check_point.mgmt.cp_mgmt_trusted_client – Manages trusted-client objects on Checkpoint over Web Services API

Note

This plugin is part of the check_point.mgmt collection (version 2.1.1).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install check_point.mgmt.

To use it in a playbook, specify: check_point.mgmt.cp_mgmt_trusted_client.

New in version 2.9: of check_point.mgmt

Synopsis

  • Manages trusted-client objects on Checkpoint devices including creating, updating and removing objects.
  • All operations are performed over Web Services API.

Parameters

Parameter Choices/Defaults Comments
auto_publish_session
boolean
    Choices:
  • no
  • yes
Publish the current session if changes have been performed after task completes.
color
string
    Choices:
  • aquamarine
  • black
  • blue
  • crete blue
  • burlywood
  • cyan
  • dark green
  • khaki
  • orchid
  • dark orange
  • dark sea green
  • pink
  • turquoise
  • dark blue
  • firebrick
  • brown
  • forest green
  • gold
  • dark gold
  • gray
  • dark gray
  • light green
  • lemon chiffon
  • coral
  • sea green
  • sky blue
  • magenta
  • purple
  • slate blue
  • violet red
  • navy blue
  • olive
  • orange
  • red
  • sienna
  • yellow
Color of the object. Should be one of existing colors.
comments
string
Comments string.
details_level
string
    Choices:
  • uid
  • standard
  • full
The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed representation of the object.
domains_assignment
list / elements=string
Domains to be added to this profile. Use domain name only. See example below, "add-trusted-client (with domain)".
ignore_errors
boolean
    Choices:
  • no
  • yes
Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
ignore_warnings
boolean
    Choices:
  • no
  • yes
Apply changes ignoring warnings.
ip_address
string
IPv4 or IPv6 address. If both addresses are required use ipv4-address and ipv6-address fields explicitly.
ip_address_first
string
First IP address in the range. If both IPv4 and IPv6 address ranges are required, use the ipv4-address-first and the ipv6-address-first fields instead.
ip_address_last
string
Last IP address in the range. If both IPv4 and IPv6 address ranges are required, use the ipv4-address-first and the ipv6-address-first fields instead.
ipv4_address
string
IPv4 address.
ipv4_address_first
string
First IPv4 address in the range.
ipv4_address_last
string
Last IPv4 address in the range.
ipv6_address
string
IPv6 address.
ipv6_address_first
string
First IPv6 address in the range.
ipv6_address_last
string
Last IPv6 address in the range.
mask_length
integer
IPv4 or IPv6 mask length. If both masks are required use mask-length4 and mask-length6 fields explicitly.
mask_length4
integer
IPv4 mask length.
mask_length6
integer
IPv6 mask length.
multi_domain_server_trusted_client
boolean
    Choices:
  • no
  • yes
Let this trusted client connect to all Multi-Domain Servers in the deployment.
name
string / required
Object name.
state
string
    Choices:
  • present
  • absent
State of the access rule (present or absent). Defaults to present.
tags
list / elements=string
Collection of tag identifiers.
type
string
    Choices:
  • any
  • domain
  • ipv4 address
  • ipv4 address range
  • ipv4 netmask
  • ipv6 address
  • ipv6 address range
  • ipv6 netmask
  • name
  • wild cards (ip only)
Trusted client type.
version
string
Version of checkpoint. If not given one, the latest version taken.
wait_for_task
boolean
    Choices:
  • no
  • yes
Wait for the task to end. Such as publish task.
wait_for_task_timeout
integer
Default:
30
How many minutes to wait until throwing a timeout error.
wild_card
string
IP wild card (e.g. 192.0.2.*).

Examples

- name: add-trusted-client
  cp_mgmt_trusted_client:
    name: my client
    state: present
    type: ANY

- name: set-trusted-client
  cp_mgmt_trusted_client:
    ip_address: 192.0.2.1
    mask_length: '24'
    name: my client
    state: present
    type: NETMASK

- name: delete-trusted-client
  cp_mgmt_trusted_client:
    name: my client
    state: absent

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
cp_mgmt_trusted_client
dictionary
always, except when deleting the object.
The checkpoint object created or updated.


Authors

  • Or Soffer (@chkp-orso)

© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/check_point/mgmt/cp_mgmt_trusted_client_module.html