check_point.mgmt.cp_mgmt_trusted_client – Manages trusted-client objects on Checkpoint over Web Services API
Note
This plugin is part of the check_point.mgmt collection (version 2.1.1).
You might already have this collection installed if you are using the ansible
package. It is not included in ansible-core
. To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install check_point.mgmt
.
To use it in a playbook, specify: check_point.mgmt.cp_mgmt_trusted_client
.
New in version 2.9: of check_point.mgmt
Synopsis
- Manages trusted-client objects on Checkpoint devices including creating, updating and removing objects.
- All operations are performed over Web Services API.
Parameters
Parameter | Choices/Defaults | Comments |
---|---|---|
auto_publish_session boolean |
| Publish the current session if changes have been performed after task completes. |
color string |
| Color of the object. Should be one of existing colors. |
comments string | Comments string. | |
details_level string |
| The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed representation of the object. |
domains_assignment list / elements=string | Domains to be added to this profile. Use domain name only. See example below, "add-trusted-client (with domain)". | |
ignore_errors boolean |
| Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. |
ignore_warnings boolean |
| Apply changes ignoring warnings. |
ip_address string | IPv4 or IPv6 address. If both addresses are required use ipv4-address and ipv6-address fields explicitly. | |
ip_address_first string | First IP address in the range. If both IPv4 and IPv6 address ranges are required, use the ipv4-address-first and the ipv6-address-first fields instead. | |
ip_address_last string | Last IP address in the range. If both IPv4 and IPv6 address ranges are required, use the ipv4-address-first and the ipv6-address-first fields instead. | |
ipv4_address string | IPv4 address. | |
ipv4_address_first string | First IPv4 address in the range. | |
ipv4_address_last string | Last IPv4 address in the range. | |
ipv6_address string | IPv6 address. | |
ipv6_address_first string | First IPv6 address in the range. | |
ipv6_address_last string | Last IPv6 address in the range. | |
mask_length integer | IPv4 or IPv6 mask length. If both masks are required use mask-length4 and mask-length6 fields explicitly. | |
mask_length4 integer | IPv4 mask length. | |
mask_length6 integer | IPv6 mask length. | |
multi_domain_server_trusted_client boolean |
| Let this trusted client connect to all Multi-Domain Servers in the deployment. |
name string / required | Object name. | |
state string |
| State of the access rule (present or absent). Defaults to present. |
tags list / elements=string | Collection of tag identifiers. | |
type string |
| Trusted client type. |
version string | Version of checkpoint. If not given one, the latest version taken. | |
wait_for_task boolean |
| Wait for the task to end. Such as publish task. |
wait_for_task_timeout integer | Default: 30 | How many minutes to wait until throwing a timeout error. |
wild_card string | IP wild card (e.g. 192.0.2.*). |
Examples
- name: add-trusted-client cp_mgmt_trusted_client: name: my client state: present type: ANY - name: set-trusted-client cp_mgmt_trusted_client: ip_address: 192.0.2.1 mask_length: '24' name: my client state: present type: NETMASK - name: delete-trusted-client cp_mgmt_trusted_client: name: my client state: absent
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
cp_mgmt_trusted_client dictionary | always, except when deleting the object. | The checkpoint object created or updated. |
Authors
- Or Soffer (@chkp-orso)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/check_point/mgmt/cp_mgmt_trusted_client_module.html