myusergroup
+ state: present
+
+- name: set-user-group
+ cp_mgmt_user_group:
+ email: myusergroup123@email.com
+ name: myusergroup
+ state: present
+
+- name: delete-user-group
+ cp_mgmt_user_group:
+ name: myusergroup
+ state: absent
+"""
+
+RETURN = """
+cp_mgmt_user_group:
+ description: The checkpoint object created or updated.
+ returned: always, except when deleting the object.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str', required=True),
+ email=dict(type='str'),
+ members=dict(type='list', elements='str'),
+ tags=dict(type='list', elements='str'),
+ color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
+ 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
+ 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
+ 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
+ 'yellow']),
+ comments=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ groups=dict(type='list', elements='str'),
+ ignore_warnings=dict(type='bool'),
+ ignore_errors=dict(type='bool')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_objects)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ api_call_object = 'user-group'
+
+ result = api_call(module, api_call_object)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_user_group_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_user_group_facts.py
new file mode 100644
index 000000000..97af74777
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_user_group_facts.py
@@ -0,0 +1,149 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_user_group_facts
+short_description: Get user-group objects facts on Checkpoint over Web Services API
+description:
+ - Get user-group objects facts on Checkpoint devices.
+ - All operations are performed over Web Services API.
+ - This module handles both operations, get a specific object and get several objects,
+ For getting a specific object use the parameter 'name'.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ This parameter is relevant only for getting a specific object.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ filter:
+ description:
+ - Search expression to filter objects by. The provided text should be exactly the same as it would be given in SmartConsole Object Explorer. The
+ logical operators in the expression ('AND', 'OR') should be provided in capital letters. The search involves both a IP search and a textual search in
+ name, comment, tags etc.
+ type: str
+ limit:
+ description:
+ - The maximal number of returned results.
+ This parameter is relevant only for getting few objects.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ This parameter is relevant only for getting few objects.
+ type: int
+ order:
+ description:
+ - Sorts the results by search criteria. Automatically sorts the results by Name, in the ascending order.
+ This parameter is relevant only for getting few objects.
+ type: list
+ elements: dict
+ suboptions:
+ ASC:
+ description:
+ - Sorts results by the given field in ascending order.
+ type: str
+ choices: ['name']
+ DESC:
+ description:
+ - Sorts results by the given field in descending order.
+ type: str
+ choices: ['name']
+ dereference_group_members:
+ description:
+ - Indicates whether to dereference "members" field by details level for every object in reply.
+ type: bool
+ show_membership:
+ description:
+ - Indicates whether to calculate and show "groups" field for every object in reply.
+ type: bool
+ domains_to_process:
+ description:
+ - Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and
+ with ignore-warnings true. Valid values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.
+ type: list
+ elements: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_facts
+"""
+
+EXAMPLES = """
+- name: show-user-group
+ cp_mgmt_user_group_facts:
+ name: myusergroup
+
+- name: show-user-groups
+ cp_mgmt_user_group_facts:
+ details_level: full
+"""
+
+RETURN = """
+ansible_facts:
+ description: The checkpoint object facts.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ filter=dict(type='str'),
+ limit=dict(type='int'),
+ offset=dict(type='int'),
+ order=dict(type='list', elements='dict', options=dict(
+ ASC=dict(type='str', choices=['name']),
+ DESC=dict(type='str', choices=['name'])
+ )),
+ dereference_group_members=dict(type='bool'),
+ show_membership=dict(type='bool'),
+ domains_to_process=dict(type='list', elements='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_facts)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+
+ api_call_object = "user-group"
+ api_call_object_plural_version = "user-groups"
+
+ result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ module.exit_json(ansible_facts=result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_verify_policy.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_verify_policy.py
index 77a4fc6eb..d9fdfb941 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_verify_policy.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_verify_policy.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -56,13 +58,14 @@ cp_mgmt_verify_policy:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
- argument_spec = dict(
- policy_package=dict(type='str')
- )
+ argument_spec = dict(policy_package=dict(type="str"))
argument_spec.update(checkpoint_argument_spec_for_commands)
module = AnsibleModule(argument_spec=argument_spec)
@@ -73,5 +76,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_verify_software_package.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_verify_software_package.py
index 8f1d83816..de7d2155d 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_verify_software_package.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_verify_software_package.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -79,16 +81,21 @@ cp_mgmt_verify_software_package:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_commands,
+ api_command,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- targets=dict(type='list', elements='str'),
- concurrency_limit=dict(type='int'),
- download_package=dict(type='bool'),
- download_package_from=dict(type='str', choices=['automatic', 'central', 'target-machine'])
+ name=dict(type="str"),
+ targets=dict(type="list", elements="str"),
+ concurrency_limit=dict(type="int"),
+ download_package=dict(type="bool"),
+ download_package_from=dict(
+ type="str", choices=["automatic", "central", "target-machine"]
+ ),
)
argument_spec.update(checkpoint_argument_spec_for_commands)
@@ -100,5 +107,5 @@ def main():
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_vpn_community_meshed.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_vpn_community_meshed.py
index 8ccc016e4..b4b043843 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_vpn_community_meshed.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_vpn_community_meshed.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -184,49 +186,149 @@ cp_mgmt_vpn_community_meshed:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- encryption_method=dict(type='str', choices=['prefer ikev2 but support ikev1', 'ikev2 only', 'ikev1 for ipv4 and ikev2 for ipv6 only']),
- encryption_suite=dict(type='str', choices=['suite-b-gcm-256', 'custom', 'vpn b', 'vpn a', 'suite-b-gcm-128']),
- gateways=dict(type='list', elements='str'),
- ike_phase_1=dict(type='dict', options=dict(
- data_integrity=dict(type='str', choices=['aes-xcbc', 'sha1', 'sha256', 'sha384', 'md5']),
- diffie_hellman_group=dict(type='str', choices=['group-1', 'group-2', 'group-5', 'group-14', 'group-19', 'group-20']),
- encryption_algorithm=dict(type='str', choices=['cast', 'aes-256', 'des', 'aes-128', '3des'])
- )),
- ike_phase_2=dict(type='dict', options=dict(
- data_integrity=dict(type='str', choices=['aes-xcbc', 'sha1', 'sha256', 'sha384', 'md5']),
- encryption_algorithm=dict(type='str', choices=['cast', 'aes-gcm-256', 'cast-40',
- 'aes-256', 'des', 'aes-128', '3des', 'des-40cp', 'aes-gcm-128', 'none'])
- )),
- shared_secrets=dict(type='list', elements='dict', no_log=True, options=dict(
- external_gateway=dict(type='str'),
- shared_secret=dict(type='str', no_log=True)
- )),
- tags=dict(type='list', elements='str'),
- use_shared_secret=dict(type='bool'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ encryption_method=dict(
+ type="str",
+ choices=[
+ "prefer ikev2 but support ikev1",
+ "ikev2 only",
+ "ikev1 for ipv4 and ikev2 for ipv6 only",
+ ],
+ ),
+ encryption_suite=dict(
+ type="str",
+ choices=[
+ "suite-b-gcm-256",
+ "custom",
+ "vpn b",
+ "vpn a",
+ "suite-b-gcm-128",
+ ],
+ ),
+ gateways=dict(type="list", elements="str"),
+ ike_phase_1=dict(
+ type="dict",
+ options=dict(
+ data_integrity=dict(
+ type="str",
+ choices=["aes-xcbc", "sha1", "sha256", "sha384", "md5"],
+ ),
+ diffie_hellman_group=dict(
+ type="str",
+ choices=[
+ "group-1",
+ "group-2",
+ "group-5",
+ "group-14",
+ "group-19",
+ "group-20",
+ ],
+ ),
+ encryption_algorithm=dict(
+ type="str",
+ choices=["cast", "aes-256", "des", "aes-128", "3des"],
+ ),
+ ),
+ ),
+ ike_phase_2=dict(
+ type="dict",
+ options=dict(
+ data_integrity=dict(
+ type="str",
+ choices=["aes-xcbc", "sha1", "sha256", "sha384", "md5"],
+ ),
+ encryption_algorithm=dict(
+ type="str",
+ choices=[
+ "cast",
+ "aes-gcm-256",
+ "cast-40",
+ "aes-256",
+ "des",
+ "aes-128",
+ "3des",
+ "des-40cp",
+ "aes-gcm-128",
+ "none",
+ ],
+ ),
+ ),
+ ),
+ shared_secrets=dict(
+ type="list",
+ elements="dict",
+ no_log=True,
+ options=dict(
+ external_gateway=dict(type="str"),
+ shared_secret=dict(type="str", no_log=True),
+ ),
+ ),
+ tags=dict(type="list", elements="str"),
+ use_shared_secret=dict(type="bool"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'vpn-community-meshed'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "vpn-community-meshed"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_vpn_community_meshed_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_vpn_community_meshed_facts.py
index 9ea3882a7..43357f8a1 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_vpn_community_meshed_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_vpn_community_meshed_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -98,30 +100,41 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- ))
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "vpn-community-meshed"
api_call_object_plural_version = "vpn-communities-meshed"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_vpn_community_remote_access_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_vpn_community_remote_access_facts.py
new file mode 100644
index 000000000..78da989b7
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_vpn_community_remote_access_facts.py
@@ -0,0 +1,138 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_vpn_community_remote_access_facts
+short_description: Get vpn-community-remote-access objects facts on Checkpoint over Web Services API
+description:
+ - Get vpn-community-remote-access objects facts on Checkpoint devices.
+ - All operations are performed over Web Services API.
+ - This module handles both operations, get a specific object and get several objects,
+ For getting a specific object use the parameter 'name'.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ This parameter is relevant only for getting a specific object.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ filter:
+ description:
+ - Search expression to filter objects by. The provided text should be exactly the same as it would be given in SmartConsole Object Explorer. The
+ logical operators in the expression ('AND', 'OR') should be provided in capital letters. The search involves both a IP search and a textual search in
+ name, comment, tags etc.
+ type: str
+ limit:
+ description:
+ - The maximal number of returned results.
+ This parameter is relevant only for getting few objects.
+ type: int
+ offset:
+ description:
+ - Number of the results to initially skip.
+ This parameter is relevant only for getting few objects.
+ type: int
+ order:
+ description:
+ - Sorts the results by search criteria. Automatically sorts the results by Name, in the ascending order.
+ This parameter is relevant only for getting few objects.
+ type: list
+ elements: dict
+ suboptions:
+ ASC:
+ description:
+ - Sorts results by the given field in ascending order.
+ type: str
+ choices: ['name']
+ DESC:
+ description:
+ - Sorts results by the given field in descending order.
+ type: str
+ choices: ['name']
+ domains_to_process:
+ description:
+ - Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and
+ with ignore-warnings true. Valid values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.
+ type: list
+ elements: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_facts
+"""
+
+EXAMPLES = """
+- name: show-vpn-community-remote-access
+ cp_mgmt_vpn_community_remote_access_facts:
+ name: RemoteAccess
+
+- name: show-vpn-communities-remote-access
+ cp_mgmt_vpn_community_remote_access_facts:
+"""
+
+RETURN = """
+ansible_facts:
+ description: The checkpoint object facts.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ filter=dict(type='str'),
+ limit=dict(type='int'),
+ offset=dict(type='int'),
+ order=dict(type='list', elements='dict', options=dict(
+ ASC=dict(type='str', choices=['name']),
+ DESC=dict(type='str', choices=['name'])
+ )),
+ domains_to_process=dict(type='list', elements='str')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_facts)
+
+ module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+
+ api_call_object = "vpn-community-remote-access"
+ api_call_object_plural_version = "vpn-communities-remote-access"
+
+ result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ module.exit_json(ansible_facts=result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_vpn_community_star.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_vpn_community_star.py
index 0073a60de..a5a1030bf 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_vpn_community_star.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_vpn_community_star.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -42,7 +44,7 @@ options:
required: True
center_gateways:
description:
- - Collection of Gateway objects representing center gateways identified by the name or UID.
+ - Collection of center VPN Gateway and VPN Device objects identified by the name or UID.
type: list
elements: str
encryption_method:
@@ -55,6 +57,93 @@ options:
- The encryption suite to be used.
type: str
choices: ['suite-b-gcm-256', 'custom', 'vpn b', 'vpn a', 'suite-b-gcm-128']
+ granular_encryptions:
+ description:
+ - VPN granular encryption settings.
+ type: list
+ elements: dict
+ version_added: "5.1.0"
+ suboptions:
+ internal_gateway:
+ description:
+ - Internally managed Check Point gateway identified by name or UID, or 'Any' for all internal-gateways participants in this community.
+ type: str
+ external_gateway:
+ description:
+ - Externally managed or 3rd party gateway identified by name or UID.
+ type: str
+ encryption_method:
+ description:
+ - The encryption method to be used.
+ type: str
+ choices: ['prefer ikev2 but support ikev1', 'ikev2 only', 'ikev1 for ipv4 and ikev2 for ipv6 only']
+ encryption_suite:
+ description:
+ - The encryption suite to be used.
+ type: str
+ choices: ['suite-b-gcm-256', 'custom', 'vpn b', 'vpn a', 'suite-b-gcm-128']
+ ike_phase_1:
+ description:
+ - Ike Phase 1 settings. Only applicable when the encryption-suite is set to [custom].
+ type: dict
+ suboptions:
+ encryption_algorithm:
+ description:
+ - The encryption algorithm to be used.
+ type: str
+ choices: ['cast', 'aes-256', 'des', 'aes-128', '3des']
+ data_integrity:
+ description:
+ - The hash algorithm to be used.
+ type: str
+ choices: ['aes-xcbc', 'sha1', 'sha256', 'sha384', 'sha512', 'md5']
+ diffie_hellman_group:
+ description:
+ - The Diffie-Hellman group to be used.
+ type: str
+ choices: ['group-1', 'group-2', 'group-5', 'group-14', 'group-15', 'group-16', 'group-17', 'group-18', 'group-19', 'group-20', 'group-24']
+ ike_p1_rekey_time:
+ description:
+ - Indicates the time interval for IKE phase 1 renegotiation.
+ type: int
+ ike_p1_rekey_time_unit:
+ description:
+ - Indicates the time unit for [ike-p1-rekey-time-unit] parameter, rounded up to minutes scale.
+ type: str
+ choices: ['days', 'hours', 'minutes', 'seconds']
+ ike_phase_2:
+ description:
+ - Ike Phase 2 settings. Only applicable when the encryption-suite is set to [custom].
+ type: dict
+ suboptions:
+ encryption_algorithm:
+ description:
+ - The encryption algorithm to be used.
+ type: str
+ choices: ['cast', 'aes-gcm-256', 'cast-40', 'aes-256', 'des', 'aes-128', '3des', 'des-40cp', 'aes-gcm-128', 'none']
+ data_integrity:
+ description:
+ - The hash algorithm to be used.
+ type: str
+ choices: ['aes-xcbc', 'sha1', 'sha256', 'sha384', 'sha512', 'md5']
+ ike_p2_use_pfs:
+ description:
+ - Indicates whether Perfect Forward Secrecy (PFS) is being used for IKE phase 2.
+ type: bool
+ ike_p2_pfs_dh_grp:
+ description:
+ - The Diffie-Hellman group to be used.
+ type: str
+ choices: ['group-1', 'group-2', 'group-5', 'group-14', 'group-15', 'group-16', 'group-17', 'group-18', 'group-19', 'group-20', 'group-24']
+ ike_p2_rekey_time:
+ description:
+ - Indicates the time interval for IKE phase 2 renegotiation.
+ type: int
+ ike_p2_rekey_time_unit:
+ description:
+ - Indicates the time unit for [ike-p2-rekey-time-unit] parameter.
+ type: str
+ choices: ['days', 'hours', 'minutes', 'seconds']
ike_phase_1:
description:
- Ike Phase 1 settings. Only applicable when the encryption-suite is set to [custom].
@@ -75,6 +164,17 @@ options:
- The encryption algorithm to be used.
type: str
choices: ['cast', 'aes-256', 'des', 'aes-128', '3des']
+ ike_p1_rekey_time:
+ description:
+ - Indicates the time interval for IKE phase 1 renegotiation.
+ type: int
+ version_added: "5.1.0"
+ ike_p1_rekey_time_unit:
+ description:
+ - Indicates the time unit for [ike-p1-rekey-time-unit] parameter, rounded up to minutes scale.
+ type: str
+ choices: ['days', 'hours', 'minutes', 'seconds']
+ version_added: "5.1.0"
ike_phase_2:
description:
- Ike Phase 2 settings. Only applicable when the encryption-suite is set to [custom].
@@ -90,10 +190,47 @@ options:
- The encryption algorithm to be used.
type: str
choices: ['cast', 'aes-gcm-256', 'cast-40', 'aes-256', 'des', 'aes-128', '3des', 'des-40cp', 'aes-gcm-128', 'none']
+ ike_p2_use_pfs:
+ description:
+ - Indicates whether Perfect Forward Secrecy (PFS) is being used for IKE phase 2.
+ type: bool
+ version_added: "5.1.0"
+ ike_p2_pfs_dh_grp:
+ description:
+ - The Diffie-Hellman group to be used.
+ type: str
+ choices: ['group-1', 'group-2', 'group-5', 'group-14', 'group-15', 'group-16', 'group-17', 'group-18', 'group-19', 'group-20', 'group-24']
+ version_added: "5.1.0"
+ ike_p2_rekey_time:
+ description:
+ - Indicates the time interval for IKE phase 2 renegotiation.
+ type: int
+ version_added: "5.1.0"
+ ike_p2_rekey_time_unit:
+ description:
+ - Indicates the time unit for [ike-p2-rekey-time-unit] parameter.
+ type: str
+ choices: ['days', 'hours', 'minutes', 'seconds']
+ version_added: "5.1.0"
mesh_center_gateways:
description:
- Indicates whether the meshed community is in center.
type: bool
+ override_vpn_domains:
+ description:
+ - The Overrides VPN Domains of the participants GWs.
+ type: list
+ elements: dict
+ version_added: "5.1.0"
+ suboptions:
+ gateway:
+ description:
+ - Participant gateway in override VPN domain identified by the name or UID.
+ type: str
+ vpn_domain:
+ description:
+ - VPN domain network identified by the name or UID.
+ type: str
satellite_gateways:
description:
- Collection of Gateway objects representing satellite gateways identified by the name or UID.
@@ -118,6 +255,12 @@ options:
- Collection of tag identifiers.
type: list
elements: str
+ tunnel_granularity:
+ description:
+ - VPN tunnel sharing option to be used.
+ type: str
+ choices: ['per_host', 'per_subnet', 'universal']
+ version_added: "5.1.0"
use_shared_secret:
description:
- Indicates whether the shared secret should be used for all external gateways.
@@ -194,51 +337,194 @@ cp_mgmt_vpn_community_star:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- center_gateways=dict(type='list', elements='str'),
- encryption_method=dict(type='str', choices=['prefer ikev2 but support ikev1', 'ikev2 only', 'ikev1 for ipv4 and ikev2 for ipv6 only']),
- encryption_suite=dict(type='str', choices=['suite-b-gcm-256', 'custom', 'vpn b', 'vpn a', 'suite-b-gcm-128']),
- ike_phase_1=dict(type='dict', options=dict(
- data_integrity=dict(type='str', choices=['aes-xcbc', 'sha1', 'sha256', 'sha384', 'md5']),
- diffie_hellman_group=dict(type='str', choices=['group-1', 'group-2', 'group-5', 'group-14', 'group-19', 'group-20']),
- encryption_algorithm=dict(type='str', choices=['cast', 'aes-256', 'des', 'aes-128', '3des'])
- )),
- ike_phase_2=dict(type='dict', options=dict(
- data_integrity=dict(type='str', choices=['aes-xcbc', 'sha1', 'sha256', 'sha384', 'md5']),
- encryption_algorithm=dict(type='str', choices=['cast', 'aes-gcm-256', 'cast-40',
- 'aes-256', 'des', 'aes-128', '3des', 'des-40cp', 'aes-gcm-128', 'none'])
- )),
- mesh_center_gateways=dict(type='bool'),
- satellite_gateways=dict(type='list', elements='str'),
- shared_secrets=dict(type='list', elements='dict', no_log=True, options=dict(
+ name=dict(type="str", required=True),
+ center_gateways=dict(type="list", elements="str"),
+ encryption_method=dict(
+ type="str",
+ choices=[
+ "prefer ikev2 but support ikev1",
+ "ikev2 only",
+ "ikev1 for ipv4 and ikev2 for ipv6 only",
+ ],
+ ),
+ encryption_suite=dict(
+ type="str",
+ choices=[
+ "suite-b-gcm-256",
+ "custom",
+ "vpn b",
+ "vpn a",
+ "suite-b-gcm-128",
+ ],
+ ),
+ granular_encryptions=dict(type='list', elements="dict", options=dict(
+ internal_gateway=dict(type='str'),
external_gateway=dict(type='str'),
- shared_secret=dict(type='str', no_log=True)
+ encryption_method=dict(type='str', choices=['prefer ikev2 but support ikev1', 'ikev2 only',
+ 'ikev1 for ipv4 and ikev2 for ipv6 only']),
+ encryption_suite=dict(type='str',
+ choices=['suite-b-gcm-256', 'custom', 'vpn b', 'vpn a', 'suite-b-gcm-128']),
+ ike_phase_1=dict(type='dict', options=dict(
+ encryption_algorithm=dict(type='str', choices=['cast', 'aes-256', 'des', 'aes-128', '3des']),
+ data_integrity=dict(type='str', choices=['aes-xcbc', 'sha1', 'sha256', 'sha384', 'sha512', 'md5']),
+ diffie_hellman_group=dict(type='str', choices=['group-1', 'group-2', 'group-5',
+ 'group-14', 'group-15', 'group-16', 'group-17',
+ 'group-18', 'group-19', 'group-20',
+ 'group-24']),
+ ike_p1_rekey_time=dict(type='int', no_log=False),
+ ike_p1_rekey_time_unit=dict(type='str', choices=['days', 'hours', 'minutes', 'seconds'])
+ )),
+ ike_phase_2=dict(type='dict', options=dict(
+ encryption_algorithm=dict(type='str', choices=['cast', 'aes-gcm-256', 'cast-40',
+ 'aes-256', 'des', 'aes-128', '3des', 'des-40cp',
+ 'aes-gcm-128', 'none']),
+ data_integrity=dict(type='str', choices=['aes-xcbc', 'sha1', 'sha256', 'sha384', 'sha512', 'md5']),
+ ike_p2_use_pfs=dict(type='bool'),
+ ike_p2_pfs_dh_grp=dict(type='str', choices=['group-1', 'group-2', 'group-5',
+ 'group-14', 'group-15', 'group-16', 'group-17', 'group-18',
+ 'group-19', 'group-20', 'group-24']),
+ ike_p2_rekey_time=dict(type='int', no_log=False),
+ ike_p2_rekey_time_unit=dict(type='str', choices=['days', 'hours', 'minutes', 'seconds']),
+ ))
)),
- tags=dict(type='list', elements='str'),
- use_shared_secret=dict(type='bool'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ ike_phase_1=dict(
+ type="dict",
+ options=dict(
+ data_integrity=dict(
+ type="str",
+ choices=["aes-xcbc", "sha1", "sha256", "sha384", "md5"],
+ ),
+ diffie_hellman_group=dict(
+ type="str",
+ choices=[
+ "group-1",
+ "group-2",
+ "group-5",
+ "group-14",
+ "group-19",
+ "group-20",
+ ],
+ ),
+ encryption_algorithm=dict(
+ type="str",
+ choices=["cast", "aes-256", "des", "aes-128", "3des"],
+ ),
+ ike_p1_rekey_time=dict(type='int', no_log=False),
+ ike_p1_rekey_time_unit=dict(type='str', choices=['days', 'hours', 'minutes', 'seconds']),
+ ),
+ ),
+ ike_phase_2=dict(
+ type="dict",
+ options=dict(
+ data_integrity=dict(
+ type="str",
+ choices=["aes-xcbc", "sha1", "sha256", "sha384", "md5"],
+ ),
+ encryption_algorithm=dict(
+ type="str",
+ choices=[
+ "cast",
+ "aes-gcm-256",
+ "cast-40",
+ "aes-256",
+ "des",
+ "aes-128",
+ "3des",
+ "des-40cp",
+ "aes-gcm-128",
+ "none",
+ ],
+ ),
+ ike_p2_use_pfs=dict(type='bool'),
+ ike_p2_pfs_dh_grp=dict(type='str', choices=['group-1', 'group-2', 'group-5', 'group-14',
+ 'group-15', 'group-16', 'group-17', 'group-18', 'group-19',
+ 'group-20', 'group-24']),
+ ike_p2_rekey_time=dict(type='int', no_log=False),
+ ike_p2_rekey_time_unit=dict(type='str', choices=['days', 'hours', 'minutes', 'seconds']),
+ ),
+ ),
+ mesh_center_gateways=dict(type="bool"),
+ override_vpn_domains=dict(type='list', elements="dict", options=dict(
+ gateway=dict(type='str'),
+ vpn_domain=dict(type='str')
+ )),
+ satellite_gateways=dict(type="list", elements="str"),
+ shared_secrets=dict(
+ type="list",
+ elements="dict",
+ no_log=True,
+ options=dict(
+ external_gateway=dict(type="str"),
+ shared_secret=dict(type="str", no_log=True),
+ ),
+ ),
+ tags=dict(type="list", elements="str"),
+ tunnel_granularity=dict(type='str', choices=['per_host', 'per_subnet', 'universal']),
+ use_shared_secret=dict(type="bool"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'vpn-community-star'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "vpn-community-star"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_vpn_community_star_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_vpn_community_star_facts.py
index 09fbd90a6..845c11fc2 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_vpn_community_star_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_vpn_community_star_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -98,30 +100,41 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- ))
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "vpn-community-star"
api_call_object_plural_version = "vpn-communities-star"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_vsx_run_operation.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_vsx_run_operation.py
new file mode 100644
index 000000000..15db77ea1
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_vsx_run_operation.py
@@ -0,0 +1,242 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_vsx_run_operation
+short_description: Run the VSX operation by its name and parameters.
+description:
+ - Run the VSX operation by its name and parameters.
+ - An automatic session publish is part of all the operations in this API.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ operation:
+ description:
+ - The name of the operation to run. Each operation has its specific parameters.<br>The available operations are,<ul><li><i>upgrade</i> -
+ Upgrades the VSX Gateway or VSX Cluster object to a higher version</li><li><i>downgrade</i> - Downgrades the VSX Gateway or VSX Cluster object to a
+ lower version</li><li><i>add-member</i> - Adds a new VSX Cluster member object</li><li><i>remove-member</i> - Removes a VSX Cluster member
+ object</li><li><i>reconf-gw</i> - Reconfigures a VSX Gateway after a clean install</li><li><i>reconf-member</i> - Reconfigures a VSX Cluster member
+ after a clean install</li></ul>.
+ type: str
+ choices: ['upgrade', 'downgrade', 'add-member', 'remove-member', 'reconf-gw', 'reconf-member']
+ add_member_params:
+ description:
+ - Parameters for the operation to add a VSX Cluster member.
+ type: dict
+ suboptions:
+ ipv4_address:
+ description:
+ - The IPv4 address of the management interface of the VSX Cluster member.
+ type: str
+ ipv4_sync_address:
+ description:
+ - The IPv4 address of the sync interface of the VSX Cluster member.
+ type: str
+ member_name:
+ description:
+ - Name of the new VSX Cluster member object.
+ type: str
+ vsx_name:
+ description:
+ - Name of the VSX Cluster object.
+ type: str
+ vsx_uid:
+ description:
+ - UID of the VSX Cluster object.
+ type: str
+ downgrade_params:
+ description:
+ - Parameters for the operation to downgrade a VSX Gateway or VSX Cluster object to a lower version.<br>In case the current version is already
+ the target version, or is lower than the target version, no change is done.
+ type: dict
+ suboptions:
+ target_version:
+ description:
+ - The target version.
+ type: str
+ vsx_name:
+ description:
+ - Name of the VSX Gateway or VSX Cluster object.
+ type: str
+ vsx_uid:
+ description:
+ - UID of the VSX Gateway or VSX Cluster object.
+ type: str
+ reconf_gw_params:
+ description:
+ - Parameters for the operation to reconfigure a VSX Gateway after a clean install.
+ type: dict
+ suboptions:
+ ipv4_corexl_number:
+ description:
+ - Number of IPv4 CoreXL Firewall instances on the target VSX Gateway.<br>Valid values,<br><ul><li>To configure CoreXL Firewall
+ instances, enter an integer greater or equal to 2.</li><li>To disable CoreXL, enter 1.</li></ul>.
+ type: int
+ one_time_password:
+ description:
+ - A password required for establishing a Secure Internal Communication (SIC). Enter the same password you used during the First Time
+ Configuration Wizard on the target VSX Gateway.
+ type: str
+ vsx_name:
+ description:
+ - Name of the VSX Gateway object.
+ type: str
+ vsx_uid:
+ description:
+ - UID of the VSX Gateway object.
+ type: str
+ reconf_member_params:
+ description:
+ - Parameters for the operation to reconfigure a VSX Cluster member after a clean install.
+ type: dict
+ suboptions:
+ ipv4_corexl_number:
+ description:
+ - Number of IPv4 CoreXL Firewall instances on the target VSX Cluster member.<br>Valid values,<br><ul><li>To configure CoreXL Firewall
+ instances, enter an integer greater or equal to 2.</li><li>To disable CoreXL, enter 1.</li></ul>Important - The CoreXL configuration must be the
+ same on all the cluster members.
+ type: int
+ member_uid:
+ description:
+ - UID of the VSX Cluster member object.
+ type: str
+ member_name:
+ description:
+ - Name of the VSX Cluster member object.
+ type: str
+ one_time_password:
+ description:
+ - A password required for establishing a Secure Internal Communication (SIC). Enter the same password you used during the First Time
+ Configuration Wizard on the target VSX Cluster member.
+ type: str
+ remove_member_params:
+ description:
+ - Parameters for the operation to remove a VSX Cluster member object.
+ type: dict
+ suboptions:
+ member_uid:
+ description:
+ - UID of the VSX Cluster member object.
+ type: str
+ member_name:
+ description:
+ - Name of the VSX Cluster member object.
+ type: str
+ upgrade_params:
+ description:
+ - Parameters for the operation to upgrade a VSX Gateway or VSX Cluster object to a higher version.<br>In case the current version is already the
+ target version, or is higher than the target version, no change is done.
+ type: dict
+ suboptions:
+ target_version:
+ description:
+ - The target version.
+ type: str
+ vsx_name:
+ description:
+ - Name of the VSX Gateway or VSX Cluster object.
+ type: str
+ vsx_uid:
+ description:
+ - UID of the VSX Gateway or VSX Cluster object.
+ type: str
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: vsx-run-operation
+ cp_mgmt_vsx_run_operation:
+ add_member_params:
+ ipv4_address: 25.25.25.223
+ ipv4_sync_address: 20.20.20.223
+ member_name: Mem3
+ vsx_name: VSX_CLUSTER
+ operation: add-member
+"""
+
+RETURN = """
+cp_mgmt_vsx_run_operation:
+ description: The checkpoint vsx-run-operation output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ operation=dict(type='str', choices=['upgrade', 'downgrade', 'add-member', 'remove-member', 'reconf-gw', 'reconf-member']),
+ add_member_params=dict(type='dict', options=dict(
+ ipv4_address=dict(type='str'),
+ ipv4_sync_address=dict(type='str'),
+ member_name=dict(type='str'),
+ vsx_name=dict(type='str'),
+ vsx_uid=dict(type='str')
+ )),
+ downgrade_params=dict(type='dict', options=dict(
+ target_version=dict(type='str'),
+ vsx_name=dict(type='str'),
+ vsx_uid=dict(type='str')
+ )),
+ reconf_gw_params=dict(type='dict', options=dict(
+ ipv4_corexl_number=dict(type='int'),
+ one_time_password=dict(type='str', no_log=True),
+ vsx_name=dict(type='str'),
+ vsx_uid=dict(type='str')
+ )),
+ reconf_member_params=dict(type='dict', options=dict(
+ ipv4_corexl_number=dict(type='int'),
+ member_uid=dict(type='str'),
+ member_name=dict(type='str'),
+ one_time_password=dict(type='str', no_log=True)
+ )),
+ remove_member_params=dict(type='dict', options=dict(
+ member_uid=dict(type='str'),
+ member_name=dict(type='str')
+ )),
+ upgrade_params=dict(type='dict', options=dict(
+ target_version=dict(type='str'),
+ vsx_name=dict(type='str'),
+ vsx_uid=dict(type='str')
+ ))
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "vsx-run-operation"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_where_used.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_where_used.py
new file mode 100644
index 000000000..e2609fdfc
--- /dev/null
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_where_used.py
@@ -0,0 +1,116 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_where_used
+short_description: Searches for usage of the target object in other objects and rules.
+description:
+ - Searches for usage of the target object in other objects and rules.
+ - All operations are performed over Web Services API.
+version_added: "5.0.0"
+author: "Eden Brillant (@chkp-edenbr)"
+options:
+ name:
+ description:
+ - Object name.
+ type: str
+ dereference_group_members:
+ description:
+ - Indicates whether to dereference "members" field by details level for every object in reply.
+ type: bool
+ show_membership:
+ description:
+ - Indicates whether to calculate and show "groups" field for every object in reply.
+ type: bool
+ async_response:
+ description:
+ - Run command in asynchronous mode and return task UID. Use show-task command to check the progress of the task.
+ type: bool
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ domains_to_process:
+ description:
+ - Indicates which domains to process the commands on. It cannot be used with the details-level full, must be run from the System Domain only and
+ with ignore-warnings true. Valid values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.
+ type: list
+ elements: str
+ indirect:
+ description:
+ - Search for indirect usage.
+ type: bool
+ indirect_max_depth:
+ description:
+ - Maximum nesting level during indirect usage search.
+ type: int
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: where-used
+ cp_mgmt_where_used:
+ name: Host 1
+"""
+
+RETURN = """
+cp_mgmt_where_used:
+ description: The checkpoint where-used output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ name=dict(type='str'),
+ dereference_group_members=dict(type='bool'),
+ show_membership=dict(type='bool'),
+ async_response=dict(type='bool'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ domains_to_process=dict(type='list', elements='str'),
+ indirect=dict(type='bool'),
+ indirect_max_depth=dict(type='int')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "where-used"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_wildcard.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_wildcard.py
index 54739fdfe..24eb2204f 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_wildcard.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_wildcard.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -124,36 +126,77 @@ cp_mgmt_wildcard:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_objects, api_call
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_objects,
+ api_call,
+)
def main():
argument_spec = dict(
- name=dict(type='str', required=True),
- ipv4_address=dict(type='str'),
- ipv4_mask_wildcard=dict(type='str'),
- ipv6_address=dict(type='str'),
- ipv6_mask_wildcard=dict(type='str'),
- tags=dict(type='list', elements='str'),
- color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
- 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
- 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
- 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
- 'yellow']),
- comments=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- groups=dict(type='list', elements='str'),
- ignore_warnings=dict(type='bool'),
- ignore_errors=dict(type='bool')
+ name=dict(type="str", required=True),
+ ipv4_address=dict(type="str"),
+ ipv4_mask_wildcard=dict(type="str"),
+ ipv6_address=dict(type="str"),
+ ipv6_mask_wildcard=dict(type="str"),
+ tags=dict(type="list", elements="str"),
+ color=dict(
+ type="str",
+ choices=[
+ "aquamarine",
+ "black",
+ "blue",
+ "crete blue",
+ "burlywood",
+ "cyan",
+ "dark green",
+ "khaki",
+ "orchid",
+ "dark orange",
+ "dark sea green",
+ "pink",
+ "turquoise",
+ "dark blue",
+ "firebrick",
+ "brown",
+ "forest green",
+ "gold",
+ "dark gold",
+ "gray",
+ "dark gray",
+ "light green",
+ "lemon chiffon",
+ "coral",
+ "sea green",
+ "sky blue",
+ "magenta",
+ "purple",
+ "slate blue",
+ "violet red",
+ "navy blue",
+ "olive",
+ "orange",
+ "red",
+ "sienna",
+ "yellow",
+ ],
+ ),
+ comments=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ groups=dict(type="list", elements="str"),
+ ignore_warnings=dict(type="bool"),
+ ignore_errors=dict(type="bool"),
)
argument_spec.update(checkpoint_argument_spec_for_objects)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
- api_call_object = 'wildcard'
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
+ api_call_object = "wildcard"
result = api_call(module, api_call_object)
module.exit_json(**result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()
diff --git a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_wildcard_facts.py b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_wildcard_facts.py
index 474776b4f..cad95ce62 100644
--- a/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_wildcard_facts.py
+++ b/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_wildcard_facts.py
@@ -17,13 +17,15 @@
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
-from __future__ import (absolute_import, division, print_function)
+from __future__ import absolute_import, division, print_function
__metaclass__ = type
-ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['preview'],
- 'supported_by': 'community'}
+ANSIBLE_METADATA = {
+ "metadata_version": "1.1",
+ "status": ["preview"],
+ "supported_by": "community",
+}
DOCUMENTATION = """
---
@@ -98,30 +100,41 @@ ansible_facts:
"""
from ansible.module_utils.basic import AnsibleModule
-from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import (
+ checkpoint_argument_spec_for_facts,
+ api_call_facts,
+)
def main():
argument_spec = dict(
- name=dict(type='str'),
- details_level=dict(type='str', choices=['uid', 'standard', 'full']),
- limit=dict(type='int'),
- offset=dict(type='int'),
- order=dict(type='list', elements='dict', options=dict(
- ASC=dict(type='str', choices=['name']),
- DESC=dict(type='str', choices=['name'])
- ))
+ name=dict(type="str"),
+ details_level=dict(type="str", choices=["uid", "standard", "full"]),
+ limit=dict(type="int"),
+ offset=dict(type="int"),
+ order=dict(
+ type="list",
+ elements="dict",
+ options=dict(
+ ASC=dict(type="str", choices=["name"]),
+ DESC=dict(type="str", choices=["name"]),
+ ),
+ ),
)
argument_spec.update(checkpoint_argument_spec_for_facts)
- module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
+ module = AnsibleModule(
+ argument_spec=argument_spec, supports_check_mode=True
+ )
api_call_object = "wildcard"
api_call_object_plural_version = "wildcards"
- result = api_call_facts(module, api_call_object, api_call_object_plural_version)
+ result = api_call_facts(
+ module, api_call_object, api_call_object_plural_version
+ )
module.exit_json(ansible_facts=result)
-if __name__ == '__main__':
+if __name__ == "__main__":
main()