diff options
Diffstat (limited to 'lib')
94 files changed, 0 insertions, 15152 deletions
diff --git a/lib/ansible/module_utils/network/checkpoint/checkpoint.py b/lib/ansible/module_utils/network/checkpoint/checkpoint.py deleted file mode 100644 index 8cea8f3e21..0000000000 --- a/lib/ansible/module_utils/network/checkpoint/checkpoint.py +++ /dev/null @@ -1,469 +0,0 @@ -# This code is part of Ansible, but is an independent component. -# This particular file snippet, and this file snippet only, is BSD licensed. -# Modules you write using this snippet, which is embedded dynamically by Ansible -# still belong to the author of the module, and may assign their own license -# to the complete work. -# -# (c) 2018 Red Hat Inc. -# -# Redistribution and use in source and binary forms, with or without modification, -# are permitted provided that the following conditions are met: -# -# * Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# * Redistributions in binary form must reproduce the above copyright notice, -# this list of conditions and the following disclaimer in the documentation -# and/or other materials provided with the distribution. -# -# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -# IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, -# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, -# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE -# USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -# - -from __future__ import (absolute_import, division, print_function) - -import time - -from ansible.module_utils.connection import Connection - -checkpoint_argument_spec_for_objects = dict( - auto_publish_session=dict(type='bool'), - wait_for_task=dict(type='bool', default=True), - state=dict(type='str', choices=['present', 'absent'], default='present'), - version=dict(type='str') -) - -checkpoint_argument_spec_for_facts = dict( - version=dict(type='str') -) - -checkpoint_argument_spec_for_commands = dict( - wait_for_task=dict(type='bool', default=True), - version=dict(type='str') -) - -delete_params = ['name', 'uid', 'layer', 'exception-group-name', 'layer', 'rule-name'] - - -# send the request to checkpoint -def send_request(connection, version, url, payload=None): - code, response = connection.send_request('/web_api/' + version + url, payload) - - return code, response - - -# get the payload from the user parameters -def is_checkpoint_param(parameter): - if parameter == 'auto_publish_session' or \ - parameter == 'state' or \ - parameter == 'wait_for_task' or \ - parameter == 'version': - return False - return True - - -# build the payload from the parameters which has value (not None), and they are parameter of checkpoint API as well -def get_payload_from_parameters(params): - payload = {} - for parameter in params: - parameter_value = params[parameter] - if parameter_value is not None and is_checkpoint_param(parameter): - if isinstance(parameter_value, dict): - payload[parameter.replace("_", "-")] = get_payload_from_parameters(parameter_value) - elif isinstance(parameter_value, list) and len(parameter_value) != 0 and isinstance(parameter_value[0], dict): - payload_list = [] - for element_dict in parameter_value: - payload_list.append(get_payload_from_parameters(element_dict)) - payload[parameter.replace("_", "-")] = payload_list - else: - payload[parameter.replace("_", "-")] = parameter_value - return payload - - -# wait for task -def wait_for_task(module, version, connection, task_id): - task_id_payload = {'task-id': task_id} - task_complete = False - current_iteration = 0 - max_num_iterations = 300 - - # As long as there is a task in progress - while not task_complete and current_iteration < max_num_iterations: - current_iteration += 1 - # Check the status of the task - code, response = send_request(connection, version, 'show-task', task_id_payload) - - attempts_counter = 0 - while code != 200: - if attempts_counter < 5: - attempts_counter += 1 - time.sleep(2) - code, response = send_request(connection, version, 'show-task', task_id_payload) - else: - response['message'] = "ERROR: Failed to handle asynchronous tasks as synchronous, tasks result is" \ - " undefined.\n" + response['message'] - module.fail_json(msg=response) - - # Count the number of tasks that are not in-progress - completed_tasks = 0 - for task in response['tasks']: - if task['status'] == 'failed': - module.fail_json(msg='Task {0} with task id {1} failed. Look at the logs for more details' - .format(task['task-name'], task['task-id'])) - if task['status'] == 'in progress': - break - completed_tasks += 1 - - # Are we done? check if all tasks are completed - if completed_tasks == len(response["tasks"]): - task_complete = True - else: - time.sleep(2) # Wait for two seconds - if not task_complete: - module.fail_json(msg="ERROR: Timeout.\nTask-id: {0}.".format(task_id_payload['task-id'])) - - -# handle publish command, and wait for it to end if the user asked so -def handle_publish(module, connection, version): - if module.params['auto_publish_session']: - publish_code, publish_response = send_request(connection, version, 'publish') - if publish_code != 200: - module.fail_json(msg=publish_response) - if module.params['wait_for_task']: - wait_for_task(module, version, connection, publish_response['task-id']) - - -# handle a command -def api_command(module, command): - payload = get_payload_from_parameters(module.params) - connection = Connection(module._socket_path) - # if user insert a specific version, we add it to the url - version = ('v' + module.params['version'] + '/') if module.params.get('version') else '' - - code, response = send_request(connection, version, command, payload) - result = {'changed': True} - - if code == 200: - if module.params['wait_for_task']: - if 'task-id' in response: - wait_for_task(module, version, connection, response['task-id']) - elif 'tasks' in response: - for task_id in response['tasks']: - wait_for_task(module, version, connection, task_id) - - result[command] = response - else: - module.fail_json(msg='Checkpoint device returned error {0} with message {1}'.format(code, response)) - - return result - - -# handle api call facts -def api_call_facts(module, api_call_object, api_call_object_plural_version): - payload = get_payload_from_parameters(module.params) - connection = Connection(module._socket_path) - # if user insert a specific version, we add it to the url - version = ('v' + module.params['version'] + '/') if module.params['version'] else '' - - # if there is neither name nor uid, the API command will be in plural version (e.g. show-hosts instead of show-host) - if payload.get("name") is None and payload.get("uid") is None: - api_call_object = api_call_object_plural_version - - code, response = send_request(connection, version, 'show-' + api_call_object, payload) - if code != 200: - module.fail_json(msg='Checkpoint device returned error {0} with message {1}'.format(code, response)) - - result = {api_call_object: response} - return result - - -# handle api call -def api_call(module, api_call_object): - payload = get_payload_from_parameters(module.params) - connection = Connection(module._socket_path) - - result = {'changed': False} - if module.check_mode: - return result - - # if user insert a specific version, we add it to the url - version = ('v' + module.params['version'] + '/') if module.params.get('version') else '' - - payload_for_equals = {'type': api_call_object, 'params': payload} - equals_code, equals_response = send_request(connection, version, 'equals', payload_for_equals) - - result['checkpoint_session_uid'] = connection.get_session_uid() - - # if code is 400 (bad request) or 500 (internal error) - fail - if equals_code == 400 or equals_code == 500: - module.fail_json(msg=equals_response) - if equals_code == 404 and equals_response['code'] == 'generic_err_command_not_found': - module.fail_json(msg='Relevant hotfix is not installed on Check Point server. See sk114661 on Check Point Support Center.') - - if module.params['state'] == 'present': - if equals_code == 200: - if not equals_response['equals']: - code, response = send_request(connection, version, 'set-' + api_call_object, payload) - if code != 200: - module.fail_json(msg=response) - - handle_publish(module, connection, version) - - result['changed'] = True - result[api_call_object] = response - else: - # objects are equals and there is no need for set request - pass - elif equals_code == 404: - code, response = send_request(connection, version, 'add-' + api_call_object, payload) - if code != 200: - module.fail_json(msg=response) - - handle_publish(module, connection, version) - - result['changed'] = True - result[api_call_object] = response - elif module.params['state'] == 'absent': - if equals_code == 200: - payload_for_delete = get_copy_payload_with_some_params(payload, delete_params) - code, response = send_request(connection, version, 'delete-' + api_call_object, payload_for_delete) - if code != 200: - module.fail_json(msg=response) - - handle_publish(module, connection, version) - - result['changed'] = True - elif equals_code == 404: - # no need to delete because object dose not exist - pass - - return result - - -# get the position in integer format -def get_number_from_position(payload, connection, version): - if 'position' in payload: - position = payload['position'] - else: - return None - - # This code relevant if we will decide to support 'top' and 'bottom' in position - - # position_number = None - # # if position is not int, convert it to int. There are several cases: "top" - # if position == 'top': - # position_number = 1 - # elif position == 'bottom': - # payload_for_show_access_rulebase = {'name': payload['layer'], 'limit': 0} - # code, response = send_request(connection, version, 'show-access-rulebase', payload_for_show_access_rulebase) - # position_number = response['total'] - # elif isinstance(position, str): - # # here position is a number in format str (e.g. "5" and not 5) - # position_number = int(position) - # else: - # # here position suppose to be int - # position_number = position - # - # return position_number - - return int(position) - - -# is the param position (if the user inserted it) equals between the object and the user input -def is_equals_with_position_param(payload, connection, version, api_call_object): - position_number = get_number_from_position(payload, connection, version) - - # if there is no position param, then it's equals in vacuous truth - if position_number is None: - return True - - payload_for_show_access_rulebase = {'name': payload['layer'], 'offset': position_number - 1, 'limit': 1} - rulebase_command = 'show-' + api_call_object.split('-')[0] + '-rulebase' - - # if it's threat-exception, we change a little the payload and the command - if api_call_object == 'threat-exception': - payload_for_show_access_rulebase['rule-name'] = payload['rule-name'] - rulebase_command = 'show-threat-rule-exception-rulebase' - - code, response = send_request(connection, version, rulebase_command, payload_for_show_access_rulebase) - - # if true, it means there is no rule in the position that the user inserted, so I return false, and when we will try to set - # the rule, the API server will get throw relevant error - if response['total'] < position_number: - return False - - rule = response['rulebase'][0] - while 'rulebase' in rule: - rule = rule['rulebase'][0] - - # if the names of the exist rule and the user input rule are equals, then it's means that their positions are equals so I - # return True. and there is no way that there is another rule with this name cause otherwise the 'equals' command would fail - if rule['name'] == payload['name']: - return True - else: - return False - - -# get copy of the payload without some of the params -def get_copy_payload_without_some_params(payload, params_to_remove): - copy_payload = dict(payload) - for param in params_to_remove: - if param in copy_payload: - del copy_payload[param] - return copy_payload - - -# get copy of the payload with only some of the params -def get_copy_payload_with_some_params(payload, params_to_insert): - copy_payload = {} - for param in params_to_insert: - if param in payload: - copy_payload[param] = payload[param] - return copy_payload - - -# is equals with all the params including action and position -def is_equals_with_all_params(payload, connection, version, api_call_object, is_access_rule): - if is_access_rule and 'action' in payload: - payload_for_show = get_copy_payload_with_some_params(payload, ['name', 'uid', 'layer']) - code, response = send_request(connection, version, 'show-' + api_call_object, payload_for_show) - exist_action = response['action']['name'] - if exist_action != payload['action']: - return False - if not is_equals_with_position_param(payload, connection, version, api_call_object): - return False - - return True - - -# handle api call for rule -def api_call_for_rule(module, api_call_object): - is_access_rule = True if 'access' in api_call_object else False - payload = get_payload_from_parameters(module.params) - connection = Connection(module._socket_path) - - result = {'changed': False} - if module.check_mode: - return result - - # if user insert a specific version, we add it to the url - version = ('v' + module.params['version'] + '/') if module.params.get('version') else '' - - if is_access_rule: - copy_payload_without_some_params = get_copy_payload_without_some_params(payload, ['action', 'position']) - else: - copy_payload_without_some_params = get_copy_payload_without_some_params(payload, ['position']) - payload_for_equals = {'type': api_call_object, 'params': copy_payload_without_some_params} - equals_code, equals_response = send_request(connection, version, 'equals', payload_for_equals) - - result['checkpoint_session_uid'] = connection.get_session_uid() - - # if code is 400 (bad request) or 500 (internal error) - fail - if equals_code == 400 or equals_code == 500: - module.fail_json(msg=equals_response) - if equals_code == 404 and equals_response['code'] == 'generic_err_command_not_found': - module.fail_json(msg='Relevant hotfix is not installed on Check Point server. See sk114661 on Check Point Support Center.') - - if module.params['state'] == 'present': - if equals_code == 200: - if equals_response['equals']: - if not is_equals_with_all_params(payload, connection, version, api_call_object, is_access_rule): - equals_response['equals'] = False - if not equals_response['equals']: - # if user insert param 'position' and needed to use the 'set' command, change the param name to 'new-position' - if 'position' in payload: - payload['new-position'] = payload['position'] - del payload['position'] - code, response = send_request(connection, version, 'set-' + api_call_object, payload) - if code != 200: - module.fail_json(msg=response) - - handle_publish(module, connection, version) - - result['changed'] = True - result[api_call_object] = response - else: - # objects are equals and there is no need for set request - pass - elif equals_code == 404: - code, response = send_request(connection, version, 'add-' + api_call_object, payload) - if code != 200: - module.fail_json(msg=response) - - handle_publish(module, connection, version) - - result['changed'] = True - result[api_call_object] = response - elif module.params['state'] == 'absent': - if equals_code == 200: - payload_for_delete = get_copy_payload_with_some_params(payload, delete_params) - code, response = send_request(connection, version, 'delete-' + api_call_object, payload_for_delete) - if code != 200: - module.fail_json(msg=response) - - handle_publish(module, connection, version) - - result['changed'] = True - elif equals_code == 404: - # no need to delete because object dose not exist - pass - - return result - - -# handle api call facts for rule -def api_call_facts_for_rule(module, api_call_object, api_call_object_plural_version): - payload = get_payload_from_parameters(module.params) - connection = Connection(module._socket_path) - # if user insert a specific version, we add it to the url - version = ('v' + module.params['version'] + '/') if module.params['version'] else '' - - # if there is neither name nor uid, the API command will be in plural version (e.g. show-hosts instead of show-host) - if payload.get("layer") is None: - api_call_object = api_call_object_plural_version - - code, response = send_request(connection, version, 'show-' + api_call_object, payload) - if code != 200: - module.fail_json(msg='Checkpoint device returned error {0} with message {1}'.format(code, response)) - - result = {api_call_object: response} - return result - - -# The code from here till EOF will be deprecated when Rikis' modules will be deprecated -checkpoint_argument_spec = dict(auto_publish_session=dict(type='bool', default=True), - policy_package=dict(type='str', default='standard'), - auto_install_policy=dict(type='bool', default=True), - targets=dict(type='list') - ) - - -def publish(connection, uid=None): - payload = None - - if uid: - payload = {'uid': uid} - - connection.send_request('/web_api/publish', payload) - - -def discard(connection, uid=None): - payload = None - - if uid: - payload = {'uid': uid} - - connection.send_request('/web_api/discard', payload) - - -def install_policy(connection, policy_package, targets): - payload = {'policy-package': policy_package, - 'targets': targets} - - connection.send_request('/web_api/install-policy', payload) diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_access_layer.py b/lib/ansible/modules/network/check_point/cp_mgmt_access_layer.py deleted file mode 100644 index 9c8d82079d..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_access_layer.py +++ /dev/null @@ -1,170 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_access_layer -short_description: Manages access-layer objects on Check Point over Web Services API -description: - - Manages access-layer objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - add_default_rule: - description: - - Indicates whether to include a cleanup rule in the new layer. - type: bool - applications_and_url_filtering: - description: - - Whether to enable Applications & URL Filtering blade on the layer. - type: bool - content_awareness: - description: - - Whether to enable Content Awareness blade on the layer. - type: bool - detect_using_x_forward_for: - description: - - Whether to use X-Forward-For HTTP header, which is added by the proxy server to keep track of the original source IP. - type: bool - firewall: - description: - - Whether to enable Firewall blade on the layer. - type: bool - implicit_cleanup_action: - description: - - The default "catch-all" action for traffic that does not match any explicit or implied rules in the layer. - type: str - choices: ['drop', 'accept'] - mobile_access: - description: - - Whether to enable Mobile Access blade on the layer. - type: bool - shared: - description: - - Whether this layer is shared. - type: bool - tags: - description: - - Collection of tag identifiers. - type: list - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-access-layer - cp_mgmt_access_layer: - name: New Layer 1 - state: present - -- name: set-access-layer - cp_mgmt_access_layer: - applications_and_url_filtering: false - data_awareness: true - name: New Layer 1 - state: present - -- name: delete-access-layer - cp_mgmt_access_layer: - name: New Layer 2 - state: absent -""" - -RETURN = """ -cp_mgmt_access_layer: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - add_default_rule=dict(type='bool'), - applications_and_url_filtering=dict(type='bool'), - content_awareness=dict(type='bool'), - detect_using_x_forward_for=dict(type='bool'), - firewall=dict(type='bool'), - implicit_cleanup_action=dict(type='str', choices=['drop', 'accept']), - mobile_access=dict(type='bool'), - shared=dict(type='bool'), - tags=dict(type='list'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'access-layer' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_access_layer_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_access_layer_facts.py deleted file mode 100644 index 36d4993d14..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_access_layer_facts.py +++ /dev/null @@ -1,126 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_access_layer_facts -short_description: Get access-layer objects facts on Check Point over Web Services API -description: - - Get access-layer objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-access-layer - cp_mgmt_access_layer_facts: - name: New Layer 1 - -- name: show-access-layers - cp_mgmt_access_layer_facts: - details_level: standard - limit: 50 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )) - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "access-layer" - api_call_object_plural_version = "access-layers" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_access_role.py b/lib/ansible/modules/network/check_point/cp_mgmt_access_role.py deleted file mode 100644 index 1d1f2194e3..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_access_role.py +++ /dev/null @@ -1,187 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_access_role -short_description: Manages access-role objects on Check Point over Web Services API -description: - - Manages access-role objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - machines: - description: - - Machines that can access the system. - type: list - suboptions: - source: - description: - - Active Directory name or UID or Identity Tag. - type: str - selection: - description: - - Name or UID of an object selected from source. - type: list - base_dn: - description: - - When source is "Active Directory" use "base-dn" to refine the query in AD database. - type: str - networks: - description: - - Collection of Network objects identified by the name or UID that can access the system. - type: list - remote_access_clients: - description: - - Remote access clients identified by name or UID. - type: str - tags: - description: - - Collection of tag identifiers. - type: list - users: - description: - - Users that can access the system. - type: list - suboptions: - source: - description: - - Active Directory name or UID or Identity Tag or Internal User Groups or LDAP groups or Guests. - type: str - selection: - description: - - Name or UID of an object selected from source. - type: list - base_dn: - description: - - When source is "Active Directory" use "base-dn" to refine the query in AD database. - type: str - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-access-role - cp_mgmt_access_role: - machines: all identified - name: New Access Role 1 - networks: any - remote_access_clients: any - state: present - users: any - -- name: set-access-role - cp_mgmt_access_role: - machines: any - name: New Access Role 1 - state: present - users: all identified - -- name: delete-access-role - cp_mgmt_access_role: - name: New Access Role 1 - state: absent -""" - -RETURN = """ -cp_mgmt_access_role: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - machines=dict(type='list', options=dict( - source=dict(type='str'), - selection=dict(type='list'), - base_dn=dict(type='str') - )), - networks=dict(type='list'), - remote_access_clients=dict(type='str'), - tags=dict(type='list'), - users=dict(type='list', options=dict( - source=dict(type='str'), - selection=dict(type='list'), - base_dn=dict(type='str') - )), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'access-role' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_access_role_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_access_role_facts.py deleted file mode 100644 index 4fd9a24fdb..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_access_role_facts.py +++ /dev/null @@ -1,124 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_access_role_facts -short_description: Get access-role objects facts on Check Point over Web Services API -description: - - Get access-role objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-access-role - cp_mgmt_access_role_facts: - name: New Access Role 1 - -- name: show-access-roles - cp_mgmt_access_role_facts: - details_level: full -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )) - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "access-role" - api_call_object_plural_version = "access-roles" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_access_rule.py b/lib/ansible/modules/network/check_point/cp_mgmt_access_rule.py deleted file mode 100644 index f904f70c8b..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_access_rule.py +++ /dev/null @@ -1,354 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_access_rule -short_description: Manages access-rule objects on Check Point over Web Services API -description: - - Manages access-rule objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - layer: - description: - - Layer that the rule belongs to identified by the name or UID. - type: str - position: - description: - - Position in the rulebase. - type: str - name: - description: - - Object name. - type: str - required: True - action: - description: - - a "Accept", "Drop", "Ask", "Inform", "Reject", "User Auth", "Client Auth", "Apply Layer". - type: str - action_settings: - description: - - Action settings. - type: dict - suboptions: - enable_identity_captive_portal: - description: - - N/A - type: bool - limit: - description: - - N/A - type: str - content: - description: - - List of processed file types that this rule applies on. - type: list - content_direction: - description: - - On which direction the file types processing is applied. - type: str - choices: ['any', 'up', 'down'] - content_negate: - description: - - True if negate is set for data. - type: bool - custom_fields: - description: - - Custom fields. - type: dict - suboptions: - field_1: - description: - - First custom field. - type: str - field_2: - description: - - Second custom field. - type: str - field_3: - description: - - Third custom field. - type: str - destination: - description: - - Collection of Network objects identified by the name or UID. - type: list - destination_negate: - description: - - True if negate is set for destination. - type: bool - enabled: - description: - - Enable/Disable the rule. - type: bool - inline_layer: - description: - - Inline Layer identified by the name or UID. Relevant only if "Action" was set to "Apply Layer". - type: str - install_on: - description: - - Which Gateways identified by the name or UID to install the policy on. - type: list - service: - description: - - Collection of Network objects identified by the name or UID. - type: list - service_negate: - description: - - True if negate is set for service. - type: bool - source: - description: - - Collection of Network objects identified by the name or UID. - type: list - source_negate: - description: - - True if negate is set for source. - type: bool - time: - description: - - List of time objects. For example, "Weekend", "Off-Work", "Every-Day". - type: list - track: - description: - - Track Settings. - type: dict - suboptions: - accounting: - description: - - Turns accounting for track on and off. - type: bool - alert: - description: - - Type of alert for the track. - type: str - choices: ['none', 'alert', 'snmp', 'mail', 'user alert 1', 'user alert 2', 'user alert 3'] - enable_firewall_session: - description: - - Determine whether to generate session log to firewall only connections. - type: bool - per_connection: - description: - - Determines whether to perform the log per connection. - type: bool - per_session: - description: - - Determines whether to perform the log per session. - type: bool - type: - description: - - a "Log", "Extended Log", "Detailed Log", "None". - type: str - user_check: - description: - - User check settings. - type: dict - suboptions: - confirm: - description: - - N/A - type: str - choices: ['per rule', 'per category', 'per application/site', 'per data type'] - custom_frequency: - description: - - N/A - type: dict - suboptions: - every: - description: - - N/A - type: int - unit: - description: - - N/A - type: str - choices: ['hours', 'days', 'weeks', 'months'] - frequency: - description: - - N/A - type: str - choices: ['once a day', 'once a week', 'once a month', 'custom frequency...'] - interaction: - description: - - N/A - type: str - vpn: - description: - - Communities or Directional. - type: list - suboptions: - community: - description: - - List of community name or UID. - type: list - directional: - description: - - Communities directional match condition. - type: list - suboptions: - from: - description: - - From community name or UID. - type: str - to: - description: - - To community name or UID. - type: str - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-access-rule - cp_mgmt_access_rule: - layer: Network - name: Rule 1 - position: 1 - service: - - SMTP - - AOL - state: present - -- name: set-access-rule - cp_mgmt_access_rule: - action: Ask - action_settings: - enable_identity_captive_portal: true - limit: Upload_1Gbps - layer: Network - name: Rule 1 - state: present - -- name: delete-access-rule - cp_mgmt_access_rule: - layer: Network - name: Rule 2 - state: absent -""" - -RETURN = """ -cp_mgmt_access_rule: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call, api_call_for_rule - - -def main(): - argument_spec = dict( - layer=dict(type='str'), - position=dict(type='str'), - name=dict(type='str', required=True), - action=dict(type='str'), - action_settings=dict(type='dict', options=dict( - enable_identity_captive_portal=dict(type='bool'), - limit=dict(type='str') - )), - content=dict(type='list'), - content_direction=dict(type='str', choices=['any', 'up', 'down']), - content_negate=dict(type='bool'), - custom_fields=dict(type='dict', options=dict( - field_1=dict(type='str'), - field_2=dict(type='str'), - field_3=dict(type='str') - )), - destination=dict(type='list'), - destination_negate=dict(type='bool'), - enabled=dict(type='bool'), - inline_layer=dict(type='str'), - install_on=dict(type='list'), - service=dict(type='list'), - service_negate=dict(type='bool'), - source=dict(type='list'), - source_negate=dict(type='bool'), - time=dict(type='list'), - track=dict(type='dict', options=dict( - accounting=dict(type='bool'), - alert=dict(type='str', choices=['none', 'alert', 'snmp', 'mail', 'user alert 1', 'user alert 2', 'user alert 3']), - enable_firewall_session=dict(type='bool'), - per_connection=dict(type='bool'), - per_session=dict(type='bool'), - type=dict(type='str') - )), - user_check=dict(type='dict', options=dict( - confirm=dict(type='str', choices=['per rule', 'per category', 'per application/site', 'per data type']), - custom_frequency=dict(type='dict', options=dict( - every=dict(type='int'), - unit=dict(type='str', choices=['hours', 'days', 'weeks', 'months']) - )), - frequency=dict(type='str', choices=['once a day', 'once a week', 'once a month', 'custom frequency...']), - interaction=dict(type='str') - )), - vpn=dict(type='list', options=dict( - community=dict(type='list'), - directional=dict(type='list', options=dict( - to=dict(type='str') - )) - )), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec['vpn']['options']['directional']['options']['from'] = dict(type='str') - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'access-rule' - - if module.params['action'] is None and module.params['position'] is None: - result = api_call(module, api_call_object) - else: - result = api_call_for_rule(module, api_call_object) - - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_access_rule_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_access_rule_facts.py deleted file mode 100644 index b523505fd4..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_access_rule_facts.py +++ /dev/null @@ -1,244 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_access_rule_facts -short_description: Get access-rule objects facts on Check Point over Web Services API -description: - - Get access-rule objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. Should be unique in the domain. - type: str - layer: - description: - - Layer that the rule belongs to identified by the name or UID. - type: str - show_as_ranges: - description: - - When true, the source, destination and services & applications parameters are displayed as ranges of IP addresses and port numbers rather than - network objects.<br /> Objects that are not represented using IP addresses or port numbers are presented as objects.<br /> In addition, the response - of each rule does not contain the parameters, source, source-negate, destination, destination-negate, service and service-negate, but instead it - contains the parameters, source-ranges, destination-ranges and service-ranges.<br /><br /> Note, Requesting to show rules as ranges is limited up to - 20 rules per request, otherwise an error is returned. If you wish to request more rules, use the offset and limit parameters to limit your request. - type: bool - show_hits: - description: - - N/A - type: bool - hits_settings: - description: - - N/A - type: dict - suboptions: - from_date: - description: - - Format, 'YYYY-MM-DD', 'YYYY-mm-ddThh:mm:ss'. - type: str - target: - description: - - Target gateway name or UID. - type: str - to_date: - description: - - Format, 'YYYY-MM-DD', 'YYYY-mm-ddThh:mm:ss'. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - filter: - description: - - Search expression to filter the rulebase. The provided text should be exactly the same as it would be given in Smart Console. The logical - operators in the expression ('AND', 'OR') should be provided in capital letters. If an operator is not used, the default OR operator applies. - type: str - filter_settings: - description: - - Sets filter preferences. - type: dict - suboptions: - search_mode: - description: - - When set to 'general', both the Full Text Search and Packet Search are enabled. In this mode, Packet Search will not match on 'Any' - object, a negated cell or a group-with-exclusion. When the search-mode is set to 'packet', by default, the match on 'Any' object, a negated cell - or a group-with-exclusion are enabled. packet-search-settings may be provided to change the default behavior. - type: str - choices: ['general', 'packet'] - packet_search_settings: - description: - - When 'search-mode' is set to 'packet', this object allows to set the packet search preferences. - type: dict - suboptions: - expand_group_members: - description: - - When true, if the search expression contains a UID or a name of a group object, results will include rules that match on at - least one member of the group. - type: bool - expand_group_with_exclusion_members: - description: - - When true, if the search expression contains a UID or a name of a group-with-exclusion object, results will include rules that - match at least one member of the "include" part and is not a member of the "except" part. - type: bool - match_on_any: - description: - - Whether to match on 'Any' object. - type: bool - match_on_group_with_exclusion: - description: - - Whether to match on a group-with-exclusion. - type: bool - match_on_negate: - description: - - Whether to match on a negated cell. - type: bool - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] - package: - description: - - Name of the package. - type: str - use_object_dictionary: - description: - - N/A - type: bool - dereference_group_members: - description: - - Indicates whether to dereference "members" field by details level for every object in reply. - type: bool - show_membership: - description: - - Indicates whether to calculate and show "groups" field for every object in reply. - type: bool -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-access-rule - cp_mgmt_access_rule_facts: - layer: Network - name: Rule 1 - -- name: show-access-rulebase - cp_mgmt_access_rule_facts: - details_level: standard - limit: 20 - name: Network - offset: 0 - use_object_dictionary: true -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts_for_rule - - -def main(): - argument_spec = dict( - name=dict(type='str'), - layer=dict(type='str'), - show_as_ranges=dict(type='bool'), - show_hits=dict(type='bool'), - hits_settings=dict(type='dict', options=dict( - from_date=dict(type='str'), - target=dict(type='str'), - to_date=dict(type='str') - )), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - filter=dict(type='str'), - filter_settings=dict(type='dict', options=dict( - search_mode=dict(type='str', choices=['general', 'packet']), - packet_search_settings=dict(type='dict', options=dict( - expand_group_members=dict(type='bool'), - expand_group_with_exclusion_members=dict(type='bool'), - match_on_any=dict(type='bool'), - match_on_group_with_exclusion=dict(type='bool'), - match_on_negate=dict(type='bool') - )) - )), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )), - package=dict(type='str'), - use_object_dictionary=dict(type='bool'), - dereference_group_members=dict(type='bool'), - show_membership=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "access-rule" - api_call_object_plural_version = "access-rulebase" - - result = api_call_facts_for_rule(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_address_range.py b/lib/ansible/modules/network/check_point/cp_mgmt_address_range.py deleted file mode 100644 index 5f18c02610..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_address_range.py +++ /dev/null @@ -1,213 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_address_range -short_description: Manages address-range objects on Check Point over Web Services API -description: - - Manages address-range objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - ip_address_first: - description: - - First IP address in the range. If both IPv4 and IPv6 address ranges are required, use the ipv4-address-first and the ipv6-address-first fields instead. - type: str - ipv4_address_first: - description: - - First IPv4 address in the range. - type: str - ipv6_address_first: - description: - - First IPv6 address in the range. - type: str - ip_address_last: - description: - - Last IP address in the range. If both IPv4 and IPv6 address ranges are required, use the ipv4-address-first and the ipv6-address-first fields instead. - type: str - ipv4_address_last: - description: - - Last IPv4 address in the range. - type: str - ipv6_address_last: - description: - - Last IPv6 address in the range. - type: str - nat_settings: - description: - - NAT settings. - type: dict - suboptions: - auto_rule: - description: - - Whether to add automatic address translation rules. - type: bool - ip_address: - description: - - IPv4 or IPv6 address. If both addresses are required use ipv4-address and ipv6-address fields explicitly. This parameter is not - required in case "method" parameter is "hide" and "hide-behind" parameter is "gateway". - type: str - ipv4_address: - description: - - IPv4 address. - type: str - ipv6_address: - description: - - IPv6 address. - type: str - hide_behind: - description: - - Hide behind method. This parameter is not required in case "method" parameter is "static". - type: str - choices: ['gateway', 'ip-address'] - install_on: - description: - - Which gateway should apply the NAT translation. - type: str - method: - description: - - NAT translation method. - type: str - choices: ['hide', 'static'] - tags: - description: - - Collection of tag identifiers. - type: list - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - groups: - description: - - Collection of group identifiers. - type: list - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-address-range - cp_mgmt_address_range: - ip_address_first: 192.0.2.1 - ip_address_last: 192.0.2.10 - name: New Address Range 1 - state: present - -- name: set-address-range - cp_mgmt_address_range: - color: green - ip_address_first: 192.0.2.1 - ip_address_last: 192.0.2.1 - name: New Address Range 1 - new_name: New Address Range 2 - state: present - -- name: delete-address-range - cp_mgmt_address_range: - name: New Address Range 2 - state: absent -""" - -RETURN = """ -cp_mgmt_address_range: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - ip_address_first=dict(type='str'), - ipv4_address_first=dict(type='str'), - ipv6_address_first=dict(type='str'), - ip_address_last=dict(type='str'), - ipv4_address_last=dict(type='str'), - ipv6_address_last=dict(type='str'), - nat_settings=dict(type='dict', options=dict( - auto_rule=dict(type='bool'), - ip_address=dict(type='str'), - ipv4_address=dict(type='str'), - ipv6_address=dict(type='str'), - hide_behind=dict(type='str', choices=['gateway', 'ip-address']), - install_on=dict(type='str'), - method=dict(type='str', choices=['hide', 'static']) - )), - tags=dict(type='list'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - groups=dict(type='list'), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'address-range' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_address_range_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_address_range_facts.py deleted file mode 100644 index d1ad7318b8..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_address_range_facts.py +++ /dev/null @@ -1,131 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_address_range_facts -short_description: Get address-range objects facts on Check Point over Web Services API -description: - - Get address-range objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] - show_membership: - description: - - Indicates whether to calculate and show "groups" field for every object in reply. - type: bool -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-address-range - cp_mgmt_address_range_facts: - name: New Address Range 1 - -- name: show-address-ranges - cp_mgmt_address_range_facts: - details_level: standard - limit: 50 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )), - show_membership=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "address-range" - api_call_object_plural_version = "address-ranges" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_administrator.py b/lib/ansible/modules/network/check_point/cp_mgmt_administrator.py deleted file mode 100644 index 053c5c2e5c..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_administrator.py +++ /dev/null @@ -1,200 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_administrator -short_description: Manages administrator objects on Check Point over Web Services API -description: - - Manages administrator objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - authentication_method: - description: - - Authentication method. - type: str - choices: ['undefined', 'check point password', 'os password', 'securid', 'radius', 'tacacs', 'ad authentication'] - email: - description: - - Administrator email. - type: str - expiration_date: - description: - - Format, YYYY-MM-DD, YYYY-mm-ddThh,mm,ss. - type: str - multi_domain_profile: - description: - - Administrator multi-domain profile. - type: str - must_change_password: - description: - - True if administrator must change password on the next login. - type: bool - password: - description: - - Administrator password. - type: str - password_hash: - description: - - Administrator password hash. - type: str - permissions_profile: - description: - - Administrator permissions profile. Permissions profile should not be provided when multi-domain-profile is set to "Multi-Domain Super User" or - "Domain Super User". - type: list - suboptions: - profile: - description: - - Permission profile. - type: str - phone_number: - description: - - Administrator phone number. - type: str - radius_server: - description: - - RADIUS server object identified by the name or UID. Must be set when "authentication-method" was selected to be "RADIUS". - type: str - tacacs_server: - description: - - TACACS server object identified by the name or UID. Must be set when "authentication-method" was selected to be "TACACS". - type: str - tags: - description: - - Collection of tag identifiers. - type: list - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-administrator - cp_mgmt_administrator: - authentication_method: INTERNAL_PASSWORD - email: admin@gmail.com - must_change_password: false - name: admin - password: secret - permissions_profile: read write all - phone_number: 1800-800-800 - state: present - -- name: set-administrator - cp_mgmt_administrator: - name: admin - password: bew secret - permissions_profile: read only profile - state: present - -- name: delete-administrator - cp_mgmt_administrator: - name: admin - state: absent -""" - -RETURN = """ -cp_mgmt_administrator: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - authentication_method=dict(type='str', choices=['undefined', 'check point password', - 'os password', 'securid', 'radius', 'tacacs', 'ad authentication']), - email=dict(type='str'), - expiration_date=dict(type='str'), - multi_domain_profile=dict(type='str'), - must_change_password=dict(type='bool'), - password=dict(type='str'), - password_hash=dict(type='str'), - permissions_profile=dict(type='list', options=dict( - profile=dict(type='str') - )), - phone_number=dict(type='str'), - radius_server=dict(type='str'), - tacacs_server=dict(type='str'), - tags=dict(type='list'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'administrator' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_administrator_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_administrator_facts.py deleted file mode 100644 index e65ba46d5f..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_administrator_facts.py +++ /dev/null @@ -1,126 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_administrator_facts -short_description: Get administrator objects facts on Check Point over Web Services API -description: - - Get administrator objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-administrator - cp_mgmt_administrator_facts: - name: admin - -- name: show-administrators - cp_mgmt_administrator_facts: - details_level: standard - limit: 50 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )) - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "administrator" - api_call_object_plural_version = "administrators" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_application_site.py b/lib/ansible/modules/network/check_point/cp_mgmt_application_site.py deleted file mode 100644 index 77702fd864..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_application_site.py +++ /dev/null @@ -1,176 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_application_site -short_description: Manages application-site objects on Check Point over Web Services API -description: - - Manages application-site objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - primary_category: - description: - - Each application is assigned to one primary category based on its most defining aspect. - type: str - url_list: - description: - - URLs that determine this particular application. - type: list - application_signature: - description: - - Application signature generated by <a - href="https,//supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk103051">Signature Tool</a>. - type: str - additional_categories: - description: - - Used to configure or edit the additional categories of a custom application / site used in the Application and URL Filtering or Threat Prevention. - type: list - description: - description: - - A description for the application. - type: str - tags: - description: - - Collection of tag identifiers. - type: list - urls_defined_as_regular_expression: - description: - - States whether the URL is defined as a Regular Expression or not. - type: bool - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - groups: - description: - - Collection of group identifiers. - type: list - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-application-site - cp_mgmt_application_site: - additional_categories: - - Instant Chat - - Supports Streaming - - New Application Site Category 1 - description: My Application Site - name: New Application Site 1 - primary_category: Social Networking - state: present - url_list: - - www.cnet.com - - www.stackoverflow.com - urls_defined_as_regular_expression: false - -- name: set-application-site - cp_mgmt_application_site: - description: My New Application Site - name: New Application Site 1 - primary_category: Instant Chat - state: present - urls_defined_as_regular_expression: true - -- name: delete-application-site - cp_mgmt_application_site: - name: New Application Site 2 - state: absent -""" - -RETURN = """ -cp_mgmt_application_site: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - primary_category=dict(type='str'), - url_list=dict(type='list'), - application_signature=dict(type='str'), - additional_categories=dict(type='list'), - description=dict(type='str'), - tags=dict(type='list'), - urls_defined_as_regular_expression=dict(type='bool'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - groups=dict(type='list'), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'application-site' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_application_site_category.py b/lib/ansible/modules/network/check_point/cp_mgmt_application_site_category.py deleted file mode 100644 index 902cd5d944..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_application_site_category.py +++ /dev/null @@ -1,139 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_application_site_category -short_description: Manages application-site-category objects on Check Point over Web Services API -description: - - Manages application-site-category objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - description: - description: - - N/A - type: str - tags: - description: - - Collection of tag identifiers. - type: list - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - groups: - description: - - Collection of group identifiers. - type: list - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-application-site-category - cp_mgmt_application_site_category: - description: My Application Site category - name: New Application Site Category 1 - state: present - -- name: set-application-site-category - cp_mgmt_application_site_category: - description: My new Application Site category - name: New Application Site Category 1 - state: present - -- name: delete-application-site-category - cp_mgmt_application_site_category: - name: New Application Site Category 2 - state: absent -""" - -RETURN = """ -cp_mgmt_application_site_category: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - description=dict(type='str'), - tags=dict(type='list'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - groups=dict(type='list'), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'application-site-category' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_application_site_category_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_application_site_category_facts.py deleted file mode 100644 index b6d37ddd9c..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_application_site_category_facts.py +++ /dev/null @@ -1,126 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_application_site_category_facts -short_description: Get application-site-category objects facts on Check Point over Web Services API -description: - - Get application-site-category objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-application-site-category - cp_mgmt_application_site_category_facts: - name: Social Networking - -- name: show-application-site-categories - cp_mgmt_application_site_category_facts: - details_level: standard - limit: 50 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )) - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "application-site-category" - api_call_object_plural_version = "application-site-categories" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_application_site_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_application_site_facts.py deleted file mode 100644 index 5dbe4b0e5a..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_application_site_facts.py +++ /dev/null @@ -1,136 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_application_site_facts -short_description: Get application-site objects facts on Check Point over Web Services API -description: - - Get application-site objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - application_id: - description: - - Object application identifier. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] - show_membership: - description: - - Indicates whether to calculate and show "groups" field for every object in reply. - type: bool -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-application-site - cp_mgmt_application_site_facts: - name: facebook - -- name: show-application-sites - cp_mgmt_application_site_facts: - details_level: standard - limit: 50 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - application_id=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )), - show_membership=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "application-site" - api_call_object_plural_version = "application-sites" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_application_site_group.py b/lib/ansible/modules/network/check_point/cp_mgmt_application_site_group.py deleted file mode 100644 index e181b85c66..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_application_site_group.py +++ /dev/null @@ -1,144 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_application_site_group -short_description: Manages application-site-group objects on Check Point over Web Services API -description: - - Manages application-site-group objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - members: - description: - - Collection of application and URL filtering objects identified by the name or UID. - type: list - tags: - description: - - Collection of tag identifiers. - type: list - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - groups: - description: - - Collection of group identifiers. - type: list - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-application-site-group - cp_mgmt_application_site_group: - members: - - facebook - - Social Networking - - New Application Site 1 - - New Application Site Category 1 - name: New Application Site Group 1 - state: present - -- name: set-application-site-group - cp_mgmt_application_site_group: - name: New Application Site Group 1 - members: - - AliveProxy - state: present - -- name: delete-application-site-group - cp_mgmt_application_site_group: - name: New Application Site Group 1 - state: absent -""" - -RETURN = """ -cp_mgmt_application_site_group: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - members=dict(type='list'), - tags=dict(type='list'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - groups=dict(type='list'), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'application-site-group' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_application_site_group_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_application_site_group_facts.py deleted file mode 100644 index 2fae910c24..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_application_site_group_facts.py +++ /dev/null @@ -1,136 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_application_site_group_facts -short_description: Get application-site-group objects facts on Check Point over Web Services API -description: - - Get application-site-group objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] - dereference_group_members: - description: - - Indicates whether to dereference "members" field by details level for every object in reply. - type: bool - show_membership: - description: - - Indicates whether to calculate and show "groups" field for every object in reply. - type: bool -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-application-site-group - cp_mgmt_application_site_group_facts: - name: New Application Site Group 1 - -- name: show-application-site-groups - cp_mgmt_application_site_group_facts: - details_level: standard - limit: 50 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )), - dereference_group_members=dict(type='bool'), - show_membership=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "application-site-group" - api_call_object_plural_version = "application-site-groups" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_assign_global_assignment.py b/lib/ansible/modules/network/check_point/cp_mgmt_assign_global_assignment.py deleted file mode 100644 index 2095f55326..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_assign_global_assignment.py +++ /dev/null @@ -1,90 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_assign_global_assignment -short_description: assign global assignment on Check Point over Web Services API -description: - - assign global assignment on Check Point over Web Services API - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - dependent_domains: - description: - - N/A - type: list - global_domains: - description: - - N/A - type: list - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] -extends_documentation_fragment: checkpoint_commands -""" - -EXAMPLES = """ -- name: assign-global-assignment - cp_mgmt_assign_global_assignment: - dependent_domains: domain1 - global_domains: Global2 -""" - -RETURN = """ -cp_mgmt_assign_global_assignment: - description: The checkpoint assign-global-assignment output. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_commands, api_command - - -def main(): - argument_spec = dict( - dependent_domains=dict(type='list'), - global_domains=dict(type='list'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']) - ) - argument_spec.update(checkpoint_argument_spec_for_commands) - - module = AnsibleModule(argument_spec=argument_spec) - - command = "assign-global-assignment" - - result = api_command(module, command) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_discard.py b/lib/ansible/modules/network/check_point/cp_mgmt_discard.py deleted file mode 100644 index 8291badcd4..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_discard.py +++ /dev/null @@ -1,76 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_discard -short_description: All changes done by user are discarded and removed from database. -description: - - All changes done by user are discarded and removed from database. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - uid: - description: - - Session unique identifier. Specify it to discard a different session than the one you currently use. - type: str -extends_documentation_fragment: checkpoint_commands -""" - -EXAMPLES = """ -- name: discard - cp_mgmt_discard: -""" - -RETURN = """ -cp_mgmt_discard: - description: The checkpoint discard output. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_commands, api_command - - -def main(): - argument_spec = dict( - uid=dict(type='str') - ) - argument_spec.update(checkpoint_argument_spec_for_commands) - - module = AnsibleModule(argument_spec=argument_spec) - - command = "discard" - - result = api_command(module, command) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_dns_domain.py b/lib/ansible/modules/network/check_point/cp_mgmt_dns_domain.py deleted file mode 100644 index 491a695bd0..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_dns_domain.py +++ /dev/null @@ -1,134 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_dns_domain -short_description: Manages dns-domain objects on Check Point over Web Services API -description: - - Manages dns-domain objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - is_sub_domain: - description: - - Whether to match sub-domains in addition to the domain itself. - type: bool - tags: - description: - - Collection of tag identifiers. - type: list - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-dns-domain - cp_mgmt_dns_domain: - is_sub_domain: false - name: .www.example.com - state: present - -- name: set-dns-domain - cp_mgmt_dns_domain: - is_sub_domain: true - name: .www.example.com - state: present - -- name: delete-dns-domain - cp_mgmt_dns_domain: - name: .example.com - state: absent -""" - -RETURN = """ -cp_mgmt_dns_domain: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - is_sub_domain=dict(type='bool'), - tags=dict(type='list'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'dns-domain' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_dns_domain_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_dns_domain_facts.py deleted file mode 100644 index 0b61ca6cd5..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_dns_domain_facts.py +++ /dev/null @@ -1,131 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_dns_domain_facts -short_description: Get dns-domain objects facts on Check Point over Web Services API -description: - - Get dns-domain objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] - show_membership: - description: - - Indicates whether to calculate and show "groups" field for every object in reply. - type: bool -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-dns-domain - cp_mgmt_dns_domain_facts: - name: .www.example.com - -- name: show-dns-domains - cp_mgmt_dns_domain_facts: - details_level: standard - limit: 50 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )), - show_membership=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "dns-domain" - api_call_object_plural_version = "dns-domains" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_dynamic_object.py b/lib/ansible/modules/network/check_point/cp_mgmt_dynamic_object.py deleted file mode 100644 index 24f23cc1bd..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_dynamic_object.py +++ /dev/null @@ -1,124 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_dynamic_object -short_description: Manages dynamic-object objects on Check Point over Web Services API -description: - - Manages dynamic-object objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - tags: - description: - - Collection of tag identifiers. - type: list - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-dynamic-object - cp_mgmt_dynamic_object: - color: yellow - comments: My Dynamic Object 1 - name: Dynamic_Object_1 - state: present - -- name: delete-dynamic-object - cp_mgmt_dynamic_object: - name: Dynamic_Object_2 - state: absent -""" - -RETURN = """ -cp_mgmt_dynamic_object: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - tags=dict(type='list'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'dynamic-object' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_dynamic_object_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_dynamic_object_facts.py deleted file mode 100644 index 890cc90701..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_dynamic_object_facts.py +++ /dev/null @@ -1,128 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_dynamic_object_facts -short_description: Get dynamic-object objects facts on Check Point over Web Services API -description: - - Get dynamic-object objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] - show_membership: - description: - - Indicates whether to calculate and show "groups" field for every object in reply. - type: bool -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-dynamic-object - cp_mgmt_dynamic_object_facts: - name: Dynamic_Object_1 - -- name: show-dynamic-objects - cp_mgmt_dynamic_object_facts: -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )), - show_membership=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "dynamic-object" - api_call_object_plural_version = "dynamic-objects" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_exception_group.py b/lib/ansible/modules/network/check_point/cp_mgmt_exception_group.py deleted file mode 100644 index 351461acd0..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_exception_group.py +++ /dev/null @@ -1,177 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_exception_group -short_description: Manages exception-group objects on Check Point over Web Services API -description: - - Manages exception-group objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - applied_profile: - description: - - The threat profile to apply this group to in the case of apply-on threat-rules-with-specific-profile. - type: str - applied_threat_rules: - description: - - The threat rules to apply this group on in the case of apply-on manually-select-threat-rules. - type: dict - suboptions: - add: - description: - - Adds to collection of values - type: list - suboptions: - layer: - description: - - The layer of the threat rule to which the group is to be attached. - type: str - name: - description: - - The name of the threat rule to which the group is to be attached. - type: str - rule_number: - description: - - The rule-number of the threat rule to which the group is to be attached. - type: str - position: - description: - - Position in the rulebase. - type: str - apply_on: - description: - - An exception group can be set to apply on all threat rules, all threat rules which have a specific profile, or those rules manually chosen by the user. - type: str - choices: ['all-threat-rules', 'all-threat-rules-with-specific-profile', 'manually-select-threat-rules'] - tags: - description: - - Collection of tag identifiers. - type: list - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-exception-group - cp_mgmt_exception_group: - applied_threat_rules.0.layer: MyLayer - applied_threat_rules.0.name: MyThreatRule - apply_on: manually-select-threat-rules - name: exception_group_2 - state: present - -- name: set-exception-group - cp_mgmt_exception_group: - apply_on: all-threat-rules - name: exception_group_2 - state: present - tags: tag3 - -- name: delete-exception-group - cp_mgmt_exception_group: - name: exception_group_2 - state: absent -""" - -RETURN = """ -cp_mgmt_exception_group: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - applied_profile=dict(type='str'), - applied_threat_rules=dict(type='dict', options=dict( - add=dict(type='list', options=dict( - layer=dict(type='str'), - name=dict(type='str'), - rule_number=dict(type='str'), - position=dict(type='str') - )) - )), - apply_on=dict(type='str', choices=['all-threat-rules', 'all-threat-rules-with-specific-profile', 'manually-select-threat-rules']), - tags=dict(type='list'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'exception-group' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_exception_group_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_exception_group_facts.py deleted file mode 100644 index 6e19e9916b..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_exception_group_facts.py +++ /dev/null @@ -1,126 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_exception_group_facts -short_description: Get exception-group objects facts on Check Point over Web Services API -description: - - Get exception-group objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-exception-group - cp_mgmt_exception_group_facts: - name: exception_group_2 - -- name: show-exception-groups - cp_mgmt_exception_group_facts: - details_level: standard - limit: 50 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )) - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "exception-group" - api_call_object_plural_version = "exception-groups" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_global_assignment.py b/lib/ansible/modules/network/check_point/cp_mgmt_global_assignment.py deleted file mode 100644 index 8576e4418d..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_global_assignment.py +++ /dev/null @@ -1,132 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_global_assignment -short_description: Manages global-assignment objects on Check Point over Web Services API -description: - - Manages global-assignment objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - dependent_domain: - description: - - N/A - type: str - global_access_policy: - description: - - Global domain access policy that is assigned to a dependent domain. - type: str - global_domain: - description: - - N/A - type: str - global_threat_prevention_policy: - description: - - Global domain threat prevention policy that is assigned to a dependent domain. - type: str - manage_protection_actions: - description: - - N/A - type: bool - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-global-assignment - cp_mgmt_global_assignment: - dependent_domain: domain2 - global_access_policy: standard - global_domain: Global - global_threat_prevention_policy: standard - manage_protection_actions: true - state: present - -- name: set-global-assignment - cp_mgmt_global_assignment: - dependent_domain: domain1 - global_domain: Global2 - global_threat_prevention_policy: '' - manage_protection_actions: false - state: present - -- name: delete-global-assignment - cp_mgmt_global_assignment: - dependent_domain: domain1 - global_domain: Global2 - state: absent -""" - -RETURN = """ -cp_mgmt_global_assignment: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - dependent_domain=dict(type='str'), - global_access_policy=dict(type='str'), - global_domain=dict(type='str'), - global_threat_prevention_policy=dict(type='str'), - manage_protection_actions=dict(type='bool'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'global-assignment' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_global_assignment_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_global_assignment_facts.py deleted file mode 100644 index 8cc8942890..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_global_assignment_facts.py +++ /dev/null @@ -1,131 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_global_assignment_facts -short_description: Get global-assignment objects facts on Check Point over Web Services API -description: - - Get global-assignment objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - dependent_domain: - description: - - N/A - type: str - global_domain: - description: - - N/A - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-global-assignment - cp_mgmt_global_assignment_facts: - dependent_domain: domain1 - global_domain: Global2 - -- name: show-global-assignments - cp_mgmt_global_assignment_facts: - details_level: standard - limit: 50 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - dependent_domain=dict(type='str'), - global_domain=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )) - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "global-assignment" - api_call_object_plural_version = "global-assignments" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_group.py b/lib/ansible/modules/network/check_point/cp_mgmt_group.py deleted file mode 100644 index f90f82166a..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_group.py +++ /dev/null @@ -1,140 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_group -short_description: Manages group objects on Check Point over Web Services API -description: - - Manages group objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - members: - description: - - Collection of Network objects identified by the name or UID. - type: list - tags: - description: - - Collection of tag identifiers. - type: list - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - groups: - description: - - Collection of group identifiers. - type: list - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-group - cp_mgmt_group: - members: - - New Host 1 - - My Test Host 3 - name: New Group 5 - state: present - -- name: set-group - cp_mgmt_group: - name: New Group 1 - state: present - -- name: delete-group - cp_mgmt_group: - name: New Group 1 - state: absent -""" - -RETURN = """ -cp_mgmt_group: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - members=dict(type='list'), - tags=dict(type='list'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - groups=dict(type='list'), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'group' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_group_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_group_facts.py deleted file mode 100644 index a29012aee4..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_group_facts.py +++ /dev/null @@ -1,143 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_group_facts -short_description: Get group objects facts on Check Point over Web Services API -description: - - Get group objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - show_as_ranges: - description: - - When true, the group's matched content is displayed as ranges of IP addresses rather than network objects.<br />Objects that are not - represented using IP addresses are presented as objects.<br />The 'members' parameter is omitted from the response and instead the 'ranges' parameter - is displayed. - type: bool - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] - dereference_group_members: - description: - - Indicates whether to dereference "members" field by details level for every object in reply. - type: bool - show_membership: - description: - - Indicates whether to calculate and show "groups" field for every object in reply. - type: bool -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-group - cp_mgmt_group_facts: - name: Demo_Group - -- name: show-groups - cp_mgmt_group_facts: - details_level: standard - limit: 50 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - show_as_ranges=dict(type='bool'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )), - dereference_group_members=dict(type='bool'), - show_membership=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "group" - api_call_object_plural_version = "groups" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_group_with_exclusion.py b/lib/ansible/modules/network/check_point/cp_mgmt_group_with_exclusion.py deleted file mode 100644 index f4169391c2..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_group_with_exclusion.py +++ /dev/null @@ -1,146 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_group_with_exclusion -short_description: Manages group-with-exclusion objects on Check Point over Web Services API -description: - - Manages group-with-exclusion objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - except: - description: - - Name or UID of an object which the group excludes. - type: str - include: - description: - - Name or UID of an object which the group includes. - type: str - tags: - description: - - Collection of tag identifiers. - type: list - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - groups: - description: - - Collection of group identifiers. - type: list - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-group-with-exclusion - cp_mgmt_group_with_exclusion: - except: New Group 2 - include: New Group 1 - name: Group with exclusion - state: present - -- name: set-group-with-exclusion - cp_mgmt_group_with_exclusion: - except: New Group 1 - include: New Group 2 - name: Group with exclusion - state: present - -- name: delete-group-with-exclusion - cp_mgmt_group_with_exclusion: - name: Group with exclusion - state: absent -""" - -RETURN = """ -cp_mgmt_group_with_exclusion: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - include=dict(type='str'), - tags=dict(type='list'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - groups=dict(type='list'), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec['except'] = dict(type='str') - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'group-with-exclusion' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_group_with_exclusion_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_group_with_exclusion_facts.py deleted file mode 100644 index 6ab8d70e78..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_group_with_exclusion_facts.py +++ /dev/null @@ -1,133 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_group_with_exclusion_facts -short_description: Get group-with-exclusion objects facts on Check Point over Web Services API -description: - - Get group-with-exclusion objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - show_as_ranges: - description: - - When true, the group with exclusion's matched content is displayed as ranges of IP addresses rather than network objects.<br />Objects that - are not represented using IP addresses are presented as objects.<br />The 'include' and 'except' parameters are omitted from the response and instead - the 'ranges' parameter is displayed. - type: bool - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-group-with-exclusion - cp_mgmt_group_with_exclusion_facts: - name: Group with exclusion - -- name: show-groups-with-exclusion - cp_mgmt_group_with_exclusion_facts: - details_level: standard - limit: 50 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - show_as_ranges=dict(type='bool'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )) - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "group-with-exclusion" - api_call_object_plural_version = "groups-with-exclusion" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_host.py b/lib/ansible/modules/network/check_point/cp_mgmt_host.py deleted file mode 100644 index bc7c3e8c9b..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_host.py +++ /dev/null @@ -1,333 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_host -short_description: Manages host objects on Check Point over Web Services API -description: - - Manages host objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - ip_address: - description: - - IPv4 or IPv6 address. If both addresses are required use ipv4-address and ipv6-address fields explicitly. - type: str - ipv4_address: - description: - - IPv4 address. - type: str - ipv6_address: - description: - - IPv6 address. - type: str - interfaces: - description: - - Host interfaces. - type: list - suboptions: - name: - description: - - Interface name. - type: str - subnet: - description: - - IPv4 or IPv6 network address. If both addresses are required use subnet4 and subnet6 fields explicitly. - type: str - subnet4: - description: - - IPv4 network address. - type: str - subnet6: - description: - - IPv6 network address. - type: str - mask_length: - description: - - IPv4 or IPv6 network mask length. If both masks are required use mask-length4 and mask-length6 fields explicitly. Instead of IPv4 mask - length it is possible to specify IPv4 mask itself in subnet-mask field. - type: int - mask_length4: - description: - - IPv4 network mask length. - type: int - mask_length6: - description: - - IPv6 network mask length. - type: int - subnet_mask: - description: - - IPv4 network mask. - type: str - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', - 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', - 'light green', 'lemon chiffon', 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', - 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool - nat_settings: - description: - - NAT settings. - type: dict - suboptions: - auto_rule: - description: - - Whether to add automatic address translation rules. - type: bool - ip_address: - description: - - IPv4 or IPv6 address. If both addresses are required use ipv4-address and ipv6-address fields explicitly. This parameter is not - required in case "method" parameter is "hide" and "hide-behind" parameter is "gateway". - type: str - ipv4_address: - description: - - IPv4 address. - type: str - ipv6_address: - description: - - IPv6 address. - type: str - hide_behind: - description: - - Hide behind method. This parameter is not required in case "method" parameter is "static". - type: str - choices: ['gateway', 'ip-address'] - install_on: - description: - - Which gateway should apply the NAT translation. - type: str - method: - description: - - NAT translation method. - type: str - choices: ['hide', 'static'] - tags: - description: - - Collection of tag identifiers. - type: list - host_servers: - description: - - Servers Configuration. - type: dict - suboptions: - dns_server: - description: - - Gets True if this server is a DNS Server. - type: bool - mail_server: - description: - - Gets True if this server is a Mail Server. - type: bool - web_server: - description: - - Gets True if this server is a Web Server. - type: bool - web_server_config: - description: - - Web Server configuration. - type: dict - suboptions: - additional_ports: - description: - - Server additional ports. - type: list - application_engines: - description: - - Application engines of this web server. - type: list - listen_standard_port: - description: - - Whether server listens to standard port. - type: bool - operating_system: - description: - - Operating System. - type: str - choices: ['sparc linux', 'windows', 'other', 'x86 linux', 'sparc solaris'] - protected_by: - description: - - Network object which protects this server identified by the name or UID. - type: str - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - groups: - description: - - Collection of group identifiers. - type: list - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-host - cp_mgmt_host: - ip_address: 192.0.2.1 - name: New Host 1 - state: present - -- name: set-host - cp_mgmt_host: - color: green - ipv4_address: 192.0.2.2 - name: New Host 1 - state: present - -- name: delete-host - cp_mgmt_host: - name: New Host 1 - state: absent -""" - -RETURN = """ -cp_mgmt_host: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - ip_address=dict(type='str'), - ipv4_address=dict(type='str'), - ipv6_address=dict(type='str'), - interfaces=dict(type='list', options=dict( - name=dict(type='str'), - subnet=dict(type='str'), - subnet4=dict(type='str'), - subnet6=dict(type='str'), - mask_length=dict(type='int'), - mask_length4=dict(type='int'), - mask_length6=dict(type='int'), - subnet_mask=dict(type='str'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', - 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', - 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', - 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', - 'sienna', 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - )), - nat_settings=dict(type='dict', options=dict( - auto_rule=dict(type='bool'), - ip_address=dict(type='str'), - ipv4_address=dict(type='str'), - ipv6_address=dict(type='str'), - hide_behind=dict(type='str', choices=['gateway', 'ip-address']), - install_on=dict(type='str'), - method=dict(type='str', choices=['hide', 'static']) - )), - tags=dict(type='list'), - host_servers=dict(type='dict', options=dict( - dns_server=dict(type='bool'), - mail_server=dict(type='bool'), - web_server=dict(type='bool'), - web_server_config=dict(type='dict', options=dict( - additional_ports=dict(type='list'), - application_engines=dict(type='list'), - listen_standard_port=dict(type='bool'), - operating_system=dict(type='str', choices=['sparc linux', 'windows', 'other', 'x86 linux', 'sparc solaris']), - protected_by=dict(type='str') - )) - )), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - groups=dict(type='list'), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'host' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_host_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_host_facts.py deleted file mode 100644 index 821e3727a9..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_host_facts.py +++ /dev/null @@ -1,131 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_host_facts -short_description: Get host objects facts on Check Point over Web Services API -description: - - Get host objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] - show_membership: - description: - - Indicates whether to calculate and show "groups" field for every object in reply. - type: bool -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-host - cp_mgmt_host_facts: - name: New Host 1 - -- name: show-hosts - cp_mgmt_host_facts: - details_level: standard - limit: 50 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )), - show_membership=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "host" - api_call_object_plural_version = "hosts" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_install_policy.py b/lib/ansible/modules/network/check_point/cp_mgmt_install_policy.py deleted file mode 100644 index 47d26b1ebc..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_install_policy.py +++ /dev/null @@ -1,126 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_install_policy -short_description: install policy on Check Point over Web Services API -description: - - install policy on Check Point over Web Services API - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - policy_package: - description: - - The name of the Policy Package to be installed. - type: str - targets: - description: - - On what targets to execute this command. Targets may be identified by their name, or object unique identifier. - type: list - access: - description: - - Set to be true in order to install the Access Control policy. By default, the value is true if Access Control policy is enabled on the input - policy package, otherwise false. - type: bool - desktop_security: - description: - - Set to be true in order to install the Desktop Security policy. By default, the value is true if desktop security policy is enabled on the - input policy package, otherwise false. - type: bool - qos: - description: - - Set to be true in order to install the QoS policy. By default, the value is true if Quality-of-Service policy is enabled on the input policy - package, otherwise false. - type: bool - threat_prevention: - description: - - Set to be true in order to install the Threat Prevention policy. By default, the value is true if Threat Prevention policy is enabled on the - input policy package, otherwise false. - type: bool - install_on_all_cluster_members_or_fail: - description: - - Relevant for the gateway clusters. If true, the policy is installed on all the cluster members. If the installation on a cluster member fails, - don't install on that cluster. - type: bool - prepare_only: - description: - - If true, prepares the policy for the installation, but doesn't install it on an installation target. - type: bool - revision: - description: - - The UID of the revision of the policy to install. - type: str -extends_documentation_fragment: checkpoint_commands -""" - -EXAMPLES = """ -- name: install-policy - cp_mgmt_install_policy: - access: true - policy_package: standard - targets: - - corporate-gateway - threat_prevention: true -""" - -RETURN = """ -cp_mgmt_install_policy: - description: The checkpoint install-policy output. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_commands, api_command - - -def main(): - argument_spec = dict( - policy_package=dict(type='str'), - targets=dict(type='list'), - access=dict(type='bool'), - desktop_security=dict(type='bool'), - qos=dict(type='bool'), - threat_prevention=dict(type='bool'), - install_on_all_cluster_members_or_fail=dict(type='bool'), - prepare_only=dict(type='bool'), - revision=dict(type='str') - ) - argument_spec.update(checkpoint_argument_spec_for_commands) - - module = AnsibleModule(argument_spec=argument_spec) - - command = "install-policy" - - result = api_command(module, command) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_mds_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_mds_facts.py deleted file mode 100644 index fd74f8c3f8..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_mds_facts.py +++ /dev/null @@ -1,123 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_mds_facts -short_description: Get Multi-Domain Server (mds) objects facts on Check Point over Web Services API -description: - - Get mds objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-mds - cp_mgmt_mds_facts: - name: test_mds1 - -- name: show-mdss - cp_mgmt_mds_facts: -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )) - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "mds" - api_call_object_plural_version = "mdss" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_multicast_address_range.py b/lib/ansible/modules/network/check_point/cp_mgmt_multicast_address_range.py deleted file mode 100644 index 3c155faa98..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_multicast_address_range.py +++ /dev/null @@ -1,181 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_multicast_address_range -short_description: Manages multicast-address-range objects on Check Point over Web Services API -description: - - Manages multicast-address-range objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - ip_address: - description: - - IPv4 or IPv6 address. If both addresses are required use ipv4-address and ipv6-address fields explicitly. - type: str - ipv4_address: - description: - - IPv4 address. - type: str - ipv6_address: - description: - - IPv6 address. - type: str - ip_address_first: - description: - - First IP address in the range. If both IPv4 and IPv6 address ranges are required, use the ipv4-address-first and the ipv6-address-first fields instead. - type: str - ipv4_address_first: - description: - - First IPv4 address in the range. - type: str - ipv6_address_first: - description: - - First IPv6 address in the range. - type: str - ip_address_last: - description: - - Last IP address in the range. If both IPv4 and IPv6 address ranges are required, use the ipv4-address-first and the ipv6-address-first fields instead. - type: str - ipv4_address_last: - description: - - Last IPv4 address in the range. - type: str - ipv6_address_last: - description: - - Last IPv6 address in the range. - type: str - tags: - description: - - Collection of tag identifiers. - type: list - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - groups: - description: - - Collection of group identifiers. - type: list - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-multicast-address-range - cp_mgmt_multicast_address_range: - ip_address_first: 224.0.0.1 - ip_address_last: 224.0.0.4 - name: New Multicast Address Range - state: present - -- name: set-multicast-address-range - cp_mgmt_multicast_address_range: - ip_address_first: 224.0.0.7 - ip_address_last: 224.0.0.10 - name: New Multicast Address Range - state: present - -- name: delete-multicast-address-range - cp_mgmt_multicast_address_range: - name: New Multicast Address Range - state: absent -""" - -RETURN = """ -cp_mgmt_multicast_address_range: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - ip_address=dict(type='str'), - ipv4_address=dict(type='str'), - ipv6_address=dict(type='str'), - ip_address_first=dict(type='str'), - ipv4_address_first=dict(type='str'), - ipv6_address_first=dict(type='str'), - ip_address_last=dict(type='str'), - ipv4_address_last=dict(type='str'), - ipv6_address_last=dict(type='str'), - tags=dict(type='list'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - groups=dict(type='list'), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'multicast-address-range' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_multicast_address_range_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_multicast_address_range_facts.py deleted file mode 100644 index cc20d70b2b..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_multicast_address_range_facts.py +++ /dev/null @@ -1,129 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_multicast_address_range_facts -short_description: Get multicast-address-range objects facts on Check Point over Web Services API -description: - - Get multicast-address-range objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] - show_membership: - description: - - Indicates whether to calculate and show "groups" field for every object in reply. - type: bool -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-multicast-address-range - cp_mgmt_multicast_address_range_facts: - name: New Multicast Address Range - -- name: show-multicast-address-ranges - cp_mgmt_multicast_address_range_facts: - details_level: full -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )), - show_membership=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "multicast-address-range" - api_call_object_plural_version = "multicast-address-ranges" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_network.py b/lib/ansible/modules/network/check_point/cp_mgmt_network.py deleted file mode 100644 index f5bb267984..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_network.py +++ /dev/null @@ -1,225 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_network -short_description: Manages network objects on Check Point over Web Services API -description: - - Manages network objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - subnet: - description: - - IPv4 or IPv6 network address. If both addresses are required use subnet4 and subnet6 fields explicitly. - type: str - subnet4: - description: - - IPv4 network address. - type: str - subnet6: - description: - - IPv6 network address. - type: str - mask_length: - description: - - IPv4 or IPv6 network mask length. If both masks are required use mask-length4 and mask-length6 fields explicitly. Instead of IPv4 mask length - it is possible to specify IPv4 mask itself in subnet-mask field. - type: int - mask_length4: - description: - - IPv4 network mask length. - type: int - mask_length6: - description: - - IPv6 network mask length. - type: int - subnet_mask: - description: - - IPv4 network mask. - type: str - nat_settings: - description: - - NAT settings. - type: dict - suboptions: - auto_rule: - description: - - Whether to add automatic address translation rules. - type: bool - ip_address: - description: - - IPv4 or IPv6 address. If both addresses are required use ipv4-address and ipv6-address fields explicitly. This parameter is not - required in case "method" parameter is "hide" and "hide-behind" parameter is "gateway". - type: str - ipv4_address: - description: - - IPv4 address. - type: str - ipv6_address: - description: - - IPv6 address. - type: str - hide_behind: - description: - - Hide behind method. This parameter is not required in case "method" parameter is "static". - type: str - choices: ['gateway', 'ip-address'] - install_on: - description: - - Which gateway should apply the NAT translation. - type: str - method: - description: - - NAT translation method. - type: str - choices: ['hide', 'static'] - tags: - description: - - Collection of tag identifiers. - type: list - broadcast: - description: - - Allow broadcast address inclusion. - type: str - choices: ['disallow', 'allow'] - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - groups: - description: - - Collection of group identifiers. - type: list - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-network - cp_mgmt_network: - name: New Network 1 - state: present - subnet: 192.0.2.0 - subnet_mask: 255.255.255.0 - -- name: set-network - cp_mgmt_network: - color: green - mask_length: 16 - name: New Network 1 - new_name: New Network 2 - state: present - subnet: 192.0.0.0 - -- name: delete-network - cp_mgmt_network: - name: New Network 2 - state: absent -""" - -RETURN = """ -cp_mgmt_network: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - subnet=dict(type='str'), - subnet4=dict(type='str'), - subnet6=dict(type='str'), - mask_length=dict(type='int'), - mask_length4=dict(type='int'), - mask_length6=dict(type='int'), - subnet_mask=dict(type='str'), - nat_settings=dict(type='dict', options=dict( - auto_rule=dict(type='bool'), - ip_address=dict(type='str'), - ipv4_address=dict(type='str'), - ipv6_address=dict(type='str'), - hide_behind=dict(type='str', choices=['gateway', 'ip-address']), - install_on=dict(type='str'), - method=dict(type='str', choices=['hide', 'static']) - )), - tags=dict(type='list'), - broadcast=dict(type='str', choices=['disallow', 'allow']), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - groups=dict(type='list'), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'network' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_network_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_network_facts.py deleted file mode 100644 index 0b2f8f68de..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_network_facts.py +++ /dev/null @@ -1,131 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_network_facts -short_description: Get network objects facts on Check Point over Web Services API -description: - - Get network objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] - show_membership: - description: - - Indicates whether to calculate and show "groups" field for every object in reply. - type: bool -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-network - cp_mgmt_network_facts: - name: New Network 1 - -- name: show-networks - cp_mgmt_network_facts: - details_level: standard - limit: 50 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )), - show_membership=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "network" - api_call_object_plural_version = "networks" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_package.py b/lib/ansible/modules/network/check_point/cp_mgmt_package.py deleted file mode 100644 index dc82ebad6a..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_package.py +++ /dev/null @@ -1,243 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_package -short_description: Manages package objects on Check Point over Web Services API -description: - - Manages package objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - access: - description: - - True - enables, False - disables access & NAT policies, empty - nothing is changed. - type: bool - desktop_security: - description: - - True - enables, False - disables Desktop security policy, empty - nothing is changed. - type: bool - installation_targets: - description: - - Which Gateways identified by the name or UID to install the policy on. - type: list - qos: - description: - - True - enables, False - disables QoS policy, empty - nothing is changed. - type: bool - qos_policy_type: - description: - - QoS policy type. - type: str - choices: ['recommended', 'express'] - tags: - description: - - Collection of tag identifiers. - type: list - threat_prevention: - description: - - True - enables, False - disables Threat policy, empty - nothing is changed. - type: bool - vpn_traditional_mode: - description: - - True - enables, False - disables VPN traditional mode, empty - nothing is changed. - type: bool - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool - access_layers: - description: - - Access policy layers. - type: dict - suboptions: - add: - description: - - Collection of Access layer objects to be added identified by the name or UID. - type: list - suboptions: - name: - description: - - Layer name or UID. - type: str - position: - description: - - Layer position. - type: int - remove: - description: - - Collection of Access layer objects to be removed identified by the name or UID. - type: list - value: - description: - - Collection of Access layer objects to be set identified by the name or UID. Replaces existing Access layers. - type: list - threat_layers: - description: - - Threat policy layers. - type: dict - suboptions: - add: - description: - - Collection of Threat layer objects to be added identified by the name or UID. - type: list - suboptions: - name: - description: - - Layer name or UID. - type: str - position: - description: - - Layer position. - type: int - remove: - description: - - Collection of Threat layer objects to be removed identified by the name or UID. - type: list - value: - description: - - Collection of Threat layer objects to be set identified by the name or UID. Replaces existing Threat layers. - type: list -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-package - cp_mgmt_package: - access: true - color: green - comments: My Comments - name: New_Standard_Package_1 - state: present - threat_prevention: false - -- name: set-package - cp_mgmt_package: - access_layers: - add: - - name: New Access Layer 1 - position: 1 - name: Standard - state: present - threat_layers: - add: - - name: New Layer 1 - position: 2 - -- name: delete-package - cp_mgmt_package: - name: New Standard Package 1 - state: absent -""" - -RETURN = """ -cp_mgmt_package: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - access=dict(type='bool'), - desktop_security=dict(type='bool'), - installation_targets=dict(type='list'), - qos=dict(type='bool'), - qos_policy_type=dict(type='str', choices=['recommended', 'express']), - tags=dict(type='list'), - threat_prevention=dict(type='bool'), - vpn_traditional_mode=dict(type='bool'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool'), - access_layers=dict(type='dict', options=dict( - add=dict(type='list', options=dict( - name=dict(type='str'), - position=dict(type='int') - )), - remove=dict(type='list'), - value=dict(type='list') - )), - threat_layers=dict(type='dict', options=dict( - add=dict(type='list', options=dict( - name=dict(type='str'), - position=dict(type='int') - )), - remove=dict(type='list'), - value=dict(type='list') - )) - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'package' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_package_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_package_facts.py deleted file mode 100644 index 0d0f277d1f..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_package_facts.py +++ /dev/null @@ -1,126 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_package_facts -short_description: Get package objects facts on Check Point over Web Services API -description: - - Get package objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-package - cp_mgmt_package_facts: - name: New_Standard_Package_1 - -- name: show-packages - cp_mgmt_package_facts: - details_level: standard - limit: 50 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )) - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "package" - api_call_object_plural_version = "packages" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_publish.py b/lib/ansible/modules/network/check_point/cp_mgmt_publish.py deleted file mode 100644 index 3f0146249c..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_publish.py +++ /dev/null @@ -1,76 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_publish -short_description: All the changes done by this user will be seen by all users only after publish is called. -description: - - All the changes done by this user will be seen by all users only after publish is called. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - uid: - description: - - Session unique identifier. Specify it to publish a different session than the one you currently use. - type: str -extends_documentation_fragment: checkpoint_commands -""" - -EXAMPLES = """ -- name: publish - cp_mgmt_publish: -""" - -RETURN = """ -cp_mgmt_publish: - description: The checkpoint publish output. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_commands, api_command - - -def main(): - argument_spec = dict( - uid=dict(type='str') - ) - argument_spec.update(checkpoint_argument_spec_for_commands) - - module = AnsibleModule(argument_spec=argument_spec) - - command = "publish" - - result = api_command(module, command) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_put_file.py b/lib/ansible/modules/network/check_point/cp_mgmt_put_file.py deleted file mode 100644 index 41f433d24f..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_put_file.py +++ /dev/null @@ -1,101 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_put_file -short_description: put file on Check Point over Web Services API -description: - - put file on Check Point over Web Services API - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - targets: - description: - - On what targets to execute this command. Targets may be identified by their name, or object unique identifier. - type: list - file_content: - description: - - N/A - type: str - file_name: - description: - - N/A - type: str - file_path: - description: - - N/A - type: str - comments: - description: - - Comments string. - type: str -extends_documentation_fragment: checkpoint_commands -""" - -EXAMPLES = """ -- name: put-file - cp_mgmt_put_file: - file_content: 'vs ip 192.0.2.1\nvs2 ip 192.0.2.2' - file_name: vsx_conf - file_path: /home/admin/ - targets: - - corporate-gateway -""" - -RETURN = """ -cp_mgmt_put_file: - description: The checkpoint put-file output. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_commands, api_command - - -def main(): - argument_spec = dict( - targets=dict(type='list'), - file_content=dict(type='str'), - file_name=dict(type='str'), - file_path=dict(type='str'), - comments=dict(type='str') - ) - argument_spec.update(checkpoint_argument_spec_for_commands) - - module = AnsibleModule(argument_spec=argument_spec) - - command = "put-file" - - result = api_command(module, command) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_run_ips_update.py b/lib/ansible/modules/network/check_point/cp_mgmt_run_ips_update.py deleted file mode 100644 index fea41fe84e..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_run_ips_update.py +++ /dev/null @@ -1,76 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_run_ips_update -short_description: Runs IPS database update. If "package-path" is not provided server will try to get the latest package from the User Center. -description: - - Runs IPS database update. If "package-path" is not provided server will try to get the latest package from the User Center. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - package_path: - description: - - Offline update package path. - type: str -extends_documentation_fragment: checkpoint_commands -""" - -EXAMPLES = """ -- name: run-ips-update - cp_mgmt_run_ips_update: -""" - -RETURN = """ -cp_mgmt_run_ips_update: - description: The checkpoint run-ips-update output. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_commands, api_command - - -def main(): - argument_spec = dict( - package_path=dict(type='str') - ) - argument_spec.update(checkpoint_argument_spec_for_commands) - - module = AnsibleModule(argument_spec=argument_spec) - - command = "run-ips-update" - - result = api_command(module, command) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_run_script.py b/lib/ansible/modules/network/check_point/cp_mgmt_run_script.py deleted file mode 100644 index 38b4a4c0e8..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_run_script.py +++ /dev/null @@ -1,100 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_run_script -short_description: Executes the script on a given list of targets. -description: - - Executes the script on a given list of targets. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - script_name: - description: - - Script name. - type: str - script: - description: - - Script body. - type: str - targets: - description: - - On what targets to execute this command. Targets may be identified by their name, or object unique identifier. - type: list - args: - description: - - Script arguments. - type: str - comments: - description: - - Comments string. - type: str -extends_documentation_fragment: checkpoint_commands -""" - -EXAMPLES = """ -- name: run-script - cp_mgmt_run_script: - script: ls -l / - script_name: 'Script Example: List files under / dir' - targets: - - corporate-gateway -""" - -RETURN = """ -cp_mgmt_run_script: - description: The checkpoint run-script output. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_commands, api_command - - -def main(): - argument_spec = dict( - script_name=dict(type='str'), - script=dict(type='str'), - targets=dict(type='list'), - args=dict(type='str'), - comments=dict(type='str') - ) - argument_spec.update(checkpoint_argument_spec_for_commands) - - module = AnsibleModule(argument_spec=argument_spec) - - command = "run-script" - - result = api_command(module, command) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_security_zone.py b/lib/ansible/modules/network/check_point/cp_mgmt_security_zone.py deleted file mode 100644 index 95099bb085..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_security_zone.py +++ /dev/null @@ -1,129 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_security_zone -short_description: Manages security-zone objects on Check Point over Web Services API -description: - - Manages security-zone objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - tags: - description: - - Collection of tag identifiers. - type: list - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-security-zone - cp_mgmt_security_zone: - color: yellow - comments: My Security Zone 1 - name: SZone1 - state: present - -- name: set-security-zone - cp_mgmt_security_zone: - name: SZone1 - state: present - -- name: delete-security-zone - cp_mgmt_security_zone: - name: SZone2 - state: absent -""" - -RETURN = """ -cp_mgmt_security_zone: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - tags=dict(type='list'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'security-zone' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_security_zone_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_security_zone_facts.py deleted file mode 100644 index fd0c7bebff..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_security_zone_facts.py +++ /dev/null @@ -1,128 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_security_zone_facts -short_description: Get security-zone objects facts on Check Point over Web Services API -description: - - Get security-zone objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] - show_membership: - description: - - Indicates whether to calculate and show "groups" field for every object in reply. - type: bool -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-security-zone - cp_mgmt_security_zone_facts: - name: SZone1 - -- name: show-security-zones - cp_mgmt_security_zone_facts: -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )), - show_membership=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "security-zone" - api_call_object_plural_version = "security-zones" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_service_dce_rpc.py b/lib/ansible/modules/network/check_point/cp_mgmt_service_dce_rpc.py deleted file mode 100644 index 8626ee85e0..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_service_dce_rpc.py +++ /dev/null @@ -1,147 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_service_dce_rpc -short_description: Manages service-dce-rpc objects on Check Point over Web Services API -description: - - Manages service-dce-rpc objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - interface_uuid: - description: - - Network interface UUID. - type: str - keep_connections_open_after_policy_installation: - description: - - Keep connections open after policy has been installed even if they are not allowed under the new policy. This overrides the settings in the - Connection Persistence page. If you change this property, the change will not affect open connections, but only future connections. - type: bool - tags: - description: - - Collection of tag identifiers. - type: list - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - groups: - description: - - Collection of group identifiers. - type: list - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-service-dce-rpc - cp_mgmt_service_dce_rpc: - interface_uuid: 97aeb460-9aea-11d5-bd16-0090272ccb30 - keep_connections_open_after_policy_installation: false - name: New_DCE-RPC_Service_1 - state: present - -- name: set-service-dce-rpc - cp_mgmt_service_dce_rpc: - color: green - interface_uuid: 44aeb460-9aea-11d5-bd16-009027266b30 - name: New_DCE-RPC_Service_1 - state: present - -- name: delete-service-dce-rpc - cp_mgmt_service_dce_rpc: - name: New_DCE-RPC_Service_2 - state: absent -""" - -RETURN = """ -cp_mgmt_service_dce_rpc: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - interface_uuid=dict(type='str'), - keep_connections_open_after_policy_installation=dict(type='bool'), - tags=dict(type='list'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - groups=dict(type='list'), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'service-dce-rpc' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_service_dce_rpc_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_service_dce_rpc_facts.py deleted file mode 100644 index 1d2b7c313f..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_service_dce_rpc_facts.py +++ /dev/null @@ -1,131 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_service_dce_rpc_facts -short_description: Get service-dce-rpc objects facts on Check Point over Web Services API -description: - - Get service-dce-rpc objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] - show_membership: - description: - - Indicates whether to calculate and show "groups" field for every object in reply. - type: bool -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-service-dce-rpc - cp_mgmt_service_dce_rpc_facts: - name: HP-OpCdistm - -- name: show-services-dce-rpc - cp_mgmt_service_dce_rpc_facts: - details_level: standard - limit: 50 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )), - show_membership=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "service-dce-rpc" - api_call_object_plural_version = "services-dce-rpc" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_service_group.py b/lib/ansible/modules/network/check_point/cp_mgmt_service_group.py deleted file mode 100644 index 75835b8222..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_service_group.py +++ /dev/null @@ -1,146 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_service_group -short_description: Manages service-group objects on Check Point over Web Services API -description: - - Manages service-group objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - members: - description: - - Collection of Network objects identified by the name or UID. - type: list - tags: - description: - - Collection of tag identifiers. - type: list - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - groups: - description: - - Collection of group identifiers. - type: list - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-service-group - cp_mgmt_service_group: - members: - - https - - bootp - - nisplus - - HP-OpCdistm - name: New Service Group 1 - state: present - -- name: set-service-group - cp_mgmt_service_group: - name: New Service Group 1 - members: - - https - - bootp - - nisplus - state: present - -- name: delete-service-group - cp_mgmt_service_group: - name: New Service Group 1 - state: absent -""" - -RETURN = """ -cp_mgmt_service_group: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - members=dict(type='list'), - tags=dict(type='list'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - groups=dict(type='list'), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'service-group' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_service_group_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_service_group_facts.py deleted file mode 100644 index 1eeb23b715..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_service_group_facts.py +++ /dev/null @@ -1,143 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_service_group_facts -short_description: Get service-group objects facts on Check Point over Web Services API -description: - - Get service-group objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - show_as_ranges: - description: - - When true, the service group's matched content is displayed as ranges of port numbers rather than service objects.<br />Objects that are not - represented using port numbers are presented as objects.<br />The 'members' parameter is omitted from the response and instead the 'ranges' parameter - is displayed. - type: bool - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] - dereference_group_members: - description: - - Indicates whether to dereference "members" field by details level for every object in reply. - type: bool - show_membership: - description: - - Indicates whether to calculate and show "groups" field for every object in reply. - type: bool -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-service-group - cp_mgmt_service_group_facts: - name: New Service Group 1 - -- name: show-service-groups - cp_mgmt_service_group_facts: - details_level: standard - limit: 50 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - show_as_ranges=dict(type='bool'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )), - dereference_group_members=dict(type='bool'), - show_membership=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "service-group" - api_call_object_plural_version = "service-groups" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_service_icmp.py b/lib/ansible/modules/network/check_point/cp_mgmt_service_icmp.py deleted file mode 100644 index 098c41e79c..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_service_icmp.py +++ /dev/null @@ -1,152 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_service_icmp -short_description: Manages service-icmp objects on Check Point over Web Services API -description: - - Manages service-icmp objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - icmp_code: - description: - - As listed in, <a href="http,//www.iana.org/assignments/icmp-parameters" target="_blank">RFC 792</a>. - type: int - icmp_type: - description: - - As listed in, <a href="http,//www.iana.org/assignments/icmp-parameters" target="_blank">RFC 792</a>. - type: int - keep_connections_open_after_policy_installation: - description: - - Keep connections open after policy has been installed even if they are not allowed under the new policy. This overrides the settings in the - Connection Persistence page. If you change this property, the change will not affect open connections, but only future connections. - type: bool - tags: - description: - - Collection of tag identifiers. - type: list - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - groups: - description: - - Collection of group identifiers. - type: list - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-service-icmp - cp_mgmt_service_icmp: - icmp_code: 7 - icmp_type: 5 - name: Icmp1 - state: present - -- name: set-service-icmp - cp_mgmt_service_icmp: - icmp_code: 13 - icmp_type: 45 - name: icmp1 - state: present - -- name: delete-service-icmp - cp_mgmt_service_icmp: - name: icmp3 - state: absent -""" - -RETURN = """ -cp_mgmt_service_icmp: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - icmp_code=dict(type='int'), - icmp_type=dict(type='int'), - keep_connections_open_after_policy_installation=dict(type='bool'), - tags=dict(type='list'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - groups=dict(type='list'), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'service-icmp' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_service_icmp6.py b/lib/ansible/modules/network/check_point/cp_mgmt_service_icmp6.py deleted file mode 100644 index d35a409cdb..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_service_icmp6.py +++ /dev/null @@ -1,152 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_service_icmp6 -short_description: Manages service-icmp6 objects on Check Point over Web Services API -description: - - Manages service-icmp6 objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - icmp_code: - description: - - As listed in, <a href="http,//www.iana.org/assignments/icmp-parameters" target="_blank">RFC 792</a>. - type: int - icmp_type: - description: - - As listed in, <a href="http,//www.iana.org/assignments/icmp-parameters" target="_blank">RFC 792</a>. - type: int - keep_connections_open_after_policy_installation: - description: - - Keep connections open after policy has been installed even if they are not allowed under the new policy. This overrides the settings in the - Connection Persistence page. If you change this property, the change will not affect open connections, but only future connections. - type: bool - tags: - description: - - Collection of tag identifiers. - type: list - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - groups: - description: - - Collection of group identifiers. - type: list - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-service-icmp6 - cp_mgmt_service_icmp6: - icmp_code: 7 - icmp_type: 5 - name: Icmp1 - state: present - -- name: set-service-icmp6 - cp_mgmt_service_icmp6: - icmp_code: 13 - icmp_type: 45 - name: icmp1 - state: present - -- name: delete-service-icmp6 - cp_mgmt_service_icmp6: - name: icmp2 - state: absent -""" - -RETURN = """ -cp_mgmt_service_icmp6: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - icmp_code=dict(type='int'), - icmp_type=dict(type='int'), - keep_connections_open_after_policy_installation=dict(type='bool'), - tags=dict(type='list'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - groups=dict(type='list'), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'service-icmp6' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_service_icmp6_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_service_icmp6_facts.py deleted file mode 100644 index ac8638d35a..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_service_icmp6_facts.py +++ /dev/null @@ -1,130 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_service_icmp6_facts -short_description: Get service-icmp6 objects facts on Check Point over Web Services API -description: - - Get service-icmp6 objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] - show_membership: - description: - - Indicates whether to calculate and show "groups" field for every object in reply. - type: bool -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-service-icmp6 - cp_mgmt_service_icmp6_facts: - name: echo-reply6 - -- name: show-services-icmp6 - cp_mgmt_service_icmp6_facts: - limit: 2 - offset: 4 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )), - show_membership=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "service-icmp6" - api_call_object_plural_version = "services-icmp6" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_service_icmp_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_service_icmp_facts.py deleted file mode 100644 index 144de4dc90..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_service_icmp_facts.py +++ /dev/null @@ -1,130 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_service_icmp_facts -short_description: Get service-icmp objects facts on Check Point over Web Services API -description: - - Get service-icmp objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] - show_membership: - description: - - Indicates whether to calculate and show "groups" field for every object in reply. - type: bool -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-service-icmp - cp_mgmt_service_icmp_facts: - name: info-req - -- name: show-services-icmp - cp_mgmt_service_icmp_facts: - limit: 4 - offset: 3 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )), - show_membership=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "service-icmp" - api_call_object_plural_version = "services-icmp" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_service_other.py b/lib/ansible/modules/network/check_point/cp_mgmt_service_other.py deleted file mode 100644 index e8a9518c9f..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_service_other.py +++ /dev/null @@ -1,225 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_service_other -short_description: Manages service-other objects on Check Point over Web Services API -description: - - Manages service-other objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - accept_replies: - description: - - Specifies whether Other Service replies are to be accepted. - type: bool - action: - description: - - Contains an INSPECT expression that defines the action to take if a rule containing this service is matched. - Example, set r_mhandler &open_ssl_handler sets a handler on the connection. - type: str - aggressive_aging: - description: - - Sets short (aggressive) timeouts for idle connections. - type: dict - suboptions: - default_timeout: - description: - - Default aggressive aging timeout in seconds. - type: int - enable: - description: - - N/A - type: bool - timeout: - description: - - Aggressive aging timeout in seconds. - type: int - use_default_timeout: - description: - - N/A - type: bool - ip_protocol: - description: - - IP protocol number. - type: int - keep_connections_open_after_policy_installation: - description: - - Keep connections open after policy has been installed even if they are not allowed under the new policy. This overrides the settings in the - Connection Persistence page. If you change this property, the change will not affect open connections, but only future connections. - type: bool - match: - description: - - Contains an INSPECT expression that defines the matching criteria. The connection is examined against the expression during the first packet. - Example, tcp, dport = 21, direction = 0 matches incoming FTP control connections. - type: str - match_for_any: - description: - - Indicates whether this service is used when 'Any' is set as the rule's service and there are several service objects with the same source port - and protocol. - type: bool - override_default_settings: - description: - - Indicates whether this service is a Data Domain service which has been overridden. - type: bool - session_timeout: - description: - - Time (in seconds) before the session times out. - type: int - sync_connections_on_cluster: - description: - - Enables state-synchronized High Availability or Load Sharing on a ClusterXL or OPSEC-certified cluster. - type: bool - tags: - description: - - Collection of tag identifiers. - type: list - use_default_session_timeout: - description: - - Use default virtual session timeout. - type: bool - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - groups: - description: - - Collection of group identifiers. - type: list - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-service-other - cp_mgmt_service_other: - aggressive_aging: - enable: true - timeout: 360 - use_default_timeout: false - ip_protocol: 51 - keep_connections_open_after_policy_installation: false - match_for_any: true - name: New_Service_1 - session_timeout: 0 - state: present - sync_connections_on_cluster: true - -- name: set-service-other - cp_mgmt_service_other: - aggressive_aging: - default_timeout: 3600 - color: green - name: New_Service_1 - state: present - -- name: delete-service-other - cp_mgmt_service_other: - name: New_Service_2 - state: absent -""" - -RETURN = """ -cp_mgmt_service_other: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - accept_replies=dict(type='bool'), - action=dict(type='str'), - aggressive_aging=dict(type='dict', options=dict( - default_timeout=dict(type='int'), - enable=dict(type='bool'), - timeout=dict(type='int'), - use_default_timeout=dict(type='bool') - )), - ip_protocol=dict(type='int'), - keep_connections_open_after_policy_installation=dict(type='bool'), - match=dict(type='str'), - match_for_any=dict(type='bool'), - override_default_settings=dict(type='bool'), - session_timeout=dict(type='int'), - sync_connections_on_cluster=dict(type='bool'), - tags=dict(type='list'), - use_default_session_timeout=dict(type='bool'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - groups=dict(type='list'), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'service-other' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_service_other_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_service_other_facts.py deleted file mode 100644 index 5a21fd32ed..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_service_other_facts.py +++ /dev/null @@ -1,131 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_service_other_facts -short_description: Get service-other objects facts on Check Point over Web Services API -description: - - Get service-other objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] - show_membership: - description: - - Indicates whether to calculate and show "groups" field for every object in reply. - type: bool -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-service-other - cp_mgmt_service_other_facts: - name: New_Service_1 - -- name: show-services-other - cp_mgmt_service_other_facts: - details_level: standard - limit: 50 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )), - show_membership=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "service-other" - api_call_object_plural_version = "services-other" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_service_rpc.py b/lib/ansible/modules/network/check_point/cp_mgmt_service_rpc.py deleted file mode 100644 index c574cb5c0f..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_service_rpc.py +++ /dev/null @@ -1,147 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_service_rpc -short_description: Manages service-rpc objects on Check Point over Web Services API -description: - - Manages service-rpc objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - keep_connections_open_after_policy_installation: - description: - - Keep connections open after policy has been installed even if they are not allowed under the new policy. This overrides the settings in the - Connection Persistence page. If you change this property, the change will not affect open connections, but only future connections. - type: bool - program_number: - description: - - N/A - type: int - tags: - description: - - Collection of tag identifiers. - type: list - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - groups: - description: - - Collection of group identifiers. - type: list - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-service-rpc - cp_mgmt_service_rpc: - keep_connections_open_after_policy_installation: false - name: New_RPC_Service_1 - program_number: 5669 - state: present - -- name: set-service-rpc - cp_mgmt_service_rpc: - color: green - name: New_RPC_Service_1 - program_number: 5656 - state: present - -- name: delete-service-rpc - cp_mgmt_service_rpc: - name: New_RPC_Service_2 - state: absent -""" - -RETURN = """ -cp_mgmt_service_rpc: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - keep_connections_open_after_policy_installation=dict(type='bool'), - program_number=dict(type='int'), - tags=dict(type='list'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - groups=dict(type='list'), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'service-rpc' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_service_rpc_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_service_rpc_facts.py deleted file mode 100644 index 2e93105250..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_service_rpc_facts.py +++ /dev/null @@ -1,131 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_service_rpc_facts -short_description: Get service-rpc objects facts on Check Point over Web Services API -description: - - Get service-rpc objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] - show_membership: - description: - - Indicates whether to calculate and show "groups" field for every object in reply. - type: bool -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-service-rpc - cp_mgmt_service_rpc_facts: - name: nisplus - -- name: show-services-rpc - cp_mgmt_service_rpc_facts: - details_level: standard - limit: 50 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )), - show_membership=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "service-rpc" - api_call_object_plural_version = "services-rpc" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_service_sctp.py b/lib/ansible/modules/network/check_point/cp_mgmt_service_sctp.py deleted file mode 100644 index d6e525f094..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_service_sctp.py +++ /dev/null @@ -1,209 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_service_sctp -short_description: Manages service-sctp objects on Check Point over Web Services API -description: - - Manages service-sctp objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - port: - description: - - Port number. To specify a port range add a hyphen between the lowest and the highest port numbers, for example 44-45. - type: str - aggressive_aging: - description: - - Sets short (aggressive) timeouts for idle connections. - type: dict - suboptions: - default_timeout: - description: - - Default aggressive aging timeout in seconds. - type: int - enable: - description: - - N/A - type: bool - timeout: - description: - - Aggressive aging timeout in seconds. - type: int - use_default_timeout: - description: - - N/A - type: bool - keep_connections_open_after_policy_installation: - description: - - Keep connections open after policy has been installed even if they are not allowed under the new policy. This overrides the settings in the - Connection Persistence page. If you change this property, the change will not affect open connections, but only future connections. - type: bool - match_for_any: - description: - - Indicates whether this service is used when 'Any' is set as the rule's service and there are several service objects with the same source port - and protocol. - type: bool - session_timeout: - description: - - Time (in seconds) before the session times out. - type: int - source_port: - description: - - Source port number. To specify a port range add a hyphen between the lowest and the highest port numbers, for example 44-45. - type: str - sync_connections_on_cluster: - description: - - Enables state-synchronized High Availability or Load Sharing on a ClusterXL or OPSEC-certified cluster. - type: bool - tags: - description: - - Collection of tag identifiers. - type: list - use_default_session_timeout: - description: - - Use default virtual session timeout. - type: bool - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - groups: - description: - - Collection of group identifiers. - type: list - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-service-sctp - cp_mgmt_service_sctp: - aggressive_aging: - enable: true - timeout: 360 - use_default_timeout: false - keep_connections_open_after_policy_installation: false - match_for_any: true - name: New_SCTP_Service_1 - port: 5669 - session_timeout: 0 - state: present - sync_connections_on_cluster: true - -- name: set-service-sctp - cp_mgmt_service_sctp: - aggressive_aging: - default_timeout: 3600 - color: green - name: New_SCTP_Service_1 - port: 5656 - state: present - -- name: delete-service-sctp - cp_mgmt_service_sctp: - name: New_SCTP_Service_2 - state: absent -""" - -RETURN = """ -cp_mgmt_service_sctp: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - port=dict(type='str'), - aggressive_aging=dict(type='dict', options=dict( - default_timeout=dict(type='int'), - enable=dict(type='bool'), - timeout=dict(type='int'), - use_default_timeout=dict(type='bool') - )), - keep_connections_open_after_policy_installation=dict(type='bool'), - match_for_any=dict(type='bool'), - session_timeout=dict(type='int'), - source_port=dict(type='str'), - sync_connections_on_cluster=dict(type='bool'), - tags=dict(type='list'), - use_default_session_timeout=dict(type='bool'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - groups=dict(type='list'), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'service-sctp' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_service_sctp_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_service_sctp_facts.py deleted file mode 100644 index e02a66ade8..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_service_sctp_facts.py +++ /dev/null @@ -1,131 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_service_sctp_facts -short_description: Get service-sctp objects facts on Check Point over Web Services API -description: - - Get service-sctp objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] - show_membership: - description: - - Indicates whether to calculate and show "groups" field for every object in reply. - type: bool -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-service-sctp - cp_mgmt_service_sctp_facts: - name: New_SCTP_Service_1 - -- name: show-services-sctp - cp_mgmt_service_sctp_facts: - details_level: standard - limit: 50 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )), - show_membership=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "service-sctp" - api_call_object_plural_version = "services-sctp" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_service_tcp.py b/lib/ansible/modules/network/check_point/cp_mgmt_service_tcp.py deleted file mode 100644 index b3e6630eb1..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_service_tcp.py +++ /dev/null @@ -1,229 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_service_tcp -short_description: Manages service-tcp objects on Check Point over Web Services API -description: - - Manages service-tcp objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - aggressive_aging: - description: - - Sets short (aggressive) timeouts for idle connections. - type: dict - suboptions: - default_timeout: - description: - - Default aggressive aging timeout in seconds. - type: int - enable: - description: - - N/A - type: bool - timeout: - description: - - Aggressive aging timeout in seconds. - type: int - use_default_timeout: - description: - - N/A - type: bool - keep_connections_open_after_policy_installation: - description: - - Keep connections open after policy has been installed even if they are not allowed under the new policy. This overrides the settings in the - Connection Persistence page. If you change this property, the change will not affect open connections, but only future connections. - type: bool - match_by_protocol_signature: - description: - - A value of true enables matching by the selected protocol's signature - the signature identifies the protocol as genuine. Select this option - to limit the port to the specified protocol. If the selected protocol does not support matching by signature, this field cannot be set to true. - type: bool - match_for_any: - description: - - Indicates whether this service is used when 'Any' is set as the rule's service and there are several service objects with the same source port - and protocol. - type: bool - override_default_settings: - description: - - Indicates whether this service is a Data Domain service which has been overridden. - type: bool - port: - description: - - The number of the port used to provide this service. To specify a port range, place a hyphen between the lowest and highest port numbers, for - example 44-55. - type: str - protocol: - description: - - Select the protocol type associated with the service, and by implication, the management server (if any) that enforces Content Security and - Authentication for the service. Selecting a Protocol Type invokes the specific protocol handlers for each protocol type, thus enabling higher level of - security by parsing the protocol, and higher level of connectivity by tracking dynamic actions (such as opening of ports). - type: str - session_timeout: - description: - - Time (in seconds) before the session times out. - type: int - source_port: - description: - - Port number for the client side service. If specified, only those Source port Numbers will be Accepted, Dropped, or Rejected during packet - inspection. Otherwise, the source port is not inspected. - type: str - sync_connections_on_cluster: - description: - - Enables state-synchronized High Availability or Load Sharing on a ClusterXL or OPSEC-certified cluster. - type: bool - tags: - description: - - Collection of tag identifiers. - type: list - use_default_session_timeout: - description: - - Use default virtual session timeout. - type: bool - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - groups: - description: - - Collection of group identifiers. - type: list - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-service-tcp - cp_mgmt_service_tcp: - aggressive_aging: - enable: true - timeout: 360 - use_default_timeout: false - keep_connections_open_after_policy_installation: false - match_for_any: true - name: New_TCP_Service_1 - port: 5669 - session_timeout: 0 - state: present - sync_connections_on_cluster: true - -- name: set-service-tcp - cp_mgmt_service_tcp: - aggressive_aging: - default_timeout: 3600 - color: green - name: New_TCP_Service_1 - port: 5656 - state: present - -- name: delete-service-tcp - cp_mgmt_service_tcp: - name: New_TCP_Service_1 - state: absent -""" - -RETURN = """ -cp_mgmt_service_tcp: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - aggressive_aging=dict(type='dict', options=dict( - default_timeout=dict(type='int'), - enable=dict(type='bool'), - timeout=dict(type='int'), - use_default_timeout=dict(type='bool') - )), - keep_connections_open_after_policy_installation=dict(type='bool'), - match_by_protocol_signature=dict(type='bool'), - match_for_any=dict(type='bool'), - override_default_settings=dict(type='bool'), - port=dict(type='str'), - protocol=dict(type='str'), - session_timeout=dict(type='int'), - source_port=dict(type='str'), - sync_connections_on_cluster=dict(type='bool'), - tags=dict(type='list'), - use_default_session_timeout=dict(type='bool'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - groups=dict(type='list'), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'service-tcp' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_service_tcp_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_service_tcp_facts.py deleted file mode 100644 index c3459247e2..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_service_tcp_facts.py +++ /dev/null @@ -1,131 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_service_tcp_facts -short_description: Get service-tcp objects facts on Check Point over Web Services API -description: - - Get service-tcp objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] - show_membership: - description: - - Indicates whether to calculate and show "groups" field for every object in reply. - type: bool -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-service-tcp - cp_mgmt_service_tcp_facts: - name: https - -- name: show-services-tcp - cp_mgmt_service_tcp_facts: - details_level: standard - limit: 10 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )), - show_membership=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "service-tcp" - api_call_object_plural_version = "services-tcp" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_service_udp.py b/lib/ansible/modules/network/check_point/cp_mgmt_service_udp.py deleted file mode 100644 index 0e5b933600..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_service_udp.py +++ /dev/null @@ -1,236 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_service_udp -short_description: Manages service-udp objects on Check Point over Web Services API -description: - - Manages service-udp objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - accept_replies: - description: - - N/A - type: bool - aggressive_aging: - description: - - Sets short (aggressive) timeouts for idle connections. - type: dict - suboptions: - default_timeout: - description: - - Default aggressive aging timeout in seconds. - type: int - enable: - description: - - N/A - type: bool - timeout: - description: - - Aggressive aging timeout in seconds. - type: int - use_default_timeout: - description: - - N/A - type: bool - keep_connections_open_after_policy_installation: - description: - - Keep connections open after policy has been installed even if they are not allowed under the new policy. This overrides the settings in the - Connection Persistence page. If you change this property, the change will not affect open connections, but only future connections. - type: bool - match_by_protocol_signature: - description: - - A value of true enables matching by the selected protocol's signature - the signature identifies the protocol as genuine. Select this option - to limit the port to the specified protocol. If the selected protocol does not support matching by signature, this field cannot be set to true. - type: bool - match_for_any: - description: - - Indicates whether this service is used when 'Any' is set as the rule's service and there are several service objects with the same source port - and protocol. - type: bool - override_default_settings: - description: - - Indicates whether this service is a Data Domain service which has been overridden. - type: bool - port: - description: - - The number of the port used to provide this service. To specify a port range, place a hyphen between the lowest and highest port numbers, for - example 44-55. - type: str - protocol: - description: - - Select the protocol type associated with the service, and by implication, the management server (if any) that enforces Content Security and - Authentication for the service. Selecting a Protocol Type invokes the specific protocol handlers for each protocol type, thus enabling higher level of - security by parsing the protocol, and higher level of connectivity by tracking dynamic actions (such as opening of ports). - type: str - session_timeout: - description: - - Time (in seconds) before the session times out. - type: int - source_port: - description: - - Port number for the client side service. If specified, only those Source port Numbers will be Accepted, Dropped, or Rejected during packet - inspection. Otherwise, the source port is not inspected. - type: str - sync_connections_on_cluster: - description: - - Enables state-synchronized High Availability or Load Sharing on a ClusterXL or OPSEC-certified cluster. - type: bool - tags: - description: - - Collection of tag identifiers. - type: list - use_default_session_timeout: - description: - - Use default virtual session timeout. - type: bool - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - groups: - description: - - Collection of group identifiers. - type: list - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-service-udp - cp_mgmt_service_udp: - accept_replies: false - aggressive_aging: - enable: true - timeout: 360 - use_default_timeout: false - keep_connections_open_after_policy_installation: false - match_for_any: true - name: New_UDP_Service_1 - port: 5669 - session_timeout: 0 - state: present - sync_connections_on_cluster: true - -- name: set-service-udp - cp_mgmt_service_udp: - accept_replies: true - aggressive_aging: - default_timeout: 3600 - color: green - name: New_UDP_Service_1 - port: 5656 - state: present - -- name: delete-service-udp - cp_mgmt_service_udp: - name: New_UDP_Service_2 - state: absent -""" - -RETURN = """ -cp_mgmt_service_udp: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - accept_replies=dict(type='bool'), - aggressive_aging=dict(type='dict', options=dict( - default_timeout=dict(type='int'), - enable=dict(type='bool'), - timeout=dict(type='int'), - use_default_timeout=dict(type='bool') - )), - keep_connections_open_after_policy_installation=dict(type='bool'), - match_by_protocol_signature=dict(type='bool'), - match_for_any=dict(type='bool'), - override_default_settings=dict(type='bool'), - port=dict(type='str'), - protocol=dict(type='str'), - session_timeout=dict(type='int'), - source_port=dict(type='str'), - sync_connections_on_cluster=dict(type='bool'), - tags=dict(type='list'), - use_default_session_timeout=dict(type='bool'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - groups=dict(type='list'), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'service-udp' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_service_udp_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_service_udp_facts.py deleted file mode 100644 index 92107bbac1..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_service_udp_facts.py +++ /dev/null @@ -1,131 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_service_udp_facts -short_description: Get service-udp objects facts on Check Point over Web Services API -description: - - Get service-udp objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] - show_membership: - description: - - Indicates whether to calculate and show "groups" field for every object in reply. - type: bool -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-service-udp - cp_mgmt_service_udp_facts: - name: bootp - -- name: show-services-udp - cp_mgmt_service_udp_facts: - details_level: standard - limit: 10 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )), - show_membership=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "service-udp" - api_call_object_plural_version = "services-udp" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_session_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_session_facts.py deleted file mode 100644 index 39601e1bd2..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_session_facts.py +++ /dev/null @@ -1,124 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_session_facts -short_description: Get session objects facts on Check Point over Web Services API -description: - - Get session objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the descending order by the session publish time. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] - view_published_sessions: - description: - - Show a list of published sessions. - type: bool - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-session - cp_mgmt_session_facts: - -- name: show-sessions - cp_mgmt_session_facts: - details_level: standard - limit: 50 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )), - view_published_sessions=dict(type='bool'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']) - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "session" - api_call_object_plural_version = "sessions" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_simple_gateway.py b/lib/ansible/modules/network/check_point/cp_mgmt_simple_gateway.py deleted file mode 100644 index 1a5dbfab6e..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_simple_gateway.py +++ /dev/null @@ -1,630 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_simple_gateway -short_description: Manages simple-gateway objects on Check Point over Web Services API -description: - - Manages simple-gateway objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - ip_address: - description: - - IPv4 or IPv6 address. If both addresses are required use ipv4-address and ipv6-address fields explicitly. - type: str - ipv4_address: - description: - - IPv4 address. - type: str - ipv6_address: - description: - - IPv6 address. - type: str - anti_bot: - description: - - Anti-Bot blade enabled. - type: bool - anti_virus: - description: - - Anti-Virus blade enabled. - type: bool - application_control: - description: - - Application Control blade enabled. - type: bool - content_awareness: - description: - - Content Awareness blade enabled. - type: bool - firewall: - description: - - Firewall blade enabled. - type: bool - firewall_settings: - description: - - N/A - type: dict - suboptions: - auto_calculate_connections_hash_table_size_and_memory_pool: - description: - - N/A - type: bool - auto_maximum_limit_for_concurrent_connections: - description: - - N/A - type: bool - connections_hash_size: - description: - - N/A - type: int - maximum_limit_for_concurrent_connections: - description: - - N/A - type: int - maximum_memory_pool_size: - description: - - N/A - type: int - memory_pool_size: - description: - - N/A - type: int - interfaces: - description: - - Network interfaces. When a gateway is updated with a new interfaces, the existing interfaces are removed. - type: list - suboptions: - name: - description: - - Object name. - type: str - anti_spoofing: - description: - - N/A - type: bool - anti_spoofing_settings: - description: - - N/A - type: dict - suboptions: - action: - description: - - If packets will be rejected (the Prevent option) or whether the packets will be monitored (the Detect option). - type: str - choices: ['prevent', 'detect'] - ip_address: - description: - - IPv4 or IPv6 address. If both addresses are required use ipv4-address and ipv6-address fields explicitly. - type: str - ipv4_address: - description: - - IPv4 address. - type: str - ipv6_address: - description: - - IPv6 address. - type: str - network_mask: - description: - - IPv4 or IPv6 network mask. If both masks are required use ipv4-network-mask and ipv6-network-mask fields explicitly. Instead of - providing mask itself it is possible to specify IPv4 or IPv6 mask length in mask-length field. If both masks length are required use - ipv4-mask-length and ipv6-mask-length fields explicitly. - type: str - ipv4_network_mask: - description: - - IPv4 network address. - type: str - ipv6_network_mask: - description: - - IPv6 network address. - type: str - mask_length: - description: - - IPv4 or IPv6 network mask length. - type: str - ipv4_mask_length: - description: - - IPv4 network mask length. - type: str - ipv6_mask_length: - description: - - IPv6 network mask length. - type: str - security_zone: - description: - - N/A - type: bool - security_zone_settings: - description: - - N/A - type: dict - suboptions: - auto_calculated: - description: - - Security Zone is calculated according to where the interface leads to. - type: bool - specific_zone: - description: - - Security Zone specified manually. - type: str - tags: - description: - - Collection of tag identifiers. - type: list - topology: - description: - - N/A - type: str - choices: ['automatic', 'external', 'internal'] - topology_settings: - description: - - N/A - type: dict - suboptions: - interface_leads_to_dmz: - description: - - Whether this interface leads to demilitarized zone (perimeter network). - type: bool - ip_address_behind_this_interface: - description: - - N/A - type: str - choices: ['not defined', 'network defined by the interface ip and net mask', 'network defined by routing', 'specific'] - specific_network: - description: - - Network behind this interface. - type: str - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', - 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', - 'light green', 'lemon chiffon', 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', - 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool - ips: - description: - - Intrusion Prevention System blade enabled. - type: bool - logs_settings: - description: - - N/A - type: dict - suboptions: - alert_when_free_disk_space_below: - description: - - N/A - type: bool - alert_when_free_disk_space_below_threshold: - description: - - N/A - type: int - alert_when_free_disk_space_below_type: - description: - - N/A - type: str - choices: ['none', 'log', 'popup alert', 'mail alert', 'snmp trap alert', 'user defined alert no.1', 'user defined alert no.2', - 'user defined alert no.3'] - before_delete_keep_logs_from_the_last_days: - description: - - N/A - type: bool - before_delete_keep_logs_from_the_last_days_threshold: - description: - - N/A - type: int - before_delete_run_script: - description: - - N/A - type: bool - before_delete_run_script_command: - description: - - N/A - type: str - delete_index_files_older_than_days: - description: - - N/A - type: bool - delete_index_files_older_than_days_threshold: - description: - - N/A - type: int - delete_index_files_when_index_size_above: - description: - - N/A - type: bool - delete_index_files_when_index_size_above_threshold: - description: - - N/A - type: int - delete_when_free_disk_space_below: - description: - - N/A - type: bool - delete_when_free_disk_space_below_threshold: - description: - - N/A - type: int - detect_new_citrix_ica_application_names: - description: - - N/A - type: bool - forward_logs_to_log_server: - description: - - N/A - type: bool - forward_logs_to_log_server_name: - description: - - N/A - type: str - forward_logs_to_log_server_schedule_name: - description: - - N/A - type: str - free_disk_space_metrics: - description: - - N/A - type: str - choices: ['mbytes', 'percent'] - perform_log_rotate_before_log_forwarding: - description: - - N/A - type: bool - reject_connections_when_free_disk_space_below_threshold: - description: - - N/A - type: bool - reserve_for_packet_capture_metrics: - description: - - N/A - type: str - choices: ['percent', 'mbytes'] - reserve_for_packet_capture_threshold: - description: - - N/A - type: int - rotate_log_by_file_size: - description: - - N/A - type: bool - rotate_log_file_size_threshold: - description: - - N/A - type: int - rotate_log_on_schedule: - description: - - N/A - type: bool - rotate_log_schedule_name: - description: - - N/A - type: str - stop_logging_when_free_disk_space_below: - description: - - N/A - type: bool - stop_logging_when_free_disk_space_below_threshold: - description: - - N/A - type: int - turn_on_qos_logging: - description: - - N/A - type: bool - update_account_log_every: - description: - - N/A - type: int - one_time_password: - description: - - N/A - type: str - os_name: - description: - - Gateway platform operating system. - type: str - save_logs_locally: - description: - - Save logs locally on the gateway. - type: bool - send_alerts_to_server: - description: - - Server(s) to send alerts to. - type: list - send_logs_to_backup_server: - description: - - Backup server(s) to send logs to. - type: list - send_logs_to_server: - description: - - Server(s) to send logs to. - type: list - tags: - description: - - Collection of tag identifiers. - type: list - threat_emulation: - description: - - Threat Emulation blade enabled. - type: bool - threat_extraction: - description: - - Threat Extraction blade enabled. - type: bool - url_filtering: - description: - - URL Filtering blade enabled. - type: bool - version: - description: - - Gateway platform version. - type: str - vpn: - description: - - VPN blade enabled. - type: bool - vpn_settings: - description: - - Gateway VPN settings. - type: dict - suboptions: - maximum_concurrent_ike_negotiations: - description: - - N/A - type: int - maximum_concurrent_tunnels: - description: - - N/A - type: int - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - groups: - description: - - Collection of group identifiers. - type: list - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-simple-gateway - cp_mgmt_simple_gateway: - ip_address: 192.0.2.1 - name: gw1 - state: present - -- name: set-simple-gateway - cp_mgmt_simple_gateway: - anti_bot: true - anti_virus: true - application_control: true - ips: true - name: test_gateway - state: present - threat_emulation: true - url_filtering: true - -- name: delete-simple-gateway - cp_mgmt_simple_gateway: - name: gw1 - state: absent -""" - -RETURN = """ -cp_mgmt_simple_gateway: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - ip_address=dict(type='str'), - ipv4_address=dict(type='str'), - ipv6_address=dict(type='str'), - anti_bot=dict(type='bool'), - anti_virus=dict(type='bool'), - application_control=dict(type='bool'), - content_awareness=dict(type='bool'), - firewall=dict(type='bool'), - firewall_settings=dict(type='dict', options=dict( - auto_calculate_connections_hash_table_size_and_memory_pool=dict(type='bool'), - auto_maximum_limit_for_concurrent_connections=dict(type='bool'), - connections_hash_size=dict(type='int'), - maximum_limit_for_concurrent_connections=dict(type='int'), - maximum_memory_pool_size=dict(type='int'), - memory_pool_size=dict(type='int') - )), - interfaces=dict(type='list', options=dict( - name=dict(type='str'), - anti_spoofing=dict(type='bool'), - anti_spoofing_settings=dict(type='dict', options=dict( - action=dict(type='str', choices=['prevent', 'detect']) - )), - ip_address=dict(type='str'), - ipv4_address=dict(type='str'), - ipv6_address=dict(type='str'), - network_mask=dict(type='str'), - ipv4_network_mask=dict(type='str'), - ipv6_network_mask=dict(type='str'), - mask_length=dict(type='str'), - ipv4_mask_length=dict(type='str'), - ipv6_mask_length=dict(type='str'), - security_zone=dict(type='bool'), - security_zone_settings=dict(type='dict', options=dict( - auto_calculated=dict(type='bool'), - specific_zone=dict(type='str') - )), - tags=dict(type='list'), - topology=dict(type='str', choices=['automatic', 'external', 'internal']), - topology_settings=dict(type='dict', options=dict( - interface_leads_to_dmz=dict(type='bool'), - ip_address_behind_this_interface=dict(type='str', choices=['not defined', 'network defined by the interface ip and net mask', - 'network defined by routing', 'specific']), - specific_network=dict(type='str') - )), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', - 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', - 'firebrick', - 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', - 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', - 'red', - 'sienna', 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - )), - ips=dict(type='bool'), - logs_settings=dict(type='dict', options=dict( - alert_when_free_disk_space_below=dict(type='bool'), - alert_when_free_disk_space_below_threshold=dict(type='int'), - alert_when_free_disk_space_below_type=dict(type='str', choices=['none', - 'log', 'popup alert', 'mail alert', 'snmp trap alert', - 'user defined alert no.1', - 'user defined alert no.2', 'user defined alert no.3']), - before_delete_keep_logs_from_the_last_days=dict(type='bool'), - before_delete_keep_logs_from_the_last_days_threshold=dict(type='int'), - before_delete_run_script=dict(type='bool'), - before_delete_run_script_command=dict(type='str'), - delete_index_files_older_than_days=dict(type='bool'), - delete_index_files_older_than_days_threshold=dict(type='int'), - delete_index_files_when_index_size_above=dict(type='bool'), - delete_index_files_when_index_size_above_threshold=dict(type='int'), - delete_when_free_disk_space_below=dict(type='bool'), - delete_when_free_disk_space_below_threshold=dict(type='int'), - detect_new_citrix_ica_application_names=dict(type='bool'), - forward_logs_to_log_server=dict(type='bool'), - forward_logs_to_log_server_name=dict(type='str'), - forward_logs_to_log_server_schedule_name=dict(type='str'), - free_disk_space_metrics=dict(type='str', choices=['mbytes', 'percent']), - perform_log_rotate_before_log_forwarding=dict(type='bool'), - reject_connections_when_free_disk_space_below_threshold=dict(type='bool'), - reserve_for_packet_capture_metrics=dict(type='str', choices=['percent', 'mbytes']), - reserve_for_packet_capture_threshold=dict(type='int'), - rotate_log_by_file_size=dict(type='bool'), - rotate_log_file_size_threshold=dict(type='int'), - rotate_log_on_schedule=dict(type='bool'), - rotate_log_schedule_name=dict(type='str'), - stop_logging_when_free_disk_space_below=dict(type='bool'), - stop_logging_when_free_disk_space_below_threshold=dict(type='int'), - turn_on_qos_logging=dict(type='bool'), - update_account_log_every=dict(type='int') - )), - one_time_password=dict(type='str'), - os_name=dict(type='str'), - save_logs_locally=dict(type='bool'), - send_alerts_to_server=dict(type='list'), - send_logs_to_backup_server=dict(type='list'), - send_logs_to_server=dict(type='list'), - tags=dict(type='list'), - threat_emulation=dict(type='bool'), - threat_extraction=dict(type='bool'), - url_filtering=dict(type='bool'), - version=dict(type='str'), - vpn=dict(type='bool'), - vpn_settings=dict(type='dict', options=dict( - maximum_concurrent_ike_negotiations=dict(type='int'), - maximum_concurrent_tunnels=dict(type='int') - )), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', - 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - groups=dict(type='list'), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'simple-gateway' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_simple_gateway_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_simple_gateway_facts.py deleted file mode 100644 index d439ab7fb4..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_simple_gateway_facts.py +++ /dev/null @@ -1,131 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_simple_gateway_facts -short_description: Get simple-gateway objects facts on Check Point over Web Services API -description: - - Get simple-gateway objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] - show_membership: - description: - - Indicates whether to calculate and show "groups" field for every object in reply. - type: bool -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-simple-gateway - cp_mgmt_simple_gateway_facts: - name: gw1 - -- name: show-simple-gateways - cp_mgmt_simple_gateway_facts: - details_level: standard - limit: 50 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )), - show_membership=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "simple-gateway" - api_call_object_plural_version = "simple-gateways" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_tag.py b/lib/ansible/modules/network/check_point/cp_mgmt_tag.py deleted file mode 100644 index e3a17e1fd5..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_tag.py +++ /dev/null @@ -1,125 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_tag -short_description: Manages tag objects on Check Point over Web Services API -description: - - Manages tag objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - tags: - description: - - Collection of tag identifiers. - type: list - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-tag - cp_mgmt_tag: - name: My New Tag1 - state: present - tags: - - tag1 - - tag2 - -- name: delete-tag - cp_mgmt_tag: - name: My New Tag1 - state: absent -""" - -RETURN = """ -cp_mgmt_tag: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - tags=dict(type='list'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'tag' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_tag_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_tag_facts.py deleted file mode 100644 index d695a8830c..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_tag_facts.py +++ /dev/null @@ -1,123 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_tag_facts -short_description: Get tag objects facts on Check Point over Web Services API -description: - - Get tag objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-tag - cp_mgmt_tag_facts: - name: f96b37ec-e22e-4945-8bbf-d37b117914e0 - -- name: show-tags - cp_mgmt_tag_facts: -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )) - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "tag" - api_call_object_plural_version = "tags" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_threat_exception.py b/lib/ansible/modules/network/check_point/cp_mgmt_threat_exception.py deleted file mode 100644 index 0e1de976f4..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_threat_exception.py +++ /dev/null @@ -1,213 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_threat_exception -short_description: Manages threat-exception objects on Check Point over Web Services API -description: - - Manages threat-exception objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - The name of the exception. - type: str - required: True - position: - description: - - Position in the rulebase. - type: str - exception_group_uid: - description: - - The UID of the exception-group. - type: str - exception_group_name: - description: - - The name of the exception-group. - type: str - layer: - description: - - Layer that the rule belongs to identified by the name or UID. - type: str - rule_name: - description: - - The name of the parent rule. - type: str - action: - description: - - Action-the enforced profile. - type: str - destination: - description: - - Collection of Network objects identified by the name or UID. - type: list - destination_negate: - description: - - True if negate is set for destination. - type: bool - enabled: - description: - - Enable/Disable the rule. - type: bool - install_on: - description: - - Which Gateways identified by the name or UID to install the policy on. - type: list - protected_scope: - description: - - Collection of objects defining Protected Scope identified by the name or UID. - type: list - protected_scope_negate: - description: - - True if negate is set for Protected Scope. - type: bool - protection_or_site: - description: - - Name of the protection or site. - type: list - service: - description: - - Collection of Network objects identified by the name or UID. - type: list - service_negate: - description: - - True if negate is set for Service. - type: bool - source: - description: - - Collection of Network objects identified by the name or UID. - type: list - source_negate: - description: - - True if negate is set for source. - type: bool - track: - description: - - Packet tracking. - type: str - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-threat-exception - cp_mgmt_threat_exception: - layer: New Layer 1 - name: Exception Rule - position: 1 - protected_scope: All_Internet - rule_name: Threat Rule 1 - state: present - track: Log - -- name: set-threat-exception - cp_mgmt_threat_exception: - layer: New Layer 1 - name: Exception Rule - rule_name: Threat Rule 1 - state: present - -- name: delete-threat-exception - cp_mgmt_threat_exception: - name: Exception Rule - layer: New Layer 1 - rule_name: Threat Rule 1 - state: absent -""" - -RETURN = """ -cp_mgmt_threat_exception: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call, api_call_for_rule - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - position=dict(type='str'), - exception_group_uid=dict(type='str'), - exception_group_name=dict(type='str'), - layer=dict(type='str'), - rule_name=dict(type='str'), - action=dict(type='str'), - destination=dict(type='list'), - destination_negate=dict(type='bool'), - enabled=dict(type='bool'), - install_on=dict(type='list'), - protected_scope=dict(type='list'), - protected_scope_negate=dict(type='bool'), - protection_or_site=dict(type='list'), - service=dict(type='list'), - service_negate=dict(type='bool'), - source=dict(type='list'), - source_negate=dict(type='bool'), - track=dict(type='str'), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'threat-exception' - - if module.params['position'] is None: - result = api_call(module, api_call_object) - else: - result = api_call_for_rule(module, api_call_object) - - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_threat_exception_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_threat_exception_facts.py deleted file mode 100644 index 630a97edca..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_threat_exception_facts.py +++ /dev/null @@ -1,222 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_threat_exception_facts -short_description: Get threat-exception objects facts on Check Point over Web Services API -description: - - Get threat-exception objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - The name of the layer containing the parent threat rule. - This parameter is relevant only for getting few objects. - type: str - exception_group_uid: - description: - - The UID of the exception-group. - type: str - exception_group_name: - description: - - The name of the exception-group. - type: str - layer: - description: - - Layer that the rule belongs to identified by the name or UID. - type: str - rule_name: - description: - - The name of the parent rule. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - filter: - description: - - Search expression to filter the rulebase. The provided text should be exactly the same as it would be given in Smart Console. The logical - operators in the expression ('AND', 'OR') should be provided in capital letters. If an operator is not used, the default OR operator applies. - type: str - filter_settings: - description: - - Sets filter preferences. - type: dict - suboptions: - search_mode: - description: - - When set to 'general', both the Full Text Search and Packet Search are enabled. In this mode, Packet Search will not match on 'Any' - object, a negated cell or a group-with-exclusion. When the search-mode is set to 'packet', by default, the match on 'Any' object, a negated cell - or a group-with-exclusion are enabled. packet-search-settings may be provided to change the default behavior. - type: str - choices: ['general', 'packet'] - packet_search_settings: - description: - - When 'search-mode' is set to 'packet', this object allows to set the packet search preferences. - type: dict - suboptions: - expand_group_members: - description: - - When true, if the search expression contains a UID or a name of a group object, results will include rules that match on at - least one member of the group. - type: bool - expand_group_with_exclusion_members: - description: - - When true, if the search expression contains a UID or a name of a group-with-exclusion object, results will include rules that - match at least one member of the "include" part and is not a member of the "except" part. - type: bool - match_on_any: - description: - - Whether to match on 'Any' object. - type: bool - match_on_group_with_exclusion: - description: - - Whether to match on a group-with-exclusion. - type: bool - match_on_negate: - description: - - Whether to match on a negated cell. - type: bool - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] - package: - description: - - Name of the package. - type: str - use_object_dictionary: - description: - - N/A - type: bool - dereference_group_members: - description: - - Indicates whether to dereference "members" field by details level for every object in reply. - type: bool - show_membership: - description: - - Indicates whether to calculate and show "groups" field for every object in reply. - type: bool -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-threat-exception - cp_mgmt_threat_exception_facts: - name: Exception Rule - layer: New Layer 1 - rule_name: Threat Rule 1 - -- name: show-threat-rule-exception-rulebase - cp_mgmt_threat_exception_facts: - name: Standard Threat Prevention - rule_name: Threat Rule 1 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - exception_group_uid=dict(type='str'), - exception_group_name=dict(type='str'), - layer=dict(type='str'), - rule_name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - filter=dict(type='str'), - filter_settings=dict(type='dict', options=dict( - search_mode=dict(type='str', choices=['general', 'packet']), - packet_search_settings=dict(type='dict', options=dict( - expand_group_members=dict(type='bool'), - expand_group_with_exclusion_members=dict(type='bool'), - match_on_any=dict(type='bool'), - match_on_group_with_exclusion=dict(type='bool'), - match_on_negate=dict(type='bool') - )) - )), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )), - package=dict(type='str'), - use_object_dictionary=dict(type='bool'), - dereference_group_members=dict(type='bool'), - show_membership=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "threat-exception" - api_call_object_plural_version = "threat-rule-exception-rulebase" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_threat_indicator.py b/lib/ansible/modules/network/check_point/cp_mgmt_threat_indicator.py deleted file mode 100644 index 489d6b15cf..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_threat_indicator.py +++ /dev/null @@ -1,271 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_threat_indicator -short_description: Manages threat-indicator objects on Check Point over Web Services API -description: - - Manages threat-indicator objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - observables: - description: - - The indicator's observables. - type: list - suboptions: - name: - description: - - Object name. Should be unique in the domain. - type: str - md5: - description: - - A valid MD5 sequence. - type: str - url: - description: - - A valid URL. - type: str - ip_address: - description: - - A valid IP-Address. - type: str - ip_address_first: - description: - - A valid IP-Address, the beginning of the range. If you configure this parameter with a value, you must also configure the value of the - 'ip-address-last' parameter. - type: str - ip_address_last: - description: - - A valid IP-Address, the end of the range. If you configure this parameter with a value, you must also configure the value of the - 'ip-address-first' parameter. - type: str - domain: - description: - - The name of a domain. - type: str - mail_to: - description: - - A valid E-Mail address, recipient filed. - type: str - mail_from: - description: - - A valid E-Mail address, sender field. - type: str - mail_cc: - description: - - A valid E-Mail address, cc field. - type: str - mail_reply_to: - description: - - A valid E-Mail address, reply-to field. - type: str - mail_subject: - description: - - Subject of E-Mail. - type: str - confidence: - description: - - The confidence level the indicator has that a real threat has been uncovered. - type: str - choices: ['low', 'medium', 'high', 'critical'] - product: - description: - - The software blade that processes the observable, AV - AntiVirus, AB - AntiBot. - type: str - choices: ['AV', 'AB'] - severity: - description: - - The severity level of the threat. - type: str - choices: ['low', 'medium', 'high', 'critical'] - comments: - description: - - Comments string. - type: str - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool - observables_raw_data: - description: - - The contents of a file containing the indicator's observables. - type: str - action: - description: - - The indicator's action. - type: str - choices: ['Inactive', 'Ask', 'Prevent', 'Detect'] - profile_overrides: - description: - - Profiles in which to override the indicator's default action. - type: list - suboptions: - action: - description: - - The indicator's action in this profile. - type: str - choices: ['Inactive', 'Ask', 'Prevent', 'Detect'] - profile: - description: - - The profile in which to override the indicator's action. - type: str - tags: - description: - - Collection of tag identifiers. - type: list - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-threat-indicator - cp_mgmt_threat_indicator: - action: ask - ignore_warnings: true - name: My_Indicator - observables: - - confidence: medium - mail_to: someone@somewhere.com - name: My_Observable - product: AV - severity: low - profile_overrides: - - action: detect - profile: My_Profile - state: present - -- name: set-threat-indicator - cp_mgmt_threat_indicator: - action: prevent - ignore_warnings: true - name: My_Indicator - state: present - -- name: delete-threat-indicator - cp_mgmt_threat_indicator: - name: My_Indicator - state: absent -""" - -RETURN = """ -cp_mgmt_threat_indicator: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - observables=dict(type='list', options=dict( - name=dict(type='str'), - md5=dict(type='str'), - url=dict(type='str'), - ip_address=dict(type='str'), - ip_address_first=dict(type='str'), - ip_address_last=dict(type='str'), - domain=dict(type='str'), - mail_to=dict(type='str'), - mail_from=dict(type='str'), - mail_cc=dict(type='str'), - mail_reply_to=dict(type='str'), - mail_subject=dict(type='str'), - confidence=dict(type='str', choices=['low', 'medium', 'high', 'critical']), - product=dict(type='str', choices=['AV', 'AB']), - severity=dict(type='str', choices=['low', 'medium', 'high', 'critical']), - comments=dict(type='str'), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - )), - observables_raw_data=dict(type='str'), - action=dict(type='str', choices=['Inactive', 'Ask', 'Prevent', 'Detect']), - profile_overrides=dict(type='list', options=dict( - action=dict(type='str', choices=['Inactive', 'Ask', 'Prevent', 'Detect']), - profile=dict(type='str') - )), - tags=dict(type='list'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'threat-indicator' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_threat_indicator_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_threat_indicator_facts.py deleted file mode 100644 index 5a6f817fd7..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_threat_indicator_facts.py +++ /dev/null @@ -1,123 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_threat_indicator_facts -short_description: Get threat-indicator objects facts on Check Point over Web Services API -description: - - Get threat-indicator objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-threat-indicator - cp_mgmt_threat_indicator_facts: - name: My_Indicator - -- name: show-threat-indicators - cp_mgmt_threat_indicator_facts: -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )) - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "threat-indicator" - api_call_object_plural_version = "threat-indicators" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_threat_layer.py b/lib/ansible/modules/network/check_point/cp_mgmt_threat_layer.py deleted file mode 100644 index 45f6bd0e28..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_threat_layer.py +++ /dev/null @@ -1,127 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_threat_layer -short_description: Manages threat-layer objects on Check Point over Web Services API -description: - - Manages threat-layer objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - add_default_rule: - description: - - Indicates whether to include a default rule in the new layer. - type: bool - tags: - description: - - Collection of tag identifiers. - type: list - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-threat-layer - cp_mgmt_threat_layer: - name: New Layer 1 - state: present - -- name: delete-threat-layer - cp_mgmt_threat_layer: - name: New Layer 2 - state: absent -""" - -RETURN = """ -cp_mgmt_threat_layer: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - add_default_rule=dict(type='bool'), - tags=dict(type='list'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'threat-layer' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_threat_layer_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_threat_layer_facts.py deleted file mode 100644 index d3ab5c1e95..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_threat_layer_facts.py +++ /dev/null @@ -1,126 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_threat_layer_facts -short_description: Get threat-layer objects facts on Check Point over Web Services API -description: - - Get threat-layer objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-threat-layer - cp_mgmt_threat_layer_facts: - name: New Layer 1 - -- name: show-threat-layers - cp_mgmt_threat_layer_facts: - details_level: standard - limit: 50 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )) - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "threat-layer" - api_call_object_plural_version = "threat-layers" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_threat_profile.py b/lib/ansible/modules/network/check_point/cp_mgmt_threat_profile.py deleted file mode 100644 index 835b06fd5d..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_threat_profile.py +++ /dev/null @@ -1,400 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_threat_profile -short_description: Manages threat-profile objects on Check Point over Web Services API -description: - - Manages threat-profile objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - active_protections_performance_impact: - description: - - Protections with this performance impact only will be activated in the profile. - type: str - choices: ['high', 'medium', 'low', 'very_low'] - active_protections_severity: - description: - - Protections with this severity only will be activated in the profile. - type: str - choices: ['Critical', 'High', 'Medium or above', 'Low or above'] - confidence_level_high: - description: - - Action for protections with high confidence level. - type: str - choices: ['Inactive', 'Ask', 'Prevent', 'Detect'] - confidence_level_low: - description: - - Action for protections with low confidence level. - type: str - choices: ['Inactive', 'Ask', 'Prevent', 'Detect'] - confidence_level_medium: - description: - - Action for protections with medium confidence level. - type: str - choices: ['Inactive', 'Ask', 'Prevent', 'Detect'] - indicator_overrides: - description: - - Indicators whose action will be overridden in this profile. - type: list - suboptions: - action: - description: - - The indicator's action in this profile. - type: str - choices: ['Inactive', 'Ask', 'Prevent', 'Detect'] - indicator: - description: - - The indicator whose action is to be overridden. - type: str - ips_settings: - description: - - IPS blade settings. - type: dict - suboptions: - exclude_protection_with_performance_impact: - description: - - Whether to exclude protections depending on their level of performance impact. - type: bool - exclude_protection_with_performance_impact_mode: - description: - - Exclude protections with this level of performance impact. - type: str - choices: ['very low', 'low or lower', 'medium or lower', 'high or lower'] - exclude_protection_with_severity: - description: - - Whether to exclude protections depending on their level of severity. - type: bool - exclude_protection_with_severity_mode: - description: - - Exclude protections with this level of severity. - type: str - choices: ['low or above', 'medium or above', 'high or above', 'critical'] - newly_updated_protections: - description: - - Activation of newly updated protections. - type: str - choices: ['active', 'inactive', 'staging'] - malicious_mail_policy_settings: - description: - - Malicious Mail Policy for MTA Gateways. - type: dict - suboptions: - add_customized_text_to_email_body: - description: - - Add customized text to the malicious email body. - type: bool - add_email_subject_prefix: - description: - - Add a prefix to the malicious email subject. - type: bool - add_x_header_to_email: - description: - - Add an X-Header to the malicious email. - type: bool - email_action: - description: - - Block - block the entire malicious email<br>Allow - pass the malicious email and apply email changes (like, remove attachments and - links, add x-header, etc...). - type: str - choices: ['allow', 'block'] - email_body_customized_text: - description: - - Customized text for the malicious email body.<br> Available predefined fields,<br> $verdicts$ - the malicious/error attachments/links verdict. - type: str - email_subject_prefix_text: - description: - - Prefix for the malicious email subject. - type: str - failed_to_scan_attachments_text: - description: - - Replace attachments that failed to be scanned with this text.<br> Available predefined fields,<br> $filename$ - the malicious file - name.<br> $md5$ - MD5 of the malicious file. - type: str - malicious_attachments_text: - description: - - Replace malicious attachments with this text.<br> Available predefined fields,<br> $filename$ - the malicious file name.<br> $md5$ - - MD5 of the malicious file. - type: str - malicious_links_text: - description: - - Replace malicious links with this text.<br> Available predefined fields,<br> $neutralized_url$ - neutralized malicious link. - type: str - remove_attachments_and_links: - description: - - Remove attachments and links from the malicious email. - type: bool - send_copy: - description: - - Send a copy of the malicious email to the recipient list. - type: bool - send_copy_list: - description: - - Recipient list to send a copy of the malicious email. - type: list - overrides: - description: - - Overrides per profile for this protection. - type: list - suboptions: - action: - description: - - Protection action. - type: str - choices: ['Threat Cloud: Inactive', 'Detect', 'Prevent <br> Core: Drop', 'Inactive', 'Accept'] - protection: - description: - - IPS protection identified by name or UID. - type: str - capture_packets: - description: - - Capture packets. - type: bool - track: - description: - - Tracking method for protection. - type: str - choices: ['none', 'log', 'alert', 'mail', 'snmp trap', 'user alert', 'user alert 1', 'user alert 2'] - tags: - description: - - Collection of tag identifiers. - type: list - use_indicators: - description: - - Indicates whether the profile should make use of indicators. - type: bool - anti_bot: - description: - - Is Anti-Bot blade activated. - type: bool - anti_virus: - description: - - Is Anti-Virus blade activated. - type: bool - ips: - description: - - Is IPS blade activated. - type: bool - threat_emulation: - description: - - Is Threat Emulation blade activated. - type: bool - activate_protections_by_extended_attributes: - description: - - Activate protections by these extended attributes. - type: list - suboptions: - name: - description: - - IPS tag name. - type: str - category: - description: - - IPS tag category name. - type: str - deactivate_protections_by_extended_attributes: - description: - - Deactivate protections by these extended attributes. - type: list - suboptions: - name: - description: - - IPS tag name. - type: str - category: - description: - - IPS tag category name. - type: str - use_extended_attributes: - description: - - Whether to activate/deactivate IPS protections according to the extended attributes. - type: bool - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-threat-profile - cp_mgmt_threat_profile: - active_protections_performance_impact: low - active_protections_severity: low or above - anti_bot: true - anti_virus: true - confidence_level_high: prevent - confidence_level_medium: prevent - ips: true - ips_settings: - exclude_protection_with_performance_impact: true - exclude_protection_with_performance_impact_mode: high or lower - newly_updated_protections: staging - name: New Profile 1 - state: present - threat_emulation: true - -- name: set-threat-profile - cp_mgmt_threat_profile: - active_protections_performance_impact: low - active_protections_severity: low or above - anti_bot: true - anti_virus: false - comments: update recommended profile - confidence_level_high: prevent - confidence_level_low: prevent - confidence_level_medium: prevent - ips: false - ips_settings: - exclude_protection_with_performance_impact: true - exclude_protection_with_performance_impact_mode: high or lower - newly_updated_protections: active - name: New Profile 1 - state: present - threat_emulation: true - -- name: delete-threat-profile - cp_mgmt_threat_profile: - name: New Profile 1 - state: absent -""" - -RETURN = """ -cp_mgmt_threat_profile: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - active_protections_performance_impact=dict(type='str', choices=['high', 'medium', 'low', 'very_low']), - active_protections_severity=dict(type='str', choices=['Critical', 'High', 'Medium or above', 'Low or above']), - confidence_level_high=dict(type='str', choices=['Inactive', 'Ask', 'Prevent', 'Detect']), - confidence_level_low=dict(type='str', choices=['Inactive', 'Ask', 'Prevent', 'Detect']), - confidence_level_medium=dict(type='str', choices=['Inactive', 'Ask', 'Prevent', 'Detect']), - indicator_overrides=dict(type='list', options=dict( - action=dict(type='str', choices=['Inactive', 'Ask', 'Prevent', 'Detect']), - indicator=dict(type='str') - )), - ips_settings=dict(type='dict', options=dict( - exclude_protection_with_performance_impact=dict(type='bool'), - exclude_protection_with_performance_impact_mode=dict(type='str', choices=['very low', 'low or lower', 'medium or lower', 'high or lower']), - exclude_protection_with_severity=dict(type='bool'), - exclude_protection_with_severity_mode=dict(type='str', choices=['low or above', 'medium or above', 'high or above', 'critical']), - newly_updated_protections=dict(type='str', choices=['active', 'inactive', 'staging']) - )), - malicious_mail_policy_settings=dict(type='dict', options=dict( - add_customized_text_to_email_body=dict(type='bool'), - add_email_subject_prefix=dict(type='bool'), - add_x_header_to_email=dict(type='bool'), - email_action=dict(type='str', choices=['allow', 'block']), - email_body_customized_text=dict(type='str'), - email_subject_prefix_text=dict(type='str'), - failed_to_scan_attachments_text=dict(type='str'), - malicious_attachments_text=dict(type='str'), - malicious_links_text=dict(type='str'), - remove_attachments_and_links=dict(type='bool'), - send_copy=dict(type='bool'), - send_copy_list=dict(type='list') - )), - overrides=dict(type='list', options=dict( - action=dict(type='str', choices=['Threat Cloud: Inactive', 'Detect', 'Prevent <br> Core: Drop', 'Inactive', 'Accept']), - protection=dict(type='str'), - capture_packets=dict(type='bool'), - track=dict(type='str', choices=['none', 'log', 'alert', 'mail', 'snmp trap', 'user alert', 'user alert 1', 'user alert 2']) - )), - tags=dict(type='list'), - use_indicators=dict(type='bool'), - anti_bot=dict(type='bool'), - anti_virus=dict(type='bool'), - ips=dict(type='bool'), - threat_emulation=dict(type='bool'), - activate_protections_by_extended_attributes=dict(type='list', options=dict( - name=dict(type='str'), - category=dict(type='str') - )), - deactivate_protections_by_extended_attributes=dict(type='list', options=dict( - name=dict(type='str'), - category=dict(type='str') - )), - use_extended_attributes=dict(type='bool'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'threat-profile' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_threat_profile_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_threat_profile_facts.py deleted file mode 100644 index e9192dfc98..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_threat_profile_facts.py +++ /dev/null @@ -1,126 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_threat_profile_facts -short_description: Get threat-profile objects facts on Check Point over Web Services API -description: - - Get threat-profile objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-threat-profile - cp_mgmt_threat_profile_facts: - name: Recommended_Profile - -- name: show-threat-profiles - cp_mgmt_threat_profile_facts: - details_level: standard - limit: 50 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )) - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "threat-profile" - api_call_object_plural_version = "threat-profiles" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_threat_protection_override.py b/lib/ansible/modules/network/check_point/cp_mgmt_threat_protection_override.py deleted file mode 100644 index 4abb106b72..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_threat_protection_override.py +++ /dev/null @@ -1,130 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_threat_protection_override -short_description: Edit existing object using object name or uid. -description: - - Edit existing object using object name or uid. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - comments: - description: - - Protection comments. - type: str - follow_up: - description: - - Tag the protection with pre-defined follow-up flag. - type: bool - overrides: - description: - - Overrides per profile for this protection<br> Note, Remove override for Core protections removes only the action's override. Remove override - for Threat Cloud protections removes the action, track and packet captures. - type: list - suboptions: - action: - description: - - Protection action. - type: str - choices: ['Threat Cloud: Inactive', 'Detect', 'Prevent <br> Core: Drop', 'Inactive', 'Accept'] - profile: - description: - - Profile name. - type: str - capture_packets: - description: - - Capture packets. - type: bool - track: - description: - - Tracking method for protection. - type: str - choices: ['none', 'log', 'alert', 'mail', 'snmp trap', 'user alert', 'user alert 1', 'user alert 2'] - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] -extends_documentation_fragment: checkpoint_commands -""" - -EXAMPLES = """ -- name: threat_protection_override - cp_mgmt_threat_protection_override: - name: FTP Commands - overrides: - - action: inactive - capture_packets: true - profile: New Profile 1 - track: None - state: present -""" - -RETURN = """ -cp_mgmt_threat_protection_override: - description: The checkpoint threat_protection_override output. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_commands, api_command - - -def main(): - argument_spec = dict( - name=dict(type='str'), - comments=dict(type='str'), - follow_up=dict(type='bool'), - overrides=dict(type='list', options=dict( - action=dict(type='str', choices=['Threat Cloud: Inactive', 'Detect', 'Prevent <br> Core: Drop', 'Inactive', 'Accept']), - profile=dict(type='str'), - capture_packets=dict(type='bool'), - track=dict(type='str', choices=['none', 'log', 'alert', 'mail', 'snmp trap', 'user alert', 'user alert 1', 'user alert 2']) - )), - details_level=dict(type='str', choices=['uid', 'standard', 'full']) - ) - argument_spec.update(checkpoint_argument_spec_for_commands) - - module = AnsibleModule(argument_spec=argument_spec) - - command = "set-threat-protection" - - result = api_command(module, command) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_threat_rule.py b/lib/ansible/modules/network/check_point/cp_mgmt_threat_rule.py deleted file mode 100644 index 5da5ce4c20..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_threat_rule.py +++ /dev/null @@ -1,209 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_threat_rule -short_description: Manages threat-rule objects on Check Point over Web Services API -description: - - Manages threat-rule objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - position: - description: - - Position in the rulebase. - type: str - layer: - description: - - Layer that the rule belongs to identified by the name or UID. - type: str - name: - description: - - Object name. - type: str - required: True - action: - description: - - Action-the enforced profile. - type: str - destination: - description: - - Collection of Network objects identified by the name or UID. - type: list - destination_negate: - description: - - True if negate is set for destination. - type: bool - enabled: - description: - - Enable/Disable the rule. - type: bool - install_on: - description: - - Which Gateways identified by the name or UID to install the policy on. - type: list - protected_scope: - description: - - Collection of objects defining Protected Scope identified by the name or UID. - type: list - protected_scope_negate: - description: - - True if negate is set for Protected Scope. - type: bool - service: - description: - - Collection of Network objects identified by the name or UID. - type: list - service_negate: - description: - - True if negate is set for Service. - type: bool - source: - description: - - Collection of Network objects identified by the name or UID. - type: list - source_negate: - description: - - True if negate is set for source. - type: bool - track: - description: - - Packet tracking. - type: str - track_settings: - description: - - Threat rule track settings. - type: dict - suboptions: - packet_capture: - description: - - Packet capture. - type: bool - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-threat-rule - cp_mgmt_threat_rule: - comments: '' - install_on: Policy Targets - layer: New Layer 1 - name: First threat rule - position: 1 - protected_scope: All_Internet - state: present - track: None - -- name: set-threat-rule - cp_mgmt_threat_rule: - action: New Profile 1 - comments: commnet for the first rule - install_on: Policy Targets - layer: New Layer 1 - name: Rule Name - position: 1 - protected_scope: All_Internet - state: present - -- name: delete-threat-rule - cp_mgmt_threat_rule: - layer: New Layer 1 - name: Rule Name - state: absent -""" - -RETURN = """ -cp_mgmt_threat_rule: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call, api_call_for_rule - - -def main(): - argument_spec = dict( - position=dict(type='str'), - layer=dict(type='str'), - name=dict(type='str', required=True), - action=dict(type='str'), - destination=dict(type='list'), - destination_negate=dict(type='bool'), - enabled=dict(type='bool'), - install_on=dict(type='list'), - protected_scope=dict(type='list'), - protected_scope_negate=dict(type='bool'), - service=dict(type='list'), - service_negate=dict(type='bool'), - source=dict(type='list'), - source_negate=dict(type='bool'), - track=dict(type='str'), - track_settings=dict(type='dict', options=dict( - packet_capture=dict(type='bool') - )), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'threat-rule' - - if module.params['position'] is None: - result = api_call(module, api_call_object) - else: - result = api_call_for_rule(module, api_call_object) - - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_threat_rule_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_threat_rule_facts.py deleted file mode 100644 index 8a189ccdcf..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_threat_rule_facts.py +++ /dev/null @@ -1,209 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_threat_rule_facts -short_description: Get threat-rule objects facts on Check Point over Web Services API -description: - - Get threat-rule objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. Should be unique in the domain. - type: str - layer: - description: - - Layer that the rule belongs to identified by the name or UID. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - filter: - description: - - Search expression to filter the rulebase. The provided text should be exactly the same as it would be given in Smart Console. The logical - operators in the expression ('AND', 'OR') should be provided in capital letters. If an operator is not used, the default OR operator applies. - type: str - filter_settings: - description: - - Sets filter preferences. - type: dict - suboptions: - search_mode: - description: - - When set to 'general', both the Full Text Search and Packet Search are enabled. In this mode, Packet Search will not match on 'Any' - object, a negated cell or a group-with-exclusion. When the search-mode is set to 'packet', by default, the match on 'Any' object, a negated cell - or a group-with-exclusion are enabled. packet-search-settings may be provided to change the default behavior. - type: str - choices: ['general', 'packet'] - packet_search_settings: - description: - - When 'search-mode' is set to 'packet', this object allows to set the packet search preferences. - type: dict - suboptions: - expand_group_members: - description: - - When true, if the search expression contains a UID or a name of a group object, results will include rules that match on at - least one member of the group. - type: bool - expand_group_with_exclusion_members: - description: - - When true, if the search expression contains a UID or a name of a group-with-exclusion object, results will include rules that - match at least one member of the "include" part and is not a member of the "except" part. - type: bool - match_on_any: - description: - - Whether to match on 'Any' object. - type: bool - match_on_group_with_exclusion: - description: - - Whether to match on a group-with-exclusion. - type: bool - match_on_negate: - description: - - Whether to match on a negated cell. - type: bool - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] - package: - description: - - Name of the package. - type: str - use_object_dictionary: - description: - - N/A - type: bool - dereference_group_members: - description: - - Indicates whether to dereference "members" field by details level for every object in reply. - type: bool - show_membership: - description: - - Indicates whether to calculate and show "groups" field for every object in reply. - type: bool -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-threat-rule - cp_mgmt_threat_rule_facts: - layer: New Layer 1 - name: Rule Name - -- name: show-threat-rulebase - cp_mgmt_threat_rule_facts: - details_level: standard - filter: '' - limit: 20 - name: Threat Prevention - offset: 0 - use_object_dictionary: false -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts_for_rule - - -def main(): - argument_spec = dict( - name=dict(type='str'), - layer=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - filter=dict(type='str'), - filter_settings=dict(type='dict', options=dict( - search_mode=dict(type='str', choices=['general', 'packet']), - packet_search_settings=dict(type='dict', options=dict( - expand_group_members=dict(type='bool'), - expand_group_with_exclusion_members=dict(type='bool'), - match_on_any=dict(type='bool'), - match_on_group_with_exclusion=dict(type='bool'), - match_on_negate=dict(type='bool') - )) - )), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )), - package=dict(type='str'), - use_object_dictionary=dict(type='bool'), - dereference_group_members=dict(type='bool'), - show_membership=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "threat-rule" - api_call_object_plural_version = "threat-rulebase" - - result = api_call_facts_for_rule(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_time.py b/lib/ansible/modules/network/check_point/cp_mgmt_time.py deleted file mode 100644 index f7cd14f16a..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_time.py +++ /dev/null @@ -1,280 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_time -short_description: Manages time objects on Check Point over Web Services API -description: - - Manages time objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - end: - description: - - End time. Note, Each gateway may interpret this time differently according to its time zone. - type: dict - suboptions: - date: - description: - - Date in format dd-MMM-yyyy. - type: str - iso_8601: - description: - - Date and time represented in international ISO 8601 format. Time zone information is ignored. - type: str - posix: - description: - - Number of milliseconds that have elapsed since 00,00,00, 1 January 1970. - type: int - time: - description: - - Time in format HH,mm. - type: str - end_never: - description: - - End never. - type: bool - hours_ranges: - description: - - Hours recurrence. Note, Each gateway may interpret this time differently according to its time zone. - type: list - suboptions: - enabled: - description: - - Is hour range enabled. - type: bool - from: - description: - - Time in format HH,MM. - type: str - index: - description: - - Hour range index. - type: int - to: - description: - - Time in format HH,MM. - type: str - start: - description: - - Starting time. Note, Each gateway may interpret this time differently according to its time zone. - type: dict - suboptions: - date: - description: - - Date in format dd-MMM-yyyy. - type: str - iso_8601: - description: - - Date and time represented in international ISO 8601 format. Time zone information is ignored. - type: str - posix: - description: - - Number of milliseconds that have elapsed since 00,00,00, 1 January 1970. - type: int - time: - description: - - Time in format HH,mm. - type: str - start_now: - description: - - Start immediately. - type: bool - tags: - description: - - Collection of tag identifiers. - type: list - recurrence: - description: - - Days recurrence. - type: dict - suboptions: - days: - description: - - Valid on specific days. Multiple options, support range of days in months. Example,["1","3","9-20"]. - type: list - month: - description: - - Valid on month. Example, "1", "2","12","Any". - type: str - pattern: - description: - - Valid on "Daily", "Weekly", "Monthly" base. - type: str - weekdays: - description: - - Valid on weekdays. Example, "Sun", "Mon"..."Sat". - type: list - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - groups: - description: - - Collection of group identifiers. - type: list - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-time - cp_mgmt_time: - end: - date: 24-Nov-2014 - time: '21:22' - end_never: 'false' - hours_ranges: - - enabled: true - from: 00:00 - index: 1 - to: 00:00 - - enabled: false - from: 00:00 - index: 2 - to: 00:00 - name: timeObject1 - recurrence: - days: - - '1' - month: Any - pattern: Daily - weekdays: - - Sun - - Mon - start_now: 'true' - state: present - -- name: set-time - cp_mgmt_time: - hours_ranges: - - from: 00:22 - to: 00:33 - name: timeObject1 - recurrence: - month: Any - pattern: Weekly - weekdays: - - Fri - state: present - -- name: delete-time - cp_mgmt_time: - name: timeObject1 - state: absent -""" - -RETURN = """ -cp_mgmt_time: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - end=dict(type='dict', options=dict( - date=dict(type='str'), - iso_8601=dict(type='str'), - posix=dict(type='int'), - time=dict(type='str') - )), - end_never=dict(type='bool'), - hours_ranges=dict(type='list', options=dict( - enabled=dict(type='bool'), - index=dict(type='int'), - to=dict(type='str') - )), - start=dict(type='dict', options=dict( - date=dict(type='str'), - iso_8601=dict(type='str'), - posix=dict(type='int'), - time=dict(type='str') - )), - start_now=dict(type='bool'), - tags=dict(type='list'), - recurrence=dict(type='dict', options=dict( - days=dict(type='list'), - month=dict(type='str'), - pattern=dict(type='str'), - weekdays=dict(type='list') - )), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - groups=dict(type='list'), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec['hours_ranges']['options']['from'] = dict(type='str') - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'time' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_time_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_time_facts.py deleted file mode 100644 index 119da09e58..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_time_facts.py +++ /dev/null @@ -1,126 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_time_facts -short_description: Get time objects facts on Check Point over Web Services API -description: - - Get time objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-time - cp_mgmt_time_facts: - name: timeObject1 - -- name: show-times - cp_mgmt_time_facts: - details_level: standard - limit: 50 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )) - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "time" - api_call_object_plural_version = "times" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_verify_policy.py b/lib/ansible/modules/network/check_point/cp_mgmt_verify_policy.py deleted file mode 100644 index 9c0009b9ce..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_verify_policy.py +++ /dev/null @@ -1,77 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_verify_policy -short_description: Verifies the policy of the selected package. -description: - - Verifies the policy of the selected package. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - policy_package: - description: - - Policy package identified by the name or UID. - type: str -extends_documentation_fragment: checkpoint_commands -""" - -EXAMPLES = """ -- name: verify-policy - cp_mgmt_verify_policy: - policy_package: standard -""" - -RETURN = """ -cp_mgmt_verify_policy: - description: The checkpoint verify-policy output. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_commands, api_command - - -def main(): - argument_spec = dict( - policy_package=dict(type='str') - ) - argument_spec.update(checkpoint_argument_spec_for_commands) - - module = AnsibleModule(argument_spec=argument_spec) - - command = "verify-policy" - - result = api_command(module, command) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_vpn_community_meshed.py b/lib/ansible/modules/network/check_point/cp_mgmt_vpn_community_meshed.py deleted file mode 100644 index f223a948d4..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_vpn_community_meshed.py +++ /dev/null @@ -1,229 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_vpn_community_meshed -short_description: Manages vpn-community-meshed objects on Check Point over Web Services API -description: - - Manages vpn-community-meshed objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - encryption_method: - description: - - The encryption method to be used. - type: str - choices: ['prefer ikev2 but support ikev1', 'ikev2 only', 'ikev1 for ipv4 and ikev2 for ipv6 only'] - encryption_suite: - description: - - The encryption suite to be used. - type: str - choices: ['suite-b-gcm-256', 'custom', 'vpn b', 'vpn a', 'suite-b-gcm-128'] - gateways: - description: - - Collection of Gateway objects identified by the name or UID. - type: list - ike_phase_1: - description: - - Ike Phase 1 settings. Only applicable when the encryption-suite is set to [custom]. - type: dict - suboptions: - data_integrity: - description: - - The hash algorithm to be used. - type: str - choices: ['aes-xcbc', 'sha1', 'sha256', 'sha384', 'md5'] - diffie_hellman_group: - description: - - The Diffie-Hellman group to be used. - type: str - choices: ['group-1', 'group-2', 'group-5', 'group-14', 'group-19', 'group-20'] - encryption_algorithm: - description: - - The encryption algorithm to be used. - type: str - choices: ['cast', 'aes-256', 'des', 'aes-128', '3des'] - ike_phase_2: - description: - - Ike Phase 2 settings. Only applicable when the encryption-suite is set to [custom]. - type: dict - suboptions: - data_integrity: - description: - - The hash algorithm to be used. - type: str - choices: ['aes-xcbc', 'sha1', 'sha256', 'sha384', 'md5'] - encryption_algorithm: - description: - - The encryption algorithm to be used. - type: str - choices: ['cast', 'aes-gcm-256', 'cast-40', 'aes-256', 'des', 'aes-128', '3des', 'des-40cp', 'aes-gcm-128', 'none'] - shared_secrets: - description: - - Shared secrets for external gateways. - type: list - suboptions: - external_gateway: - description: - - External gateway identified by the name or UID. - type: str - shared_secret: - description: - - Shared secret. - type: str - tags: - description: - - Collection of tag identifiers. - type: list - use_shared_secret: - description: - - Indicates whether the shared secret should be used for all external gateways. - type: bool - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-vpn-community-meshed - cp_mgmt_vpn_community_meshed: - encryption_method: prefer ikev2 but support ikev1 - encryption_suite: custom - ike_phase_1: - data_integrity: sha1 - diffie_hellman_group: group 19 - encryption_algorithm: aes-128 - ike_phase_2: - data_integrity: aes-xcbc - encryption_algorithm: aes-gcm-128 - name: New_VPN_Community_Meshed_1 - state: present - -- name: set-vpn-community-meshed - cp_mgmt_vpn_community_meshed: - encryption_method: ikev2 only - encryption_suite: custom - ike_phase_1: - data_integrity: sha1 - diffie_hellman_group: group 19 - encryption_algorithm: aes-128 - ike_phase_2: - data_integrity: aes-xcbc - encryption_algorithm: aes-gcm-128 - name: New_VPN_Community_Meshed_1 - state: present - -- name: delete-vpn-community-meshed - cp_mgmt_vpn_community_meshed: - name: New_VPN_Community_Meshed_1 - state: absent -""" - -RETURN = """ -cp_mgmt_vpn_community_meshed: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - encryption_method=dict(type='str', choices=['prefer ikev2 but support ikev1', 'ikev2 only', 'ikev1 for ipv4 and ikev2 for ipv6 only']), - encryption_suite=dict(type='str', choices=['suite-b-gcm-256', 'custom', 'vpn b', 'vpn a', 'suite-b-gcm-128']), - gateways=dict(type='list'), - ike_phase_1=dict(type='dict', options=dict( - data_integrity=dict(type='str', choices=['aes-xcbc', 'sha1', 'sha256', 'sha384', 'md5']), - diffie_hellman_group=dict(type='str', choices=['group-1', 'group-2', 'group-5', 'group-14', 'group-19', 'group-20']), - encryption_algorithm=dict(type='str', choices=['cast', 'aes-256', 'des', 'aes-128', '3des']) - )), - ike_phase_2=dict(type='dict', options=dict( - data_integrity=dict(type='str', choices=['aes-xcbc', 'sha1', 'sha256', 'sha384', 'md5']), - encryption_algorithm=dict(type='str', choices=['cast', 'aes-gcm-256', 'cast-40', - 'aes-256', 'des', 'aes-128', '3des', 'des-40cp', 'aes-gcm-128', 'none']) - )), - shared_secrets=dict(type='list', options=dict( - external_gateway=dict(type='str'), - shared_secret=dict(type='str') - )), - tags=dict(type='list'), - use_shared_secret=dict(type='bool'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'vpn-community-meshed' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_vpn_community_meshed_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_vpn_community_meshed_facts.py deleted file mode 100644 index c1a9ad77f6..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_vpn_community_meshed_facts.py +++ /dev/null @@ -1,126 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_vpn_community_meshed_facts -short_description: Get vpn-community-meshed objects facts on Check Point over Web Services API -description: - - Get vpn-community-meshed objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-vpn-community-meshed - cp_mgmt_vpn_community_meshed_facts: - name: New_VPN_Community_Meshed_1 - -- name: show-vpn-communities-meshed - cp_mgmt_vpn_community_meshed_facts: - details_level: full - limit: 50 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )) - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "vpn-community-meshed" - api_call_object_plural_version = "vpn-communities-meshed" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_vpn_community_star.py b/lib/ansible/modules/network/check_point/cp_mgmt_vpn_community_star.py deleted file mode 100644 index 7e9ff8d876..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_vpn_community_star.py +++ /dev/null @@ -1,240 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_vpn_community_star -short_description: Manages vpn-community-star objects on Check Point over Web Services API -description: - - Manages vpn-community-star objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - center_gateways: - description: - - Collection of Gateway objects representing center gateways identified by the name or UID. - type: list - encryption_method: - description: - - The encryption method to be used. - type: str - choices: ['prefer ikev2 but support ikev1', 'ikev2 only', 'ikev1 for ipv4 and ikev2 for ipv6 only'] - encryption_suite: - description: - - The encryption suite to be used. - type: str - choices: ['suite-b-gcm-256', 'custom', 'vpn b', 'vpn a', 'suite-b-gcm-128'] - ike_phase_1: - description: - - Ike Phase 1 settings. Only applicable when the encryption-suite is set to [custom]. - type: dict - suboptions: - data_integrity: - description: - - The hash algorithm to be used. - type: str - choices: ['aes-xcbc', 'sha1', 'sha256', 'sha384', 'md5'] - diffie_hellman_group: - description: - - The Diffie-Hellman group to be used. - type: str - choices: ['group-1', 'group-2', 'group-5', 'group-14', 'group-19', 'group-20'] - encryption_algorithm: - description: - - The encryption algorithm to be used. - type: str - choices: ['cast', 'aes-256', 'des', 'aes-128', '3des'] - ike_phase_2: - description: - - Ike Phase 2 settings. Only applicable when the encryption-suite is set to [custom]. - type: dict - suboptions: - data_integrity: - description: - - The hash algorithm to be used. - type: str - choices: ['aes-xcbc', 'sha1', 'sha256', 'sha384', 'md5'] - encryption_algorithm: - description: - - The encryption algorithm to be used. - type: str - choices: ['cast', 'aes-gcm-256', 'cast-40', 'aes-256', 'des', 'aes-128', '3des', 'des-40cp', 'aes-gcm-128', 'none'] - mesh_center_gateways: - description: - - Indicates whether the meshed community is in center. - type: bool - satellite_gateways: - description: - - Collection of Gateway objects representing satellite gateways identified by the name or UID. - type: list - shared_secrets: - description: - - Shared secrets for external gateways. - type: list - suboptions: - external_gateway: - description: - - External gateway identified by the name or UID. - type: str - shared_secret: - description: - - Shared secret. - type: str - tags: - description: - - Collection of tag identifiers. - type: list - use_shared_secret: - description: - - Indicates whether the shared secret should be used for all external gateways. - type: bool - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-vpn-community-star - cp_mgmt_vpn_community_star: - center_gateways: Second_Security_Gateway - encryption_method: prefer ikev2 but support ikev1 - encryption_suite: custom - ike_phase_1: - data_integrity: sha1 - diffie_hellman_group: group 19 - encryption_algorithm: aes-128 - ike_phase_2: - data_integrity: aes-xcbc - encryption_algorithm: aes-gcm-128 - name: New_VPN_Community_Star_1 - state: present - -- name: set-vpn-community-star - cp_mgmt_vpn_community_star: - encryption_method: ikev2 only - encryption_suite: custom - ike_phase_1: - data_integrity: sha1 - diffie_hellman_group: group 19 - encryption_algorithm: aes-128 - ike_phase_2: - data_integrity: aes-xcbc - encryption_algorithm: aes-gcm-128 - name: New_VPN_Community_Star_1 - state: present - -- name: delete-vpn-community-star - cp_mgmt_vpn_community_star: - name: New_VPN_Community_Star_1 - state: absent -""" - -RETURN = """ -cp_mgmt_vpn_community_star: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - center_gateways=dict(type='list'), - encryption_method=dict(type='str', choices=['prefer ikev2 but support ikev1', 'ikev2 only', 'ikev1 for ipv4 and ikev2 for ipv6 only']), - encryption_suite=dict(type='str', choices=['suite-b-gcm-256', 'custom', 'vpn b', 'vpn a', 'suite-b-gcm-128']), - ike_phase_1=dict(type='dict', options=dict( - data_integrity=dict(type='str', choices=['aes-xcbc', 'sha1', 'sha256', 'sha384', 'md5']), - diffie_hellman_group=dict(type='str', choices=['group-1', 'group-2', 'group-5', 'group-14', 'group-19', 'group-20']), - encryption_algorithm=dict(type='str', choices=['cast', 'aes-256', 'des', 'aes-128', '3des']) - )), - ike_phase_2=dict(type='dict', options=dict( - data_integrity=dict(type='str', choices=['aes-xcbc', 'sha1', 'sha256', 'sha384', 'md5']), - encryption_algorithm=dict(type='str', choices=['cast', 'aes-gcm-256', 'cast-40', - 'aes-256', 'des', 'aes-128', '3des', 'des-40cp', 'aes-gcm-128', 'none']) - )), - mesh_center_gateways=dict(type='bool'), - satellite_gateways=dict(type='list'), - shared_secrets=dict(type='list', options=dict( - external_gateway=dict(type='str'), - shared_secret=dict(type='str') - )), - tags=dict(type='list'), - use_shared_secret=dict(type='bool'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'vpn-community-star' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_vpn_community_star_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_vpn_community_star_facts.py deleted file mode 100644 index d3291e1bca..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_vpn_community_star_facts.py +++ /dev/null @@ -1,126 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_vpn_community_star_facts -short_description: Get vpn-community-star objects facts on Check Point over Web Services API -description: - - Get vpn-community-star objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-vpn-community-star - cp_mgmt_vpn_community_star_facts: - name: New_VPN_Community_Meshed_1 - -- name: show-vpn-communities-star - cp_mgmt_vpn_community_star_facts: - details_level: full - limit: 50 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )) - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "vpn-community-star" - api_call_object_plural_version = "vpn-communities-star" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_wildcard.py b/lib/ansible/modules/network/check_point/cp_mgmt_wildcard.py deleted file mode 100644 index 824b280b6e..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_wildcard.py +++ /dev/null @@ -1,157 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_wildcard -short_description: Manages wildcard objects on Check Point over Web Services API -description: - - Manages wildcard objects on Check Point devices including creating, updating and removing objects. - - All operations are performed over Web Services API. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - type: str - required: True - ipv4_address: - description: - - IPv4 address. - type: str - ipv4_mask_wildcard: - description: - - IPv4 mask wildcard. - type: str - ipv6_address: - description: - - IPv6 address. - type: str - ipv6_mask_wildcard: - description: - - IPv6 mask wildcard. - type: str - tags: - description: - - Collection of tag identifiers. - type: list - color: - description: - - Color of the object. Should be one of existing colors. - type: str - choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green', - 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', - 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow'] - comments: - description: - - Comments string. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - groups: - description: - - Collection of group identifiers. - type: list - ignore_warnings: - description: - - Apply changes ignoring warnings. - type: bool - ignore_errors: - description: - - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. - type: bool -extends_documentation_fragment: checkpoint_objects -""" - -EXAMPLES = """ -- name: add-wildcard - cp_mgmt_wildcard: - ipv4_address: 192.168.2.1 - ipv4_mask_wildcard: 0.0.0.128 - name: New Wildcard 1 - state: present - -- name: set-wildcard - cp_mgmt_wildcard: - color: green - ipv6_address: 2001:db8::1111 - ipv6_mask_wildcard: ffff:ffff::f0f0 - name: New Wildcard 1 - state: present - -- name: delete-wildcard - cp_mgmt_wildcard: - name: New Wildcard 1 - state: absent -""" - -RETURN = """ -cp_mgmt_wildcard: - description: The checkpoint object created or updated. - returned: always, except when deleting the object. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_objects, api_call - - -def main(): - argument_spec = dict( - name=dict(type='str', required=True), - ipv4_address=dict(type='str'), - ipv4_mask_wildcard=dict(type='str'), - ipv6_address=dict(type='str'), - ipv6_mask_wildcard=dict(type='str'), - tags=dict(type='list'), - color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', - 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', - 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green', - 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', - 'yellow']), - comments=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - groups=dict(type='list'), - ignore_warnings=dict(type='bool'), - ignore_errors=dict(type='bool') - ) - argument_spec.update(checkpoint_argument_spec_for_objects) - - module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) - api_call_object = 'wildcard' - - result = api_call(module, api_call_object) - module.exit_json(**result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/modules/network/check_point/cp_mgmt_wildcard_facts.py b/lib/ansible/modules/network/check_point/cp_mgmt_wildcard_facts.py deleted file mode 100644 index d826f35d68..0000000000 --- a/lib/ansible/modules/network/check_point/cp_mgmt_wildcard_facts.py +++ /dev/null @@ -1,126 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Ansible module to manage Check Point Firewall (c) 2019 -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see <http://www.gnu.org/licenses/>. -# - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -ANSIBLE_METADATA = {'metadata_version': '1.1', - 'status': ['preview'], - 'supported_by': 'community'} - -DOCUMENTATION = """ ---- -module: cp_mgmt_wildcard_facts -short_description: Get wildcard objects facts on Check Point over Web Services API -description: - - Get wildcard objects facts on Check Point devices. - - All operations are performed over Web Services API. - - This module handles both operations, get a specific object and get several objects, - For getting a specific object use the parameter 'name'. -version_added: "2.9" -author: "Or Soffer (@chkp-orso)" -options: - name: - description: - - Object name. - This parameter is relevant only for getting a specific object. - type: str - details_level: - description: - - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed - representation of the object. - type: str - choices: ['uid', 'standard', 'full'] - limit: - description: - - No more than that many results will be returned. - This parameter is relevant only for getting few objects. - type: int - offset: - description: - - Skip that many results before beginning to return them. - This parameter is relevant only for getting few objects. - type: int - order: - description: - - Sorts results by the given field. By default the results are sorted in the ascending order by name. - This parameter is relevant only for getting few objects. - type: list - suboptions: - ASC: - description: - - Sorts results by the given field in ascending order. - type: str - choices: ['name'] - DESC: - description: - - Sorts results by the given field in descending order. - type: str - choices: ['name'] -extends_documentation_fragment: checkpoint_facts -""" - -EXAMPLES = """ -- name: show-wildcard - cp_mgmt_wildcard_facts: - name: New Wildcard 1 - -- name: show-wildcards - cp_mgmt_wildcard_facts: - details_level: standard - limit: 50 - offset: 0 -""" - -RETURN = """ -ansible_facts: - description: The checkpoint object facts. - returned: always. - type: dict -""" - -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.network.checkpoint.checkpoint import checkpoint_argument_spec_for_facts, api_call_facts - - -def main(): - argument_spec = dict( - name=dict(type='str'), - details_level=dict(type='str', choices=['uid', 'standard', 'full']), - limit=dict(type='int'), - offset=dict(type='int'), - order=dict(type='list', options=dict( - ASC=dict(type='str', choices=['name']), - DESC=dict(type='str', choices=['name']) - )) - ) - argument_spec.update(checkpoint_argument_spec_for_facts) - - module = AnsibleModule(argument_spec=argument_spec) - - api_call_object = "wildcard" - api_call_object_plural_version = "wildcards" - - result = api_call_facts(module, api_call_object, api_call_object_plural_version) - module.exit_json(ansible_facts=result) - - -if __name__ == '__main__': - main() diff --git a/lib/ansible/plugins/doc_fragments/checkpoint_commands.py b/lib/ansible/plugins/doc_fragments/checkpoint_commands.py deleted file mode 100644 index 9c5afafc7b..0000000000 --- a/lib/ansible/plugins/doc_fragments/checkpoint_commands.py +++ /dev/null @@ -1,24 +0,0 @@ -# -*- coding: utf-8 -*- - -# Copyright: (c) 2019, Or Soffer <orso@checkpoint.com> -# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) - -from __future__ import (absolute_import, division, print_function) -__metaclass__ = type - - -class ModuleDocFragment(object): - - # Standard files documentation fragment - DOCUMENTATION = r''' -options: - wait_for_task: - description: - - Wait for the task to end. Such as publish task. - type: bool - default: True - version: - description: - - Version of checkpoint. If not given one, the latest version taken. - type: str -''' diff --git a/lib/ansible/plugins/doc_fragments/checkpoint_facts.py b/lib/ansible/plugins/doc_fragments/checkpoint_facts.py deleted file mode 100644 index 90afb52a05..0000000000 --- a/lib/ansible/plugins/doc_fragments/checkpoint_facts.py +++ /dev/null @@ -1,19 +0,0 @@ -# -*- coding: utf-8 -*- - -# Copyright: (c) 2019, Or Soffer <orso@checkpoint.com> -# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) - -from __future__ import (absolute_import, division, print_function) -__metaclass__ = type - - -class ModuleDocFragment(object): - - # Standard files documentation fragment - DOCUMENTATION = r''' -options: - version: - description: - - Version of checkpoint. If not given one, the latest version taken. - type: str -''' diff --git a/lib/ansible/plugins/doc_fragments/checkpoint_objects.py b/lib/ansible/plugins/doc_fragments/checkpoint_objects.py deleted file mode 100644 index ffe7a6025c..0000000000 --- a/lib/ansible/plugins/doc_fragments/checkpoint_objects.py +++ /dev/null @@ -1,37 +0,0 @@ -# -*- coding: utf-8 -*- - -# Copyright: (c) 2019, Or Soffer <orso@checkpoint.com> -# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) - -from __future__ import (absolute_import, division, print_function) -__metaclass__ = type - - -class ModuleDocFragment(object): - - # Standard files documentation fragment - DOCUMENTATION = r''' -options: - state: - description: - - State of the access rule (present or absent). Defaults to present. - type: str - default: present - choices: - - 'present' - - 'absent' - auto_publish_session: - description: - - Publish the current session if changes have been performed - after task completes. - type: bool - wait_for_task: - description: - - Wait for the task to end. Such as publish task. - type: bool - default: True - version: - description: - - Version of checkpoint. If not given one, the latest version taken. - type: str -''' diff --git a/lib/ansible/plugins/httpapi/checkpoint.py b/lib/ansible/plugins/httpapi/checkpoint.py deleted file mode 100644 index de02298fd1..0000000000 --- a/lib/ansible/plugins/httpapi/checkpoint.py +++ /dev/null @@ -1,94 +0,0 @@ -# (c) 2018 Red Hat Inc. -# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) - -from __future__ import (absolute_import, division, print_function) - -__metaclass__ = type - -DOCUMENTATION = """ ---- -author: Ansible Networking Team -httpapi : checkpoint -short_description: HttpApi Plugin for Checkpoint devices -description: - - This HttpApi plugin provides methods to connect to Checkpoint - devices over a HTTP(S)-based api. -version_added: "2.8" -options: - domain: - type: str - description: - - Specifies the domain of the Check Point device - vars: - - name: ansible_checkpoint_domain - version_added: "2.10" -""" - -import json - -from ansible.module_utils.basic import to_text -from ansible.errors import AnsibleConnectionFailure -from ansible.module_utils.six.moves.urllib.error import HTTPError -from ansible.plugins.httpapi import HttpApiBase -from ansible.module_utils.connection import ConnectionError - -BASE_HEADERS = { - 'Content-Type': 'application/json', -} - - -class HttpApi(HttpApiBase): - def login(self, username, password): - if username and password: - cp_domain = self.get_option('domain') - if cp_domain: - payload = {'user': username, 'password': password, 'domain': cp_domain} - else: - payload = {'user': username, 'password': password} - url = '/web_api/login' - response, response_data = self.send_request(url, payload) - else: - raise AnsibleConnectionFailure('Username and password are required for login') - - try: - self.connection._auth = {'X-chkp-sid': response_data['sid']} - self.connection._session_uid = response_data['uid'] - except KeyError: - raise ConnectionError( - 'Server returned response without token info during connection authentication: %s' % response) - - def logout(self): - url = '/web_api/logout' - - response, dummy = self.send_request(url, None) - - def get_session_uid(self): - return self.connection._session_uid - - def send_request(self, path, body_params): - data = json.dumps(body_params) if body_params else '{}' - - try: - self._display_request() - response, response_data = self.connection.send(path, data, method='POST', headers=BASE_HEADERS) - value = self._get_response_value(response_data) - - return response.getcode(), self._response_to_json(value) - except AnsibleConnectionFailure as e: - return 404, e.message - except HTTPError as e: - error = json.loads(e.read()) - return e.code, error - - def _display_request(self): - self.connection.queue_message('vvvv', 'Web Services: %s %s' % ('POST', self.connection._url)) - - def _get_response_value(self, response_data): - return to_text(response_data.getvalue()) - - def _response_to_json(self, response_text): - try: - return json.loads(response_text) if response_text else {} - # JSONDecodeError only available on Python 3.5+ - except ValueError: - raise ConnectionError('Invalid JSON response: %s' % response_text) |