cp_mgmt_network – Manages network objects on Check Point over Web Services API
New in version 2.9.
Synopsis
- Manages network objects on Check Point devices including creating, updating and removing objects.
- All operations are performed over Web Services API.
Parameters
| Parameter | Choices/Defaults | Comments | |
|---|---|---|---|
| auto_publish_session boolean |
| Publish the current session if changes have been performed after task completes. | |
| broadcast string |
| Allow broadcast address inclusion. | |
| color string |
| Color of the object. Should be one of existing colors. | |
| comments string | Comments string. | ||
| details_level string |
| The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed representation of the object. | |
| groups list | Collection of group identifiers. | ||
| ignore_errors boolean |
| Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. | |
| ignore_warnings boolean |
| Apply changes ignoring warnings. | |
| mask_length integer | IPv4 or IPv6 network mask length. If both masks are required use mask-length4 and mask-length6 fields explicitly. Instead of IPv4 mask length it is possible to specify IPv4 mask itself in subnet-mask field. | ||
| mask_length4 integer | IPv4 network mask length. | ||
| mask_length6 integer | IPv6 network mask length. | ||
| name string / required | Object name. | ||
| nat_settings dictionary | NAT settings. | ||
| auto_rule boolean |
| Whether to add automatic address translation rules. | |
| hide_behind string |
| Hide behind method. This parameter is not required in case "method" parameter is "static". | |
| install_on string | Which gateway should apply the NAT translation. | ||
| ip_address string | IPv4 or IPv6 address. If both addresses are required use ipv4-address and ipv6-address fields explicitly. This parameter is not required in case "method" parameter is "hide" and "hide-behind" parameter is "gateway". | ||
| ipv4_address string | IPv4 address. | ||
| ipv6_address string | IPv6 address. | ||
| method string |
| NAT translation method. | |
| state string |
| State of the access rule (present or absent). Defaults to present. | |
| subnet string | IPv4 or IPv6 network address. If both addresses are required use subnet4 and subnet6 fields explicitly. | ||
| subnet4 string | IPv4 network address. | ||
| subnet6 string | IPv6 network address. | ||
| subnet_mask string | IPv4 network mask. | ||
| tags list | Collection of tag identifiers. | ||
| version string | Version of checkpoint. If not given one, the latest version taken. | ||
| wait_for_task boolean |
| Wait for the task to end. Such as publish task. | |
Examples
- name: add-network
cp_mgmt_network:
name: New Network 1
state: present
subnet: 192.0.2.0
subnet_mask: 255.255.255.0
- name: set-network
cp_mgmt_network:
color: green
mask_length: 16
name: New Network 1
new_name: New Network 2
state: present
subnet: 192.0.0.0
- name: delete-network
cp_mgmt_network:
name: New Network 2
state: absent
Return Values
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description |
|---|---|---|
| cp_mgmt_network dictionary | always, except when deleting the object. | The checkpoint object created or updated. |
Status
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors
- Or Soffer (@chkp-orso)
Hint
If you notice any issues in this documentation, you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.9/modules/cp_mgmt_network_module.html